www.bg3.co Open in urlscan Pro
103.231.174.251 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.bg3.co/a/aiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html
Submission: On July 27 via manual (July 27th 2023, 10:36:42 pm UTC) from US — Scanned from PT

Summary HTTP 296 Redirects Links 31 Behaviour Indicators

Summary

This website contacted 49 IPs in 10 countries across 32 domains to perform 296 HTTP transactions. The main IP is 103.231.174.251, located in New York, United States and belongs to XLC-AS-AP XLC GLOBAL, HK. The main domain is www.bg3.co. The Cisco Umbrella rank of the primary domain is 999717.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on May 22nd 2023. Valid for: a year.

This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	103.231.174.251 103.231.174.251	9744 (XLC-AS-AP...) (XLC-AS-AP XLC GLOBAL)
11	172.217.16.129 172.217.16.129	15169 (GOOGLE) (GOOGLE)
5 14	192.96.203.13 192.96.203.13	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
12	104.26.5.103 104.26.5.103	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2.16.202.106 2.16.202.106	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2.19.126.93 2.19.126.93	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
49	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
1	13.112.76.83 13.112.76.83	16509 (AMAZON-02) (AMAZON-02)
2	69.16.175.42 69.16.175.42	20446 (STACKPATH...) (STACKPATH-CDN)
42	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
20	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
2	23.97.225.52 23.97.225.52	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	216.58.206.46 216.58.206.46	15169 (GOOGLE) (GOOGLE)
1	178.250.7.13 178.250.7.13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	91.228.74.200 91.228.74.200	16509 (AMAZON-02) (AMAZON-02)
1	142.250.185.99 142.250.185.99	15169 (GOOGLE) (GOOGLE)
1	172.64.161.31 172.64.161.31	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.186.168 142.250.186.168	15169 (GOOGLE) (GOOGLE)
1	13.32.110.34 13.32.110.34	16509 (AMAZON-02) (AMAZON-02)
18	185.106.33.48 185.106.33.48	200478 (TABOOLA-AS) (TABOOLA-AS)
2	23.53.42.112 23.53.42.112	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	13.32.145.27 13.32.145.27	16509 (AMAZON-02) (AMAZON-02)
1	142.250.74.202 142.250.74.202	15169 (GOOGLE) (GOOGLE)
3 3	23.201.255.110 23.201.255.110	16625 (AKAMAI-AS) (AKAMAI-AS)
10	184.30.22.30 184.30.22.30	16625 (AKAMAI-AS) (AKAMAI-AS)
4	142.250.186.174 142.250.186.174	15169 (GOOGLE) (GOOGLE)
1	74.125.133.156 74.125.133.156	15169 (GOOGLE) (GOOGLE)
2 8	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
5	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
3	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
3	99.81.57.224 99.81.57.224	16509 (AMAZON-02) (AMAZON-02)
2	18.182.83.207 18.182.83.207	16509 (AMAZON-02) (AMAZON-02)
2	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
1	34.120.96.193 34.120.96.193	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	3.233.155.22 3.233.155.22	14618 (AMAZON-AES) (AMAZON-AES)
4	216.58.206.33 216.58.206.33	15169 (GOOGLE) (GOOGLE)
24	142.250.186.129 142.250.186.129	15169 (GOOGLE) (GOOGLE)
2	18.66.192.59 18.66.192.59	16509 (AMAZON-02) (AMAZON-02)
5	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2	216.239.32.36 216.239.32.36	15169 (GOOGLE) (GOOGLE)
1	69.173.158.64 69.173.158.64	26667 (RUBICONPR...) (RUBICONPROJECT)
8	142.250.181.228 142.250.181.228	15169 (GOOGLE) (GOOGLE)
4	35.186.215.140 35.186.215.140	15169 (GOOGLE) (GOOGLE)
1	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
1	3.120.241.163 3.120.241.163	16509 (AMAZON-02) (AMAZON-02)
2	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
2	87.248.119.251 87.248.119.251	34010 (YAHOO-IRD) (YAHOO-IRD)
2	87.248.100.137 87.248.100.137	34010 (YAHOO-IRD) (YAHOO-IRD)
2	188.125.72.139 188.125.72.139	34010 (YAHOO-IRD) (YAHOO-IRD)
296	49

1 103.231.174.251 (New York, United States)

ASN9744 (XLC-AS-AP XLC GLOBAL, HK)

www.bg3.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 172.217.16.129 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f1.1e100.net

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 192.96.203.13 (Manassas, United States) 5 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

ads.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
agent.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 104.26.5.103 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.aralego.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.202.106 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-202-106.deploy.static.akamaitechnologies.com

delivery.adrecover.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.19.126.93 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-19-126-93.deploy.static.akamaitechnologies.com

cdn.adpushup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

49 151.101.65.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imprammp.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstatb.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.112.76.83 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-112-76-83.ap-northeast-1.compute.amazonaws.com

nt.compass-fit.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.16.175.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: tlb.hwcdn.net

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.97.225.52 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

e3.adpushup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.46 (United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.228.74.200 (United Kingdom)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f3.1e100.net

d-337632010686777775.ampproject.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.161.31 (United States)

ASN13335 (CLOUDFLARENET, US)

amp.analytics-debugger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.168 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.110.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-110-34.vie50.r.cloudfront.net

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 185.106.33.48 (Israel)

ASN200478 (TABOOLA-AS, IL)

il-trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.53.42.112 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-53-42-112.deploy.static.akamaitechnologies.com

dmp.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.145.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-145-27.cdg50.r.cloudfront.net

l.logly.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.74.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.201.255.110 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-201-255-110.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 184.30.22.30 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-22-30.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.174 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.133.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wo-in-f156.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.184.226 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

am-match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-vid-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.81.57.224 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-57-224.eu-west-1.compute.amazonaws.com

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.182.83.207 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-182-83-207.ap-northeast-1.compute.amazonaws.com

sync.logly.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.44 (United States)

ASN54113 (FASTLY, US)

vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.96.193 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 193.96.120.34.bc.googleusercontent.com

audiencedata.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.233.155.22 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-155-22.compute-1.amazonaws.com

http-intake.logs.datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.206.33 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f1.1e100.net

706ea89273d4f09bb9a949e5cb0e57fe.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
98b16d71c5b57fda7649ac051107e49c.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
21c81788391ff105edde2bd7be6f3be3.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
df0148ac9ef9f38f8b17dd4402a2e8b8.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 142.250.186.129 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.192.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-59.muc50.r.cloudfront.net

adx.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.239.32.36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.158.64 (Singapore)

ASN26667 (RUBICONPROJECT, US)

pixel-apac.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.181.228 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.186.215.140 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 140.215.186.35.bc.googleusercontent.com

ad.sitemaji.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.120.241.163 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-241-163.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 87.248.119.251 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
PTR: e1-bmr.ycpi.vip.deb.yahoo.com

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 87.248.100.137 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: o2.ycpi.vip.ir2.yahoo.com

ads.yap.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.125.72.139 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: media-router-brb71.prod.media.vip.ir2.yahoo.com

geo.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
75	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 897 trc.taboola.com — Cisco Umbrella Rank: 637 vidstat.taboola.com — Cisco Umbrella Rank: 2614 il-trc-events.taboola.com — Cisco Umbrella Rank: 17751 images.taboola.com — Cisco Umbrella Rank: 1855 imprammp.taboola.com — Cisco Umbrella Rank: 12974 am-match.taboola.com — Cisco Umbrella Rank: 12943 wf.taboola.com — Cisco Umbrella Rank: 2785 am-vid-events.taboola.com — Cisco Umbrella Rank: 12271 pips.taboola.com — Cisco Umbrella Rank: 1615 cds.taboola.com — Cisco Umbrella Rank: 1829 vidstatb.taboola.com — Cisco Umbrella Rank: 4790 am-wf.taboola.com	1 MB
70	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 129 706ea89273d4f09bb9a949e5cb0e57fe.safeframe.googlesyndication.com 98b16d71c5b57fda7649ac051107e49c.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 153 21c81788391ff105edde2bd7be6f3be3.safeframe.googlesyndication.com df0148ac9ef9f38f8b17dd4402a2e8b8.safeframe.googlesyndication.com	971 KB
27	doubleclick.net 2 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 204 stats.g.doubleclick.net — Cisco Umbrella Rank: 114 googleads.g.doubleclick.net — Cisco Umbrella Rank: 57	779 KB
19	rubiconproject.com 3 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1195 eus.rubiconproject.com — Cisco Umbrella Rank: 638 token.rubiconproject.com — Cisco Umbrella Rank: 651 pixel-apac.rubiconproject.com — Cisco Umbrella Rank: 28977	57 KB
14	aralego.com 5 redirects ads.aralego.com — Cisco Umbrella Rank: 34655 sync.aralego.com — Cisco Umbrella Rank: 3010 agent.aralego.com — Cisco Umbrella Rank: 266618	10 KB
12	aralego.net cdn.aralego.net — Cisco Umbrella Rank: 13034	204 KB
11	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 406	219 KB
9	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1736 www.google.com — Cisco Umbrella Rank: 3	14 KB
7	yahoo.com pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 457 ads.yap.yahoo.com — Cisco Umbrella Rank: 12797 geo.yahoo.com — Cisco Umbrella Rank: 1423	3 KB
7	adpushup.com cdn.adpushup.com — Cisco Umbrella Rank: 17127 e3.adpushup.com — Cisco Umbrella Rank: 18072	277 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 59 region1.google-analytics.com — Cisco Umbrella Rank: 1851	892 B
4	sitemaji.com ad.sitemaji.com — Cisco Umbrella Rank: 98867	39 KB
3	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 377	796 B
3	logly.co.jp l.logly.co.jp — Cisco Umbrella Rank: 61800 sync.logly.co.jp — Cisco Umbrella Rank: 66370	2 KB
3	im-apps.net dmp.im-apps.net — Cisco Umbrella Rank: 25996 audiencedata.im-apps.net — Cisco Umbrella Rank: 28277	3 KB
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 595	60 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 208	113 KB
2	holmesmind.com adx.holmesmind.com — Cisco Umbrella Rank: 663719	2 KB
2	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1235	741 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 72	83 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1307 pixel.quantserve.com — Cisco Umbrella Rank: 997	10 KB
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 754	60 KB
2	adrecover.com delivery.adrecover.com — Cisco Umbrella Rank: 27867	12 KB
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 344	147 B
1	datadoghq.com http-intake.logs.datadoghq.com — Cisco Umbrella Rank: 9252	254 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 76	1 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1238	633 B
1	analytics-debugger.com amp.analytics-debugger.com — Cisco Umbrella Rank: 20053	3 KB
1	ampproject.net d-337632010686777775.ampproject.net
1	criteo.com gum.criteo.com — Cisco Umbrella Rank: 421	288 B
1	compass-fit.jp nt.compass-fit.jp — Cisco Umbrella Rank: 93174	17 KB
1	bg3.co www.bg3.co — Cisco Umbrella Rank: 999717 static.bg3.co Failed	16 KB
296	32

	Domain	Requested by
42	pagead2.googlesyndication.com	cdn.ampproject.org ads.aralego.com pagead2.googlesyndication.com securepubads.g.doubleclick.net www.bg3.co tpc.googlesyndication.com agent.aralego.com www.googletagservices.com
24	tpc.googlesyndication.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com www.bg3.co
23	images.taboola.com	www.bg3.co
18	il-trc-events.taboola.com	www.bg3.co
18	securepubads.g.doubleclick.net	cdn.adpushup.com securepubads.g.doubleclick.net cdn.aralego.net agent.aralego.com www.bg3.co www.googletagservices.com
14	cdn.taboola.com	www.bg3.co cdn.taboola.com
12	cdn.aralego.net	www.bg3.co ads.aralego.com adx.holmesmind.com agent.aralego.com
11	cdn.ampproject.org	www.bg3.co cdn.ampproject.org
10	eus.rubiconproject.com	ads.aralego.com imprammp.taboola.com nt.compass-fit.jp am-match.taboola.com eus.rubiconproject.com
8	www.google.com	tpc.googlesyndication.com
8	googleads.g.doubleclick.net	2 redirects cdn.ampproject.org pagead2.googlesyndication.com
7	ads.aralego.com	1 redirects ads.aralego.com agent.aralego.com
5	token.rubiconproject.com	eus.rubiconproject.com
5	vidstat.taboola.com	cdn.taboola.com vidstat.taboola.com
5	cdn.adpushup.com	www.bg3.co cdn.adpushup.com
4	agent.aralego.com	4 redirects
4	ad.sitemaji.com	adx.holmesmind.com securepubads.g.doubleclick.net
4	www.google-analytics.com	cdn.ampproject.org www.bg3.co
4	trc.taboola.com	cdn.taboola.com
3	pr-bh.ybp.yahoo.com	imprammp.taboola.com am-match.taboola.com
3	match.adsrvr.org	imprammp.taboola.com am-match.taboola.com
3	secure-assets.rubiconproject.com	3 redirects
3	sync.aralego.com	ads.aralego.com www.bg3.co
2	geo.yahoo.com	adx.holmesmind.com s.yimg.com
2	ads.yap.yahoo.com	s.yimg.com
2	s.yimg.com	ad.sitemaji.com
2	www.googletagservices.com	securepubads.g.doubleclick.net
2	region1.google-analytics.com	www.googletagmanager.com
2	adx.holmesmind.com	pagead2.googlesyndication.com
2	partner.googleadservices.com	pagead2.googlesyndication.com
2	sync.logly.co.jp	nt.compass-fit.jp sync.logly.co.jp
2	am-vid-events.taboola.com	www.bg3.co
2	wf.taboola.com	vidstat.taboola.com
2	am-match.taboola.com	vidstat.taboola.com
2	dmp.im-apps.net	nt.compass-fit.jp dmp.im-apps.net
2	www.googletagmanager.com	cdn.ampproject.org cdn.adpushup.com
2	e3.adpushup.com	www.bg3.co
2	code.jquery.com	delivery.adrecover.com cdn.adpushup.com
2	delivery.adrecover.com	www.bg3.co
1	am-wf.taboola.com	vidstat.taboola.com
1	df0148ac9ef9f38f8b17dd4402a2e8b8.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	21c81788391ff105edde2bd7be6f3be3.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	x.bidswitch.net	am-match.taboola.com
1	vidstatb.taboola.com	www.bg3.co
1	cds.taboola.com	cdn.taboola.com
1	pips.taboola.com	cdn.taboola.com
1	pixel-apac.rubiconproject.com	eus.rubiconproject.com
1	98b16d71c5b57fda7649ac051107e49c.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	706ea89273d4f09bb9a949e5cb0e57fe.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	http-intake.logs.datadoghq.com	cdn.adpushup.com
1	audiencedata.im-apps.net	dmp.im-apps.net
1	imprammp.taboola.com	vidstat.taboola.com
1	pixel.quantserve.com	www.bg3.co
1	stats.g.doubleclick.net	cdn.ampproject.org
1	fonts.googleapis.com	cdn.taboola.com
1	l.logly.co.jp	nt.compass-fit.jp
1	rules.quantcount.com	secure.quantserve.com
1	amp.analytics-debugger.com	cdn.ampproject.org
1	d-337632010686777775.ampproject.net	cdn.ampproject.org
1	secure.quantserve.com	cdn.adpushup.com
1	gum.criteo.com	cdn.taboola.com
1	fundingchoicesmessages.google.com	cdn.adpushup.com
1	nt.compass-fit.jp	www.bg3.co
1	www.bg3.co
0	static.bg3.co Failed	www.bg3.co
296	65

This site contains links to these domains. Also see Links.

Domain
storytohear.com
popup.taboola.com
www.conselhosetruques.com
1ce372.bclgcl.com
carro-hibrido-ace.fyi
trck.tracking505.com
vogbee.com
find-dubai-properties.fyi
trc.taboola.com
1t5cbr.llsdzktnxwnnr.com
5minstory.com
n33w2m.llsdzktnxwnnr.com
www.manukafeed.com
home-tricks.com
4d3868.llsdzktnxwnnr.com

Subject Issuer	Validity	Valid
*.bg3.co AlphaSSL CA - SHA256 - G4	`2023-05-22` - `2024-06-22`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
cdn.adpushup.com R3	`2023-06-14` - `2023-09-12`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
*.compass-fit.jp GlobalSign RSA OV SSL CA 2018	`2023-04-11` - `2024-05-12`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.adpushup.com Sectigo ECC Domain Validation Secure Server CA	`2022-08-02` - `2023-09-02`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-18` - `2024-04-17`	a year	crt.sh
*.aralego.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-19` - `2023-11-19`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
analytics-debugger.com GTS CA 1P5	`2023-07-18` - `2023-10-16`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
quantserve.com R3	`2023-06-13` - `2023-09-11`	3 months	crt.sh
*.im-apps.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-13` - `2024-04-13`	a year	crt.sh
*.logly.co.jp Amazon RSA 2048 M02	`2023-04-05` - `2024-05-04`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-04-04` - `2023-09-27`	6 months	crt.sh
audiencedata.im-apps.net GTS CA 1D4	`2023-06-08` - `2023-09-06`	3 months	crt.sh
*.logs.datadoghq.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-22` - `2024-03-22`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.holmesmind.com Go Daddy Secure Certificate Authority - G2	`2023-05-19` - `2024-06-19`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
feebee.com.tw R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-07-03` - `2023-08-23`	2 months	crt.sh
*.pubgw.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-07-03` - `2023-08-23`	2 months	crt.sh
yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-05-02` - `2023-10-25`	6 months	crt.sh

This page contains 48 frames:

Primary Page: https://www.bg3.co/a/aiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html
Frame ID: 98BD1EA72B77C6AB64BBC48233B3DC06
Requests: 140 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: C0C92345FFF01CEA65997058B8FE11FB
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 2F7921C8363ACC121F24DDCFCCFD1248
Requests: 6 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 25AE7B10AC2E9AB40EBA7E21DD5A541B
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: 8401E1B425ABD42996BA34920C58CFD6
Requests: 3 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: AF3D50F75EFA3F934AF01AC458ACBB90
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: 9D821C67CC8265EEB6C3CEC433B13149
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-4624860052522027393&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=2670&oid=2&is_amp=5&amp_v=2307150128000&d_imp=1&c=9398009745&ga_cid=amp-kDMRU_huGi93d-98PRhpGA&ga_hid=9745&dt=1690497394722&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Faiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html&bdt=1059&dtd=9&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Frame ID: 6DEF690AF2BFC814C0CF4736F0C3018C
Requests: 1 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8UBYCLAbQBSi0O-IlGBGgC1Bod8RLMCoAAABgYID-AEm4BsvlZrRYK4aT3Vo0GG7cysXE41YuHJ7RZDgbzJyTISAJ12C53IwWa8VwsluLBsONW7mYeNzKhcMzmgxng5lzMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZraDodPte9Xvf73SU-z1zj9yv8Cqfj6bD73DKH3a172N1i11vxdOteb-HTYXcrnm7p0W_3uaVHp1s0djnd0qPTrXu9da631Olyyxx2t_TosPvcytdbsTG67D670PQ22wEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AqxwM2Om5-O3-AAAAAAACAAAAgAQAAvphCYAY470T__________8xBugzb2T8____3zDoAfDgA-BBCAAAANCQeLDCVL5NBlEiBcBFGAEAAADIBUxYPjJJJ6hYVPn__--3AnAFACAgMfPv5CqL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iENNYL0wRLUOyp-QUEAFjzCwgAwEbdAAC8EYATdAhaMRisTkDMDgAAAMCd____fz0g43ANJxPbyDabbBa7xcSyWDkXFuNkNDJMdouZx3u6OS-QCEE2rvtsCMvs9x0UlNPTY3YZZCyXySA-aBiWk0EwPxO2GK0mk81yOFsuJoPhaDga7Y8ALgdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDBhHG2W1kcw7XMuDK5RZPNxi1xmQxr4cowGzl2G4fNNFuLXh_TxeLxzWaWLRIMmNuL5GmRThSulcdmWIwWJtNmsRptlrvlzOOZOScmh2W2cY4mYonmZJFOZJd9x-EaTia2kW022Sx2i4llsXIuLMbJaGSY7BYzj79hnO1WFsdwLTOuTG7RZLNxS1wmw1q4MsxGjt3GYTPN1qLXx3SxeHyzmWXfmC0Ho-VusxztG7PlYLTcbZajfYfO8F19zkZlWSX5uHQ7v826tjkNCpfB4n1-L9LQzmgz-jRfiUX1FOc8E6vQ7_f7_X6_3-_3ezdmg8dgMMw82m1i7PJrNj_lUeM9GBSxRHCRTgQPs9therklPs_GbxFLlKaLdKJX-BVOx9Nh97llDrtb97C7xa634unWvd7Cp8PuVjzd0qPf7nNLj063aOxyuqVHp1v3eutcb6nT5ZY57G7p0WH3uZWvt2JjdNl9dqHpbbaIJYLTRToRvYyni_qPGmK4mismw7lyLhlsVgkAAAAAAAAAwBJMM90EAAAAwMmghpvhYrVOBzOZTQa71XIBXARl6QIGAQAAAAAAKNbYYw3wMLsdppdb4vNs_FYGIMGcx2yzzwhirVbLGgAAgAA2AACAAG668SYQi4n7____HwcAAEBGDj0AAAD6fUBU1R64UeuF_wBUiLVarW431mq1AA!&cmcv=&pix=undefined&cb=1690497395407&uv=140669607&tms=1690497395407&abt=dfrc_vB!nonrv_vA!t45!ufm_vD!ul140669-607_vA&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=a5099341-1827-408c-91bc-9aa342860f92&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: D691C9EC3CC517F4F721CC856833FD58
Requests: 3 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8UBYCLAbQBSi0O-IlGBGgC1Bod8RLMCoAAABgYID-AEm4BsvlZrRYK4aT3Vo0GG7cysXE41YuHJ7RZDgbzJyTISAJ12C53IwWa8VwsluLBsONW7mYeNzKhcMzmgxng5lzMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZraDodPte9Xvf73SU-z1zj9yv8Cqfj6bD73DKH3a172N1i11vxdOteb-HTYXcrnm7p0W_3uaVHp1s0djnd0qPTrXu9da631Olyyxx2t_TosPvcytdbsTG67D670PQ22wEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AqxwM2Om5-O3-AAAAAAACAAAAgAQAAvphCYAY470T__________8xBugzb2T8____3zDoAfDgA-BBCAAAANCQeLDCVL5NBlEiBcBFGAEAAADIBUxYPjJJJ6hYVPn__--3AnAFACAgMfPv5CqL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iENNYL0wRLUOyp-QUEAFjzCwgAwEbdAAC8EYATdAhaMRisTkDMDgAAAMCd____fz0g43ANJxPbyDabbBa7xcSyWDkXFuNkNDJMdouZx3u6OS-QCEE2rvtsCMvs9x0UlNPTY3YZZCyXySA-aBiWk0EwPxO2GK0mk81yOFsuJoPhaDga7Y8ALgdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDBhHG2W1kcw7XMuDK5RZPNxi1xmQxr4cowGzl2G4fNNFuLXh_TxeLxzWaWLRIMmNuL5GmRThSulcdmWIwWJtNmsRptlrvlzOOZOScmh2W2cY4mYonmZJFOZJd9x-EaTia2kW022Sx2i4llsXIuLMbJaGSY7BYzj79hnO1WFsdwLTOuTG7RZLNxS1wmw1q4MsxGjt3GYTPN1qLXx3SxeHyzmWXfmC0Ho-VusxztG7PlYLTcbZajfYfO8F19zkZlWSX5uHQ7v826tjkNCpfB4n1-L9LQzmgz-jRfiUX1FOc8E6vQ7_f7_X6_3-_3ezdmg8dgMMw82m1i7PJrNj_lUeM9GBSxRHCRTgQPs9therklPs_GbxFLlKaLdKJX-BVOx9Nh97llDrtb97C7xa634unWvd7Cp8PuVjzd0qPf7nNLj063aOxyuqVHp1v3eutcb6nT5ZY57G7p0WH3uZWvt2JjdNl9dqHpbbaIJYLTRToRvYyni_qPGmK4mismw7lyLhlsVgkAAAAAAAAAwBJMM90EAAAAwMmghpvhYrVOBzOZTQa71XIBXARl6QIGAQAAAAAAKNbYYw3wMLsdppdb4vNs_FYGIMGcx2yzzwhirVbLGgAAgAA2AACAAG668SYQi4n7____HwcAAEBGDj0AAAD6fUBU1R64UeuF_wBUiLVarW431mq1AA!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: E55142142678DAEA19AAE590AE7CC104
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: E40F295F7462E0CA414C0944C8AC6906
Requests: 3 HTTP requests in this frame

Frame: https://sync.logly.co.jp/sync/sync.html
Frame ID: 2AA08F9351B0FEEC31F464C9E54D922A
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
Frame ID: 3EA2E79BECC29AFDECF5F86D6E0E8F75
Requests: 4 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: 2199B477D4CED16BCC6FBCAFB108FBA2
Requests: 3 HTTP requests in this frame

Frame: https://706ea89273d4f09bb9a949e5cb0e57fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 8C5D4D00E7E0C6D0A5EC77E5F4468B6C
Requests: 1 HTTP requests in this frame

Frame: https://98b16d71c5b57fda7649ac051107e49c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 9FBEC48E395956D1675B2AA90A85E1A4
Requests: 1 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Frame ID: AD0F9B8EB1FEC402D4E2DE01644DC205
Requests: 5 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Frame ID: AE91B35F9BC78E251EF91FFFCB2C2AFB
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CC8D602C656713F336A0895E6E176170
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0F8DAD0106AE297B2EEF31E4BC92F480
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FE8819C0DA187D653C803DE6E2798135
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E0EAE4D4FD5E0D9CF3A276201AA32D3D
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E97A41B57784589183639EFB14A0D2C3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9C962473F430D9F79B7B4309FB7C735F
Requests: 2 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8UBYCLAbQBSi0O-IlGBGgC1Bod8RLMCoAAABgYID-AEm4BsvlZrRYK4aT3Vo0GG7cysXE41YuHJ7RZDgbzJyTISAJ12C53IwWa8VwsluLBsONW7mYeNzKhcMzmgxng5lzMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZraDodPte9Xvf73SU-z1zj9yv8Cqfj6bD73DKH3a172N1i11vxdOteb-HTYXcrnm7p0W_3uaVHp1s0djnd0qPTrXu9da631Olyyxx2t_TosPvcytdbsTG67D670PQ22wEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AqxwM2Om5-O3-AAAAAAACAAAAgAQAAvphCYAY470T__________8xBugzb2T8____3zDoAfDgA-BBCAAAANCQeLDCVL5NBlEiBcBFGAEAAADIBUxYPjJJJ6hYVPn__--3AnAFACAgMfPv5CqL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iENNYL0wRLUOyp-QUEAFjzCwgAwEbdAAC8EYATdAhaMRisTkDMDgAAAMCd____fz0g43ANJxPbyDabbBa7xcSyWDkXFuNkNDJMdouZx3u6OS-QCEE2rvtsCMvs9x0UlNPTY3YZZCyXySA-aBiWk0EwPxO2GK0mk81yOFsuJoPhaDga7Y8ALgdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDBhHG2W1kcw7XMuDK5RZPNxi1xmQxr4cowGzl2G4fNNFuLXh_TxeLxzWaWLRIMmNuL5GmRThSulcdmWIwWJtNmsRptlrvlzOOZOScmh2W2cY4mYonmZJFOZJd9x-EaTia2kW022Sx2i4llsXIuLMbJaGSY7BYzj79hnO1WFsdwLTOuTG7RZLNxS1wmw1q4MsxGjt3GYTPN1qLXx3SxeHyzmWXfmC0Ho-VusxztG7PlYLTcbZajfYfO8F19zkZlWSX5uHQ7v826tjkNCpfB4n1-L9LQzmgz-jRfiUX1FOc8E6vQ7_f7_X6_3-_3ezdmg8dgMMw82m1i7PJrNj_lUeM9GBSxRHCRTgQPs9therklPs_GbxFLlKaLdKJX-BVOx9Nh97llDrtb97C7xa634unWvd7Cp8PuVjzd0qPf7nNLj063aOxyuqVHp1v3eutcb6nT5ZY57G7p0WH3uZWvt2JjdNl9dqHpbbaIJYLTRToRvYyni_qPGmK4mismw7lyLhlsVgkAAAAAAAAAwBJMM90EAAAAwMmghpvhYrVOBzOZTQa71XIBXARl6QIGAQAAAAAAKNbYYw3wMLsdppdb4vNs_FYGIMGcx2yzzwhirVbLGgAAgAA2AACAAG668SYQi4n7____HwcAAEBGDj0AAAD6fUBU1R64UeuF_wBUiLVarW431mq1AA!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 0B7C1FC7F68A6CA10EFCFD3E70C7E4BB
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A228C5B83DAD8A9B6222505085804C0B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1F9B8E9B228B556C7776139261C0E133
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 5FE8E4F938667884D46E8685B5C8EEDE
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 6E6D0C18D014D4C1DCAFF408F26778AC
Requests: 6 HTTP requests in this frame

Frame: https://21c81788391ff105edde2bd7be6f3be3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Frame ID: E171C3236B53064A4B42A2E54B56236E
Requests: 1 HTTP requests in this frame

Frame: https://df0148ac9ef9f38f8b17dd4402a2e8b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Frame ID: 3BFBB6166C10D5F4656EEBC423E21761
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss9W5A2Tz0G3CcCGshDMetmhIw2UY0R8lNV0JJvyFolb3obUoAzBxtfYH2cP7_vMgE-l4VAlSluj3_xPRNH4z7Rmhc9qI6G3IOSludrljrYaVs9hYZkacZQxr2cxqU31ecy6ASvIT7YRkREIYd7Go8i73bLzELiQoP6JUlBRam_KyWu-BoFeuMtx42dbdRaZh9P2o3ffQW_zz_PMIcvPnJhG3XtnSw8n9m9Xm9vhbYpJvirwU0nIrsLKcyIPmgLjZL76ZBnzMDTVD92ninPj3XECXLgTs6PQIQIu2DouU6M3vyEIK8iC4JeLaxZa1kV94eL6i6XgcDEN3seLfE&sai=AMfl-YQ9186iRb-4Qv0TGGJZul9pS5L-wPOPSWjg93vuMdDZSrU7mGPyO0bKS61DzbETL9ULLVOUF_nImDeECM4i_kUHVNECOxpsHxAcSw&sig=Cg0ArKJSzHGBDVlYJyvCEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: E1186279DA8D717AE39107A635BDF5CF
Requests: 12 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvEWOyQL9SXyWT65t_ijdnh2tU1K6SBtEwQzck8_6AMRl-l5MZq_G53cjp6c5jPkIh7EjhIm07rDUISGAWDody0G-mKZtxHB7lEKF1IRfFlU13sXTYDf9VqRWxqXHbeT3Qm6awRcdRkNvC45jT2F7fFI468tICY6SFE9bFgVtyL21-8zKdzKtCB_kRA3MR1J1_WvUHOJbATJpNzUZ9hE5VhtFp0KPgLlD3HGWPwnI9JE5xzRJ3NuEy7eXgO8nXl7POYkCOExYQZJWp2CBnqb6TULzVxOpAqzcKcnjVKeZ3wkhYAgdOvR9PgT6ftROi0G5RST7opJEW0loMgPLA&sai=AMfl-YT4x4T8U8YUZEW21xb43Nm2eqBMDMgAO8BK51QHrGG7xPBQuBOv9X007Atr8EPuE6EUHvsXBvsbQUbPGU858z_p2_eqyXe9e7fQlA&sig=Cg0ArKJSzHa5wISLcMZbEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 7FFB296EC0407457CB57265266039CF3
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1F50F12BEE999E0257466118B4E05931
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5E4D25435B90D8A388A1F8CEF5D5C7BD
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 30937C9B27BEE47D6D27E36893DFEDDA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A629EBCF057274C327597AA27AEFD5DC
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5961800537962381
Frame ID: 367FE3E3BC20C1EF4CD7774429A7D2A2
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5961800537962381
Frame ID: E537965888E0CDCE6AAD5A864FD1EC87
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20190131/zrt_lookup.html
Frame ID: AEC64CED81360FE26C565E32DE782C87
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961800537962381&output=html&adk=1812271804&adf=376782690&lmt=1690497401&plat=1%3A66056%2C2%3A66056%2C3%3A2163200%2C4%3A2163200%2C8%3A66048%2C9%3A66056%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A66048%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690497401133&bpp=6&bdt=808&idt=243&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&nras=1&correlator=7686918196704&frm=8&ife=4&pv=2&ga_vid=1790434313.1690497401&ga_sid=1690497401&ga_hid=1743074779&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2327036039&scr_x=-12245933&scr_y=-12245933&eid=31076468%2C44759842%2C44759927%2C44759876%2C31076341%2C42531706%2C44788441%2C44798156%2C31076285%2C44797786&oid=2&pvsid=917084475447884&tmod=464361839&uas=0&nvt=1&fsapi=1&top=https%3A%2F%2Fwww.bg3.co%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.im5x50eihmzu&fsb=1&dtd=267
Frame ID: 28B242B2747B7EB92DA75661C7FAC0A0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961800537962381&output=html&h=250&slotname=9099904862&adk=3685774430&adf=712771304&pi=t.ma~as.9099904862&w=300&lmt=1690497401&format=300x250&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690497401133&bpp=5&bdt=808&idt=253&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=7686918196704&frm=8&ife=4&pv=1&ga_vid=1790434313.1690497401&ga_sid=1690497401&ga_hid=1743074779&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2327036039&scr_x=-12245933&scr_y=-12245933&eid=31076468%2C44759842%2C44759927%2C44759876%2C31076341%2C42531706%2C44788441%2C44798156%2C31076285%2C44797786&oid=2&pvsid=917084475447884&tmod=464361839&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.rkkb3fp6fpe4&fsb=1&dtd=277
Frame ID: 73D0E31CB4A6A5D0A198B064C74F642B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961800537962381&output=html&adk=1812271804&adf=376782691&lmt=1690497401&plat=1%3A66056%2C2%3A66056%2C3%3A2163200%2C4%3A2163200%2C8%3A66048%2C9%3A66056%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A66048%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690497401243&bpp=9&bdt=866&idt=250&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&nras=1&correlator=8550616329472&frm=8&ife=4&pv=2&ga_vid=1683500236.1690497402&ga_sid=1690497402&ga_hid=597446510&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=934484031&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759837%2C44759875%2C31076341%2C31076342%2C44788441%2C44798157&oid=2&pvsid=3445700770835679&tmod=948299991&uas=0&nvt=1&fsapi=1&top=https%3A%2F%2Fwww.bg3.co%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.qcxut15h8ki2&fsb=1&dtd=276
Frame ID: AF79D60B8A74D7C26CF8FA881D523709
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961800537962381&output=html&h=250&slotname=9099904862&adk=3685774430&adf=712771305&pi=t.ma~as.9099904862&w=300&lmt=1690497401&format=300x250&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690497401243&bpp=2&bdt=866&idt=260&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=8550616329472&frm=8&ife=4&pv=1&ga_vid=1683500236.1690497402&ga_sid=1690497402&ga_hid=597446510&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=934484031&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759837%2C44759875%2C31076341%2C31076342%2C44788441%2C44798157&oid=2&pvsid=3445700770835679&tmod=948299991&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.fyj2uth3zj7&fsb=1&dtd=285
Frame ID: B680347864ABF4B802C86B1B8083F3E3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1429E3EED2086E209A91B1A1D09EFA97
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3EA480B055742D4A1EA15E442EDB0221
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2E323E9699AF8626D26BAD5CA38A35A2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4448C541FE42C96762A1F8A8D243BC16
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

AI搶飯碗！陸企無限期終止4類職務　股價反漲逾1成 - 天天要聞

Detected technologies

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

296
Requests

95 %
HTTPS

0 %
IPv6

32
Domains

65
Subdomains

49
IPs

10
Countries

4181 kB
Transfer

12217 kB
Size

12
Cookies

31 Outgoing links

These are links going to different origins than the main page.

URL: https://storytohear.com/pt/ho-to-clean-a-burner/
Title: Story To Hear

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%201:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://www.conselhosetruques.com/saude/primeiros-sinais-alzheimer/
Title: Conselhos E Truques

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-a-delta:Below%20Article%20Feed%20|%20Card%202:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://1ce372.bclgcl.com/
Title: Roupas plus size | Links Patrocinados

Search URL Search Domain Scan URL

URL: https://www.conselhosetruques.com/saude/postura-sentada/
Title: Conselhos E Truques

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%203:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://storytohear.com/pt/when-the-key-breaks/
Title: Story To Hear

Search URL Search Domain Scan URL

URL: https://carro-hibrido-ace.fyi/
Title: Carros híbridos mais baratos | Links patrocinados

Search URL Search Domain Scan URL

URL: https://trck.tracking505.com/48d250ec-68bc-41ff-9b5c-4a7c557de798
Title: Limpeza de esgotos | Links Patrocinados

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%205:
Title: Sponsored

Search URL Search Domain Scan URL

URL: http://vogbee.com/br/essas-sao-as-12-casas-mais-incriveis-do-mundo/
Title: VogBee

Search URL Search Domain Scan URL

URL: https://find-dubai-properties.fyi/
Title: Casas em Dubai | Links patrocinados

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Faiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html&ri=4ce28e85d2df2c0d3eff9bcd29752f45&sd=v2_ca582b6d6623171b21e9ab824d0271fc_a867eb18-f8ed-423c-bed0-8e06d17caf46-tuctbbc76f2_1690497394_1690497395_CNawjgYQ2YJdGKnN_MuZMSABKAEwswE4hNQMQOfWDEjS8NgDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=a867eb18-f8ed-423c-bed0-8e06d17caf46-tuctbbc76f2&it=text&ii=~~V1~~-693234722637664694~~GC1b9z2koLp9XzZtsF5jiL-G1Vf6dpCud3NvFT21Up7UsiWdyUS22MjLGFyQIuLGYAbybTIvq96AoF7_1-Otb7T_KGFdD1etn4hCdxpL3ZS3oSsRbr6T_np91agHUDNQ7VkODyVu589y2027397e12ZeUDL-7XNFsqaSiGvSNZAZIca91dGU99vvzFshBfVJMO7Tswj5WH4cylUjQLFLHQ&pt=text&li=rbox-t2v&sig=a93944f78c548f1ba189d63c2c434257647863879711&redir=https%3A%2F%2Ffind-dubai-properties.fyi%3Fref%3Dtaboola-palmate-bg3co%26sub_id%3Dpalmate-bg3co%26sub_id2%3D3203-dubaiapartments3-taboola-pt-cp2%26tbid%3D1353010%26tbclick%3Dsysclick%26compkey%3DDamac%2BCavalli%2BDubai%26rskey%3DVida%2Bde%2Bluxo%2Bno%2Bdeserto%253A%2Bcasas%2B%25C3%25A0%2Bvenda%2Bem%2BDubai%26tblci%3DGiAqOaku_jXEizVctxfI6aw03fCsUS-foOTzwgEM13f2cSCS2FIoraKs1NOnk4YQ%23tblciGiAqOaku_jXEizVctxfI6aw03fCsUS-foOTzwgEM13f2cSCS2FIoraKs1NOnk4YQ&vi=1690497394345&p=southportintelligence-southport18-sc&r=15&lti=deflated&ppb=CIsD&cpb=EhIyMDIzMDcyNy05LVJFTEVBU0UYASCc__________8BKhZ0YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmMwMDE1NziAkoDMC0CE1AxI59YMUNLw2ANY____________AWMI0DcQ_koYMGRjCP___________wEQ____________ARgBZGMI3v__________ARDe__________8BGCJkYwjXFhDVHxgjZGMI2kQQ-FoYE2RjCMv__________wEQy___________ARg1ZGMI3AoQoBAYFmRjCJYUEJocGBhkYwjI__________8BEMj__________wEYOGRjCNIDEOAGGAhkYwikJxCDNRgvZGMI9BQQnh0YH2R4AYABAogByYKMSZABHJgB99L8y5kx&cta=true
Title: Saiba Mais

Search URL Search Domain Scan URL

URL: https://1t5cbr.llsdzktnxwnnr.com/
Title: Carros elétricos | Links Patrocinados

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%207:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://5minstory.com/pt-watermelontricks/
Title: 5minstory.com

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%209:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://n33w2m.llsdzktnxwnnr.com/
Title: Anti-envelhecimento | Links Patrocinados

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Faiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html&ri=31229f6828fe9ff105ec4a0e60921a88&sd=v2_ca582b6d6623171b21e9ab824d0271fc_a867eb18-f8ed-423c-bed0-8e06d17caf46-tuctbbc76f2_1690497394_1690497395_CNawjgYQ2YJdGKnN_MuZMSABKAEwswE4hNQMQOfWDEjS8NgDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=a867eb18-f8ed-423c-bed0-8e06d17caf46-tuctbbc76f2&it=text&ii=~~V1~~4675393292819241819~~wAgVPtsGq1D6iHqqSGWfRc59aoFHRvKX_oTAxYq2fYJ9_9IWyVTZYEw3zPc60dwzHu_TYvngZ3fIkOCpr71_kAqE0_yL1hRu0U20mv8_l1707eJUPRlHB26DDBoWz_NxAvcPbaZCteIfcEM6ab0GSgg41dgAZMtE3ficY8PD7d0W1zdrrt9WLGfYXoWyYLb6ME3FIWDZNlT7mtVeMfctYUrK8emSz2ppVDiOGEHKiTYJjMlvZSGfaCo54h0zs1R5&pt=text&li=rbox-t2v&sig=c2646d0445b6a9f04c5cd053cbe72ab0e92b8a40b286&redir=https%3A%2F%2Fn33w2m.llsdzktnxwnnr.com%3Fnetwork%3Dtaboola%26subid1%3Dpalmate-bg3co%26adtitle%3DOs%2Bmelhores%2Bcremes%2Bantienvelhecimento%2B2023%253A%2Bo%2Branking%2Bvai%2Bte%2Bsurpreender%26subid3%3D1524057%26site%3Dpalmate-bg3co%26click_id%3DGiAqOaku_jXEizVctxfI6aw03fCsUS-foOTzwgEM13f2cSDgh18oz8XPnfeGoqUw%26subid4%3Drr-pt-a-anag3pt-445748-e2805-tb%26kw1%3DOs%2BMelhores%2BCremes%2BAnti-Envelhecimento%2BDe%2BBaixo%2BCusto%2BPortugal%2B2023%26kw2%3D%7BCity%7D%3A%2BOs%2BMelhores%2BCremes%2BAnti-Envelhecimento%2BDe%2BBaixo%2BCusto%2BPortugal%2B2023%26kw3%3DMelhor%2Bpre%C3%A7o%2Bcremes%2Bantienvelhecimento%26kw4%3DCremes%2Bantienvelhecimento%2Bcom%2Bpre%C3%A7os%2Bacess%C3%ADveis%26kw5%3DProdutos%2Bantienvelhecimento%2Bem%2Bconta%2BPre%C3%A7os%26kw6%3DMelhores%2Bop%C3%A7%C3%B5es%2Bantienvelhecimento%2BPortugal%2B2023%26kw7%3DTop%2Bcremes%2Bantienvelhecimento%2BEm%2B2023%26kw8%3DCremes%2Bantienvelhecimento%2Brecomendados%23tblciGiAqOaku_jXEizVctxfI6aw03fCsUS-foOTzwgEM13f2cSDgh18oz8XPnfeGoqUw&vi=1690497394345&p=mmosworld-gazebo-sc&r=1&lti=deflated&ppb=CLoH&cpb=EhIyMDIzMDcyNy05LVJFTEVBU0UYASCc__________8BKhZ0YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmMwMDE1NziAkoDMC0CE1AxI59YMUNLw2ANY____________AWMI0DcQ_koYMGRjCP___________wEQ____________ARgBZGMI3v__________ARDe__________8BGCJkYwjXFhDVHxgjZGMI2kQQ-FoYE2RjCMv__________wEQy___________ARg1ZGMI3AoQoBAYFmRjCJYUEJocGBhkYwjI__________8BEMj__________wEYOGRjCNIDEOAGGAhkYwikJxCDNRgvZGMI9BQQnh0YH2R4AYABAogByYKMSZABHJgB99L8y5kx&cta=true
Title: Clique aqui

Search URL Search Domain Scan URL

URL: https://www.manukafeed.com/bebida-a-eliminar-a-dor-nos-joelhos/
Title: Food Prevent

Search URL Search Domain Scan URL

URL: https://home-tricks.com/pt-cleangasburner/
Title: Home Tricks

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%2011:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://4d3868.llsdzktnxwnnr.com/
Title: Elevador de escada | Links Patrocinados

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=rec-reel-sc2-delta:Below%20Article%20Feed%20|%20Card%2012:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-y-delta:Explore%20More%20|%20Card%202:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-y-delta:Explore%20More%20|%20Card%205:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=next-up-a:Next%20Up:
Title: Sponsored

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://ads.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 98

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
https://eus.rubiconproject.com/usync.html?p=adiiix

Request Chain 102

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
https://eus.rubiconproject.com/usync.html?p=adiiix

Request Chain 134

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=logly&endpoint=apac HTTP 301
https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac

Request Chain 160

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134176&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1690497395&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Faiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690497395529&bpp=16&bdt=1014&idt=350&shv=r20230726&mjsv=m202307200101&ptt=5&saldr=sa&correlator=4815368019072&frm=23&ife=1&pv=2&ga_vid=1825186418.1690497396&ga_sid=1690497396&ga_hid=407695207&ga_fc=0&ga_cid=amp-kDMRU_huGi93d-98PRhpGA&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=89827866&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31076342%2C44788442&oid=2&pvsid=399392432368544&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.sk3ok1pf9aax&fsb=1&dtd=388 HTTP 302
https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html

Request Chain 166

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134177&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1690497395&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Faiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690497395557&bpp=15&bdt=1023&idt=338&shv=r20230726&mjsv=m202307250101&ptt=5&saldr=sa&correlator=4815368019072&frm=23&ife=1&pv=1&ga_vid=1820066225.1690497396&ga_sid=1690497396&ga_hid=1623070609&ga_fc=0&ga_cid=amp-kDMRU_huGi93d-98PRhpGA&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1214&biw=1600&bih=1200&isw=336&ish=280&ifk=1060595247&scr_x=0&scr_y=0&eid=44759876%2C44759842%2C44759927%2C31076088%2C31076341%2C31076426%2C44788442&oid=2&pvsid=724061171302865&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.a8hlh8p083lu&btvi=1&fsb=1&dtd=406 HTTP 302
https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html

Request Chain 194

https://agent.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 195

https://agent.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 263

https://agent.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 264

https://agent.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

296 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request aiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html Show response
www.bg3.co/a/ 54 KB
16 KB 1486ms
954ms Document
text/html 103.231.174.251
XLC-AS-AP XLC GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bg3.co/a/aiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.231.174.251 New York, United States, ASN9744 (XLC-AS-AP XLC GLOBAL, HK),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: db9421b7a9bd0512445edeab8bc040b34c17bb15eaa88656701201997b730373

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

cache-control: max-age=900
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 27 Jul 2023 22:36:33 GMT
etag: "d877-IoJDd0mNPtCC/hppl5ksy9H9wxk"
expires: Thu, 27 Jul 2023 22:51:33 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 277 KB
72 KB 275ms
89ms Script
text/javascript 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/aiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f1.1e100.net

Software

sffe /

Resource Hash

98e6148a24faebb929a0138d6d686d44d5eedc6a33d9415eb0a0f803485bc656

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Thu, 27 Jul 2023 22:36:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72978
x-xss-protection: 0
server: sffe
etag: "c0980513e2e94248"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 27 Jul 2023 22:36:33 GMT

GET
H2 200 amp-sidebar-0.1.js Show response
cdn.ampproject.org/v0/ 31 KB
10 KB 291ms
106ms Script
text/javascript 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-sidebar-0.1.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/aiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f1.1e100.net

Software

sffe /

Resource Hash

226047b6df5b3d94b3177a2d35e39b8814c03acfb95e61eccea40c5eb81328bc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Thu, 27 Jul 2023 22:36:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9690
x-xss-protection: 0
server: sffe
etag: "bf0e1f4c4e9c9147"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 27 Jul 2023 22:36:33 GMT

GET
H2 200 amp-auto-ads-0.1.js Show response
cdn.ampproject.org/v0/ 25 KB
8 KB 318ms
150ms Script
text/javascript 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/aiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f1.1e100.net

Software

sffe /

Resource Hash

cfb99c717c3b8c261e25756ba22ee4e89ef6892ab38f6755699749b4156de1a2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Thu, 27 Jul 2023 22:36:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7621
x-xss-protection: 0
server: sffe
etag: "87192053f7ea25a5"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 27 Jul 2023 22:36:33 GMT

GET
H2

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/
Redirect Chain

https://ads.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

174ms
63ms

Script
application/octet-stream

104.26.5.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/aiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html
Protocol: H2
Server: 104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:36:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8874
alt-svc: h3=":443"; ma=86400
content-length: 40181
last-modified: Tue, 20 Jun 2023 03:04:26 GMT
server: cloudflare
etag: "6491173a-9cf5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tDQ6WO5dAfc3rRoSM%2FukQa6Q3oFpCE%2Bcby%2FDYoDaA97%2FFqxW7JiDR59pJqRiDYWmlkqAtFGJfHZVMzaYURUeVMssoQC3j%2B%2Fa6sDB5y8SsWe%2BbOIos%2FPg4QsopzoV4vrLnw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7ed85caafae94892-LIS

Redirect headers

Location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection: close
Content-length: 0

GET
H2 200 adRecover.js Show response
delivery.adrecover.com/43519/ 41 KB
11 KB 303ms
95ms Script
application/javascript 2.16.202.106
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.adrecover.com/43519/adRecover.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/aiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.202.106 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-202-106.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 6a80566a14ad0c9ed05a4dca600dd0dcd7779caef2e98226cca37fbe89526d3a

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: PT
date: Thu, 27 Jul 2023 22:36:33 GMT
content-encoding: br
last-modified: Thu, 27 Jul 2023 07:00:29 GMT
server: nginx/1.18.0
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
x-cf-geodata: PT
content-length: 10988
expires: Thu, 27 Jul 2023 23:36:33 GMT

GET
H2 200 adpushup.js Show response
cdn.adpushup.com/42753/ 649 KB
136 KB 282ms
94ms Script
application/javascript 2.19.126.93
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/42753/adpushup.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/aiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.93 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-93.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 554f41c382c558ca5515d29a6ae43ca483e4f8b4277293f825e3aea1efb03380

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: PT
date: Thu, 27 Jul 2023 22:36:33 GMT
content-encoding: br
last-modified: Thu, 27 Jul 2023 10:59:21 GMT
server: nginx/1.18.0
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
server-timing: cdn-cache; desc=HIT, edge; dur=7, origin; dur=0, ak_p; desc="469582_34634077_713002624_718_1427_40_0_146";dur=1
x-cf-geodata: PT
content-length: 139299
expires: Thu, 27 Jul 2023 23:36:33 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/palmate-bg3co/ 399 KB
49 KB 311ms
212ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/aiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f2464b544679bc6c80ea8fe6c6972805434a4db84abfffe83ab9a7ff4d3a4613

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: qW6d.Zg4BbVWBfaFJZoMUUWX9JUTZqmW
content-encoding: gzip
via: 1.1 varnish
date: Thu, 27 Jul 2023 22:36:33 GMT
x-amz-request-id: W5N07PDA5JMKPHZ2
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS
x-from-cache: 1
x-envoy-upstream-service-time: 8
x-amz-replication-status: FAILED
content-length: 49407
x-amz-id-2: 9SLt1OJcaVNP7ys8MdcnPNhIiLXTqTT0BXpvBNiwLpN9fSSIEyj3zAK6gcO5/PJ9ovlM4i6zkrQ=
x-served-by: cache-lis1490054-LIS
last-modified: Thu, 27 Jul 2023 19:52:09 UTC
server: nginx
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1690497394.805735,VS0,VE167
etag: "8f4120e986f238616955da27357139228580d63f"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
abp: 24
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 lift_widget.js Show response
nt.compass-fit.jp/ 78 KB
17 KB 1206ms
563ms Script
text/javascript 13.112.76.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/aiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.112.76.83 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-112-76-83.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 8b53df54bbc1d7620104212635f28e252790da3ef3dbb5fa25c459f00bb6d4f9

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jul 2023 22:36:34 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"
content-type: text/javascript
cache-control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate

GET
H2 200 jquery-2.2.2.min.js Show response
code.jquery.com/ 84 KB
29 KB 204ms
81ms Script
application/javascript 69.16.175.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.2.min.js
Requested by: Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: tlb.hwcdn.net
Software: nginx /
Resource Hash: dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:36:34 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-14e98"
surrogate-control: max-age=315360000;hw-h2proxy
vary: Accept-Encoding
x-hw: 1690497394.cdn4-pxy026-mad02.ma1.evs,1690497394.cds035.ma1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000,public
accept-ranges: bytes
content-length: 29880

GET 006998956e9a8a6b23f045cac9807b43.jpg
static.bg3.co/imgs/202105/ 0
0

GET d8691dde61ddc8dff691cb66b2697814.jpg
static.bg3.co/imgs/202203/ 0
0

GET 88e97816b66219f958206092fbab3940.jpg
static.bg3.co/imgs/202106/ 0
0

GET a46b323b933c3a9c2bb27d25f8321ae2.jpg
static.bg3.co/imgs/202105/ 0
0

GET eeb72fc3d9c5e949811f198a8b0e69a2.jpg
static.bg3.co/imgs/202106/ 0
0

GET a1d41a2cd1066a0ecb605c8d599fba80.jpg
static.bg3.co/imgs/202106/ 0
0

GET fda26940b69fac4b7b6c231066ee235f.jpg
static.bg3.co/imgs/202110/ 0
0

GET a35514d610dba13cc5fa00f48edac4c0.jpg
static.bg3.co/imgs/202109/ 0
0

GET a4dd9f1b834f2aabca6aa0d22bcd7d13.jpg
static.bg3.co/imgs/202108/ 0
0

GET 17b7b13f93f4555a9bfebf13705c5691.jpg
static.bg3.co/imgs/202107/ 0
0

GET accf8e03faa280b459bb9355c7750ef7.jpg
static.bg3.co/imgs/202105/ 0
0

GET
H3 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012307150128000/v0/ 8 KB
3 KB 235ms
78ms Script
text/javascript 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307150128000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f1.1e100.net

Software

sffe /

Resource Hash

b031de3df41b8270548e7ef1e786892ff7d876ede2cd02e355b9cea2b9f63bf7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 26 Jul 2023 09:56:32 GMT
age: 132002
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3031
x-xss-protection: 0
server: sffe
etag: "ab4976f290799864"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 25 Jul 2024 09:56:32 GMT

GET
H3 200 amp-ad-0.1.js Show response
cdn.ampproject.org/rtv/012307150128000/v0/ 82 KB
23 KB 242ms
90ms Script
text/javascript 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307150128000/v0/amp-ad-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f1.1e100.net

Software

sffe /

Resource Hash

c9eb6c80b3ac7c6046303f445441f326bf1ffe2b86dc42816a092f110fe4fcf7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 26 Jul 2023 18:32:11 GMT
age: 101063
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23158
x-xss-protection: 0
server: sffe
etag: "79cbf92139ba05f8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 25 Jul 2024 18:32:11 GMT

GET
H2 200 ama Show response
pagead2.googlesyndication.com/getconfig/ 3 KB
820 B 302ms
127ms Fetch
application/json 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/ama?client=ca-pub-3216231935713038&plah=www.bg3.co&ama_t=amp&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Faiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html&__amp_source_origin=https%3A%2F%2Fwww.bg3.co

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

ca66d86191935dda4bb067804600ef739a1ce8b11616cccd179b66a2292dcb67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:36:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 471
x-xss-protection: 0

GET
H3 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012307150128000/v0/ 13 KB
4 KB 236ms
86ms Script
text/javascript 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307150128000/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f1.1e100.net

Software

sffe /

Resource Hash

0f82b62ca70834fa28f5e86b2ff59f8a4b7fc58beff1c711b0fa922c0afe484b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 26 Jul 2023 10:14:47 GMT
age: 130907
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4005
x-xss-protection: 0
server: sffe
etag: "41886e59cfb0dca0"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 25 Jul 2024 10:14:47 GMT

GET
H2 200 impl.20230727-9-RELEASE.js Show response
cdn.taboola.com/libtrc/ 790 KB
164 KB 61ms
61ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20230727-9-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 43a83648821763999517a452b242cd9dc3f25c9278aa8be1e242fd5c1b048e7e

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: P1Qu3yvrKOHpC36FNk8YMgJiSiUmC7do
content-encoding: br
via: 1.1 varnish
date: Thu, 27 Jul 2023 22:36:34 GMT
x-amz-request-id: X4B0JKW6XD1YSF26
age: 18188
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 167336
x-amz-id-2: Ii3mZxmi9aSA4aLZKcX/lz754Pb8COUr5Y9YE7Zy2x/HQBaPeRygA4CdMv3NXyU0eZXwDHCnOJY=
x-served-by: cache-lis1490054-LIS
last-modified: Thu, 27 Jul 2023 09:32:23 GMT
server: AmazonS3-br
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1690497394.166569,VS0,VE0
etag: "5315a99ad6ffedb46c02101d15c92185"
vary: Accept-Encoding
content-type: application/javascript
abp: 18
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 24557

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 92ms
92ms Script
application/javascript 69.16.175.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: tlb.hwcdn.net
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:36:34 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-15d9d"
surrogate-control: max-age=315360000;hw-h2proxy
vary: Accept-Encoding
x-hw: 1690497394.cdn4-pxy026-mad02.ma1.evs,1690497394.cds208.ma1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000,public
accept-ranges: bytes
content-length: 30875

GET
H2 200 block.jpg
delivery.adrecover.com/ 631 B
859 B 93ms
92ms Image
image/jpeg 2.16.202.106
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://delivery.adrecover.com/block.jpg?ts=1690497394245
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/aiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.202.106 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-202-106.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: PT
date: Thu, 27 Jul 2023 22:36:34 GMT
last-modified: Wed, 23 Jun 2021 06:37:54 GMT
server: nginx/1.18.0
etag: "60d2d6c2-277"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
accept-ranges: bytes
content-length: 631
expires: Thu, 27 Jul 2023 23:36:34 GMT

GET
H2 200 pb.42753.1685716554093.js Show response
cdn.adpushup.com/prebid/ 409 KB
120 KB 278ms
95ms Script
application/javascript 2.19.126.93
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.93 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-93.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 2e1c308b644d5be0cb3ca8d1ed6ca9caf2f559a2db097ce23040bb7e6f352d6e

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: PT
date: Thu, 27 Jul 2023 22:36:34 GMT
content-encoding: br
last-modified: Wed, 19 Jul 2023 17:13:32 GMT
server: nginx/1.18.0
etag: W/"64b819bc-66521"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=6, origin; dur=0, ak_p; desc="469582_34634077_713003100_606_1233_41_0_146";dur=1
content-length: 122286
expires: Fri, 26 Jul 2024 22:36:34 GMT

GET
H2 200 quantcast.js Show response
cdn.adpushup.com/pbuseridscripts/ 450 B
555 B 233ms
88ms Script
application/javascript 2.19.126.93
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.93 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-93.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: PT
date: Thu, 27 Jul 2023 22:36:34 GMT
content-encoding: br
last-modified: Mon, 28 Jun 2021 04:15:23 GMT
server: nginx/1.18.0
etag: W/"60d94cdb-1c2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="469582_34634077_713003102_40_1196_41_0_146";dur=1
content-length: 211
expires: Fri, 26 Jul 2024 22:36:34 GMT

GET
H2 200 linkPreview.js Show response
cdn.adpushup.com/42753/ 75 KB
18 KB 239ms
95ms Script
application/javascript 2.19.126.93
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/42753/linkPreview.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/aiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.93 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-93.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: PT
date: Thu, 27 Jul 2023 22:36:34 GMT
content-encoding: br
last-modified: Tue, 13 Dec 2022 07:20:55 GMT
server: nginx/1.18.0
etag: W/"639827d7-12dc3"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
server-timing: cdn-cache; desc=HIT, edge; dur=6, origin; dur=0, ak_p; desc="469582_34634077_713003101_580_1211_41_0_146";dur=1
content-length: 18371
expires: Thu, 27 Jul 2023 23:36:34 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 82 KB
28 KB 406ms
231ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

7dca9308104842c01f8b7fe0ab12664c46388fd73c5dfce42bf5d1edd16fd747

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:36:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27986
x-xss-protection: 0
server: cafe
etag: 124 / 19565 / 31076564 / config-hash: 368072489689106627
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 27 Jul 2023 22:36:34 GMT

GET
H2 200 testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 70 B
310 B 276ms
85ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2OTA0OTczOTQzMTQsInBhY2tldElkIjoiMDAwMEE3MDEtNjViNTlkOGEtMjEzOC00NTkwLTg0N2QtYzgxOTUwNDJkZDY5Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2FpcWlhbmctZmFuLXdhbi1sdS1xaS13dS14aWFuLXFpLXpob25nLXpoaS00bGVpLXpoaS13dS1ndS1qaWUtZmFuLXpoYW5nLXl1LTFjaGVuZy5odG1sIiwibW9kZSI6NCwiZXJyb3JDb2RlIjowLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGwsImNvdW50cnkiOiJQVCJ9&c_b=2139.199998855591
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/aiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jul 2023 22:36:34 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 70 B
309 B 278ms
88ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/aiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jul 2023 22:36:34 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 AGSKWxWGtL7zuZ1y1IcNdDu97XV3A1nSFYlAxzUsMF11iBnZwCEpDsaZDLJvauA2_Cx3VImW-PkAxWSsA1Yld5y1tqA= Show response
fundingchoicesmessages.google.com/f/ 19 KB
8 KB 362ms
184ms Script
application/javascript 216.58.206.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWGtL7zuZ1y1IcNdDu97XV3A1nSFYlAxzUsMF11iBnZwCEpDsaZDLJvauA2_Cx3VImW-PkAxWSsA1Yld5y1tqA=

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f14.1e100.net

Software

ESF /

Resource Hash

bf7d7e68ce9f086dd78826a80ccef3acccb365a5d820ce194f88dcc52e67b7d9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2tgXJxdcwaLeqhVIejeTpw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:36:34 GMT
content-security-policy: script-src 'report-sample' 'nonce-2tgXJxdcwaLeqhVIejeTpw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync Show response
gum.criteo.com/ 46 B
288 B 236ms
76ms Script
text/javascript 178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230727-9-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:36:34 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 252743
expires: 60

GET
H2 200 json Show response
trc.taboola.com/palmate-bg3co/trc/3/ 69 KB
18 KB 469ms
463ms XHR
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-bg3co/trc/3/json?tim=22%3A36%3A34.347&lti=deflated&data=%7B%22id%22%3A834%2C%22ii%22%3A%22%2Fa%2Faiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1690487230568%2C%22vi%22%3A1690497394345%2C%22cv%22%3A%2220230727-9-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Faiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Faiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html%22%2C%22vpi%22%3A%22%2Fa%2Faiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A2760%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Feed%22%2C%22orig_uip%22%3A%22Below%20Article%20Feed%22%2C%22cd%22%3A910%2C%22mw%22%3A760%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fa%2Faiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html%2CBelow%20Article%20Feed%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230727-9-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b5971a99365fc230e114d030dd7b2d488391074a6797da8a12a00ff39cf1ad72

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 415
date: Thu, 27 Jul 2023 22:36:34 GMT
content-encoding: gzip
via: 1.1 varnish
x-fastly-to-nlb-rtt: 109705
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-lis1490054-LIS
server: nginx
x-timer: S1690497394.376391,VS0,VE415
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://www.bg3.co
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H3 200 amp-sticky-ad-1.0.js Show response
cdn.ampproject.org/rtv/012307150128000/v0/ 40 KB
10 KB 80ms
79ms Script
text/javascript 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307150128000/v0/amp-sticky-ad-1.0.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f1.1e100.net

Software

sffe /

Resource Hash

bc3dcb4607fcf860f3b04077f02155d90001cec4df1af09acab0fda30a0ebc39

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 25 Jul 2023 22:31:01 GMT
age: 173133
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10402
x-xss-protection: 0
server: sffe
etag: "c578ba47d9485b23"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 24 Jul 2024 22:31:01 GMT

GET
H3 200 amp-ad-network-adsense-impl-0.1.js Show response
cdn.ampproject.org/rtv/012307150128000/v0/ 213 KB
56 KB 79ms
78ms Script
text/javascript 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307150128000/v0/amp-ad-network-adsense-impl-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f1.1e100.net

Software

sffe /

Resource Hash

13b01783a067f21e1a92d8fa559aa25c7f7bb60b7911dfa994efba7cc9e9d1d4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 25 Jul 2023 22:31:03 GMT
age: 173131
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57626
x-xss-protection: 0
server: sffe
etag: "3e8e186b2ecc0e4f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 24 Jul 2024 22:31:03 GMT

GET
H2 200 ucfad-formats.css
cdn.aralego.net/css/dev/ 975 B
618 B 56ms
55ms Stylesheet
text/css 104.26.5.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:36:34 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8726
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mKwzR9i6xbPGX0nI8HGxjG52ab9ZZAgZTSsSQJXnp%2FKPiAxCC6hkCYmwkRFpcme88tXl8Y58Kcr%2FMkTYqlVki%2FKLZhiPKfRYrYlpbTF2ynsFVuI%2BpPLknhAu9oMSHpLdtA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7ed85cabcd254892-LIS

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ 46 B
488 B 606ms
149ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: b7ba0f19c70dbdde9802aba09e953b5f82c382c13dbef2d082f8eb16de41668c

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 Jul 2023 22:36:35 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.bg3.co
Access-Control-Allow-Credentials: true
Connection: close
Content-Length: 46

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ 46 B
488 B 596ms
149ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: b7ba0f19c70dbdde9802aba09e953b5f82c382c13dbef2d082f8eb16de41668c

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 Jul 2023 22:36:35 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.bg3.co
Access-Control-Allow-Credentials: true
Connection: close
Content-Length: 46

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ 564 B
1 KB 520ms
224ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Faiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.21128913831484408&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 Jul 2023 22:36:34 GMT
X-Width: 336
X-Height: 280
X-AdStyle: banner
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.bg3.co
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-AdSource: PSA
X-Adtype: html
Connection: close
Content-Length: 564

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ 564 B
1 KB 534ms
237ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Faiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=1&cb=0.04480598467055885&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 Jul 2023 22:36:34 GMT
X-Width: 336
X-Height: 280
X-AdStyle: banner
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.bg3.co
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-AdSource: PSA
X-Adtype: html
Connection: close
Content-Length: 564

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
9 KB 262ms
91ms Script
application/javascript 91.228.74.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.228.74.200 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:36:34 GMT
content-encoding: gzip
etag: "sLp6xTjO7svFVaOemhLWUQ=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Thu, 03 Aug 2023 22:36:34 GMT

GET
H3 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012307150128000/v0/ 110 KB
31 KB 82ms
82ms Script
text/javascript 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307150128000/v0/amp-analytics-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f1.1e100.net

Software

sffe /

Resource Hash

b750900b775914263120999b2cc2b11394ea45f6d9ef5478329e3d1d69b17e60

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 25 Jul 2023 22:30:58 GMT
age: 173136
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32157
x-xss-protection: 0
server: sffe
etag: "908a1aa3777c50a9"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 24 Jul 2024 22:30:58 GMT

GET
H2 200 nameframe.html
d-337632010686777775.ampproject.net/2307150128000/ 0
0 324ms
90ms Other
text/html 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d-337632010686777775.ampproject.net/2307150128000/nameframe.html
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s49-in-f3.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 googleanalytics.json Show response
cdn.ampproject.org/rtv/012307150128000/v0/analytics-vendors/ 2 KB
812 B 79ms
78ms Fetch
application/json 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307150128000/v0/analytics-vendors/googleanalytics.json

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f1.1e100.net

Software

sffe /

Resource Hash

8065f98a0c313ee69495c3c529c6d093e08c980c4419bdf2c9c7318925056ead

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 25 Jul 2023 22:30:53 GMT
age: 173141
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 782
x-xss-protection: 0
server: sffe
etag: "c5b3128fd0184624"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 24 Jul 2024 22:30:53 GMT

GET
H2 200 ga4.json Show response
amp.analytics-debugger.com/ 7 KB
3 KB 209ms
73ms Fetch
application/json 172.64.161.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://amp.analytics-debugger.com/ga4.json?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.161.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fcde06d3963713e552d9d46936109ce6d3d389318c4c053217dd0a8b12e7b85

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:36:34 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11038
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 27 Jul 2023 19:32:36 GMT
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7jBi3%2BwwpwngbRMcasl3K6%2BsVNFgHmmqVUYpOlRtqzMsDdEy%2BWIoLhb%2FbWYYkTfwspokNVDstUqDXbSHtrZuXWbXa4Wt9OgWvI%2Fxc9L2v7Nw7DPzvMpf0ZuhBryOqm35TPDtuWi0u5yMVu%2BCDA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: max-age=86400
access-control-allow-credentials: true
x-debug-em-all-ga4amp-version: 20230607
cf-ray: 7ed85cadea8c3147-MAD

GET
H3 200 gtag.json Show response
cdn.ampproject.org/rtv/012307150128000/v0/analytics-vendors/ 3 KB
956 B 80ms
80ms Fetch
application/json 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307150128000/v0/analytics-vendors/gtag.json

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f1.1e100.net

Software

sffe /

Resource Hash

0cdc1d09aac29df4b32648b075b088d83174193624fe3c219cfd777692c9ba81

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 25 Jul 2023 22:31:14 GMT
age: 173120
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 926
x-xss-protection: 0
server: sffe
etag: "abaaf95b36ef21fc"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 24 Jul 2024 22:31:14 GMT

POST
H2 200 amp Show response
www.googletagmanager.com/gtag/ 684 B
763 B 269ms
91ms Fetch
application/json 142.250.186.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fwww.bg3.co

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

2aec7a278e6dcbc6fe1215aa393f819226b5ce4c8e0490f7ff1e263f29b07f89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=utf-8

Response headers

date: Thu, 27 Jul 2023 22:36:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="amp.json"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 305
x-xss-protection: 0
pragma: no-cache
amp-access-control-allow-source-origin: https://www.bg3.co
server: Google Tag Manager
vary: *
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.bg3.co
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/ 386 KB
123 KB 85ms
84ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js?cb=31076564

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

964783a75f5a7ecc32d48da45cc6025af80e263d6ba6530dc62cc25865b2eb00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 19:36:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10778
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125535
x-xss-protection: 0
server: cafe
etag: 10403599952857238940
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 26 Jul 2024 19:36:56 GMT

GET
H2 200 rules-p-54Nt-1NAaEEe0.js Show response
rules.quantcount.com/ 160 B
633 B 285ms
93ms Script
application/javascript 13.32.110.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-34.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:17:16 GMT
via: 1.1 ba761cfda8bfa6cbda2b6c433d6201f6.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 1160
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Thu, 13 Oct 2022 15:29:19 GMT
server: AmazonS3
etag: "05b131079c67d484167fd1b1f6c79577"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: AP-UmAjiorY9EXs6GaR419PDhDssR58wdS3Ot0vKhr7MVioHjUi1RQ==

GET
H2 200 floating-unit.20230727-9-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 8 KB
3 KB 45ms
45ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/floating-unit.20230727-9-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0d52e28e2f00236047c1ae1e1b2b9cbf80687d8df9fa6c825bf4caaa526eabd4

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: lOIVqLtwKMwRpZIC41BfVie56mYi1tkS
content-encoding: gzip
via: 1.1 varnish
date: Thu, 27 Jul 2023 22:36:34 GMT
x-amz-request-id: EZHGZ9Z9QZB03B6Z
age: 10044
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 2473
x-amz-id-2: 7X2dmV0rY6/BGBGE1QfxwhZkTmkaH4pLlbx9n/iwStZV1jvO68bZf4GrfIcHsL6CuvAmGfveMUY=
x-served-by: cache-lis1490054-LIS
last-modified: Thu, 27 Jul 2023 19:49:11 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1690497395.882846,VS0,VE0
etag: "0ad8e98b8638363eab678bed577a126f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 28
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 2414

GET
H2 200 taboola-vignette-new-scanning.20230727-9-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 27 KB
8 KB 45ms
45ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/taboola-vignette-new-scanning.20230727-9-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7d8a0b440d7068d5cb52547946da570da8238088d744ce73cbd6129b87200a12

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 0gvhJzyWJ0O0fTz1L06njZoewGR.BKOf
content-encoding: gzip
via: 1.1 varnish
date: Thu, 27 Jul 2023 22:36:34 GMT
x-amz-request-id: J0NNDB20EKDN1F4K
age: 10024
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 8011
x-amz-id-2: FT5MfRrYR/zExz42yYduwydAOQgBt2WTbDkhsq7fiFfcxEmHrHZCWM5/0Mk0b5hWWkDy4UfP2Bo=
x-served-by: cache-lis1490054-LIS
last-modified: Thu, 27 Jul 2023 19:49:30 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1690497395.883647,VS0,VE0
etag: "8295deef603701ecd7b23f274d2080a4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 93
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 1675

GET
H2 200 distance-from-article.20230727-9-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 46ms
46ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/distance-from-article.20230727-9-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 391add0d2045e77baa1b849271fcdfafdda692ea202619fcba7aa38d96cac4a5

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: H29hTfV7P2oHV7BwXErg14vnCJS0E5.j
content-encoding: gzip
via: 1.1 varnish
date: Thu, 27 Jul 2023 22:36:34 GMT
x-amz-request-id: NZDXKYXXPCY5HS4Y
age: 10055
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1133
x-amz-id-2: rFaWf+A7UQIe+pvfkM4pni0hXtGzgIucACYiWN44V/dEaJKSAP+4RZYHC0C1ii5zWKJcxtvgru0=
x-served-by: cache-lis1490054-LIS
last-modified: Thu, 27 Jul 2023 19:48:59 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1690497395.894452,VS0,VE0
etag: "8db15f3ca0ef2fc76b365691189d41f2"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 41
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 11969

GET
H2 200 article-detection.20230727-9-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 3 KB
2 KB 47ms
47ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/article-detection.20230727-9-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 54d276379c74a84f2a492dffd42961f41b243e4e938eef6d3125375cb91709de

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: cliTL8LcmrnnctECk9IY4Fk7XUYz33TI
content-encoding: gzip
via: 1.1 varnish
date: Thu, 27 Jul 2023 22:36:34 GMT
x-amz-request-id: 3YZY62G1AXWRRENT
age: 10063
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1271
x-amz-id-2: /cgHdalM8GD3h9e2pe6rXU6Q/VKqykDyogTwj0kX7YTbe6OqQxNVj4aAX3Zb/TLhAEdlngat47I=
x-served-by: cache-lis1490054-LIS
last-modified: Thu, 27 Jul 2023 19:48:52 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1690497395.894618,VS0,VE0
etag: "2ddb5ce84174e516dfa7d41f580c44f5"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 92
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 11981

GET
H2 200 UnitFeedManagerDesktop.min.js Show response
vidstat.taboola.com/lite-unit/4.1.6/ 123 KB
35 KB 63ms
47ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/4.1.6/UnitFeedManagerDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230727-9-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f4c557c95855835a07b591d52282cf17f1a94a1bf3f93e496dfce6994a14b01e

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:36:34 GMT
via: 1.1 9286764bc0c8327719870fa33a225c9a.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: LIS50-C1
age: 41579
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront, HIT
content-length: 35355
x-served-by: cache-lis1490054-LIS
last-modified: Thu, 27 Jul 2023 11:02:49 GMT
server: AmazonS3
x-timer: S1690497395.913133,VS0,VE0
etag: "23fd6bc627e1f80544a173529f6c0abc"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: 20IPOPP-LHgPz2jF0Ol30SqS7QgTJOXsGvlKAmpauBDpL4IOseRg_w==
x-cache-hits: 1607

GET
H2 200 feed-card-placeholder.20230727-9-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
2 KB 47ms
46ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/feed-card-placeholder.20230727-9-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bd110b4002f47a83a112825349eae1f0198cf7e339fd26b633fc8146ae479daf

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Rbw.KtFFcl6891f7eSW7toOHxnX5YFQk
content-encoding: gzip
via: 1.1 varnish
date: Thu, 27 Jul 2023 22:36:34 GMT
x-amz-request-id: MRKWFTPG4AR037SA
age: 10050
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1262
x-amz-id-2: WLiNX8QI5Yu1U9Y2yjkAPfROGkqBe1CD6/fohI5Xnij6MTs+8ay4u7Z4hK2t4KrsmyXQnsy2w/Q=
x-served-by: cache-lis1490054-LIS
last-modified: Thu, 27 Jul 2023 19:49:05 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1690497395.901491,VS0,VE0
etag: "d72141d67c328c0ef8b577abb34b370d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 86
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 8651

GET
H2 200 userx.20230727-9-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 17 KB
6 KB 47ms
47ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20230727-9-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c36b2a6e516f95a7565daca995489c486f3af12e10cc2feb19c3b53b83cefff5

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: bvuGEg9hoMWlO.GRq5jfKUZQBgoyuWtQ
content-encoding: gzip
via: 1.1 varnish
date: Thu, 27 Jul 2023 22:36:34 GMT
x-amz-request-id: F8S4JZWX7SA8800S
age: 10022
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5398
x-amz-id-2: +/eOg4Fr8ay2FfC+odeg72S1ZnfLBuu7XJdfYvykFr9c02bsNCrByjCjT/+K2v+8kqB6h3Dm5Pk=
x-served-by: cache-lis1490054-LIS
last-modified: Thu, 27 Jul 2023 19:49:34 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1690497395.905311,VS0,VE0
etag: "fb1f0beee9fcbe2ba80b90fb585a8044"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 23
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 1151

GET
H2 200 explore-more.20230727-9-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 30 KB
9 KB 46ms
45ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/explore-more.20230727-9-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 91bf1a6cedc2b670e224abf867b580ebeee8076263c665b53d6c4aed3e37acfe

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: pSp4cz5yBLvYhz4W1vhjVY7CNkf7uUNo
content-encoding: gzip
via: 1.1 varnish
date: Thu, 27 Jul 2023 22:36:34 GMT
x-amz-request-id: 642J23KQWC7ZPARJ
age: 10051
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 8777
x-amz-id-2: pFlOprxe11WsJhN8e+E1g2b25yO5oOkUzEeWze9/VfWz+yH8NyXNOLWOK+cN2HEx5ANjCZErnEg=
x-served-by: cache-lis1490054-LIS
last-modified: Thu, 27 Jul 2023 19:49:04 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1690497395.921445,VS0,VE0
etag: "edf758b47d6a232675d6fc2d5521396c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 36
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 5259

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
231 B 407ms
123ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&lti=deflated&ri=709469f4970641b642c2660d9dce7906&sd=v2_ca582b6d6623171b21e9ab824d0271fc_a867eb18-f8ed-423c-bed0-8e06d17caf46-tuctbbc76f2_1690497394_1690497394_CNawjgYQ2YJdGKnN_MuZMSABKAEwswE4hNQMQOfWDEjS8NgDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=a867eb18-f8ed-423c-bed0-8e06d17caf46-tuctbbc76f2&pi=/a/aiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html&wi=1010942667291196277&pt=text&vi=1690497394345&d=%7B%22event_type%22%3A%22next_up%22%2C%22event_state%22%3A%22RENDERED%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3Anull%7D&tim=22%3A36%3A34.860&id=769&llvl=2&cv=20230727-9-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/aiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 27 Jul 2023 22:36:35 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
231 B 407ms
123ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&lti=deflated&ri=709469f4970641b642c2660d9dce7906&sd=v2_ca582b6d6623171b21e9ab824d0271fc_a867eb18-f8ed-423c-bed0-8e06d17caf46-tuctbbc76f2_1690497394_1690497394_CNawjgYQ2YJdGKnN_MuZMSABKAEwswE4hNQMQOfWDEjS8NgDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=a867eb18-f8ed-423c-bed0-8e06d17caf46-tuctbbc76f2&pi=/a/aiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html&wi=1010942667291196277&pt=text&vi=1690497394345&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-before-load%22%2C%22eventTime%22%3A1690497394861%7D&tim=22%3A36%3A34.861&id=2984&llvl=2&cv=20230727-9-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/aiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 27 Jul 2023 22:36:35 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
231 B 406ms
122ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&lti=deflated&ri=709469f4970641b642c2660d9dce7906&sd=v2_ca582b6d6623171b21e9ab824d0271fc_a867eb18-f8ed-423c-bed0-8e06d17caf46-tuctbbc76f2_1690497394_1690497394_CNawjgYQ2YJdGKnN_MuZMSABKAEwswE4hNQMQOfWDEjS8NgDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=a867eb18-f8ed-423c-bed0-8e06d17caf46-tuctbbc76f2&pi=/a/aiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html&wi=1010942667291196277&pt=text&vi=1690497394345&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1690497394867%7D&tim=22%3A36%3A34.868&id=2381&llvl=2&cv=20230727-9-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/aiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 27 Jul 2023 22:36:35 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
231 B 406ms
122ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&lti=deflated&ri=709469f4970641b642c2660d9dce7906&sd=v2_ca582b6d6623171b21e9ab824d0271fc_a867eb18-f8ed-423c-bed0-8e06d17caf46-tuctbbc76f2_1690497394_1690497394_CNawjgYQ2YJdGKnN_MuZMSABKAEwswE4hNQMQOfWDEjS8NgDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=a867eb18-f8ed-423c-bed0-8e06d17caf46-tuctbbc76f2&pi=/a/aiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html&wi=1010942667291196277&pt=text&vi=1690497394345&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=22%3A36%3A34.899&id=1732&llvl=2&cv=20230727-9-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/aiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 27 Jul 2023 22:36:35 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
90 B 405ms
122ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=22%3A36%3A34.902&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-rec-reel-01-x-delta&llvl=2&id=7239&cv=20230727-9-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/aiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:36:35 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 76610

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
91 B 404ms
121ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=22%3A36%3A34.904&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-x-delta&llvl=2&id=444&cv=20230727-9-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/aiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:36:35 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 76610

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
90 B 122ms
119ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=22%3A36%3A34.910&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-b-em-delta&llvl=2&id=9492&cv=20230727-9-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/aiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:36:35 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 76584

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
90 B 122ms
120ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=22%3A36%3A34.949&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=2080&cv=20230727-9-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/aiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:36:35 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 76584

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
90 B 123ms
120ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=22%3A36%3A34.958&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=2353&cv=20230727-9-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/aiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:36:35 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 76584

GET
H2 200 f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 4 KB
2 KB 46ms
45ms Image
image/svg+xml 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/aiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding: gzip
via: 1.1 varnish
date: Thu, 27 Jul 2023 22:36:34 GMT
x-amz-request-id: 059ZEMN3RJ2RVDH8
age: 116
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1758
x-amz-id-2: Uqp3/so7O5QYv3FWcpwAOgju02flQmqVEsjYqRmHIJMcvUuXH0zuWlPp4rIZfSi9EKtGo6/hebw=
x-served-by: cache-lis1490054-LIS
last-modified: Wed, 07 Feb 2018 11:15:52 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1690497395.986823,VS0,VE0
etag: "b8b410e4b18d45aa2f3d9bc09cd335fb"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
abp: 99
cache-control: private,max-age=31536000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 48

GET
H2 200 json Show response
trc.taboola.com/palmate-bg3co/trc/3/ 20 KB
7 KB 379ms
379ms XHR
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-bg3co/trc/3/json?tim=22%3A36%3A34.980&route=AM:IL:V&lti=deflated&data=%7B%22id%22%3A221%2C%22ii%22%3A%22%2Fa%2Faiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3A%22v2_ca582b6d6623171b21e9ab824d0271fc_a867eb18-f8ed-423c-bed0-8e06d17caf46-tuctbbc76f2_1690497394_1690497394_CNawjgYQ2YJdGKnN_MuZMSABKAEwswE4hNQMQOfWDEjS8NgDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA%22%2C%22ui%22%3A%22a867eb18-f8ed-423c-bed0-8e06d17caf46-tuctbbc76f2%22%2C%22uifp%22%3A%22a867eb18-f8ed-423c-bed0-8e06d17caf46-tuctbbc76f2%22%2C%22lbt%22%3A1690487230568%2C%22vi%22%3A1690497394345%2C%22cv%22%3A%2220230727-9-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Faiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22stop_tslt%22%3Atrue%2C%22ack_exm%22%3Atrue%2C%22ack_vig%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Faiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html%22%2C%22vpi%22%3A%22%2Fa%2Faiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A4120%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Feed%22%2C%22orig_uip%22%3A%22Below%20Article%20Feed%22%2C%22cd%22%3A910%2C%22mw%22%3A760%2C%22fi%22%3A5%2C%22fb%22%3A2%2C%22fti%22%3A%22delta-override%3A10669677%3APUBLISHED%22%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fa%2Faiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html%2CBelow%20Article%20Feed%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_2%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230727-9-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ce1008fa4dd191756f6b02cf1f42a3e933eee8796ebccd67d7564d85e04a859b

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 334
date: Thu, 27 Jul 2023 22:36:35 GMT
content-encoding: gzip
via: 1.1 varnish
x-fastly-to-nlb-rtt: 107666
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-lis1490054-LIS
server: nginx
x-timer: S1690497395.003777,VS0,VE334
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://www.bg3.co
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 f85f7707-22e5-4bab-b591-d834e0b2afad__KhYtpl6m.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_585%2Cw_780%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 40 KB
40 KB 58ms
57ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_585%2Cw_780%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/f85f7707-22e5-4bab-b591-d834e0b2afad__KhYtpl6m.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/aiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5c2aae51eadfcac5140a0b7eced1b25f1836855b465997e039fc7e9647b98ff2

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 27 Jul 2023 22:36:35 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_585%2Cw_780%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/f85f7707-22e5-4bab-b591-d834e0b2afad__KhYtpl6m.jpg
age: 802814
edge-cache-tag: 551899590818595054600822573868099260938,457773173688262832995303362398680601265,29ecf9b93bbf306179626feeda1fab70
cache-tag: 551899590818595054600822573868099260938,457773173688262832995303362398680601265,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 604
req-referer: https://tvhistoria.com.br/
content-length: 40476
x-request-id: 9b6aaee0f285c5b7aa83f0af85769e9d
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kiad7000101-IAD, cache-iad-kcgs7200031-IAD, cache-lga21928-LGA, cache-iad-kcgs7200067-IAD, cache-lis1490054-LIS
last-modified: Tue, 18 Jul 2023 15:06:49 GMT
server: nginx
x-timer: S1690497395.020273,VS0,VE1
etag: "6acd1a1e2337787030069f473de256aa"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 1

GET
H2 200 f85f7707-22e5-4bab-b591-d834e0b2afad__KhYtpl6m.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 46 KB
47 KB 45ms
45ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/f85f7707-22e5-4bab-b591-d834e0b2afad__KhYtpl6m.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/aiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5e6bd9cf799ddb4e4867ebbd8eda5ebb6de73f8a2adb0e7f01e238cd4e566cfd

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Thu, 27 Jul 2023 22:36:35 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/f85f7707-22e5-4bab-b591-d834e0b2afad__KhYtpl6m.jpg
age: 795091
edge-cache-tag: 551899590818595054600822573868099260938,498584393636076703798430334516519001030,29ecf9b93bbf306179626feeda1fab70
cache-tag: 551899590818595054600822573868099260938,498584393636076703798430334516519001030,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 659
req-referer: https://www.fcporto.ws/
content-length: 47410
x-request-id: a3b3bfaebf707f591e391afb3cbdb8ec
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kiad7000116-IAD, cache-iad-kcgs7200030-IAD, cache-sna10738-LGB, cache-iad-kjyo7100100-IAD, cache-lis1490054-LIS
last-modified: Tue, 18 Jul 2023 15:06:49 GMT
server: nginx
x-timer: S1690497395.020355,VS0,VE0
etag: "9b3a046ea2b85286e46798e36a383a84"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1, 2

GET
H2 200 alzheimer.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//content-cdn.conselhosetruques.com/2019/02/ 15 KB
16 KB 70ms
70ms Image
image/jpeg 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//content-cdn.conselhosetruques.com/2019/02/alzheimer.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/aiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: d04273e6e9b7f70c435216290cf89b73705f3d6776f029fb7381b4b9f9412712

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 27 Jul 2023 22:36:35 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//content-cdn.conselhosetruques.com/2019/02/alzheimer.jpg
age: 101997
edge-cache-tag: 553835927522820360324453143143372861372,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag: 553835927522820360324453143143372861372,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: HIT, HIT, HIT
content-length: 15316
x-request-id: bc8d2ca3a35ed2c0e81786646579fdce
x-backend-name: CLOUDINARY-FALLBACK:3FP7YNX3LMizprTZsG7BSW--F_addr_taboola_res_cloudinary_com
x-served-by: cache-iad-kiad7000065-IAD, cache-iad-kcgs7200176-IAD, cache-lis1490054-LIS
last-modified: Tue, 25 Jul 2023 19:50:21 GMT
server: cloudinary
x-timer: S1690497395.023372,VS0,VE1
etag: "7c0048a1a205c303ad8559eb46e5dd42"
vary: ImageFormat
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 599d7f4384d9e2beedbc53947394621a.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 9 KB
10 KB 46ms
45ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/599d7f4384d9e2beedbc53947394621a.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/aiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0206609580036d8f0b5f32b836445fb52c6dadb24723714c4fb9fbfd5abe269c

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 27 Jul 2023 22:36:35 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/599d7f4384d9e2beedbc53947394621a.jpg
age: 1476384
edge-cache-tag: 631235887231071700323251432697040904720,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 631235887231071700323251432697040904720,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 91
req-referer: https://www.lefigaro.fr/faits-divers/paris-arrete-pour-ivresse-la-police-reconnait-le-suspect-d-un-meurtre-20230710
content-length: 9234
x-request-id: ae9f002916b23ea88530ecb14c25ee79
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kjyo7100053-IAD, cache-iad-kiad7000140-IAD, cache-sna10732-LGB, cache-iad-kiad7000032-IAD, cache-lis1490054-LIS
last-modified: Mon, 10 Jul 2023 20:30:11 GMT
server: nginx
x-timer: S1690497395.073564,VS0,VE1
etag: "36509a4947c70b8aa8d1575f6596aea4"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 1, 4, 1

GET
H2 200 postura-sentada.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//content-cdn.conselhosetruques.com/2018/10/ 12 KB
13 KB 48ms
47ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//content-cdn.conselhosetruques.com/2018/10/postura-sentada.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/aiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3731201e9605be2a0c37762908a089ce4e22e1276209497ff198fc2d6e8bbaa8

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 27 Jul 2023 22:36:35 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//content-cdn.conselhosetruques.com/2018/10/postura-sentada.png
age: 3460372
edge-cache-tag: 377596553409262504531769922173813070332,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 377596553409262504531769922173813070332,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time: 187
expiration: expiry-date="Fri, 14 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://topgentlemen.com/
content-length: 12160
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kiad7000141-IAD, cache-iad-kcgs7200170-IAD, cache-sna10745-LGB, cache-iad-kcgs7200158-IAD, cache-lis1490054-LIS
last-modified: Tue, 13 Jun 2023 11:45:13 GMT
server: nginx
x-timer: S1690497395.095466,VS0,VE1
etag: "d1fd32d6082783984496e1265701e8a9"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 0, 1

GET
H2 200 7e3a63bf-2e35-450a-8bce-964a5da694b6__mCPmc8Df.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 17 KB
17 KB 51ms
50ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/7e3a63bf-2e35-450a-8bce-964a5da694b6__mCPmc8Df.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/aiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1855b233011b7815f72ae2d9871b5b8dd995fd86c43937a516782f43a4b03850

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 27 Jul 2023 22:36:35 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/7e3a63bf-2e35-450a-8bce-964a5da694b6__mCPmc8Df.jpg
age: 301307
edge-cache-tag: 310326216237178720098192941328349951601,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag: 310326216237178720098192941328349951601,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 132
expiration: expiry-date="Mon, 07 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://jovempan.com.br/
content-length: 16960
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kcgs7200144-IAD, cache-iad-kiad7000103-IAD, cache-chi-kigq8000147-CHI, cache-iad-kiad7000022-IAD, cache-lis1490054-LIS
last-modified: Fri, 07 Jul 2023 22:35:59 GMT
server: nginx
x-timer: S1690497395.095691,VS0,VE1
etag: "167f80f227b1856681b0603a4aeed717"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 1

GET
H2 200 c59ba3f9-37f3-41d2-a84d-5f202edfdf9f_1000x600.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/images/ 27 KB
28 KB 48ms
48ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/images/c59ba3f9-37f3-41d2-a84d-5f202edfdf9f_1000x600.jpeg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/aiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 92f34307c9aa2d9c285ecdb1eaa33f006aadb4c34ba4e305514f60b9f3574d50

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 27 Jul 2023 22:36:35 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/images/c59ba3f9-37f3-41d2-a84d-5f202edfdf9f_1000x600.jpeg
age: 3466473
edge-cache-tag: 435567772156701355052449828181938208725,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 435567772156701355052449828181938208725,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 572
expiration: expiry-date="Sun, 16 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.abola.pt/
content-length: 27566
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kcgs7200069-IAD, cache-iad-kiad7000100-IAD, cache-sna10743-LGB, cache-iad-kiad7000115-IAD, cache-lis1490054-LIS
last-modified: Thu, 15 Jun 2023 13:21:45 GMT
server: nginx
x-timer: S1690497395.120191,VS0,VE1
etag: "95b4e770f0e50adfab58f22190953789"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 11, 1

GET
H2 200 f85f7707-22e5-4bab-b591-d834e0b2afad__KhYtpl6m.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 54 KB
55 KB 45ms
45ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/f85f7707-22e5-4bab-b591-d834e0b2afad__KhYtpl6m.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/aiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a4d717e4a3db30d082da88e16c3e4a17f62f27efcd2a23d1a4e36de8011981dc

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Thu, 27 Jul 2023 22:36:35 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/f85f7707-22e5-4bab-b591-d834e0b2afad__KhYtpl6m.jpg
age: 804585
edge-cache-tag: 551899590818595054600822573868099260938,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 551899590818595054600822573868099260938,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time: 343
req-referer: https://beleza.umcomo.com.br/
content-length: 55420
x-request-id: aa31c916fc6309f865e993190d3ee80f
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kcgs7200117-IAD, cache-iad-kiad7000027-IAD, cache-sna10744-LGB, cache-iad-kcgs7200063-IAD, cache-lis1490054-LIS
last-modified: Tue, 18 Jul 2023 15:06:50 GMT
server: nginx
x-timer: S1690497395.127882,VS0,VE0
etag: "309cb0f33421d6166bbfa50c84cf557f"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 0, 4

GET
H2 200 postura-sentada.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//content-cdn.conselhosetruques.com/2018/10/ 12 KB
13 KB 46ms
46ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//content-cdn.conselhosetruques.com/2018/10/postura-sentada.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/aiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: cb982f3208ae1f48716dcc0a8129eb03aa8579bac839f29e4a3c3b0d8be3848f

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 27 Jul 2023 22:36:35 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//content-cdn.conselhosetruques.com/2018/10/postura-sentada.png
age: 1063750
edge-cache-tag: 377596553409262504531769922173813070332,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 377596553409262504531769922173813070332,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 201
req-referer: https://www.fcporto.ws/
content-length: 12346
x-request-id: 85c6304e58c2fc47a822a4c9d95cc1ed
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kcgs7200085-IAD, cache-iad-kjyo7100068-IAD, cache-sna10740-LGB, cache-iad-kjyo7100092-IAD, cache-lis1490054-LIS
last-modified: Wed, 21 Jun 2023 07:37:46 GMT
server: nginx
x-timer: S1690497395.144043,VS0,VE1
etag: "fa734a931dc31f6cebf2368eda06c8cb"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 1, 5, 1

GET
H2 200 alzheimer.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//content-cdn.conselhosetruques.com/2019/02/ 22 KB
23 KB 48ms
47ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//content-cdn.conselhosetruques.com/2019/02/alzheimer.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/aiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3619de6dd28979bd9795dae9f2c1a1d85b6e5d16e25215bcaad590a48ded4b32

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 27 Jul 2023 22:36:35 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//content-cdn.conselhosetruques.com/2019/02/alzheimer.jpg
age: 1786188
edge-cache-tag: 553835927522820360324453143143372861372,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 553835927522820360324453143143372861372,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 270
expiration: expiry-date="Tue, 18 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://indeedfinance.com/
content-length: 22410
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kjyo7100045-IAD, cache-iad-kjyo7100074-IAD, cache-lga21946-LGA, cache-iad-kiad7000030-IAD, cache-lis1490054-LIS
last-modified: Sat, 17 Jun 2023 17:30:01 GMT
server: nginx
x-timer: S1690497395.146866,VS0,VE1
etag: "6407e569010adbf65f119f83e03db13e"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 3, 1

GET
H2 200 599d7f4384d9e2beedbc53947394621a.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 21 KB
22 KB 559ms
559ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/599d7f4384d9e2beedbc53947394621a.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/aiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d5263acb14521ee14316b49899c641ca2472c42c3c35c84d547a8e8cd98ed37d

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 513
date: Thu, 27 Jul 2023 22:36:35 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/599d7f4384d9e2beedbc53947394621a.jpg
age: 229651
edge-cache-tag: 631235887231071700323251432697040904720,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 631235887231071700323251432697040904720,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, MISS, MISS
x-envoy-upstream-service-time: 394
expiration: expiry-date="Thu, 10 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.bg3.co/
content-length: 21700
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kjyo7100053-IAD, cache-iad-kiad7000140-IAD, cache-lga21925-LGA, cache-iad-kiad7000026-IAD, cache-lis1490054-LIS
last-modified: Mon, 10 Jul 2023 20:30:11 GMT
server: nginx
x-timer: S1690497395.171823,VS0,VE513
etag: "36509a4947c70b8aa8d1575f6596aea4"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 1, 0, 0

GET
H2 200 next-up-widget.20230727-9-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 16 KB
5 KB 53ms
53ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/next-up-widget.20230727-9-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0e3d8fefb06a49434922a615f2f6fc7693bf2d59c6cfca15aabb91a8f9aca7c1

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: nMqKc8v0vasvRXiFyFw2y4RhxFsWjEzR
content-encoding: gzip
via: 1.1 varnish
date: Thu, 27 Jul 2023 22:36:35 GMT
x-amz-request-id: YPTQA7H0CSQMW4WD
age: 10041
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 4623
x-amz-id-2: 5M6O/uf07DqX2MeewIwa5MwMxYgpMfBwjknfyJclho1DrYV7xZ0S2r/QeoDPHZcBkurlaRWGRdM=
x-served-by: cache-lis1490054-LIS
last-modified: Thu, 27 Jul 2023 19:49:14 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1690497395.041244,VS0,VE0
etag: "0e2e4a56e106f372a41c750ae738705f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 34
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 2362

GET
H2 200 im-uid-hook.js Show response
dmp.im-apps.net/scripts/ 633 B
569 B 287ms
86ms Script
text/javascript 23.53.42.112
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=6858
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.42.112 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-42-112.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 69fa4215009a4325ef2d8ed36a318853ec8597bfa8fc52197de529582b85a965

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/javascript
date: Thu, 27 Jul 2023 22:36:35 GMT
content-encoding: gzip
cache-control: private, no-store
content-length: 445
vary: Accept-Encoding
p3p: CP="NOI PSD OTR"

GET
H/1.1 200
OK lift.json Show response
l.logly.co.jp/ 0
603 B 471ms
289ms Script
text/plain 13.32.145.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.logly.co.jp/lift.json?adspot_id=4308934&widget_id=92995&auc_id=&callback=_lgy_lift_callback_4308934&render_id=MTY5MDQ5NzM5NF8xXzcxZmZiMjZjZGYwZQ%3D%3D&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Faiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html&ref=
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.145.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-145-27.cdg50.r.cloudfront.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 Jul 2023 22:36:35 GMT
Via: 1.1 a1968deaa8ed5b7509e3f95848e4d7ec.cloudfront.net (CloudFront)
Server: nginx
X-Amz-Cf-Pop: CDG50-C2
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
P3P: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
X-Amz-Cf-Id: ZWX70jZUG_8iJF0Np-0Tw0XlBG_43KuOdD3zrUXbBVhnx5KsnBbAEQ==

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
231 B 124ms
121ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&lti=deflated&ri=709469f4970641b642c2660d9dce7906&sd=v2_ca582b6d6623171b21e9ab824d0271fc_a867eb18-f8ed-423c-bed0-8e06d17caf46-tuctbbc76f2_1690497394_1690497394_CNawjgYQ2YJdGKnN_MuZMSABKAEwswE4hNQMQOfWDEjS8NgDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=a867eb18-f8ed-423c-bed0-8e06d17caf46-tuctbbc76f2&pi=/a/aiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html&wi=1010942667291196277&pt=text&vi=1690497394345&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%22420.140625%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=22%3A36%3A35.069&id=8916&llvl=2&cv=20230727-9-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/aiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 27 Jul 2023 22:36:35 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
231 B 123ms
121ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&lti=deflated&ri=709469f4970641b642c2660d9dce7906&sd=v2_ca582b6d6623171b21e9ab824d0271fc_a867eb18-f8ed-423c-bed0-8e06d17caf46-tuctbbc76f2_1690497394_1690497394_CNawjgYQ2YJdGKnN_MuZMSABKAEwswE4hNQMQOfWDEjS8NgDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=a867eb18-f8ed-423c-bed0-8e06d17caf46-tuctbbc76f2&pi=/a/aiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html&wi=1010942667291196277&pt=text&vi=1690497394345&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-script-loaded%22%2C%22type%22%3A%22%7B%5C%22timeFromLoad%5C%22%3A1408%7D%22%2C%22eventTime%22%3A1690497395070%7D&tim=22%3A36%3A35.071&id=6744&llvl=2&cv=20230727-9-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/aiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 27 Jul 2023 22:36:35 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
90 B 123ms
120ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=22%3A36%3A35.083&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=6772&cv=20230727-9-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/aiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:36:35 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 76584

GET
H2 200 css2
fonts.googleapis.com/ 20 KB
1 KB 261ms
92ms Stylesheet
text/css 142.250.74.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230727-9-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f10.1e100.net

Software

ESF /

Resource Hash

a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 27 Jul 2023 22:36:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 27 Jul 2023 21:28:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 27 Jul 2023 22:36:35 GMT

GET
H2 200 spa-detector.20230727-9-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 46ms
45ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/spa-detector.20230727-9-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 16ca4436ccbc7b885da06df96924689c3992e5f46c34810546c061e9f638c3d0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: F_4i._8q7f.Kc5Co4t0Pr9x_B1OIqF5C
content-encoding: gzip
via: 1.1 varnish
date: Thu, 27 Jul 2023 22:36:35 GMT
x-amz-request-id: 2PW2AB061D9DWJZW
age: 10035
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 809
x-amz-id-2: O2HeNB9E7CvNSTRskaw1RMunIeCyHPeNaIzwUANwEoP9c31NGrAG3VAU6/11OCYH/xv/Raz8kNk=
x-served-by: cache-lis1490054-LIS
last-modified: Thu, 27 Jul 2023 19:49:21 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1690497395.126066,VS0,VE0
etag: "3e9c41a418b54e4c6ddf043af9a9362b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 63
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 5410

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
231 B 123ms
121ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&lti=deflated&ri=709469f4970641b642c2660d9dce7906&sd=v2_ca582b6d6623171b21e9ab824d0271fc_a867eb18-f8ed-423c-bed0-8e06d17caf46-tuctbbc76f2_1690497394_1690497394_CNawjgYQ2YJdGKnN_MuZMSABKAEwswE4hNQMQOfWDEjS8NgDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=a867eb18-f8ed-423c-bed0-8e06d17caf46-tuctbbc76f2&pi=/a/aiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html&wi=1010942667291196277&pt=text&vi=1690497394345&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=22%3A36%3A35.098&id=9225&llvl=2&cv=20230727-9-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/aiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 27 Jul 2023 22:36:35 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
231 B 125ms
123ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&lti=deflated&ri=709469f4970641b642c2660d9dce7906&sd=v2_ca582b6d6623171b21e9ab824d0271fc_a867eb18-f8ed-423c-bed0-8e06d17caf46-tuctbbc76f2_1690497394_1690497394_CNawjgYQ2YJdGKnN_MuZMSABKAEwswE4hNQMQOfWDEjS8NgDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=a867eb18-f8ed-423c-bed0-8e06d17caf46-tuctbbc76f2&pi=/a/aiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html&wi=1010942667291196277&pt=text&vi=1690497394345&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22header%20found%22%2C%22eventTime%22%3A1690497395099%7D&tim=22%3A36%3A35.099&id=874&llvl=2&cv=20230727-9-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/aiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 27 Jul 2023 22:36:35 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
231 B 124ms
122ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&lti=deflated&ri=709469f4970641b642c2660d9dce7906&sd=v2_ca582b6d6623171b21e9ab824d0271fc_a867eb18-f8ed-423c-bed0-8e06d17caf46-tuctbbc76f2_1690497394_1690497394_CNawjgYQ2YJdGKnN_MuZMSABKAEwswE4hNQMQOfWDEjS8NgDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=a867eb18-f8ed-423c-bed0-8e06d17caf46-tuctbbc76f2&pi=/a/aiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html&wi=1010942667291196277&pt=text&vi=1690497394345&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=22%3A36%3A35.101&id=2589&llvl=2&cv=20230727-9-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/aiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 27 Jul 2023 22:36:35 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
231 B 125ms
123ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&lti=deflated&ri=709469f4970641b642c2660d9dce7906&sd=v2_ca582b6d6623171b21e9ab824d0271fc_a867eb18-f8ed-423c-bed0-8e06d17caf46-tuctbbc76f2_1690497394_1690497394_CNawjgYQ2YJdGKnN_MuZMSABKAEwswE4hNQMQOfWDEjS8NgDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=a867eb18-f8ed-423c-bed0-8e06d17caf46-tuctbbc76f2&pi=/a/aiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html&wi=1010942667291196277&pt=text&vi=1690497394345&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1690497395103%7D&tim=22%3A36%3A35.103&id=3993&llvl=2&cv=20230727-9-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/aiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 27 Jul 2023 22:36:35 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame C0C9 93 KB
32 KB 299ms
132ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: ads.aralego.com
URL: https://ads.aralego.com/sdk

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

2dd0e8ef48f516bb1a89fb09bae7538cec2367bd467b174e8efcb1434b0829b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:36:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32916
x-xss-protection: 0
server: cafe
etag: 5575143539466304804
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 27 Jul 2023 22:36:35 GMT

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 2F79 93 KB
32 KB 348ms
183ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: ads.aralego.com
URL: https://ads.aralego.com/sdk

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

7a12798fc8cad05d8b1a0d653eb4184a15501b69a016bc09b466f126955563d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:36:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32922
x-xss-protection: 0
server: cafe
etag: 14289312287856852251
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 27 Jul 2023 22:36:35 GMT

GET
H3 200 cookieSyncIframe.html Show response
cdn.aralego.net/ucfad/cookie/ Frame 25AE 714 B
780 B 58ms
57ms Document
text/html 104.26.5.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

access-control-allow-credentials: true
age: 8247
alt-svc: h3=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 7ed85cafda9b03ae-LIS
content-encoding: br
content-type: text/html
date: Thu, 27 Jul 2023 22:36:35 GMT
last-modified: Wed, 09 Feb 2022 05:59:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jbiv2jpW3yp7xbY%2BivlKzkjXAXpBUNV1UxhX8WVaCrnKC63HaFODK6Kd1oCjv3Myw2R8%2B8UO2ZzlSqHs%2Fc2XDyZ2%2Fk%2FasTCJHaYr2pn%2BTuZnpolXTdOdhGQSutX6ZBGrEw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 8401
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
https://eus.rubiconproject.com/usync.html?p=adiiix

281 B
554 B

287ms
105ms

Document
text/html

184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 27 Jul 2023 22:36:35 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Thu, 27 Jul 2023 22:36:35 GMT
location: https://eus.rubiconproject.com/usync.html?p=adiiix
server: AkamaiGHost

GET
H/1.1 200
OK idsync
sync.aralego.com/ 35 B
384 B 448ms
153ms Image
image/gif 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/aiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 Jul 2023 22:36:35 GMT
Connection: close
Content-Length: 35
Content-Type: image/gif

POST
H2 204 collect
www.google-analytics.com/g/ 0
252 B 249ms
85ms Ping
text/plain 142.250.186.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?__read_this=https%3A%2F%2Fbit.ly%2Fofficial-ga4&v=2&tid=G-JLX4K2W8JS&ds=AMP&_p=9745&cid=amp-kDMRU_huGi93d-98PRhpGA&ul=en-us&sr=1600x1200&_s=1&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Faiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html&dr=&dt=AI%E6%90%B6%E9%A3%AF%E7%A2%97%EF%BC%81%E9%99%B8%E4%BC%81%E7%84%A1%E9%99%90%E6%9C%9F%E7%B5%82%E6%AD%A24%E9%A1%9E%E8%81%B7%E5%8B%99%E3%80%80%E8%82%A1%E5%83%B9%E5%8F%8D%E6%BC%B2%E9%80%BE1%E6%88%90%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&_fv=1&_ss=1&__dbg=1&__nuid=&en=page_view&sid=1690497395&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307150128000/v0/amp-analytics-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s08-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 27 Jul 2023 22:36:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cookieSyncIframe.html Show response
cdn.aralego.net/ucfad/cookie/ Frame AF3D 714 B
743 B 55ms
54ms Document
text/html 104.26.5.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

access-control-allow-credentials: true
age: 8247
alt-svc: h3=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 7ed85cafeaa903ae-LIS
content-encoding: br
content-type: text/html
date: Thu, 27 Jul 2023 22:36:35 GMT
last-modified: Wed, 09 Feb 2022 05:59:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fh5KI8bCR%2Bp%2Bzf5RddEplqWky05k18wMVsv1pOZGx8KUG4HaoMzj35TIZF5CmvtjmACNZHSwVR5gFbA2%2FYAEE8o2cMmAScnhr3h8GYmY%2Fy2x3oUBJC%2BbVr0CgT%2BXOU842Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 9D82
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
https://eus.rubiconproject.com/usync.html?p=adiiix

281 B
554 B

269ms
87ms

Document
text/html

184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 27 Jul 2023 22:36:35 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Thu, 27 Jul 2023 22:36:35 GMT
location: https://eus.rubiconproject.com/usync.html?p=adiiix
server: AkamaiGHost

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
252 B 240ms
79ms Ping
text/plain 74.125.133.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-JLX4K2W8JS&cid=amp-kDMRU_huGi93d-98PRhpGA&aip=1&sid=1690497395&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307150128000/v0/amp-analytics-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.125.133.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: wo-in-f156.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 27 Jul 2023 22:36:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
159 B 252ms
86ms Image
image/gif 142.250.186.174
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=AI%E6%90%B6%E9%A3%AF%E7%A2%97%EF%BC%81%E9%99%B8%E4%BC%81%E7%84%A1%E9%99%90%E6%9C%9F%E7%B5%82%E6%AD%A24%E9%A1%9E%E8%81%B7%E5%8B%99%E3%80%80%E8%82%A1%E5%83%B9%E5%8F%8D%E6%BC%B2%E9%80%BE1%E6%88%90%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-kDMRU_huGi93d-98PRhpGA&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Faiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.43163754222761064&gjid=0.08274217609359891&_r=1&a=9745&z=0.2502421417133913&gtm=45De1110

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/aiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jul 2023 22:36:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel;r=1209692558;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Faiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html;uh=e51ed67dfb8d91dc24b15e2ace0c3b...
pixel.quantserve.com/ 35 B
373 B 87ms
85ms Image
image/gif 91.228.74.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1209692558;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Faiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-817092361-1690497394819;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;ref=;d=bg3.co;dst=0;et=1690497395199;tzo=0;ogl=;ses=99f3a7c3-62e0-4d72-bcde-480bed895adb;mdl=

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/aiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.200 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jul 2023 22:36:35 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 f85f7707-22e5-4bab-b591-d834e0b2afad__KhYtpl6m.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 6 KB
7 KB 47ms
45ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/f85f7707-22e5-4bab-b591-d834e0b2afad__KhYtpl6m.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/aiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 78637d8a0d7809148efe84bbe2ba7bb712860fe6f5eeba55e0e442c220dc8841

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Thu, 27 Jul 2023 22:36:35 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/f85f7707-22e5-4bab-b591-d834e0b2afad__KhYtpl6m.jpg
age: 799129
edge-cache-tag: 551899590818595054600822573868099260938,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 551899590818595054600822573868099260938,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 487
req-referer: https://blogdonc.com/
content-length: 6096
x-request-id: 38767632f622efa0f643a10abea6b938
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kjyo7100122-IAD, cache-iad-kiad7000068-IAD, cache-sna10751-LGB, cache-iad-kjyo7100145-IAD, cache-lis1490054-LIS
last-modified: Tue, 18 Jul 2023 15:06:49 GMT
server: nginx
x-timer: S1690497395.391251,VS0,VE0
etag: "231a49a7481fdc5ad8a53a1cbd6d755c"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 10

GET
H2 200 postura-sentada.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//content-cdn.conselhosetruques.com/2018/10/ 3 KB
3 KB 49ms
47ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//content-cdn.conselhosetruques.com/2018/10/postura-sentada.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/aiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e612f9a6f5ff5b150d727c789dade906a7a2ef57b85814a92c0b4ccc61eef230

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Thu, 27 Jul 2023 22:36:35 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//content-cdn.conselhosetruques.com/2018/10/postura-sentada.png
age: 501685
edge-cache-tag: 377596553409262504531769922173813070332,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 377596553409262504531769922173813070332,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 531
req-referer: https://pt2.goodtoknowthis.com/
content-length: 2814
x-request-id: 26f453d804c40199feb854dcd2245877
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kjyo7100021-IAD, cache-iad-kjyo7100162-IAD, cache-chi-kigq8000090-CHI, cache-iad-kjyo7100133-IAD, cache-lis1490054-LIS
last-modified: Wed, 21 Jun 2023 07:37:46 GMT
server: nginx
x-timer: S1690497395.390867,VS0,VE2
etag: "2457f0cd29edc7a2bc4191e92b982f56"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 5, 1

GET
H2 200 599d7f4384d9e2beedbc53947394621a.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 4 KB
5 KB 382ms
381ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/599d7f4384d9e2beedbc53947394621a.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/aiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ab4c3e8f250e3a7606463a9275be9ba303d52d59623fadabbcb0136cae779218

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 336
date: Thu, 27 Jul 2023 22:36:35 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/599d7f4384d9e2beedbc53947394621a.jpg
age: 0
edge-cache-tag: 631235887231071700323251432697040904720,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 631235887231071700323251432697040904720,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, MISS, MISS, MISS
x-envoy-upstream-service-time: 224
expiration: expiry-date="Fri, 11 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.bg3.co/
content-length: 4520
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kjyo7100059-IAD, cache-iad-kcgs7200170-IAD, cache-lga21968-LGA, cache-iad-kjyo7100020-IAD, cache-lis1490054-LIS
last-modified: Tue, 11 Jul 2023 18:27:47 GMT
server: nginx
x-timer: S1690497395.390952,VS0,VE336
etag: "7551fcdb3a06d734954e2bd5f40bd655"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 0

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 25AE 81 KB
27 KB 138ms
137ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

fb1da1d908f70c6a28aa09f306ace4b641b5ec61b80b3ff947c8f2631d3fe7ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:36:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27619
x-xss-protection: 0
server: cafe
etag: 734 / 19565 / m202307200101 / config-hash: 368072489689106627
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 27 Jul 2023 22:36:35 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame AF3D 81 KB
27 KB 241ms
241ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

279dff66fa9d2af3092f611485ee499aeb9bfe66a24c00f99bcb1135797371ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:36:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27647
x-xss-protection: 0
server: cafe
etag: 300 / 19565 / 31076565 / config-hash: 368072489689106627
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 27 Jul 2023 22:36:35 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6DEF 603 B
536 B 411ms
241ms Document
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-4624860052522027393&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=2670&oid=2&is_amp=5&amp_v=2307150128000&d_imp=1&c=9398009745&ga_cid=amp-kDMRU_huGi93d-98PRhpGA&ga_hid=9745&dt=1690497394722&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Faiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html&bdt=1059&dtd=9&__amp_source_origin=https%3A%2F%2Fwww.bg3.co

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307150128000/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Jul 2023 22:36:35 GMT
expires: Thu, 27 Jul 2023 22:36:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
90 B 121ms
121ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=22%3A36%3A35.387&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-c-delta&llvl=2&id=4724&cv=20230727-9-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/aiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:36:35 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 76584

GET
H2 200 st Show response
imprammp.taboola.com/ Frame D691 577 B
503 B 91ms
90ms Document
text/html 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8UBYCLAbQBSi0O-IlGBGgC1Bod8RLMCoAAABgYID-AEm4BsvlZrRYK4aT3Vo0GG7cysXE41YuHJ7RZDgbzJyTISAJ12C53IwWa8VwsluLBsONW7mYeNzKhcMzmgxng5lzMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZraDodPte9Xvf73SU-z1zj9yv8Cqfj6bD73DKH3a172N1i11vxdOteb-HTYXcrnm7p0W_3uaVHp1s0djnd0qPTrXu9da631Olyyxx2t_TosPvcytdbsTG67D670PQ22wEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AqxwM2Om5-O3-AAAAAAACAAAAgAQAAvphCYAY470T__________8xBugzb2T8____3zDoAfDgA-BBCAAAANCQeLDCVL5NBlEiBcBFGAEAAADIBUxYPjJJJ6hYVPn__--3AnAFACAgMfPv5CqL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iENNYL0wRLUOyp-QUEAFjzCwgAwEbdAAC8EYATdAhaMRisTkDMDgAAAMCd____fz0g43ANJxPbyDabbBa7xcSyWDkXFuNkNDJMdouZx3u6OS-QCEE2rvtsCMvs9x0UlNPTY3YZZCyXySA-aBiWk0EwPxO2GK0mk81yOFsuJoPhaDga7Y8ALgdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDBhHG2W1kcw7XMuDK5RZPNxi1xmQxr4cowGzl2G4fNNFuLXh_TxeLxzWaWLRIMmNuL5GmRThSulcdmWIwWJtNmsRptlrvlzOOZOScmh2W2cY4mYonmZJFOZJd9x-EaTia2kW022Sx2i4llsXIuLMbJaGSY7BYzj79hnO1WFsdwLTOuTG7RZLNxS1wmw1q4MsxGjt3GYTPN1qLXx3SxeHyzmWXfmC0Ho-VusxztG7PlYLTcbZajfYfO8F19zkZlWSX5uHQ7v826tjkNCpfB4n1-L9LQzmgz-jRfiUX1FOc8E6vQ7_f7_X6_3-_3ezdmg8dgMMw82m1i7PJrNj_lUeM9GBSxRHCRTgQPs9therklPs_GbxFLlKaLdKJX-BVOx9Nh97llDrtb97C7xa634unWvd7Cp8PuVjzd0qPf7nNLj063aOxyuqVHp1v3eutcb6nT5ZY57G7p0WH3uZWvt2JjdNl9dqHpbbaIJYLTRToRvYyni_qPGmK4mismw7lyLhlsVgkAAAAAAAAAwBJMM90EAAAAwMmghpvhYrVOBzOZTQa71XIBXARl6QIGAQAAAAAAKNbYYw3wMLsdppdb4vNs_FYGIMGcx2yzzwhirVbLGgAAgAA2AACAAG668SYQi4n7____HwcAAEBGDj0AAAD6fUBU1R64UeuF_wBUiLVarW431mq1AA!&cmcv=&pix=undefined&cb=1690497395407&uv=140669607&tms=1690497395407&abt=dfrc_vB!nonrv_vA!t45!ufm_vD!ul140669-607_vA&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=a5099341-1827-408c-91bc-9aa342860f92&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.6/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ff8d6ec5927e17f6354816bfeccb48856b23869c06f91c0a70f48ef6b3d15043

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-type: text/html;charset=ISO-8859-1
date: Thu, 27 Jul 2023 22:36:35 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-lis1490054-LIS
x-timer: S1690497395.431959,VS0,VE44

GET
H2 200 sync Show response
am-match.taboola.com/ Frame E551 577 B
664 B 280ms
85ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V8UBYCLAbQBSi0O-IlGBGgC1Bod8RLMCoAAABgYID-AEm4BsvlZrRYK4aT3Vo0GG7cysXE41YuHJ7RZDgbzJyTISAJ12C53IwWa8VwsluLBsONW7mYeNzKhcMzmgxng5lzMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZraDodPte9Xvf73SU-z1zj9yv8Cqfj6bD73DKH3a172N1i11vxdOteb-HTYXcrnm7p0W_3uaVHp1s0djnd0qPTrXu9da631Olyyxx2t_TosPvcytdbsTG67D670PQ22wEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AqxwM2Om5-O3-AAAAAAACAAAAgAQAAvphCYAY470T__________8xBugzb2T8____3zDoAfDgA-BBCAAAANCQeLDCVL5NBlEiBcBFGAEAAADIBUxYPjJJJ6hYVPn__--3AnAFACAgMfPv5CqL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iENNYL0wRLUOyp-QUEAFjzCwgAwEbdAAC8EYATdAhaMRisTkDMDgAAAMCd____fz0g43ANJxPbyDabbBa7xcSyWDkXFuNkNDJMdouZx3u6OS-QCEE2rvtsCMvs9x0UlNPTY3YZZCyXySA-aBiWk0EwPxO2GK0mk81yOFsuJoPhaDga7Y8ALgdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDBhHG2W1kcw7XMuDK5RZPNxi1xmQxr4cowGzl2G4fNNFuLXh_TxeLxzWaWLRIMmNuL5GmRThSulcdmWIwWJtNmsRptlrvlzOOZOScmh2W2cY4mYonmZJFOZJd9x-EaTia2kW022Sx2i4llsXIuLMbJaGSY7BYzj79hnO1WFsdwLTOuTG7RZLNxS1wmw1q4MsxGjt3GYTPN1qLXx3SxeHyzmWXfmC0Ho-VusxztG7PlYLTcbZajfYfO8F19zkZlWSX5uHQ7v826tjkNCpfB4n1-L9LQzmgz-jRfiUX1FOc8E6vQ7_f7_X6_3-_3ezdmg8dgMMw82m1i7PJrNj_lUeM9GBSxRHCRTgQPs9therklPs_GbxFLlKaLdKJX-BVOx9Nh97llDrtb97C7xa634unWvd7Cp8PuVjzd0qPf7nNLj063aOxyuqVHp1v3eutcb6nT5ZY57G7p0WH3uZWvt2JjdNl9dqHpbbaIJYLTRToRvYyni_qPGmK4mismw7lyLhlsVgkAAAAAAAAAwBJMM90EAAAAwMmghpvhYrVOBzOZTQa71XIBXARl6QIGAQAAAAAAKNbYYw3wMLsdppdb4vNs_FYGIMGcx2yzzwhirVbLGgAAgAA2AACAAG668SYQi4n7____HwcAAEBGDj0AAAD6fUBU1R64UeuF_wBUiLVarW431mq1AA!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.6/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: ff8d6ec5927e17f6354816bfeccb48856b23869c06f91c0a70f48ef6b3d15043

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Thu, 27 Jul 2023 22:36:35 GMT
machineid: 3407
server: nginx

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 2 KB
831 B 118ms
117ms XHR
application/json 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1690497395413&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1536&pt=-2017539368&tz=0&viewable=true&ddast=V8UBYCLAbQBSi0O-IlGBGgC1Bod8RLMCoAAABgYID-AEm4BsvlZrRYK4aT3Vo0GG7cysXE41YuHJ7RZDgbzJyTISAJ12C53IwWa8VwsluLBsONW7mYeNzKhcMzmgxng5lzMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZraDodPte9Xvf73SU-z1zj9yv8Cqfj6bD73DKH3a172N1i11vxdOteb-HTYXcrnm7p0W_3uaVHp1s0djnd0qPTrXu9da631Olyyxx2t_TosPvcytdbsTG67D670PQ22wEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AqxwM2Om5-O3-AAAAAAACAAAAgAQAAvphCYAY470T__________8xBugzb2T8____3zDoAfDgA-BBCAAAANCQeLDCVL5NBlEiBcBFGAEAAADIBUxYPjJJJ6hYVPn__--3AnAFACAgMfPv5CqL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iENNYL0wRLUOyp-QUEAFjzCwgAwEbdAAC8EYATdAhaMRisTkDMDgAAAMCd____fz0g43ANJxPbyDabbBa7xcSyWDkXFuNkNDJMdouZx3u6OS-QCEE2rvtsCMvs9x0UlNPTY3YZZCyXySA-aBiWk0EwPxO2GK0mk81yOFsuJoPhaDga7Y8ALgdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDBhHG2W1kcw7XMuDK5RZPNxi1xmQxr4cowGzl2G4fNNFuLXh_TxeLxzWaWLRIMmNuL5GmRThSulcdmWIwWJtNmsRptlrvlzOOZOScmh2W2cY4mYonmZJFOZJd9x-EaTia2kW022Sx2i4llsXIuLMbJaGSY7BYzj79hnO1WFsdwLTOuTG7RZLNxS1wmw1q4MsxGjt3GYTPN1qLXx3SxeHyzmWXfmC0Ho-VusxztG7PlYLTcbZajfYfO8F19zkZlWSX5uHQ7v826tjkNCpfB4n1-L9LQzmgz-jRfiUX1FOc8E6vQ7_f7_X6_3-_3ezdmg8dgMMw82m1i7PJrNj_lUeM9GBSxRHCRTgQPs9therklPs_GbxFLlKaLdKJX-BVOx9Nh97llDrtb97C7xa634unWvd7Cp8PuVjzd0qPf7nNLj063aOxyuqVHp1v3eutcb6nT5ZY57G7p0WH3uZWvt2JjdNl9dqHpbbaIJYLTRToRvYyni_qPGmK4mismw7lyLhlsVgkAAAAAAAAAwBJMM90EAAAAwMmghpvhYrVOBzOZTQa71XIBXARl6QIGAQAAAAAAKNbYYw3wMLsdppdb4vNs_FYGIMGcx2yzzwhirVbLGgAAgAA2AACAAG668SYQi4n7____HwcAAEBGDj0AAAD6fUBU1R64UeuF_wBUiLVarW431mq1AA!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=3262075&dpubid=583815&abtst=dfrc_vB!nonrv_vA!t45!ufm_vD!ul140669-607_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.6/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 561a5bbef435b3225bcfc01da06de59c4ca0cb94f4f9eb0210b4f6c7c467524b

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Thu, 27 Jul 2023 22:36:35 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1408
x-cache: MISS
x-served-by: cache-lis1490054-LIS
pragma: no-cache
server: nginx
x-timer: S1690497395.436141,VS0,VE72
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 st
am-vid-events.taboola.com/ 0
45 B 279ms
83ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8UBYCLAbQBSi0O-IlGBGgC1Bod8RLMCoAAABgYID-AEm4BsvlZrRYK4aT3Vo0GG7cysXE41YuHJ7RZDgbzJyTISAJ12C53IwWa8VwsluLBsONW7mYeNzKhcMzmgxng5lzMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZraDodPte9Xvf73SU-z1zj9yv8Cqfj6bD73DKH3a172N1i11vxdOteb-HTYXcrnm7p0W_3uaVHp1s0djnd0qPTrXu9da631Olyyxx2t_TosPvcytdbsTG67D670PQ22wEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AqxwM2Om5-O3-AAAAAAACAAAAgAQAAvphCYAY470T__________8xBugzb2T8____3zDoAfDgA-BBCAAAANCQeLDCVL5NBlEiBcBFGAEAAADIBUxYPjJJJ6hYVPn__--3AnAFACAgMfPv5CqL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iENNYL0wRLUOyp-QUEAFjzCwgAwEbdAAC8EYATdAhaMRisTkDMDgAAAMCd____fz0g43ANJxPbyDabbBa7xcSyWDkXFuNkNDJMdouZx3u6OS-QCEE2rvtsCMvs9x0UlNPTY3YZZCyXySA-aBiWk0EwPxO2GK0mk81yOFsuJoPhaDga7Y8ALgdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDBhHG2W1kcw7XMuDK5RZPNxi1xmQxr4cowGzl2G4fNNFuLXh_TxeLxzWaWLRIMmNuL5GmRThSulcdmWIwWJtNmsRptlrvlzOOZOScmh2W2cY4mYonmZJFOZJd9x-EaTia2kW022Sx2i4llsXIuLMbJaGSY7BYzj79hnO1WFsdwLTOuTG7RZLNxS1wmw1q4MsxGjt3GYTPN1qLXx3SxeHyzmWXfmC0Ho-VusxztG7PlYLTcbZajfYfO8F19zkZlWSX5uHQ7v826tjkNCpfB4n1-L9LQzmgz-jRfiUX1FOc8E6vQ7_f7_X6_3-_3ezdmg8dgMMw82m1i7PJrNj_lUeM9GBSxRHCRTgQPs9therklPs_GbxFLlKaLdKJX-BVOx9Nh97llDrtb97C7xa634unWvd7Cp8PuVjzd0qPf7nNLj063aOxyuqVHp1v3eutcb6nT5ZY57G7p0WH3uZWvt2JjdNl9dqHpbbaIJYLTRToRvYyni_qPGmK4mismw7lyLhlsVgkAAAAAAAAAwBJMM90EAAAAwMmghpvhYrVOBzOZTQa71XIBXARl6QIGAQAAAAAAKNbYYw3wMLsdppdb4vNs_FYGIMGcx2yzzwhirVbLGgAAgAA2AACAAG668SYQi4n7____HwcAAEBGDj0AAAD6fUBU1R64UeuF_wBUiLVarW431mq1AA!&cmcv=&pix=31589837&cb=1690497395407&uv=140669607&tms=1690497395407&abt=dfrc_vB!nonrv_vA!t45!ufm_vD!ul140669-607_vA&ft=0&su=3&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1690497392175.4!ts:1690497395407&mntl=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/aiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:36:35 GMT
content-length: 0
server: nginx

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
231 B 123ms
123ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=IL:IL:V&lti=deflated&ri=f002a3f4664d092cd1fc8afaf4207128&sd=v2_ca582b6d6623171b21e9ab824d0271fc_a867eb18-f8ed-423c-bed0-8e06d17caf46-tuctbbc76f2_1690497394_1690497395_CNawjgYQ2YJdGKnN_MuZMSABKAEwswE4hNQMQOfWDEjS8NgDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=a867eb18-f8ed-423c-bed0-8e06d17caf46-tuctbbc76f2&pi=/a/aiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html&wi=1010942667291196277&pt=text&vi=1690497394345&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22recommendation-reel%22%2C%22type%22%3A%22available%22%2C%22eventTime%22%3A1690497395427%7D&tim=22%3A36%3A35.427&id=4571&llvl=2&cv=20230727-9-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/aiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 27 Jul 2023 22:36:35 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 3b0b6763c8d0dd3056864aa4c77dbadf.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 40 KB
41 KB 49ms
48ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3b0b6763c8d0dd3056864aa4c77dbadf.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/aiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 43a31b0f62b97c29c5c8b76b0d8f0afd3160d6c4ea2546b8705cd5278b963a57

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 27 Jul 2023 22:36:35 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3b0b6763c8d0dd3056864aa4c77dbadf.jpg
age: 5821028
edge-cache-tag: 330013999128033129226502546874935688521,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 330013999128033129226502546874935688521,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 196
expiration: expiry-date="Sun, 11 Jun 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.conselhosetruques.com/
content-length: 41356
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kiad7000092-IAD, cache-iad-kjyo7100021-IAD, cache-sna10725-LGB, cache-iad-kiad7000040-IAD, cache-lis1490054-LIS
last-modified: Thu, 11 May 2023 16:13:37 GMT
server: nginx
x-timer: S1690497395.470832,VS0,VE1
etag: "0854718b5353f3107421d5512dbf739f"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 4, 1, 242, 1

GET
H2 200 8e4becd774_1000x600_ee08918e001576ddaacbf2d13a40f633.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/ 34 KB
35 KB 47ms
47ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/8e4becd774_1000x600_ee08918e001576ddaacbf2d13a40f633.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/aiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 562d05a4489dcc4a637846701a691461ec04f4336cf49268b0dd36641c13a994

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Thu, 27 Jul 2023 22:36:35 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/8e4becd774_1000x600_ee08918e001576ddaacbf2d13a40f633.png
age: 1490759
edge-cache-tag: 587478114239587808008664481818576163356,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 587478114239587808008664481818576163356,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 542
expiration: expiry-date="Fri, 04 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.hoerzu.de/
content-length: 35092
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kcgs7200145-IAD, cache-iad-kjyo7100071-IAD, cache-sna10746-LGB, cache-iad-kjyo7100030-IAD, cache-lis1490054-LIS
last-modified: Tue, 04 Jul 2023 07:43:17 GMT
server: nginx
x-timer: S1690497395.476538,VS0,VE0
etag: "6c19865d5efe2ee83d2cf0a4e3012018"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 4, 2

GET
H2 200 d4b9209e7d63263720e36728567c8951.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 7 KB
8 KB 47ms
46ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d4b9209e7d63263720e36728567c8951.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/aiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e9bb587429f7fd30586388a4940d422ccd4c7fcd668c92b20721955cec890f64

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 27 Jul 2023 22:36:35 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d4b9209e7d63263720e36728567c8951.jpg
age: 1050215
edge-cache-tag: 310259315094488489446195637404696084580,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag: 310259315094488489446195637404696084580,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, MISS, MISS, HIT
x-envoy-upstream-service-time: 252
expiration: expiry-date="Sun, 16 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://onsalus.com.br/
content-length: 6820
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kiad7000120-IAD, cache-iad-kiad7000151-IAD, cache-sna10729-LGB, cache-iad-kcgs7200043-IAD, cache-lis1490054-LIS
last-modified: Thu, 15 Jun 2023 16:09:14 GMT
server: nginx
x-timer: S1690497396.523307,VS0,VE1
etag: "f2b13d259abf73c8c587d1d5fec3f87b"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 0, 1

GET
H2 200 8b924ef7b726e783b20b4076e78c62d2.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 60 KB
60 KB 48ms
48ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8b924ef7b726e783b20b4076e78c62d2.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/aiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c7acc881e9cf06986917157dec024e7ece426958d682a62c69d73bd0068c03ed

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 27 Jul 2023 22:36:35 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8b924ef7b726e783b20b4076e78c62d2.png
age: 3231320
edge-cache-tag: 628131638865840138074933382416259481994,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 628131638865840138074933382416259481994,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 312
expiration: expiry-date="Fri, 07 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.gazzetta.it/
content-length: 61196
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kiad7000166-IAD, cache-iad-kcgs7200088-IAD, cache-lga21939-LGA, cache-iad-kcgs7200146-IAD, cache-lis1490054-LIS
last-modified: Tue, 06 Jun 2023 14:49:00 GMT
server: nginx
x-timer: S1690497396.526894,VS0,VE1
etag: "41f70f4e09383f37d26f3a047e8d7fbc"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 873, 1

GET
H2 200 4bcdfa5386b9cf5577a4b6ab0ff3b70a.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 30 KB
31 KB 571ms
571ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4bcdfa5386b9cf5577a4b6ab0ff3b70a.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/aiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8fe4254eee235986d86e2f3a19fe44dc4f2ba672325928ff6db23b5b0fcf9cf0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 524
date: Thu, 27 Jul 2023 22:36:36 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4bcdfa5386b9cf5577a4b6ab0ff3b70a.png
age: 810629
edge-cache-tag: 298361385067944133125910480563562151104,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 298361385067944133125910480563562151104,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, MISS, MISS
x-envoy-upstream-service-time: 351
expiration: expiry-date="Thu, 10 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.bg3.co/
content-length: 31222
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kcgs7200178-IAD, cache-iad-kcgs7200027-IAD, cache-sna10732-LGB, cache-iad-kjyo7100024-IAD, cache-lis1490054-LIS
last-modified: Mon, 10 Jul 2023 21:38:13 GMT
server: nginx
x-timer: S1690497396.569977,VS0,VE524
etag: "deede39b6629657080dba67aa4a61f57"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 0, 0

GET
H2 200 8abb57a8c411c5a1aed9eca508c5df36.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 5 KB
6 KB 45ms
45ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8abb57a8c411c5a1aed9eca508c5df36.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/aiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0ba09039ddead4e5786e8ac622b4429213a762d0ae478c53e593f1f5ded1b035

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Thu, 27 Jul 2023 22:36:35 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8abb57a8c411c5a1aed9eca508c5df36.png
age: 1999112
edge-cache-tag: 596152738974232433136982050560916467521,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag: 596152738974232433136982050560916467521,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 94
req-referer: https://ensedeciencia.com/
content-length: 4732
x-request-id: 824a3ba19037d84d00a0f6b56ddaa3c6
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kiad7000144-IAD, cache-iad-kjyo7100125-IAD, cache-chi-klot8100166-CHI, cache-iad-kiad7000049-IAD, cache-lis1490054-LIS
last-modified: Thu, 29 Jun 2023 02:46:12 GMT
server: nginx
x-timer: S1690497396.580629,VS0,VE0
etag: "fc570d41e90305da0c3e5dad42e384e3"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 49, 4

GET
H2 200 103772368__He4U8MMY.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/BRX/ 6 KB
6 KB 46ms
46ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/BRX/103772368__He4U8MMY.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/aiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c7868c4a497dcbf5f97d2f2e8de58d03262dfc59426eeeaa86a54b7f2e0ea190

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 27 Jul 2023 22:36:35 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/BRX/103772368__He4U8MMY.jpg
age: 2038648
edge-cache-tag: 508987893383307915751944386471716665452,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 508987893383307915751944386471716665452,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 235
expiration: expiry-date="Sun, 16 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.tijdvoornieuws.nl/
content-length: 5856
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kjyo7100030-IAD, cache-iad-kjyo7100029-IAD, cache-sna10751-LGB, cache-iad-kjyo7100081-IAD, cache-lis1490054-LIS
last-modified: Thu, 15 Jun 2023 03:28:54 GMT
server: nginx
x-timer: S1690497396.626414,VS0,VE1
etag: "8878c6e47000b3a77370220f99776ac6"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 5, 1

GET
H2 200 30cda7ae9a56d01fd5f733fd87930d46.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 48 KB
49 KB 53ms
52ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/30cda7ae9a56d01fd5f733fd87930d46.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/aiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e19921e661a3f7ff32392ef0f64cd6a3fa7eb69909250343b492129a31da445f

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Thu, 27 Jul 2023 22:36:35 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/30cda7ae9a56d01fd5f733fd87930d46.png
age: 4844684
edge-cache-tag: 539346482277381098645649032522976604516,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 539346482277381098645649032522976604516,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 246
expiration: expiry-date="Sun, 11 Jun 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://abola.pt/
content-length: 49122
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kjyo7100152-IAD, cache-iad-kcgs7200150-IAD, cache-sna10733-LGB, cache-iad-kcgs7200155-IAD, cache-lis1490054-LIS
last-modified: Thu, 11 May 2023 17:27:41 GMT
server: nginx
x-timer: S1690497396.641436,VS0,VE2
etag: "f09d6e684b21eb4a9485922c8783e81d"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 2, 1, 17, 1

GET
H2 200 4ca4621bbef415253b6d97d260b15d7b.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_512%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 36 KB
37 KB 47ms
47ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_512%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4ca4621bbef415253b6d97d260b15d7b.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/aiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7cccc6ea8a6d3415fbe065ea3f1b0a95d5b3100521269da9da1395c3794ebb23

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 27 Jul 2023 22:36:35 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_512%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4ca4621bbef415253b6d97d260b15d7b.jpg
age: 3471283
edge-cache-tag: 535745196937353868742743497463140311808,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 535745196937353868742743497463140311808,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 227
expiration: expiry-date="Fri, 14 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://d-42562929523672204700.ampproject.net/2306202201000/frame.html
content-length: 36480
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kiad7000166-IAD, cache-iad-kjyo7100053-IAD, cache-lga21976-LGA, cache-iad-kjyo7100029-IAD, cache-lis1490054-LIS
last-modified: Tue, 13 Jun 2023 07:42:28 GMT
server: nginx
x-timer: S1690497396.641444,VS0,VE1
etag: "b5860d3e7bbdde82ca9f71209ea9bbd1"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 3, 1, 169, 1

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/ Frame 25AE 385 KB
122 KB 81ms
81ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

3d14af6714f8e174042d16f9ee9938f7986b826935f217c43cd3570945f8a8a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 19:41:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10524
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125319
x-xss-protection: 0
server: cafe
etag: 4098493636285064892
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 26 Jul 2024 19:41:11 GMT

GET
H2 200 im-uid.js Show response
dmp.im-apps.net/sdk/ 6 KB
3 KB 87ms
86ms Script
application/javascript 23.53.42.112
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/sdk/im-uid.js
Requested by: Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=6858
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.42.112 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-42-112.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Ewv0cV5pGNUFzf4cpCFpusOmzbO5pqOY
content-encoding: gzip
date: Thu, 27 Jul 2023 22:36:35 GMT
last-modified: Fri, 21 Apr 2023 06:05:08 GMT
etag: "14ccaf76e8933bdcf899015e943cd2df"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI PSD OTR"
cache-control: max-age=10800
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 2434

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/ Frame AF3D 386 KB
123 KB 102ms
102ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js?cb=31076565

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

964783a75f5a7ecc32d48da45cc6025af80e263d6ba6530dc62cc25865b2eb00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 19:36:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10792
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125535
x-xss-protection: 0
server: cafe
etag: 10403599952857238940
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 26 Jul 2024 19:36:43 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame D691 70 B
265 B 294ms
98ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8UBYCLAbQBSi0O-IlGBGgC1Bod8RLMCoAAABgYID-AEm4BsvlZrRYK4aT3Vo0GG7cysXE41YuHJ7RZDgbzJyTISAJ12C53IwWa8VwsluLBsONW7mYeNzKhcMzmgxng5lzMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZraDodPte9Xvf73SU-z1zj9yv8Cqfj6bD73DKH3a172N1i11vxdOteb-HTYXcrnm7p0W_3uaVHp1s0djnd0qPTrXu9da631Olyyxx2t_TosPvcytdbsTG67D670PQ22wEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AqxwM2Om5-O3-AAAAAAACAAAAgAQAAvphCYAY470T__________8xBugzb2T8____3zDoAfDgA-BBCAAAANCQeLDCVL5NBlEiBcBFGAEAAADIBUxYPjJJJ6hYVPn__--3AnAFACAgMfPv5CqL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iENNYL0wRLUOyp-QUEAFjzCwgAwEbdAAC8EYATdAhaMRisTkDMDgAAAMCd____fz0g43ANJxPbyDabbBa7xcSyWDkXFuNkNDJMdouZx3u6OS-QCEE2rvtsCMvs9x0UlNPTY3YZZCyXySA-aBiWk0EwPxO2GK0mk81yOFsuJoPhaDga7Y8ALgdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDBhHG2W1kcw7XMuDK5RZPNxi1xmQxr4cowGzl2G4fNNFuLXh_TxeLxzWaWLRIMmNuL5GmRThSulcdmWIwWJtNmsRptlrvlzOOZOScmh2W2cY4mYonmZJFOZJd9x-EaTia2kW022Sx2i4llsXIuLMbJaGSY7BYzj79hnO1WFsdwLTOuTG7RZLNxS1wmw1q4MsxGjt3GYTPN1qLXx3SxeHyzmWXfmC0Ho-VusxztG7PlYLTcbZajfYfO8F19zkZlWSX5uHQ7v826tjkNCpfB4n1-L9LQzmgz-jRfiUX1FOc8E6vQ7_f7_X6_3-_3ezdmg8dgMMw82m1i7PJrNj_lUeM9GBSxRHCRTgQPs9therklPs_GbxFLlKaLdKJX-BVOx9Nh97llDrtb97C7xa634unWvd7Cp8PuVjzd0qPf7nNLj063aOxyuqVHp1v3eutcb6nT5ZY57G7p0WH3uZWvt2JjdNl9dqHpbbaIJYLTRToRvYyni_qPGmK4mismw7lyLhlsVgkAAAAAAAAAwBJMM90EAAAAwMmghpvhYrVOBzOZTQa71XIBXARl6QIGAQAAAAAAKNbYYw3wMLsdppdb4vNs_FYGIMGcx2yzzwhirVbLGgAAgAA2AACAAG668SYQi4n7____HwcAAEBGDj0AAAD6fUBU1R64UeuF_wBUiLVarW431mq1AA!&cmcv=&pix=undefined&cb=1690497395407&uv=140669607&tms=1690497395407&abt=dfrc_vB!nonrv_vA!t45!ufm_vD!ul140669-607_vA&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=a5099341-1827-408c-91bc-9aa342860f92&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 27 Jul 2023 22:36:35 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 a867eb18-f8ed-423c-bed0-8e06d17caf46-tuctbbc76f2
pr-bh.ybp.yahoo.com/sync/taboola/ Frame D691 43 B
427 B 282ms
92ms Image
image/gif 99.81.57.224
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/a867eb18-f8ed-423c-bed0-8e06d17caf46-tuctbbc76f2?gdpr=1&us_privacy=1---

Requested by

Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8UBYCLAbQBSi0O-IlGBGgC1Bod8RLMCoAAABgYID-AEm4BsvlZrRYK4aT3Vo0GG7cysXE41YuHJ7RZDgbzJyTISAJ12C53IwWa8VwsluLBsONW7mYeNzKhcMzmgxng5lzMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZraDodPte9Xvf73SU-z1zj9yv8Cqfj6bD73DKH3a172N1i11vxdOteb-HTYXcrnm7p0W_3uaVHp1s0djnd0qPTrXu9da631Olyyxx2t_TosPvcytdbsTG67D670PQ22wEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AqxwM2Om5-O3-AAAAAAACAAAAgAQAAvphCYAY470T__________8xBugzb2T8____3zDoAfDgA-BBCAAAANCQeLDCVL5NBlEiBcBFGAEAAADIBUxYPjJJJ6hYVPn__--3AnAFACAgMfPv5CqL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iENNYL0wRLUOyp-QUEAFjzCwgAwEbdAAC8EYATdAhaMRisTkDMDgAAAMCd____fz0g43ANJxPbyDabbBa7xcSyWDkXFuNkNDJMdouZx3u6OS-QCEE2rvtsCMvs9x0UlNPTY3YZZCyXySA-aBiWk0EwPxO2GK0mk81yOFsuJoPhaDga7Y8ALgdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDBhHG2W1kcw7XMuDK5RZPNxi1xmQxr4cowGzl2G4fNNFuLXh_TxeLxzWaWLRIMmNuL5GmRThSulcdmWIwWJtNmsRptlrvlzOOZOScmh2W2cY4mYonmZJFOZJd9x-EaTia2kW022Sx2i4llsXIuLMbJaGSY7BYzj79hnO1WFsdwLTOuTG7RZLNxS1wmw1q4MsxGjt3GYTPN1qLXx3SxeHyzmWXfmC0Ho-VusxztG7PlYLTcbZajfYfO8F19zkZlWSX5uHQ7v826tjkNCpfB4n1-L9LQzmgz-jRfiUX1FOc8E6vQ7_f7_X6_3-_3ezdmg8dgMMw82m1i7PJrNj_lUeM9GBSxRHCRTgQPs9therklPs_GbxFLlKaLdKJX-BVOx9Nh97llDrtb97C7xa634unWvd7Cp8PuVjzd0qPf7nNLj063aOxyuqVHp1v3eutcb6nT5ZY57G7p0WH3uZWvt2JjdNl9dqHpbbaIJYLTRToRvYyni_qPGmK4mismw7lyLhlsVgkAAAAAAAAAwBJMM90EAAAAwMmghpvhYrVOBzOZTQa71XIBXARl6QIGAQAAAAAAKNbYYw3wMLsdppdb4vNs_FYGIMGcx2yzzwhirVbLGgAAgAA2AACAAG668SYQi4n7____HwcAAEBGDj0AAAD6fUBU1R64UeuF_wBUiLVarW431mq1AA!&cmcv=&pix=undefined&cb=1690497395407&uv=140669607&tms=1690497395407&abt=dfrc_vB!nonrv_vA!t45!ufm_vD!ul140669-607_vA&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=a5099341-1827-408c-91bc-9aa342860f92&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.81.57.224 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-57-224.eu-west-1.compute.amazonaws.com

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:36:35 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame E40F 281 B
554 B 276ms
99ms Document
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8UBYCLAbQBSi0O-IlGBGgC1Bod8RLMCoAAABgYID-AEm4BsvlZrRYK4aT3Vo0GG7cysXE41YuHJ7RZDgbzJyTISAJ12C53IwWa8VwsluLBsONW7mYeNzKhcMzmgxng5lzMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZraDodPte9Xvf73SU-z1zj9yv8Cqfj6bD73DKH3a172N1i11vxdOteb-HTYXcrnm7p0W_3uaVHp1s0djnd0qPTrXu9da631Olyyxx2t_TosPvcytdbsTG67D670PQ22wEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AqxwM2Om5-O3-AAAAAAACAAAAgAQAAvphCYAY470T__________8xBugzb2T8____3zDoAfDgA-BBCAAAANCQeLDCVL5NBlEiBcBFGAEAAADIBUxYPjJJJ6hYVPn__--3AnAFACAgMfPv5CqL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iENNYL0wRLUOyp-QUEAFjzCwgAwEbdAAC8EYATdAhaMRisTkDMDgAAAMCd____fz0g43ANJxPbyDabbBa7xcSyWDkXFuNkNDJMdouZx3u6OS-QCEE2rvtsCMvs9x0UlNPTY3YZZCyXySA-aBiWk0EwPxO2GK0mk81yOFsuJoPhaDga7Y8ALgdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDBhHG2W1kcw7XMuDK5RZPNxi1xmQxr4cowGzl2G4fNNFuLXh_TxeLxzWaWLRIMmNuL5GmRThSulcdmWIwWJtNmsRptlrvlzOOZOScmh2W2cY4mYonmZJFOZJd9x-EaTia2kW022Sx2i4llsXIuLMbJaGSY7BYzj79hnO1WFsdwLTOuTG7RZLNxS1wmw1q4MsxGjt3GYTPN1qLXx3SxeHyzmWXfmC0Ho-VusxztG7PlYLTcbZajfYfO8F19zkZlWSX5uHQ7v826tjkNCpfB4n1-L9LQzmgz-jRfiUX1FOc8E6vQ7_f7_X6_3-_3ezdmg8dgMMw82m1i7PJrNj_lUeM9GBSxRHCRTgQPs9therklPs_GbxFLlKaLdKJX-BVOx9Nh97llDrtb97C7xa634unWvd7Cp8PuVjzd0qPf7nNLj063aOxyuqVHp1v3eutcb6nT5ZY57G7p0WH3uZWvt2JjdNl9dqHpbbaIJYLTRToRvYyni_qPGmK4mismw7lyLhlsVgkAAAAAAAAAwBJMM90EAAAAwMmghpvhYrVOBzOZTQa71XIBXARl6QIGAQAAAAAAKNbYYw3wMLsdppdb4vNs_FYGIMGcx2yzzwhirVbLGgAAgAA2AACAAG668SYQi4n7____HwcAAEBGDj0AAAD6fUBU1R64UeuF_wBUiLVarW431mq1AA!&cmcv=&pix=undefined&cb=1690497395407&uv=140669607&tms=1690497395407&abt=dfrc_vB!nonrv_vA!t45!ufm_vD!ul140669-607_vA&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=a5099341-1827-408c-91bc-9aa342860f92&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://imprammp.taboola.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 27 Jul 2023 22:36:35 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 sync.html Show response
sync.logly.co.jp/sync/ Frame 2AA0 495 B
666 B 916ms
303ms Document
text/html 18.182.83.207
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.logly.co.jp/sync/sync.html
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.182.83.207 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-182-83-207.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 13d5c0f2451f0a14104098f72c6f3334114a68927e50beb4779a0bf98966d9f5

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=2592000
content-length: 495
content-type: text/html
date: Thu, 27 Jul 2023 22:36:36 GMT
etag: "64c22ce0-1ef"
last-modified: Thu, 27 Jul 2023 08:37:52 GMT
server: nginx

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 3EA2
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=logly&endpoint=apac
https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac

281 B
554 B

172ms
88ms

Document
text/html

184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 27 Jul 2023 22:36:35 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Thu, 27 Jul 2023 22:36:35 GMT
location: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
server: AkamaiGHost

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/ Frame C0C9 363 KB
124 KB 146ms
145ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

9cab80f65f6d17fae9f2d787523ea7e4812c65feb9bdce929e95e7db1830d45f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:36:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127311
x-xss-protection: 0
server: cafe
etag: 15083062684511579722
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 27 Jul 2023 22:36:35 GMT

GET
H2 200 cmTagFEED_MANAGER.js Show response
vidstat.taboola.com/vpaid/units/140669_607/infra/ 889 KB
148 KB 1410ms
45ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/140669_607/infra/cmTagFEED_MANAGER.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.6/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 30440c593b86740ded122b76696292c5cdfc0cd98f9703bc15baf1e1bd191b53

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime: 1690461598
date: Thu, 27 Jul 2023 22:36:37 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: 44EC5JC96E11FXAA
age: 35653
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1690461598
x-amz-meta-mode: 33188
content-length: 150941
x-amz-id-2: M7cBeljAUAJ3tBlvmZ4rG9zd7PHCWWISY+mSjzzYfmA2uNw0q2vnR/FTsGke7SCAPMuWAzbmfTc=
x-served-by: cache-lis1490031-LIS
last-modified: Thu, 27 Jul 2023 12:39:59 GMT
server: AmazonS3-br
x-timer: S1690497397.010441,VS0,VE0
etag: "2653a0c8d7fe85b3a9f7075f29ed0624"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 519

GET
H2 200 cmOsUnit.css
vidstat.taboola.com/vpaid/units/140669_607/assets/css/ 60 KB
8 KB 46ms
45ms Stylesheet
text/css 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/140669_607/assets/css/cmOsUnit.css
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.6/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime: 1690461627
date: Thu, 27 Jul 2023 22:36:35 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: 44E8VTKFVZM99FN8
age: 35651
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1690461628
x-amz-meta-mode: 33188
content-length: 7924
x-amz-id-2: wfXjnAvDJYtU79hS7CQbPHhYkNAsoVpn/Gbj6Qs4e3SSC5aJjrhf5/MQ0o6BsPJUFnu9OErZtFs=
x-served-by: cache-lis1490054-LIS
last-modified: Thu, 27 Jul 2023 12:40:29 GMT
server: AmazonS3-br
x-timer: S1690497396.576151,VS0,VE0
etag: "a6067988de416f653559cce5285c7c1b"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 2410

GET
H2 200 get Show response
audiencedata.im-apps.net/imuid/ 10 B
181 B 416ms
297ms XHR
application/json 34.120.96.193
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://audiencedata.im-apps.net/imuid/get?cid=6858&vid=01H6CQYAV3DYR13NXA2XC5VEXX
Requested by: Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/sdk/im-uid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.96.193 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 193.96.120.34.bc.googleusercontent.com
Software: /
Resource Hash: bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://www.bg3.co
date: Thu, 27 Jul 2023 22:36:35 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10
content-type: application/json

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307250101/ Frame 2F79 364 KB
125 KB 144ms
144ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co&bust=31076426

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

10fb0898c2e80ebaa07c36e7c940df62bb9a2bf84ee6fb1b9c62b70b453eff8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:36:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127856
x-xss-protection: 0
server: cafe
etag: 720419080188594196
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 27 Jul 2023 22:36:35 GMT

POST
H2 202 logs Show response
http-intake.logs.datadoghq.com/api/v2/ 2 B
254 B 692ms
155ms Fetch
application/json 3.233.155.22
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.233.155.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-155-22.compute-1.amazonaws.com

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 27 Jul 2023 22:36:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 2

GET
H2 404 L2EvYWlxaWFuZy1mYW4td2FuLWx1LXFpLXd1LXhpYW4tcWktemhvbmctemhpLTRsZWktemhpLXd1LWd1LWppZS1mYW4temhhbmcteXUtMWNoZW5nLmh0bWw=.json Show response
cdn.adpushup.com/42753/ 555 B
873 B 456ms
455ms XHR
text/html 2.19.126.93
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/42753/L2EvYWlxaWFuZy1mYW4td2FuLWx1LXFpLXd1LXhpYW4tcWktemhvbmctemhpLTRsZWktemhpLXd1LWd1LWppZS1mYW4temhhbmcteXUtMWNoZW5nLmh0bWw=.json
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.93 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-93.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: PT
date: Thu, 27 Jul 2023 22:36:36 GMT
server: nginx/1.18.0
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
server-timing: cdn-cache; desc=MISS, edge; dur=6, origin; dur=363, ak_p; desc="469582_34634077_713004085_36889_1371_41_0_219";dur=1
content-length: 555
expires: Thu, 27 Jul 2023 23:36:36 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame E551 70 B
266 B 107ms
97ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8UBYCLAbQBSi0O-IlGBGgC1Bod8RLMCoAAABgYID-AEm4BsvlZrRYK4aT3Vo0GG7cysXE41YuHJ7RZDgbzJyTISAJ12C53IwWa8VwsluLBsONW7mYeNzKhcMzmgxng5lzMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZraDodPte9Xvf73SU-z1zj9yv8Cqfj6bD73DKH3a172N1i11vxdOteb-HTYXcrnm7p0W_3uaVHp1s0djnd0qPTrXu9da631Olyyxx2t_TosPvcytdbsTG67D670PQ22wEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AqxwM2Om5-O3-AAAAAAACAAAAgAQAAvphCYAY470T__________8xBugzb2T8____3zDoAfDgA-BBCAAAANCQeLDCVL5NBlEiBcBFGAEAAADIBUxYPjJJJ6hYVPn__--3AnAFACAgMfPv5CqL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iENNYL0wRLUOyp-QUEAFjzCwgAwEbdAAC8EYATdAhaMRisTkDMDgAAAMCd____fz0g43ANJxPbyDabbBa7xcSyWDkXFuNkNDJMdouZx3u6OS-QCEE2rvtsCMvs9x0UlNPTY3YZZCyXySA-aBiWk0EwPxO2GK0mk81yOFsuJoPhaDga7Y8ALgdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDBhHG2W1kcw7XMuDK5RZPNxi1xmQxr4cowGzl2G4fNNFuLXh_TxeLxzWaWLRIMmNuL5GmRThSulcdmWIwWJtNmsRptlrvlzOOZOScmh2W2cY4mYonmZJFOZJd9x-EaTia2kW022Sx2i4llsXIuLMbJaGSY7BYzj79hnO1WFsdwLTOuTG7RZLNxS1wmw1q4MsxGjt3GYTPN1qLXx3SxeHyzmWXfmC0Ho-VusxztG7PlYLTcbZajfYfO8F19zkZlWSX5uHQ7v826tjkNCpfB4n1-L9LQzmgz-jRfiUX1FOc8E6vQ7_f7_X6_3-_3ezdmg8dgMMw82m1i7PJrNj_lUeM9GBSxRHCRTgQPs9therklPs_GbxFLlKaLdKJX-BVOx9Nh97llDrtb97C7xa634unWvd7Cp8PuVjzd0qPf7nNLj063aOxyuqVHp1v3eutcb6nT5ZY57G7p0WH3uZWvt2JjdNl9dqHpbbaIJYLTRToRvYyni_qPGmK4mismw7lyLhlsVgkAAAAAAAAAwBJMM90EAAAAwMmghpvhYrVOBzOZTQa71XIBXARl6QIGAQAAAAAAKNbYYw3wMLsdppdb4vNs_FYGIMGcx2yzzwhirVbLGgAAgAA2AACAAG668SYQi4n7____HwcAAEBGDj0AAAD6fUBU1R64UeuF_wBUiLVarW431mq1AA!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 27 Jul 2023 22:36:35 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 a867eb18-f8ed-423c-bed0-8e06d17caf46-tuctbbc76f2
pr-bh.ybp.yahoo.com/sync/taboola/ Frame E551 43 B
426 B 96ms
93ms Image
image/gif 99.81.57.224
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/a867eb18-f8ed-423c-bed0-8e06d17caf46-tuctbbc76f2?gdpr=1&us_privacy=1---

Requested by

Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8UBYCLAbQBSi0O-IlGBGgC1Bod8RLMCoAAABgYID-AEm4BsvlZrRYK4aT3Vo0GG7cysXE41YuHJ7RZDgbzJyTISAJ12C53IwWa8VwsluLBsONW7mYeNzKhcMzmgxng5lzMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZraDodPte9Xvf73SU-z1zj9yv8Cqfj6bD73DKH3a172N1i11vxdOteb-HTYXcrnm7p0W_3uaVHp1s0djnd0qPTrXu9da631Olyyxx2t_TosPvcytdbsTG67D670PQ22wEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AqxwM2Om5-O3-AAAAAAACAAAAgAQAAvphCYAY470T__________8xBugzb2T8____3zDoAfDgA-BBCAAAANCQeLDCVL5NBlEiBcBFGAEAAADIBUxYPjJJJ6hYVPn__--3AnAFACAgMfPv5CqL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iENNYL0wRLUOyp-QUEAFjzCwgAwEbdAAC8EYATdAhaMRisTkDMDgAAAMCd____fz0g43ANJxPbyDabbBa7xcSyWDkXFuNkNDJMdouZx3u6OS-QCEE2rvtsCMvs9x0UlNPTY3YZZCyXySA-aBiWk0EwPxO2GK0mk81yOFsuJoPhaDga7Y8ALgdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDBhHG2W1kcw7XMuDK5RZPNxi1xmQxr4cowGzl2G4fNNFuLXh_TxeLxzWaWLRIMmNuL5GmRThSulcdmWIwWJtNmsRptlrvlzOOZOScmh2W2cY4mYonmZJFOZJd9x-EaTia2kW022Sx2i4llsXIuLMbJaGSY7BYzj79hnO1WFsdwLTOuTG7RZLNxS1wmw1q4MsxGjt3GYTPN1qLXx3SxeHyzmWXfmC0Ho-VusxztG7PlYLTcbZajfYfO8F19zkZlWSX5uHQ7v826tjkNCpfB4n1-L9LQzmgz-jRfiUX1FOc8E6vQ7_f7_X6_3-_3ezdmg8dgMMw82m1i7PJrNj_lUeM9GBSxRHCRTgQPs9therklPs_GbxFLlKaLdKJX-BVOx9Nh97llDrtb97C7xa634unWvd7Cp8PuVjzd0qPf7nNLj063aOxyuqVHp1v3eutcb6nT5ZY57G7p0WH3uZWvt2JjdNl9dqHpbbaIJYLTRToRvYyni_qPGmK4mismw7lyLhlsVgkAAAAAAAAAwBJMM90EAAAAwMmghpvhYrVOBzOZTQa71XIBXARl6QIGAQAAAAAAKNbYYw3wMLsdppdb4vNs_FYGIMGcx2yzzwhirVbLGgAAgAA2AACAAG668SYQi4n7____HwcAAEBGDj0AAAD6fUBU1R64UeuF_wBUiLVarW431mq1AA!&excid=22&docw=0&cijs=1&nlb=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.81.57.224 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-57-224.eu-west-1.compute.amazonaws.com

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:36:35 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 2199 281 B
554 B 122ms
107ms Document
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8UBYCLAbQBSi0O-IlGBGgC1Bod8RLMCoAAABgYID-AEm4BsvlZrRYK4aT3Vo0GG7cysXE41YuHJ7RZDgbzJyTISAJ12C53IwWa8VwsluLBsONW7mYeNzKhcMzmgxng5lzMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZraDodPte9Xvf73SU-z1zj9yv8Cqfj6bD73DKH3a172N1i11vxdOteb-HTYXcrnm7p0W_3uaVHp1s0djnd0qPTrXu9da631Olyyxx2t_TosPvcytdbsTG67D670PQ22wEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AqxwM2Om5-O3-AAAAAAACAAAAgAQAAvphCYAY470T__________8xBugzb2T8____3zDoAfDgA-BBCAAAANCQeLDCVL5NBlEiBcBFGAEAAADIBUxYPjJJJ6hYVPn__--3AnAFACAgMfPv5CqL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iENNYL0wRLUOyp-QUEAFjzCwgAwEbdAAC8EYATdAhaMRisTkDMDgAAAMCd____fz0g43ANJxPbyDabbBa7xcSyWDkXFuNkNDJMdouZx3u6OS-QCEE2rvtsCMvs9x0UlNPTY3YZZCyXySA-aBiWk0EwPxO2GK0mk81yOFsuJoPhaDga7Y8ALgdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDBhHG2W1kcw7XMuDK5RZPNxi1xmQxr4cowGzl2G4fNNFuLXh_TxeLxzWaWLRIMmNuL5GmRThSulcdmWIwWJtNmsRptlrvlzOOZOScmh2W2cY4mYonmZJFOZJd9x-EaTia2kW022Sx2i4llsXIuLMbJaGSY7BYzj79hnO1WFsdwLTOuTG7RZLNxS1wmw1q4MsxGjt3GYTPN1qLXx3SxeHyzmWXfmC0Ho-VusxztG7PlYLTcbZajfYfO8F19zkZlWSX5uHQ7v826tjkNCpfB4n1-L9LQzmgz-jRfiUX1FOc8E6vQ7_f7_X6_3-_3ezdmg8dgMMw82m1i7PJrNj_lUeM9GBSxRHCRTgQPs9therklPs_GbxFLlKaLdKJX-BVOx9Nh97llDrtb97C7xa634unWvd7Cp8PuVjzd0qPf7nNLj063aOxyuqVHp1v3eutcb6nT5ZY57G7p0WH3uZWvt2JjdNl9dqHpbbaIJYLTRToRvYyni_qPGmK4mismw7lyLhlsVgkAAAAAAAAAwBJMM90EAAAAwMmghpvhYrVOBzOZTQa71XIBXARl6QIGAQAAAAAAKNbYYw3wMLsdppdb4vNs_FYGIMGcx2yzzwhirVbLGgAAgAA2AACAAG668SYQi4n7____HwcAAEBGDj0AAAD6fUBU1R64UeuF_wBUiLVarW431mq1AA!&excid=22&docw=0&cijs=1&nlb=false
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://am-match.taboola.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 27 Jul 2023 22:36:35 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 9D82 34 KB
10 KB 167ms
98ms Script
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: ecdce583240209e675bd219c031902309f47493f1f3bf05d9329d2186dcd8839

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 Jul 2023 22:36:35 GMT
Content-Encoding: gzip
Last-Modified: Thu, 27 Jul 2023 01:58:34 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=12150
Connection: keep-alive
Content-Length: 10115
Expires: Fri, 28 Jul 2023 01:59:05 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 8401 34 KB
10 KB 165ms
104ms Script
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: ecdce583240209e675bd219c031902309f47493f1f3bf05d9329d2186dcd8839

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 Jul 2023 22:36:35 GMT
Content-Encoding: gzip
Last-Modified: Thu, 27 Jul 2023 01:58:34 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=12150
Connection: keep-alive
Content-Length: 10115
Expires: Fri, 28 Jul 2023 01:59:05 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 25AE 492 B
264 B 121ms
120ms XHR
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4329693341180888&correlator=3804703573164637&eid=31075028%2C31061690&output=ldjh&gdfp_req=1&vrg=202307200101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1690497395741&lmt=1644386353&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=yn1e5xz1tz7x&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=938270222.1690497396&ga_sid=1690497396&ga_hid=1819150744&ga_fc=false&dlt=1690497395217&idt=484

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

eb75d359ea282665e5c39a43e3692dbe7eadeb5a6f75423b1fa7c0089cedae81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:36:35 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 233
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cdn.aralego.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 25AE 15 KB
12 KB 135ms
134ms XHR
application/json 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307200101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

ff8362bf5a6da094bfeff210601df3fe4865c95056d56555b96ff18462b98943

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:36:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11821
x-xss-protection: 0

GET
H2 200 container.html Show response
706ea89273d4f09bb9a949e5cb0e57fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8C5D 6 KB
3 KB 283ms
84ms Document
text/html 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://706ea89273d4f09bb9a949e5cb0e57fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 27 Jul 2023 22:36:35 GMT
expires: Fri, 26 Jul 2024 22:36:35 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame AF3D 492 B
265 B 117ms
117ms XHR
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4147627743129487&correlator=3508340349028582&eid=31076399%2C31076565%2C44797800&output=ldjh&gdfp_req=1&vrg=202307250102&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1690497395777&lmt=1644386353&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=uk0f7ccaybwh&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1525101397.1690497396&ga_sid=1690497396&ga_hid=1412112534&ga_fc=false&dlt=1690497395223&idt=532

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js?cb=31076565

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

c3dd1c4c38c6dd45e5d7438ef5874f174322b270db4cfecb0be1c79f8f80888b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:36:35 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 234
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cdn.aralego.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame AF3D 15 KB
12 KB 133ms
132ms XHR
application/json 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307250102&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js?cb=31076565

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

62899b42b71def804b0b1ecb58d25c00a9908e912968311422441a4f5a5072c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:36:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11892
x-xss-protection: 0

GET
H2 200 container.html Show response
98b16d71c5b57fda7649ac051107e49c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9FBE 6 KB
3 KB 292ms
88ms Document
text/html 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://98b16d71c5b57fda7649ac051107e49c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js?cb=31076565

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 27 Jul 2023 22:36:36 GMT
expires: Fri, 26 Jul 2024 22:36:36 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 3EA2 34 KB
10 KB 98ms
98ms Script
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: ecdce583240209e675bd219c031902309f47493f1f3bf05d9329d2186dcd8839

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 Jul 2023 22:36:35 GMT
Content-Encoding: gzip
Last-Modified: Thu, 27 Jul 2023 01:58:34 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=12150
Connection: keep-alive
Content-Length: 10115
Expires: Fri, 28 Jul 2023 01:59:05 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame E40F 34 KB
10 KB 121ms
93ms Script
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: ecdce583240209e675bd219c031902309f47493f1f3bf05d9329d2186dcd8839

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 Jul 2023 22:36:35 GMT
Content-Encoding: gzip
Last-Modified: Thu, 27 Jul 2023 01:58:34 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=12150
Connection: keep-alive
Content-Length: 10115
Expires: Fri, 28 Jul 2023 01:59:05 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 2199 34 KB
10 KB 157ms
95ms Script
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: ecdce583240209e675bd219c031902309f47493f1f3bf05d9329d2186dcd8839

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 Jul 2023 22:36:35 GMT
Content-Encoding: gzip
Last-Modified: Thu, 27 Jul 2023 01:58:34 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=12150
Connection: keep-alive
Content-Length: 10115
Expires: Fri, 28 Jul 2023 01:59:05 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C0C9 0
20 B 117ms
117ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=abg_host&host=www.bg3.co&eid=44759926%2C44759837%2C44759875%2C31076342%2C44788442

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/aiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jul 2023 22:36:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C0C9 0
20 B 119ms
118ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=afc_etu&etus=4&sig=3&tms=200&eid=44759926%2C44759837%2C44759875%2C31076342%2C44788442

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/aiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jul 2023 22:36:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 25AE 17 KB
7 KB 467ms
88ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:36:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 27 Jul 2023 22:36:36 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame C0C9 379 B
416 B 92ms
91ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

0b297f12b2e58991faf5fe27973e438a679bdbaa42e28f062de20ff7b0a4c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:36:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 247
x-xss-protection: 0

GET
H2

200

GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html Show response
adx.holmesmind.com/adx-file/20230617/ Frame AD0F
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134176&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=169049...
https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html

459 B
869 B

336ms
116ms

Document
text/html

18.66.192.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.192.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-192-59.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eae438576c20d429574bb39337c98179423e0ec301675c2ba564e15fd2e0ae0c

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 16
content-length: 459
content-type: text/html
date: Thu, 27 Jul 2023 22:36:36 GMT
etag: "b488597db51c4a25cc169c0690d8eea0"
last-modified: Sat, 17 Jun 2023 07:13:44 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 a4a80ac7ffee78c042728f52e3f729e0.cloudfront.net (CloudFront)
x-amz-cf-id: QPe34Sp76Z51kfyqwZgQWm74xm2n6nzcu1YnmQMedzzWe5VFcspo1w==
x-amz-cf-pop: MUC50-P1
x-amz-server-side-encryption: AES256
x-amz-version-id: YJSjBgr7qtGU8YTUZxdm49TPP59hJ0a5
x-cache: Hit from cloudfront

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Jul 2023 22:36:36 GMT
location: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 9D82 284 B
536 B 357ms
84ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: f5982f4f9cc79eb2b489dda8b92e3144
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame AF3D 17 KB
6 KB 441ms
98ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js?cb=31076565

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:36:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 27 Jul 2023 22:36:36 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 3EA2 284 B
536 B 426ms
85ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: f5982f4f9cc79eb2b489dda8b92e3144
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 8401 284 B
536 B 505ms
85ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: f5982f4f9cc79eb2b489dda8b92e3144
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 2F79 379 B
325 B 92ms
92ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co&bust=31076426

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

aa2f20b2eeb31a080bf389656e8106330860f9d87327d46e08148a9c570be765

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:36:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0

GET
H2

200

GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html Show response
adx.holmesmind.com/adx-file/20230617/ Frame AE91
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134177&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=169049...
https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html

459 B
869 B

334ms
116ms

Document
text/html

18.66.192.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co&bust=31076426
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.192.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-192-59.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eae438576c20d429574bb39337c98179423e0ec301675c2ba564e15fd2e0ae0c

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 16
content-length: 459
content-type: text/html
date: Thu, 27 Jul 2023 22:36:36 GMT
etag: "b488597db51c4a25cc169c0690d8eea0"
last-modified: Sat, 17 Jun 2023 07:13:44 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 a4a80ac7ffee78c042728f52e3f729e0.cloudfront.net (CloudFront)
x-amz-cf-id: s4eUrQcdtH6v81jd_IhJGCE1ABhKrGmOvT-u76HjJvnDo9vbcSj-zg==
x-amz-cf-pop: MUC50-P1
x-amz-server-side-encryption: AES256
x-amz-version-id: YJSjBgr7qtGU8YTUZxdm49TPP59hJ0a5
x-cache: Hit from cloudfront

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Jul 2023 22:36:36 GMT
location: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 2F79 15 KB
11 KB 133ms
133ms XHR
application/json 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230726&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

6f2c1824bd77fb29ea2311f2bf4f55d96a04eb241972816bd3390aab44b99eb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:36:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11712
x-xss-protection: 0

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame E40F 284 B
536 B 534ms
81ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 2199 284 B
536 B 544ms
84ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: f5982f4f9cc79eb2b489dda8b92e3144
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

POST
H2 204 bulk Show response
trc.taboola.com/palmate-bg3co/log/3/ 0
336 B 232ms
231ms XHR
image/gif 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-bg3co/log/3/bulk?route=AM%3AIL%3AV&lti=deflated&bulkSize=20
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230727-9-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 143
date: Thu, 27 Jul 2023 22:36:36 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 107881
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-lis1490054-LIS
pragma: no-cache
server: nginx
x-timer: S1690497396.075930,VS0,VE143
content-type: image/gif
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
737 B 46ms
45ms Image
image/png 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/aiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date: Thu, 27 Jul 2023 22:36:36 GMT
via: 1.1 varnish
x-amz-request-id: 4T9HD5F03CQKWW5F
age: 8012
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: lSoEvzXhqJLoKpvfWFl7Ah/8uMlGPX5JSuu1fj0iX8SuZTcXX+ikn4ChNiw6KH21t9pdaNS54d4=
x-served-by: cache-lis1490054-LIS
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1690497396.110069,VS0,VE0
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
content-type: image/png
abp: 66
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 772

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 241 KB
83 KB 101ms
100ms Script
application/javascript 142.250.186.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

b43c7d9a0574711bb94366bfda9c7e470d99193abb002225050d2f61c402ee6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:36:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84332
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 27 Jul 2023 22:36:36 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 2F79 17 KB
6 KB 287ms
122ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:36:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 27 Jul 2023 22:36:36 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
252 B 204ms
75ms Ping
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je37q0&_p=9745&cid=1360509579.1690497396&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1690497396&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Faiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html&dt=AI%E6%90%B6%E9%A3%AF%E7%A2%97%EF%BC%81%E9%99%B8%E4%BC%81%E7%84%A1%E9%99%90%E6%9C%9F%E7%B5%82%E6%AD%A24%E9%A1%9E%E8%81%B7%E5%8B%99%E3%80%80%E8%82%A1%E5%83%B9%E5%8F%8D%E6%BC%B2%E9%80%BE1%E6%88%90%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_nsi=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jul 2023 22:36:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content sync.php
pixel-apac.rubiconproject.com/exchange/ Frame 3EA2 0
239 B 1067ms
214ms Image
image/gif 69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-apac.rubiconproject.com/exchange/sync.php?p=logly
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 94869a3d6d62a785bc2a9351b08a70bb
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CC8D 13 KB
5 KB 79ms
78ms Document
text/html 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 312
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 27 Jul 2023 22:31:24 GMT
expires: Fri, 26 Jul 2024 22:31:24 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0F8D 783 B
1 KB 271ms
93ms Document
text/html 142.250.181.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f4.1e100.net

Software

GSE /

Resource Hash

eafe6cacc6fab72984bf69d327dafaa26386aa8597a2bbe573ecc134583d9246

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-oSb32Ivgz9hnRX7x80ic-A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-oSb32Ivgz9hnRX7x80ic-A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 27 Jul 2023 22:36:36 GMT
expires: Thu, 27 Jul 2023 22:36:36 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FE88 13 KB
5 KB 79ms
78ms Document
text/html 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 312
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 27 Jul 2023 22:31:24 GMT
expires: Fri, 26 Jul 2024 22:31:24 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E0EA 783 B
737 B 248ms
94ms Document
text/html 142.250.181.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f4.1e100.net

Software

GSE /

Resource Hash

c15bc7cbd5ecddc091d50aebbb17b0635385c9a4fad3ed5ec37224ac201b5e39

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-k9VMihQCt4a0sdW13IwPOg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-k9VMihQCt4a0sdW13IwPOg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 27 Jul 2023 22:36:36 GMT
expires: Thu, 27 Jul 2023 22:36:36 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E97A 13 KB
5 KB 79ms
78ms Document
text/html 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 312
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 27 Jul 2023 22:31:24 GMT
expires: Fri, 26 Jul 2024 22:31:24 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9C96 783 B
738 B 235ms
94ms Document
text/html 142.250.181.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f4.1e100.net

Software

GSE /

Resource Hash

fbc4ea0dde0f8103b44061a4467419cf02883efc0143baa419a691eb101a46e0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Rcxd3M4n_V27lBl6Rhm3Vg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-Rcxd3M4n_V27lBl6Rhm3Vg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 27 Jul 2023 22:36:36 GMT
expires: Thu, 27 Jul 2023 22:36:36 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 sync.js Show response
sync.logly.co.jp/sync/ Frame 2AA0 0
269 B 304ms
304ms Script
text/plain 18.182.83.207
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.logly.co.jp/sync/sync.js
Requested by: Host: sync.logly.co.jp
URL: https://sync.logly.co.jp/sync/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.182.83.207 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-182-83-207.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://sync.logly.co.jp/sync/sync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 27 Jul 2023 22:36:36 GMT
cache-control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
server: nginx
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
p3p: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"

GET
H3 200 fEcdG_B7pUQXAq0S1D0jGwFCW0QHifFmsZMHxcblrt4.js Show response
pagead2.googlesyndication.com/bg/ Frame CC8D 37 KB
14 KB 83ms
83ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fEcdG_B7pUQXAq0S1D0jGwFCW0QHifFmsZMHxcblrt4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

7c471d1bf07ba5441702ad12d43d231b01425b440789f166b19307c5c6e5aede

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 20:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8378
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14619
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 26 Jul 2024 20:16:58 GMT

GET
H3 200 fEcdG_B7pUQXAq0S1D0jGwFCW0QHifFmsZMHxcblrt4.js Show response
pagead2.googlesyndication.com/bg/ Frame FE88 37 KB
14 KB 83ms
83ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fEcdG_B7pUQXAq0S1D0jGwFCW0QHifFmsZMHxcblrt4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

7c471d1bf07ba5441702ad12d43d231b01425b440789f166b19307c5c6e5aede

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 20:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8378
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14619
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 26 Jul 2024 20:16:58 GMT

GET
H3 200 fEcdG_B7pUQXAq0S1D0jGwFCW0QHifFmsZMHxcblrt4.js Show response
pagead2.googlesyndication.com/bg/ Frame E97A 37 KB
14 KB 83ms
83ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fEcdG_B7pUQXAq0S1D0jGwFCW0QHifFmsZMHxcblrt4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

7c471d1bf07ba5441702ad12d43d231b01425b440789f166b19307c5c6e5aede

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 20:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8378
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14619
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 26 Jul 2024 20:16:58 GMT

GET
H2 200 ysm_bg3.js Show response
ad.sitemaji.com/ Frame AD0F 31 KB
10 KB 180ms
58ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/ysm_bg3.js
Requested by: Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 287077b1aeaca25ca5387fa4bccd16aa0f098f48ab4630152689426db2d97470

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 19:49:04 GMT
content-encoding: br
via: 1.1 google
last-modified: Mon, 26 Jun 2023 06:28:33 GMT
server: nginx/1.12.1 (Ubuntu)
age: 10052
etag: W/"64993011-7b8f"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9956
expires: Fri, 28 Jul 2023 19:49:04 GMT

GET
H2 200 ysm_bg3.js Show response
ad.sitemaji.com/ Frame AE91 31 KB
10 KB 189ms
67ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/ysm_bg3.js
Requested by: Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 287077b1aeaca25ca5387fa4bccd16aa0f098f48ab4630152689426db2d97470

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 19:49:04 GMT
content-encoding: br
via: 1.1 google
last-modified: Mon, 26 Jun 2023 06:28:33 GMT
server: nginx/1.12.1 (Ubuntu)
age: 10052
etag: W/"64993011-7b8f"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9956
expires: Fri, 28 Jul 2023 19:49:04 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame CC8D 0
10 B 80ms
79ms Image
text/plain 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?l5HciQ
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/aiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:36:36 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0F8D 0
0 118ms
118ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307200101&jk=4329693341180888&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/aiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9C96 0
0 118ms
118ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230726&jk=724061171302865&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/aiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E0EA 0
0 118ms
118ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307250102&jk=4147627743129487&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/aiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame FE88 0
10 B 79ms
79ms Image
text/plain 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?tdSAZA
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/aiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:36:36 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame E97A 0
10 B 79ms
79ms Image
text/plain 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?iZRIWg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/aiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:36:36 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/ Frame AD0F
Redirect Chain

https://agent.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

57ms
56ms

Script
application/octet-stream

104.26.5.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol: H3
Server: 104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:36:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8877
alt-svc: h3=":443"; ma=86400
content-length: 40181
last-modified: Tue, 20 Jun 2023 03:04:26 GMT
server: cloudflare
etag: "6491173a-9cf5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yDVXrSQ1NzjKTQVYXaJCkBmqndoGlJsA5Wu%2BP0aAbhr6nTPtTg3vSgMpI%2FkesHEAaD0cadDiB%2Fk78SLFLVfdFs8%2BOcbPJCarTuGepL5r6jCFn%2FdozjE6JSsW%2BJtmeBspxA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7ed85cbdec2c03ae-LIS

Redirect headers

Location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection: close
Content-length: 0

GET
H3

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/ Frame AE91
Redirect Chain

https://agent.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

147ms
147ms

Script
application/octet-stream

104.26.5.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol: H3
Server: 104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:36:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8877
alt-svc: h3=":443"; ma=86400
content-length: 40181
last-modified: Tue, 20 Jun 2023 03:04:26 GMT
server: cloudflare
etag: "6491173a-9cf5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p43oAQR6uB%2FYbL7yzyEamGLaw7l0cUjjAL94vUP1yRzWk%2BsPCNgFHC8aW%2Fh5okTJv0Yyck3huNGOl0hWV%2BOKumfWAiZT1Q8KQ6pzFAb5VepeSxLb8iNtvby6BqeR55ccCA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7ed85cbdec2e03ae-LIS

Redirect headers

Location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection: close
Content-length: 0

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 3 KB
2 KB 45ms
45ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230727-9-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding: gzip
via: 1.1 varnish
date: Thu, 27 Jul 2023 22:36:36 GMT
x-amz-request-id: 2QTT4DE5AQFM88XF
age: 2858
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1340
x-amz-id-2: dMpQEqvpkPUA1yI5WlgLWI6aQfPUJsjmB2fSziQmvtojBztCAzUgZKiq9ChhsF8Gs3NDPvc2z0Y=
x-served-by: cache-lis1490054-LIS
last-modified: Wed, 12 Oct 2022 13:57:57 GMT
server: AmazonS3
x-timer: S1690497397.877057,VS0,VE0
etag: "383fa66d2a0a09f4a6e64a9593ad43bb"
vary: Accept-Encoding
content-type: application/javascript
abp: 30
access-control-allow-origin: *
cache-control: private, max-age=3600
accept-ranges: bytes
x-cache-hits: 349856

GET
H2 200 / Show response
pips.taboola.com/ 4 B
96 B 295ms
45ms XHR
text/plain 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by: cache-lis1490031-LIS
date: Thu, 27 Jul 2023 22:36:37 GMT
via: 1.1 varnish
server: Varnish
access-control-allow-methods: GET
x-cache: HIT
access-control-allow-origin: https://www.bg3.co
cache-control: no-store
accept-ranges: bytes
content-length: 4
retry-after: 0
x-cache-hits: 0

GET
H2 200 content_v3.js Show response
vidstat.taboola.com/ 16 KB
5 KB 45ms
45ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/content_v3.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/140669_607/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:36:37 GMT
via: 1.1 cb4f40303e252a22c4df5918669814ac.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: LIS50-C1
age: 1336919
x-cache: Hit from cloudfront, HIT
content-length: 4839
x-served-by: cache-lis1490054-LIS
last-modified: Wed, 20 Jul 2022 13:23:50 GMT
server: AmazonS3
x-timer: S1690497397.283491,VS0,VE0
etag: "f7533e747bb02a8eb527ada4f2749620"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: OmMK25KHDtLgJBdHJS5nTmzdwO3Z6tWEggH3i8sti68ZYnuzVlmfQw==
x-cache-hits: 37866

GET
H2 200 OvaMediaPlayer.js Show response
vidstat.taboola.com/vpaid/vPlayer/player/v15.3.6/ 446 KB
84 KB 45ms
45ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.3.6/OvaMediaPlayer.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/140669_607/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: e72ddceb4ffc4294fc6b71ee771f423c143eb1ac9cc81dcd46c915c8c382f37d

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime: 1690439347
date: Thu, 27 Jul 2023 22:36:37 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: A3N10TATEMVHA5QR
age: 57968
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1690439362
x-amz-meta-mode: 33188
content-length: 85839
x-amz-id-2: YpLsidS2POsIKt23Ufq53o+kIa+03QWIhvzNyWX5RqYAx9tb3V1X7ZUuAJ8mMhdUUbsPS9EPyeA=
x-served-by: cache-lis1490054-LIS
last-modified: Thu, 27 Jul 2023 06:29:23 GMT
server: AmazonS3-br
x-timer: S1690497397.303805,VS0,VE0
etag: "b33cf048d4d632bd93b30c09e2201e4c"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 22305

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 0B7C 422 B
517 B 87ms
87ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V8UBYCLAbQBSi0O-IlGBGgC1Bod8RLMCoAAABgYID-AEm4BsvlZrRYK4aT3Vo0GG7cysXE41YuHJ7RZDgbzJyTISAJ12C53IwWa8VwsluLBsONW7mYeNzKhcMzmgxng5lzMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZraDodPte9Xvf73SU-z1zj9yv8Cqfj6bD73DKH3a172N1i11vxdOteb-HTYXcrnm7p0W_3uaVHp1s0djnd0qPTrXu9da631Olyyxx2t_TosPvcytdbsTG67D670PQ22wEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AqxwM2Om5-O3-AAAAAAACAAAAgAQAAvphCYAY470T__________8xBugzb2T8____3zDoAfDgA-BBCAAAANCQeLDCVL5NBlEiBcBFGAEAAADIBUxYPjJJJ6hYVPn__--3AnAFACAgMfPv5CqL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iENNYL0wRLUOyp-QUEAFjzCwgAwEbdAAC8EYATdAhaMRisTkDMDgAAAMCd____fz0g43ANJxPbyDabbBa7xcSyWDkXFuNkNDJMdouZx3u6OS-QCEE2rvtsCMvs9x0UlNPTY3YZZCyXySA-aBiWk0EwPxO2GK0mk81yOFsuJoPhaDga7Y8ALgdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDBhHG2W1kcw7XMuDK5RZPNxi1xmQxr4cowGzl2G4fNNFuLXh_TxeLxzWaWLRIMmNuL5GmRThSulcdmWIwWJtNmsRptlrvlzOOZOScmh2W2cY4mYonmZJFOZJd9x-EaTia2kW022Sx2i4llsXIuLMbJaGSY7BYzj79hnO1WFsdwLTOuTG7RZLNxS1wmw1q4MsxGjt3GYTPN1qLXx3SxeHyzmWXfmC0Ho-VusxztG7PlYLTcbZajfYfO8F19zkZlWSX5uHQ7v826tjkNCpfB4n1-L9LQzmgz-jRfiUX1FOc8E6vQ7_f7_X6_3-_3ezdmg8dgMMw82m1i7PJrNj_lUeM9GBSxRHCRTgQPs9therklPs_GbxFLlKaLdKJX-BVOx9Nh97llDrtb97C7xa634unWvd7Cp8PuVjzd0qPf7nNLj063aOxyuqVHp1v3eutcb6nT5ZY57G7p0WH3uZWvt2JjdNl9dqHpbbaIJYLTRToRvYyni_qPGmK4mismw7lyLhlsVgkAAAAAAAAAwBJMM90EAAAAwMmghpvhYrVOBzOZTQa71XIBXARl6QIGAQAAAAAAKNbYYw3wMLsdppdb4vNs_FYGIMGcx2yzzwhirVbLGgAAgAA2AACAAG668SYQi4n7____HwcAAEBGDj0AAAD6fUBU1R64UeuF_wBUiLVarW431mq1AA!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/140669_607/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 523472fc73c3969e82d48016b529185a6c5601c65d8db79aec71ed2849f8f2ed

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Thu, 27 Jul 2023 22:36:37 GMT
machineid: 3402
server: nginx

GET
H2 200 st
am-vid-events.taboola.com/ 0
44 B 87ms
86ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=66361655&crid=-1&dast=V8UBYCLAbQBSi0O-IlGBGgC1Bod8RLMCoAAABgYID-AEm4BsvlZrRYK4aT3Vo0GG7cysXE41YuHJ7RZDgbzJyTISAJ12C53IwWa8VwsluLBsONW7mYeNzKhcMzmgxng5lzMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZraDodPte9Xvf73SU-z1zj9yv8Cqfj6bD73DKH3a172N1i11vxdOteb-HTYXcrnm7p0W_3uaVHp1s0djnd0qPTrXu9da631Olyyxx2t_TosPvcytdbsTG67D670PQ22wEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AqxwM2Om5-O3-AAAAAAACAAAAgAQAAvphCYAY470T__________8xBugzb2T8____3zDoAfDgA-BBCAAAANCQeLDCVL5NBlEiBcBFGAEAAADIBUxYPjJJJ6hYVPn__--3AnAFACAgMfPv5CqL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iENNYL0wRLUOyp-QUEAFjzCwgAwEbdAAC8EYATdAhaMRisTkDMDgAAAMCd____fz0g43ANJxPbyDabbBa7xcSyWDkXFuNkNDJMdouZx3u6OS-QCEE2rvtsCMvs9x0UlNPTY3YZZCyXySA-aBiWk0EwPxO2GK0mk81yOFsuJoPhaDga7Y8ALgdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDBhHG2W1kcw7XMuDK5RZPNxi1xmQxr4cowGzl2G4fNNFuLXh_TxeLxzWaWLRIMmNuL5GmRThSulcdmWIwWJtNmsRptlrvlzOOZOScmh2W2cY4mYonmZJFOZJd9x-EaTia2kW022Sx2i4llsXIuLMbJaGSY7BYzj79hnO1WFsdwLTOuTG7RZLNxS1wmw1q4MsxGjt3GYTPN1qLXx3SxeHyzmWXfmC0Ho-VusxztG7PlYLTcbZajfYfO8F19zkZlWSX5uHQ7v826tjkNCpfB4n1-L9LQzmgz-jRfiUX1FOc8E6vQ7_f7_X6_3-_3ezdmg8dgMMw82m1i7PJrNj_lUeM9GBSxRHCRTgQPs9therklPs_GbxFLlKaLdKJX-BVOx9Nh97llDrtb97C7xa634unWvd7Cp8PuVjzd0qPf7nNLj063aOxyuqVHp1v3eutcb6nT5ZY57G7p0WH3uZWvt2JjdNl9dqHpbbaIJYLTRToRvYyni_qPGmK4mismw7lyLhlsVgkAAAAAAAAAwBJMM90EAAAAwMmghpvhYrVOBzOZTQa71XIBXARl6QIGAQAAAAAAKNbYYw3wMLsdppdb4vNs_FYGIMGcx2yzzwhirVbLGgAAgAA2AACAAG668SYQi4n7____HwcAAEBGDj0AAAD6fUBU1R64UeuF_wBUiLVarW431mq1AA!&cmcv=&pix=31579697&cb=1690497397285&uv=140669607&tms=1690497397285&su=3&abt=dfrc_vB!nonrv_vA!t45!ufm_vG!ul140669-607_vA&ft=0&unm=FEED_MANAGER&su=3&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/aiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:36:37 GMT
content-length: 0
server: nginx

GET
H2 204 / Show response
cds.taboola.com/ 0
83 B 433ms
139ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=a867eb18-f8ed-423c-bed0-8e06d17caf46-tuctbbc76f2&mbl=ZmFsc2U=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 27 Jul 2023 22:36:37 GMT
cache-control: no-store
server: nginx

GET
H2 206 blackScreen5.mp4
vidstatb.taboola.com/vid/ 89 KB
89 KB 63ms
45ms Media
video/mp4 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/aiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer: https://www.bg3.co/
Accept-Encoding: identity;q=1, *;q=0
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

x-amz-meta-mtime: 1497790207
date: Thu, 27 Jul 2023 22:36:37 GMT
via: 1.1 65fac79c4b1023a8d83e5e5bfb978ce0.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: LIS50-C1
age: 931558
x-cache: Miss from cloudfront, HIT
Content-Range: bytes 0-90783/90784
x-amz-meta-mode: 33188
Content-Length: 90784
x-served-by: cache-lis1490054-LIS
last-modified: Sun, 02 Jul 2017 20:40:57 GMT
server: AmazonS3
x-timer: S1690497397.364543,VS0,VE0
etag: "b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid: 0
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: eL06zMABtpJic7IknWTjIcZ5BL2bh74ZaMAl4Dcqky23Vc0714d_9w==
x-cache-hits: 73848

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 25AE 0
0 120ms
119ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307200101&jk=4329693341180888&bg=!S0ilSBzNAAZGOVy5Zjk7ADkAdvg8WgQlb2cmaza79H1V_tx3qseOgN1aRoAkVTKdCIuFQ0mG79BzrxB7Dk7uNP3RV3aSyelKJ70CAAAAvFIAAAAJaAEHCgCRrGnpNsXBj0hAGv65d7mzv648AW1o_JqQgjuU7_xFP3QOE203aUp7Dxod7apQapdnYrMbWoeK39NuNAuYiKYsoQqjJJiOfP50bjzk515D1Z2T4gW_hVav3rr1iz2ievRcCdBuQBRCP8W2O7w2sUdGkBhEZIJubacjhRtNArxaDsjHaaN9B_tMxSHQqxCXgcF_15kC03gb2ahpVWKZpdk9XRkOm9ZaphnJcntJ2hjUutKm-2i15_osILJSJKuXhUgN67nlRMrbDzNLIPd7QqvgOt6mrSNMiF4bC2cpww9oTg1riG25P0bEyTMCqswKIDdjGF9VQoAJyqr6odNlVfS_iSYntq7Le7UcPBiv9GcCLnAQRJ_JdzLv_ZWMdVOlF_dN469tTnnyr6jo7ruQcl3x7YZFk7wQ2ybRYeiEIR74qCYTPkwnxlnnpUsBwq0Uf6SnEVmfXe8fYu8fMJVuBygl5v0P9GtfWSInOyHH_Vbyfo-nYZ1w7N_4WkVvFEX497ZmLbegrvpZx71vu54MhyiRwvvgVZ3lp5joWc_SnuaHsLompeM-RZfJihRa3qHozAd3ccg5pdAshJdmZ-ebgDwG2obs767gZ0BiwHrjr2g7DkC69QFH3L39_W16Nf5VNzA8BcoTN2WJkNkWELKXbnpeus01dFxx36fSRaV7D_IXBiuyH4w0vvgpxIoAsgzIPM1uDCJ84E34eiCfZZtFkzyyIS7HFCPaocySpCiyNvb-L27Ap6LY4PyMDx83HHdOgXaCSrYPdiFjHncKI1haGQTDbOR11UwGrykhf3_RrvqXMH99iBzto1uJt-0XIUE4BNGta_I9AF9bMO5o34vOneuVawZJzX8G4PLZ7ldtgt2woislhzpTypuukzCvAEPUQE2CT7yvwcr92N3BmkE9d9I8cY461r0j4pNWmOO01swrr7jBhyE27oto5KVLURxcXre-jNN0-HdxsSfxr-WgbJf59dB_icnloteZ7CgR3ZY9rsAsFkDEJCEXv3NT1CGmBv6xJpe3Q75tJru24nSt1ThM5TxwcuBEyUG_ex6FgagXrlP_TDCxXKYGeVCB2LhUMDvpdNOnc0XyfEUw4yWz76gSu6hs8i1X4RfNHSqyPPzJvJ5JF4koCUa_iwmEsn2M5DrBC_HzuKZfxw
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/aiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame AF3D 0
0 121ms
121ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307250102&jk=4147627743129487&bg=!Li2lLXnNAAZGOVy5Zjk7ADkAdvg8WuI5mgh3Cw6jkUOC9a4Wd0gUz3s0oF7z1gthfZms_BAhlMDJHCu5GynWXexxRDZCOSgqZs4CAAAAwlIAAAAIaAEHCgBWCpNDKBB9jzgGmlHIdcb2ZWRwPUPJTknU_BbYHe26qpZ1fkAmj-e_EF93zZ6xObYBryNrx0NVQDHTA-l3qc13HPs2Dxp19_kIzhuDQfe6-Ve1r692qHWZArsL1v0by9j3CrSKfceDiibJXopkBUXZTzIviFDjkdq4o8aRLQ9C2E7GYU1kF2CJcQw0jT8dqsPZxj0mXoCqRW2_nMH7KzgpZ5TCKIjPSeSSLKA1qImZVRpP6EoWQ2ouTQurOQnp1ZoH-bNSPvUdcb5volhJ8tRg6UVIEu-kYujQpuOd8MVh-fCQP2f1ko2Dr_XiicNKbuUXQghAMiLjn6K76IHYHD7gmd3pXpSY6Z-P1Yx7vMrVWyzpFERWmEDud4N8n-b0RvmX5DKjCYmrW_GVvtyKkrAmRZAR9dlCrUp4lYQrWWwdA2OasiDxIQyyLVgok19qXmkEjqMuV9g-c8HMEn82VsdZ5RJ7RTwg9Zoyy5fJfU-IUafU72ICcSjbEoRTfpefFIMCGw5sNHlg6SLd9pGSmra8Syi2jwgknDK-xNtnEwNf97FJO9S2RVR46yay5Zvg0RSlb4EuoT5sAezZAgaXUYOKL_JUuG1gzXip1pkak_eeYhFjpYxPG4J8YhtY617FiLG53ce4HfBbSIC405EdiG0ajXg0PH9sYN0edgqNu0_0OU-9lRIWn5WLFNI_4bMF4Soh_r8a8qkJWKe-Ght6w5wKqvEPndKAFKHL8um__6gAjDwaBZEsPRkL11X9ILEaPli1vffJV9kI3GNmdbJdrY1fmk1qLrzPeP0PqRqU6d60eYKT0Q8mPik4A16mlRPQQ8kpQDB0seyN7QiInoFl6ZxLAf7TFZq4DeALhUajgr1bBhwubb2fgT22nr4F7j8uU56Py5h70qKdYdMaTWf-fSTbTlVuZpQtCtIh4tgKFHV8H3hHO57AR3-1sYzKYFaYb0qfHKyzKgmEhMZKwOk7Y9cUroGYr3sJHfwoIZKqhOCHjpJyObau_xsI51l2gEt4xbDgRxs4qM9PFoxqoYYOWCUsAg7dzek
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/aiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2F79 0
0 122ms
121ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230726&jk=724061171302865&bg=!-Pul-6_NAAZGOVy5Zjk7ADkAdvg8WquS6bGsECna0IyPa2yG9SjhFbdAMKAmEMhqUeBnPjlzaV0cWup7Gg-jl5gcL5pSio1Dl04CAAAAtFIAAAAIaAEHCgCDbNAWmELUEDGotE744yLhUO55KZuWrS-s-X9ftbAc5SN9Xk5cdlKjYx_3YNFNGCw2y9PqAcxsjnny7C0l0xim4P2c2JfYkSbQkMZiB11_zjRbu1SkXnM-ACcJZ0llNk4x2ekWQgwZl5eZkO7hwQOt9D6xY-LzS24597C1NZQRLbzbPEKZArwfqnPBoYQPaVNcKyoEGc5XcxMJoozRAwZtVpyqYvlYSSXTRF-3vk8kZYQaabtOPuGgjMVwL2VsKhbgCtlkQZmENPTzH5Fco82iN18hbT2hOKgEKLH9h57mOi4340jewHOYxDS0FdqLPn3xn1gzNPZfanTWzB9ZerP8j6Lf7ZAtrkXE_JEE7m9f_Ge4O5fmyBN2OnpMabx80SseyDU82isv98OrbeBU3Eeb11xmon9fIdxxdQ3F7yKiBKmTREKxS3-RbBiKR9E_HUhgAQnhU--aW_I3dAm9oiiUWhHVYpI3sBcnCBhY4ArBer1tC49LAJVdH0iyi-FWuWiLba7W-Ir_50jOiKypcs2Rh2iiPmg3jcoHFXEzOryR_WpAN9Nzoi40CLjAXrydQgfeNpE0alBZ8HnSo8mFkxcguPmu10GVmBoiV6iNqnCl_gMddaLU1cqyIM56SbbrjzvwE9vJOQcyfuq8GpGVB5xsikowUU9VDI3eb6B2skZCEJK9H3QHm94Vrkh76sdya3yMqhw8CE5Xkh-mPzYS7F1ifMQdYYqLlacoypxt9IVCs-fv_SE0nRtDdwGQ91uGyV3YuVfiiBi8W3axvhzZ5zWSXNRFI_6nvPYPzeu3V8TPqy43ouWw8CUroYJMbW03tvFLrHBynbnuIE2ThUcvPZBi1xtAsz8nKEaP59we5oh3zuP1MFSWNUk_YdIk_AcTYjCP0nH9TsMYdtisrrserbSI0atuvJyWN5jjIIgSWChKYb4HjV5Uaasir_jBAz10QKLPQYtlTCcsnPutIKo2t-qSpQoFp4uFYF-biRPX4Wwm2Y_U4drUmRr2iPpQWhTVo1SE7T9-MqoaqH9d8QXTVvdf4vbJen0PeF2Aq_Ep1gAHR0eozsXAp2kzx4QodKORC7wljdKvb-SlKT1en0RQqbF9BLIE
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/aiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 0B7C 70 B
265 B 97ms
97ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8UBYCLAbQBSi0O-IlGBGgC1Bod8RLMCoAAABgYID-AEm4BsvlZrRYK4aT3Vo0GG7cysXE41YuHJ7RZDgbzJyTISAJ12C53IwWa8VwsluLBsONW7mYeNzKhcMzmgxng5lzMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZraDodPte9Xvf73SU-z1zj9yv8Cqfj6bD73DKH3a172N1i11vxdOteb-HTYXcrnm7p0W_3uaVHp1s0djnd0qPTrXu9da631Olyyxx2t_TosPvcytdbsTG67D670PQ22wEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AqxwM2Om5-O3-AAAAAAACAAAAgAQAAvphCYAY470T__________8xBugzb2T8____3zDoAfDgA-BBCAAAANCQeLDCVL5NBlEiBcBFGAEAAADIBUxYPjJJJ6hYVPn__--3AnAFACAgMfPv5CqL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iENNYL0wRLUOyp-QUEAFjzCwgAwEbdAAC8EYATdAhaMRisTkDMDgAAAMCd____fz0g43ANJxPbyDabbBa7xcSyWDkXFuNkNDJMdouZx3u6OS-QCEE2rvtsCMvs9x0UlNPTY3YZZCyXySA-aBiWk0EwPxO2GK0mk81yOFsuJoPhaDga7Y8ALgdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDBhHG2W1kcw7XMuDK5RZPNxi1xmQxr4cowGzl2G4fNNFuLXh_TxeLxzWaWLRIMmNuL5GmRThSulcdmWIwWJtNmsRptlrvlzOOZOScmh2W2cY4mYonmZJFOZJd9x-EaTia2kW022Sx2i4llsXIuLMbJaGSY7BYzj79hnO1WFsdwLTOuTG7RZLNxS1wmw1q4MsxGjt3GYTPN1qLXx3SxeHyzmWXfmC0Ho-VusxztG7PlYLTcbZajfYfO8F19zkZlWSX5uHQ7v826tjkNCpfB4n1-L9LQzmgz-jRfiUX1FOc8E6vQ7_f7_X6_3-_3ezdmg8dgMMw82m1i7PJrNj_lUeM9GBSxRHCRTgQPs9therklPs_GbxFLlKaLdKJX-BVOx9Nh97llDrtb97C7xa634unWvd7Cp8PuVjzd0qPf7nNLj063aOxyuqVHp1v3eutcb6nT5ZY57G7p0WH3uZWvt2JjdNl9dqHpbbaIJYLTRToRvYyni_qPGmK4mismw7lyLhlsVgkAAAAAAAAAwBJMM90EAAAAwMmghpvhYrVOBzOZTQa71XIBXARl6QIGAQAAAAAAKNbYYw3wMLsdppdb4vNs_FYGIMGcx2yzzwhirVbLGgAAgAA2AACAAG668SYQi4n7____HwcAAEBGDj0AAAD6fUBU1R64UeuF_wBUiLVarW431mq1AA!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 27 Jul 2023 22:36:37 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 a867eb18-f8ed-423c-bed0-8e06d17caf46-tuctbbc76f2
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 0B7C 43 B
426 B 91ms
90ms Image
image/gif 99.81.57.224
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/a867eb18-f8ed-423c-bed0-8e06d17caf46-tuctbbc76f2?gdpr=1&us_privacy=1---

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.81.57.224 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-57-224.eu-west-1.compute.amazonaws.com

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:36:37 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 200 sync
x.bidswitch.net/ Frame 0B7C 43 B
147 B 248ms
80ms Image
image/gif 3.120.241.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8UBYCLAbQBSi0O-IlGBGgC1Bod8RLMCoAAABgYID-AEm4BsvlZrRYK4aT3Vo0GG7cysXE41YuHJ7RZDgbzJyTISAJ12C53IwWa8VwsluLBsONW7mYeNzKhcMzmgxng5lzMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZraDodPte9Xvf73SU-z1zj9yv8Cqfj6bD73DKH3a172N1i11vxdOteb-HTYXcrnm7p0W_3uaVHp1s0djnd0qPTrXu9da631Olyyxx2t_TosPvcytdbsTG67D670PQ22wEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AqxwM2Om5-O3-AAAAAAACAAAAgAQAAvphCYAY470T__________8xBugzb2T8____3zDoAfDgA-BBCAAAANCQeLDCVL5NBlEiBcBFGAEAAADIBUxYPjJJJ6hYVPn__--3AnAFACAgMfPv5CqL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iENNYL0wRLUOyp-QUEAFjzCwgAwEbdAAC8EYATdAhaMRisTkDMDgAAAMCd____fz0g43ANJxPbyDabbBa7xcSyWDkXFuNkNDJMdouZx3u6OS-QCEE2rvtsCMvs9x0UlNPTY3YZZCyXySA-aBiWk0EwPxO2GK0mk81yOFsuJoPhaDga7Y8ALgdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDBhHG2W1kcw7XMuDK5RZPNxi1xmQxr4cowGzl2G4fNNFuLXh_TxeLxzWaWLRIMmNuL5GmRThSulcdmWIwWJtNmsRptlrvlzOOZOScmh2W2cY4mYonmZJFOZJd9x-EaTia2kW022Sx2i4llsXIuLMbJaGSY7BYzj79hnO1WFsdwLTOuTG7RZLNxS1wmw1q4MsxGjt3GYTPN1qLXx3SxeHyzmWXfmC0Ho-VusxztG7PlYLTcbZajfYfO8F19zkZlWSX5uHQ7v826tjkNCpfB4n1-L9LQzmgz-jRfiUX1FOc8E6vQ7_f7_X6_3-_3ezdmg8dgMMw82m1i7PJrNj_lUeM9GBSxRHCRTgQPs9therklPs_GbxFLlKaLdKJX-BVOx9Nh97llDrtb97C7xa634unWvd7Cp8PuVjzd0qPf7nNLj063aOxyuqVHp1v3eutcb6nT5ZY57G7p0WH3uZWvt2JjdNl9dqHpbbaIJYLTRToRvYyni_qPGmK4mismw7lyLhlsVgkAAAAAAAAAwBJMM90EAAAAwMmghpvhYrVOBzOZTQa71XIBXARl6QIGAQAAAAAAKNbYYw3wMLsdppdb4vNs_FYGIMGcx2yzzwhirVbLGgAAgAA2AACAAG668SYQi4n7____HwcAAEBGDj0AAAD6fUBU1R64UeuF_wBUiLVarW431mq1AA!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.241.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-241-163.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:36:37 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3 200 ucfad-formats.css
cdn.aralego.net/css/dev/ Frame AD0F 975 B
746 B 56ms
56ms Stylesheet
text/css 104.26.5.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:36:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8729
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N8l8i0Pe%2BVdG8aoEy57cduE0nJ1g3buWbYm38TTt2LPQOPnnfUBeddRxK6C3wECaRmYv8YDX2hKnQCDpfK01Rqi5SuDDbl5hJ5%2B8PTBcOBlJzaNj5jDB89825xmWxHUYhA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7ed85cbeddec03ae-LIS

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ Frame AD0F 661 B
1 KB 514ms
228ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=adx.holmesmind.com&u=https%3A%2F%2Fwww.bg3.co%2F&adid=ad-D23E94E4EBE8E97E1A2434368A94EA6&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=undefined&cb=0.735819238977029&ao=https%3A%2F%2Fwww.bg3.co&uaMobile=%3F0
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 5a42323e0b1c4e0d4d08124e092838d317dec3536cedfeb797380f02c1ebc132

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 Jul 2023 22:36:37 GMT
X-Width: 300
X-Height: 250
X-AdStyle: banner
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://adx.holmesmind.com
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-AdSource: PSA
X-SspId: 20d4119a-1a9f-3283-b59f-9885aa806cb1
X-Adtype: html
Connection: close
Content-Length: 661

GET
H3 200 ucfad-formats.css
cdn.aralego.net/css/dev/ Frame AE91 975 B
749 B 57ms
57ms Stylesheet
text/css 104.26.5.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:36:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8729
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PVXrtr6zzRo7SBDJ8TfoA%2FHPC8srHVOYfSVJf4VMbBy0hjb9OtVlOXbe36yduAnzNhc%2F2gxz%2FYfA7Ogz34hZHbCN9sHtPPTl7VKSqt4tVRMN%2BpOxUt1p1y2RPfuUE0Kl7w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7ed85cbeddfb03ae-LIS

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ Frame AE91 661 B
1 KB 512ms
215ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=adx.holmesmind.com&u=https%3A%2F%2Fwww.bg3.co%2F&adid=ad-D23E94E4EBE8E97E1A2434368A94EA6&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=undefined&cb=0.9688517585742187&ao=https%3A%2F%2Fwww.bg3.co&uaMobile=%3F0
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 5a42323e0b1c4e0d4d08124e092838d317dec3536cedfeb797380f02c1ebc132

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 Jul 2023 22:36:37 GMT
X-Width: 300
X-Height: 250
X-AdStyle: banner
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://adx.holmesmind.com
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-AdSource: PSA
X-SspId: 20d4119a-1a9f-3283-b59f-9885aa806cb1
X-Adtype: html
Connection: close
Content-Length: 661

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame C0C9 15 KB
11 KB 132ms
132ms XHR
application/json 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230726&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

3413a3b5c6fec6e0c8ba705edb4f59913d51455600b2a6c98be9b3c729f8684e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:36:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11617
x-xss-protection: 0

POST
H2 204 collect
www.google-analytics.com/g/ 0
55 B 85ms
84ms Ping
text/plain 142.250.186.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?__read_this=https%3A%2F%2Fbit.ly%2Fofficial-ga4&v=2&tid=G-JLX4K2W8JS&ds=AMP&_p=9745&cid=amp-kDMRU_huGi93d-98PRhpGA&ul=en-us&sr=1600x1200&_s=3&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Faiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html&dr=&dt=AI%E6%90%B6%E9%A3%AF%E7%A2%97%EF%BC%81%E9%99%B8%E4%BC%81%E7%84%A1%E9%99%90%E6%9C%9F%E7%B5%82%E6%AD%A24%E9%A1%9E%E8%81%B7%E5%8B%99%E3%80%80%E8%82%A1%E5%83%B9%E5%8F%8D%E6%BC%B2%E9%80%BE1%E6%88%90%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&_fv=1&_ss=1&__dbg=1&__nuid=&en=performance_timing&sid=1690497395&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co&epn.page_load_time=5478&epn.domain_lookup_time=7&epn.tcp_connect_time=524&epn.redirect_time=0&epn.server_response_time=953&epn.page_download_time=1&epn.content_download_time=1512&epn.dom_interactive_time=1512
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307150128000/v0/amp-analytics-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s08-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 27 Jul 2023 22:36:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
120 B 78ms
78ms Image
image/gif 142.250.186.174
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=a1&ds=AMP&aip&_s=2&dt=AI%E6%90%B6%E9%A3%AF%E7%A2%97%EF%BC%81%E9%99%B8%E4%BC%81%E7%84%A1%E9%99%90%E6%9C%9F%E7%B5%82%E6%AD%A24%E9%A1%9E%E8%81%B7%E5%8B%99%E3%80%80%E8%82%A1%E5%83%B9%E5%8F%8D%E6%BC%B2%E9%80%BE1%E6%88%90%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-kDMRU_huGi93d-98PRhpGA&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Faiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html&dr=&sd=24&ul=en-us&de=UTF-8&jid=&plt=5478&dns=7&tcp=524&rrt=0&srt=953&pdt=1&clt=1512&dit=1512&a=9745&z=0.6988987473612198&gtm=45De1110&t=timing

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jul 2023 04:46:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 64210
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame C0C9 17 KB
6 KB 117ms
117ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:36:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 27 Jul 2023 22:36:37 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A228 13 KB
5 KB 87ms
81ms Document
text/html 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 313
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 27 Jul 2023 22:31:24 GMT
expires: Fri, 26 Jul 2024 22:31:24 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1F9B 783 B
768 B 97ms
94ms Document
text/html 142.250.181.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f4.1e100.net

Software

GSE /

Resource Hash

5bad07bad79738f145dfc824d071060df075e8fe5b3914f7401d5548be9be1cd

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-T278u_bSSGH26Ho55FVP-g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-T278u_bSSGH26Ho55FVP-g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 27 Jul 2023 22:36:37 GMT
expires: Thu, 27 Jul 2023 22:36:37 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1F9B 0
0 119ms
118ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230726&jk=399392432368544&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 fEcdG_B7pUQXAq0S1D0jGwFCW0QHifFmsZMHxcblrt4.js Show response
pagead2.googlesyndication.com/bg/ Frame A228 37 KB
14 KB 84ms
83ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fEcdG_B7pUQXAq0S1D0jGwFCW0QHifFmsZMHxcblrt4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

7c471d1bf07ba5441702ad12d43d231b01425b440789f166b19307c5c6e5aede

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 20:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8380
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14619
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 26 Jul 2024 20:16:58 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 5FE8 81 KB
27 KB 205ms
204ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: agent.aralego.com
URL: https://agent.aralego.com/sdk

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

d4ce5a31f628856a6d376d190308ff6ae29a20564df7a969d0e96351a6529338

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:36:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27648
x-xss-protection: 0
server: cafe
etag: 212 / 19565 / 31076564 / config-hash: 368072489689106627
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 27 Jul 2023 22:36:38 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 6E6D 81 KB
27 KB 242ms
241ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: agent.aralego.com
URL: https://agent.aralego.com/sdk

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

c3f417dccb5ad057ae85983a504bdf723d9ebeb0e00d316b14dc9c25d5f0a754

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:36:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27628
x-xss-protection: 0
server: cafe
etag: 564 / 19565 / 31076561 / config-hash: 368072489689106627
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 27 Jul 2023 22:36:38 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A228 0
10 B 80ms
79ms Image
text/plain 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?DDAvdw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:36:38 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/ Frame 5FE8 386 KB
123 KB 82ms
81ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js?cb=31076564

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

964783a75f5a7ecc32d48da45cc6025af80e263d6ba6530dc62cc25865b2eb00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 19:36:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10782
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125535
x-xss-protection: 0
server: cafe
etag: 10403599952857238940
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 26 Jul 2024 19:36:56 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/ Frame 6E6D 385 KB
122 KB 82ms
81ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js?cb=31076561

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

3d14af6714f8e174042d16f9ee9938f7986b826935f217c43cd3570945f8a8a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 19:36:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10798
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125319
x-xss-protection: 0
server: cafe
etag: 4098493636285064892
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 26 Jul 2024 19:36:40 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 5FE8 27 KB
12 KB 192ms
192ms XHR
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=655122683617705&correlator=2121715904485456&eid=31076213%2C31076564%2C44797785&output=ldjh&gdfp_req=1&vrg=202307250102&ptt=17&impl=fif&iu_parts=22670248360%2Cbg3_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=1911528252&sfv=1-0-40&sc=1&abxe=1&dt=1690497398435&lmt=1690497398&adxs=0&adys=125&biw=-12245933&bih=-12245933&isw=300&ish=250&scr_x=-12245933&scr_y=-12245933&ucis=jpaqjhoyyxy4&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=3&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ref=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&top=https%3A%2F%2Fwww.bg3.co%2F&frm=8&vis=1&psz=300x250&msz=300x0&fws=260&ohw=300&ea=0&ga_vid=1707216264.1690497398&ga_sid=1690497398&ga_hid=2094722645&ga_fc=false&dlt=1690497397552&idt=867

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js?cb=31076564

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

70e35675bc66b12c6cf8422239384f51ada67cfa6d75b4a7675c99c39054f57d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:36:38 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12030
x-xss-protection: 0
google-lineitem-id: 6336189971
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138437415221
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://adx.holmesmind.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 5FE8 15 KB
12 KB 135ms
134ms XHR
application/json 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307250102&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js?cb=31076564

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e36c7831be3ae3f2982e52d93fa577535c232a78fa029828264792f954e4f003

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:36:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11799
x-xss-protection: 0

GET
H2 200 container.html Show response
21c81788391ff105edde2bd7be6f3be3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E171 6 KB
3 KB 100ms
85ms Document
text/html 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://21c81788391ff105edde2bd7be6f3be3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js?cb=31076564

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 27 Jul 2023 22:36:38 GMT
expires: Fri, 26 Jul 2024 22:36:38 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 6E6D 27 KB
12 KB 179ms
179ms XHR
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3132775174217075&correlator=2764981678347442&eid=31076561%2C44797800&output=ldjh&gdfp_req=1&vrg=202307200101&ptt=17&impl=fif&iu_parts=22670248360%2Cbg3_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=1911528252&sfv=1-0-40&sc=1&abxe=1&dt=1690497398515&lmt=1690497398&adxs=0&adys=125&biw=-12245933&bih=-12245933&isw=300&ish=250&scr_x=-12245933&scr_y=-12245933&ucis=fte237s7ja68&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=3&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ref=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&top=https%3A%2F%2Fwww.bg3.co%2F&frm=8&vis=1&psz=300x250&msz=300x0&fws=260&ohw=300&ea=0&ga_vid=2019424055.1690497399&ga_sid=1690497399&ga_hid=1335754096&ga_fc=false&dlt=1690497397560&idt=936

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js?cb=31076561

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

da35073a3c7b1a26a8a634a2bef4ce89b8e66ea2f552c1505492856e180dc920

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:36:38 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12037
x-xss-protection: 0
google-lineitem-id: 6336189971
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138437415221
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://adx.holmesmind.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 6E6D 15 KB
11 KB 132ms
132ms XHR
application/json 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307200101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js?cb=31076561

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

33f6679ee7dde8e3e5ed3c350a0b7672b7c7ecb1edea39fa4190218747fbe289

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:36:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11744
x-xss-protection: 0

GET
H2 200 container.html Show response
df0148ac9ef9f38f8b17dd4402a2e8b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3BFB 6 KB
3 KB 99ms
85ms Document
text/html 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://df0148ac9ef9f38f8b17dd4402a2e8b8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js?cb=31076561

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 27 Jul 2023 22:36:38 GMT
expires: Fri, 26 Jul 2024 22:36:38 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 5FE8 17 KB
6 KB 163ms
163ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js?cb=31076564

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:36:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 27 Jul 2023 22:36:38 GMT

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 2 KB
810 B 127ms
126ms XHR
application/json 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1690497398600&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1536&pt=-735800996&tz=0&viewable=true&ddast=V8UBYCLAbQBSi0O-IlGBGgC1Bod8RLMCoAAABgYID-AEm4BsvlZrRYK4aT3Vo0GG7cysXE41YuHJ7RZDgbzJyTISAJ12C53IwWa8VwsluLBsONW7mYeNzKhcMzmgxng5lzMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZraDodPte9Xvf73SU-z1zj9yv8Cqfj6bD73DKH3a172N1i11vxdOteb-HTYXcrnm7p0W_3uaVHp1s0djnd0qPTrXu9da631Olyyxx2t_TosPvcytdbsTG67D670PQ22wEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AqxwM2Om5-O3-AAAAAAACAAAAgAQAAvphCYAY470T__________8xBugzb2T8____3zDoAfDgA-BBCAAAANCQeLDCVL5NBlEiBcBFGAEAAADIBUxYPjJJJ6hYVPn__--3AnAFACAgMfPv5CqL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iENNYL0wRLUOyp-QUEAFjzCwgAwEbdAAC8EYATdAhaMRisTkDMDgAAAMCd____fz0g43ANJxPbyDabbBa7xcSyWDkXFuNkNDJMdouZx3u6OS-QCEE2rvtsCMvs9x0UlNPTY3YZZCyXySA-aBiWk0EwPxO2GK0mk81yOFsuJoPhaDga7Y8ALgdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDBhHG2W1kcw7XMuDK5RZPNxi1xmQxr4cowGzl2G4fNNFuLXh_TxeLxzWaWLRIMmNuL5GmRThSulcdmWIwWJtNmsRptlrvlzOOZOScmh2W2cY4mYonmZJFOZJd9x-EaTia2kW022Sx2i4llsXIuLMbJaGSY7BYzj79hnO1WFsdwLTOuTG7RZLNxS1wmw1q4MsxGjt3GYTPN1qLXx3SxeHyzmWXfmC0Ho-VusxztG7PlYLTcbZajfYfO8F19zkZlWSX5uHQ7v826tjkNCpfB4n1-L9LQzmgz-jRfiUX1FOc8E6vQ7_f7_X6_3-_3ezdmg8dgMMw82m1i7PJrNj_lUeM9GBSxRHCRTgQPs9therklPs_GbxFLlKaLdKJX-BVOx9Nh97llDrtb97C7xa634unWvd7Cp8PuVjzd0qPf7nNLj063aOxyuqVHp1v3eutcb6nT5ZY57G7p0WH3uZWvt2JjdNl9dqHpbbaIJYLTRToRvYyni_qPGmK4mismw7lyLhlsVgkAAAAAAAAAwBJMM90EAAAAwMmghpvhYrVOBzOZTQa71XIBXARl6QIGAQAAAAAAKNbYYw3wMLsdppdb4vNs_FYGIMGcx2yzzwhirVbLGgAAgAA2AACAAG668SYQi4n7____HwcAAEBGDj0AAAD6fUBU1R64UeuF_wBUiLVarW431mq1AA!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=dfrc_vB!nonrv_vA!t45!ufm_vG!ul140669-607_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.6/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 561a5bbef435b3225bcfc01da06de59c4ca0cb94f4f9eb0210b4f6c7c467524b

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Thu, 27 Jul 2023 22:36:38 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1455
x-cache: MISS
x-served-by: cache-lis1490054-LIS
pragma: no-cache
server: nginx
x-timer: S1690497399.623226,VS0,VE82
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E118 0
0 122ms
122ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss9W5A2Tz0G3CcCGshDMetmhIw2UY0R8lNV0JJvyFolb3obUoAzBxtfYH2cP7_vMgE-l4VAlSluj3_xPRNH4z7Rmhc9qI6G3IOSludrljrYaVs9hYZkacZQxr2cxqU31ecy6ASvIT7YRkREIYd7Go8i73bLzELiQoP6JUlBRam_KyWu-BoFeuMtx42dbdRaZh9P2o3ffQW_zz_PMIcvPnJhG3XtnSw8n9m9Xm9vhbYpJvirwU0nIrsLKcyIPmgLjZL76ZBnzMDTVD92ninPj3XECXLgTs6PQIQIu2DouU6M3vyEIK8iC4JeLaxZa1kV94eL6i6XgcDEN3seLfE&sai=AMfl-YQ9186iRb-4Qv0TGGJZul9pS5L-wPOPSWjg93vuMdDZSrU7mGPyO0bKS61DzbETL9ULLVOUF_nImDeECM4i_kUHVNECOxpsHxAcSw&sig=Cg0ArKJSzHGBDVlYJyvCEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/aiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:36:38 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 ysm_bg3.js Show response
ad.sitemaji.com/ Frame E118 31 KB
10 KB 55ms
54ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/ysm_bg3.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js?cb=31076564
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 287077b1aeaca25ca5387fa4bccd16aa0f098f48ab4630152689426db2d97470

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 19:49:04 GMT
content-encoding: br
via: 1.1 google
last-modified: Mon, 26 Jun 2023 06:28:33 GMT
server: nginx/1.12.1 (Ubuntu)
age: 10054
etag: W/"64993011-7b8f"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9956
expires: Fri, 28 Jul 2023 19:49:04 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E118 179 KB
57 KB 337ms
143ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js?cb=31076564

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:36:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57355
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690371356542162"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Jul 2023 22:36:38 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 6E6D 17 KB
6 KB 155ms
152ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js?cb=31076561

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:36:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 27 Jul 2023 22:36:38 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7FFB 0
0 126ms
125ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvEWOyQL9SXyWT65t_ijdnh2tU1K6SBtEwQzck8_6AMRl-l5MZq_G53cjp6c5jPkIh7EjhIm07rDUISGAWDody0G-mKZtxHB7lEKF1IRfFlU13sXTYDf9VqRWxqXHbeT3Qm6awRcdRkNvC45jT2F7fFI468tICY6SFE9bFgVtyL21-8zKdzKtCB_kRA3MR1J1_WvUHOJbATJpNzUZ9hE5VhtFp0KPgLlD3HGWPwnI9JE5xzRJ3NuEy7eXgO8nXl7POYkCOExYQZJWp2CBnqb6TULzVxOpAqzcKcnjVKeZ3wkhYAgdOvR9PgT6ftROi0G5RST7opJEW0loMgPLA&sai=AMfl-YT4x4T8U8YUZEW21xb43Nm2eqBMDMgAO8BK51QHrGG7xPBQuBOv9X007Atr8EPuE6EUHvsXBvsbQUbPGU858z_p2_eqyXe9e7fQlA&sig=Cg0ArKJSzHa5wISLcMZbEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/aiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:36:38 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 ysm_bg3.js Show response
ad.sitemaji.com/ Frame 7FFB 31 KB
10 KB 56ms
55ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/ysm_bg3.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js?cb=31076561
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 287077b1aeaca25ca5387fa4bccd16aa0f098f48ab4630152689426db2d97470

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 19:49:04 GMT
content-encoding: br
via: 1.1 google
last-modified: Mon, 26 Jun 2023 06:28:33 GMT
server: nginx/1.12.1 (Ubuntu)
age: 10054
etag: W/"64993011-7b8f"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9956
expires: Fri, 28 Jul 2023 19:49:04 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7FFB 179 KB
56 KB 377ms
224ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307200101/pubads_impl.js?cb=31076561

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:36:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57355
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690371356542162"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Jul 2023 22:36:39 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C0C9 0
0 120ms
119ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230726&jk=399392432368544&bg=!uLulu-_NAAZGOVy5Zjk7ADkAdvg8WuYyEVjUThfMGl7oNdh73ZUtNJCSWf7qN9FlQHR6JwTTVZGDsPRbRkhQnA1qWhNCn1UZK4QCAAAAWFIAAAAGaAEHmQLCeNtyI9VOyEbHfhVT53-FU1c5gKKVRySj0Ll0EiAVBIWGOsfdvruph9blx91nRy_MxiVUgsS2kRvIE1guMwepx4mAXiTcQ9C_d8bPlglDxoylNOvNnu5A9GfugPcZxmK59MzL2WxHYN-8v6nHgkcfAVtefUR7IgKZv8MdQARKZq_tHI3KX4plxH3xxJXEcugh1X_micsGaV8uFkrzkV2FY7C0icvgDt6r8YF12mFJDeen8Q_umOx92BZa4l7J1JQ-LJ7Kng_aFDtCPr5iHBfpV-QaCiQMTevLm2d0od0pTmG84lR4IO8FHC_L0g4qMTBnOFxWvHpqfbQVOjG0yuexnR9eOO_8qCeb-CXn2UXi03fBQMkvdYRVYVLalyhuOY7lsLfWfijf0lkLTP2fGPnBcWQi6P2BX4LXVys7GFviEFFHqlt5eSJCyr9CB-31QjdFZMY2uXO_p--erKRpS3XqJdmWOrKGUvSsiBvV-IercfsBw7bIFehpLYWqfuLTpEJ5iyxk-T0oFyPK90RhrJ4tz1bfJLAmxXz8dmfOIBGGbbj23ShlVzpjof0W9-euAuckUq3D81bWF2dSlSmMmu2aykQklogFY0hl7wC4n7DSg8conPwiUD4a8tA1y2YBjANr0aTGR6jF_Vhe-NlMiXhdGD9I0s7mR-LqiQaBIN0T2KbwBZ0wpiFn7GB3cqnxZPKk64_aCYSCJdamkmPI4wZywrDgQN9kgpVM_Tu_tw3Zs2uemqL0TyLYjZ7YQNjWnO53fpaPCZ1CGpTXfOFh8x76z0WSVji51h1lF9LlO8SLukufakrDE7rhcNbK34QlEG8Gj2Loh19m3fVktG8lxjaBeqMh43-97gKPEbccsxEmivolnsxjI5N6QE0BD4oLo2WDSqSCAuVb6Fp5QAYb8dV2G4pKMFjfCehLXvkqGg4cYsOKNw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1F50 13 KB
5 KB 82ms
81ms Document
text/html 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 314
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 27 Jul 2023 22:31:24 GMT
expires: Fri, 26 Jul 2024 22:31:24 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5E4D 783 B
535 B 93ms
92ms Document
text/html 142.250.181.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f4.1e100.net

Software

GSE /

Resource Hash

f3a1180a11cf3c79e0b45c05075a6537cd181d8be98b8be306369fdd3e2bf64f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-j4iqsNZ9Qm0UpqTxRFouEw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-j4iqsNZ9Qm0UpqTxRFouEw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 27 Jul 2023 22:36:38 GMT
expires: Thu, 27 Jul 2023 22:36:38 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3093 13 KB
5 KB 82ms
80ms Document
text/html 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 314
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 27 Jul 2023 22:31:24 GMT
expires: Fri, 26 Jul 2024 22:31:24 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A629 783 B
537 B 91ms
90ms Document
text/html 142.250.181.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f4.1e100.net

Software

GSE /

Resource Hash

f1c94951e0291859e3aada471fb0d280aca6423ae9eee69618d4c808869def9a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6Nc-DhF6Y4V5BwCqBqO3Lg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 515
content-security-policy: script-src 'report-sample' 'nonce-6Nc-DhF6Y4V5BwCqBqO3Lg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 27 Jul 2023 22:36:38 GMT
expires: Thu, 27 Jul 2023 22:36:38 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5E4D 0
0 116ms
115ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307250102&jk=655122683617705&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 fEcdG_B7pUQXAq0S1D0jGwFCW0QHifFmsZMHxcblrt4.js Show response
pagead2.googlesyndication.com/bg/ Frame 1F50 37 KB
14 KB 83ms
83ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fEcdG_B7pUQXAq0S1D0jGwFCW0QHifFmsZMHxcblrt4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

7c471d1bf07ba5441702ad12d43d231b01425b440789f166b19307c5c6e5aede

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 20:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8380
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14619
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 26 Jul 2024 20:16:58 GMT

GET
H3 200 fEcdG_B7pUQXAq0S1D0jGwFCW0QHifFmsZMHxcblrt4.js Show response
pagead2.googlesyndication.com/bg/ Frame 3093 37 KB
14 KB 83ms
83ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fEcdG_B7pUQXAq0S1D0jGwFCW0QHifFmsZMHxcblrt4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

7c471d1bf07ba5441702ad12d43d231b01425b440789f166b19307c5c6e5aede

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 20:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8381
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14619
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 26 Jul 2024 20:16:58 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A629 0
0 119ms
119ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307200101&jk=3132775174217075&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 native.js Show response
s.yimg.com/dy/ads/ Frame E118 80 KB
30 KB 282ms
92ms Script
application/javascript 87.248.119.251
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/dy/ads/native.js

Requested by

Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_bg3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.251 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

fe397926b9153eef1ff4b993c12314dee516648b4b9eb17398b3e4252c0b61fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:33:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: SJN3FY1BN0TTQP9R
age: 201
x-amz-server-side-encryption: AES256
x-amz-id-2: yDnncAgftXVVGKb6IAT1WfViJENt4M/xYrJsWk4M/IMV0Tqi/JQ8oD9+I6heb059Fds5DBuPBEo=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 09 Feb 2023 17:58:02 GMT
server: ATS
etag: "1ec4e10d0dddd5bd001bd7317afd4f4c-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
accept-ranges: bytes

GET
DATA 200
OK truncated
/ Frame E118 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2b0a5c2ccea6f3a712b0a53b9a4735353c768a077de138a8003b4f708380259d

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 native.js Show response
s.yimg.com/dy/ads/ Frame 7FFB 80 KB
30 KB 316ms
151ms Script
application/javascript 87.248.119.251
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/dy/ads/native.js

Requested by

Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_bg3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.251 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

e1-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

fe397926b9153eef1ff4b993c12314dee516648b4b9eb17398b3e4252c0b61fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:33:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: SJN3FY1BN0TTQP9R
age: 201
x-amz-server-side-encryption: AES256
x-amz-id-2: yDnncAgftXVVGKb6IAT1WfViJENt4M/xYrJsWk4M/IMV0Tqi/JQ8oD9+I6heb059Fds5DBuPBEo=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 09 Feb 2023 17:58:02 GMT
server: ATS
etag: "1ec4e10d0dddd5bd001bd7317afd4f4c-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
accept-ranges: bytes

GET
DATA 200
OK truncated
/ Frame 7FFB 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6cb6dbda7a7a8a0f321e7fa0f74da409e88fe539c23a5c5a5e1aa3a4185a0c1c

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1F50 0
10 B 79ms
79ms Image
text/plain 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Vp4qxg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:36:39 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3093 0
10 B 79ms
79ms Image
text/plain 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?iSJ1tw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:36:39 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ Frame E118 290 B
615 B 330ms
102ms Script
application/javascript 87.248.100.137
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?agentVersion=205&adTrackingEnabled=true&locale=en&adUnitCode=bcca64ee-253d-4aef-a886-21cefca8d05d&apiKey=SXG6B5X3FQVQPXFZFMVG&gpp=&gppSid=&usp=&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Frisu.io%2F&caps=16&cb=jsonpCallback0

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.100.137 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

o2.ycpi.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

6227e2f11efa93c7eb0ea38ed73a866426f7080d40f3a34a6670bff550656d0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
date: Thu, 27 Jul 2023 22:36:39 GMT
server: ATS
age: 0
x-content-type-options: nosniff
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
x-envoy-upstream-service-time: 15
x-xss-protection: 1; mode=block
x-request-id: 23d246c9-3226-4041-89ae-51f0a3ad1454

GET
H2 200 b
geo.yahoo.com/ Frame E118 43 B
367 B 291ms
89ms Image
image/gif 188.125.72.139
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://geo.yahoo.com/b?t=xhkd7&9sdk8454

Requested by

Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.125.72.139 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

media-router-brb71.prod.media.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jul 2023 22:36:39 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 1
content-length: 43

GET
H2 200 b
geo.yahoo.com/ Frame 7FFB 43 B
72 B 253ms
90ms Image
image/gif 188.125.72.139
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://geo.yahoo.com/b?t=xhkd7&9sdk8454

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.125.72.139 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

media-router-brb71.prod.media.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jul 2023 22:36:39 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 1
content-length: 43

GET
H2 200 getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ Frame 7FFB 290 B
366 B 334ms
146ms Script
application/javascript 87.248.100.137
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.100.137 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

o2.ycpi.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

6227e2f11efa93c7eb0ea38ed73a866426f7080d40f3a34a6670bff550656d0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
date: Thu, 27 Jul 2023 22:36:39 GMT
server: ATS
age: 0
x-content-type-options: nosniff
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
x-envoy-upstream-service-time: 13
x-xss-protection: 1; mode=block
x-request-id: e3518161-2bb9-496b-bba0-9c8e275b0255

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5FE8 0
0 119ms
119ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307250102&jk=655122683617705&bg=!CgmlCV3NAAZGOVy5Zjk7ADkAdvg8WiUt-S9PJ-4MZemW2tgi1yixRg45Ki7zgNzusD9bf9Wob5yqjlzDm1Vg0RloqPcmxSyfvcMCAAAAz1IAAAAHaAEHmQMFfSqm1UhJ9cYeo4sD4IeRbBQnQD2Mzhmi0D_hIFiqR8Go3AE0XzPlMuwZnhw6qYENq66e-GchqPF1MrFQcV5fU2SccoWhQ_2IlyCoGDjTdaUVq0S0s9ic11dO2r2yAoAgY76mteLSi1Gm0uwnDBdMLupOR9gcu_NnnL1RgtNk1te3nkErjVcB5-ANfmmd_KfF3D4wknbA-HS3MAUyBbn6Yxu8B9fBABIvkBphL_dBkrvO4hm9pNPZmDnqSboVktd6CwxaCKseE2hiRvRWmxY7wx4SefZtV931ZODvggnCduq01BnfRSe45Ajv0CbeKOphnCM1IHgrlIR7U3ro5397sLbDFxUlYunxlKDd2nteNY9UmC6cEw40s243SHRJpDULB0XfFt6ERbiX25flxEycwKK1a5YY2Yf98NqIYuHKAnBIQeDl6J7OQ7s9JFEmxgB8WE5BGZ32s9bxoNUnYNcoTZyPf2Uj0EMW9-KETt3hF3vlnqyliXUkrtTH-nsbGY3l1KhMViyQXSG70ZG2wmzpaf5WNluD-A0aNULwy4XLQ3QUQedr4daWNqMvaE_yvYrBQoiOj-jj_qXXJ_mIB3e96DHak83W99LQEA0R2ZcAI9GpfBh58q0Th-vs2C_DfhRWZ742ZbXEmM9c4b409P-PbdxRX7cvKt80OkK31p18a7f5i7QVs-SxwUaw_vf0P7VtD1_ly-9sJtugy9Ttn2LpTOuLkpV_banRQ650fBScW4UNp7aT8_97GUvzPu1w90hz_BQNJshbN2WXqrkvSNDweBzlseJYe4wtcqHwCwOEipI0XkT9XHG_b9GyKH3dFZZTwZ3oljYH2NjMLWMmlNFajwlhDoy_pd-PprAcV1nmZj5DMXLhP7E3IfWfKk59A16xXlMt1j6qU9ChcDmiwTjklaWIg1_lrbH1lZIvvjbsYNKBJnLow0qbN5EeyUc8zLGvhol5V9PlEBKo3iP19eWqPDyN8yhhlzUjPZXkBkNm4lX1YmUgaKJv988OtlkmO_PgkA-4prE
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6E6D 0
0 123ms
122ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307200101&jk=3132775174217075&bg=!m5ilmMzNAAZGOVy5Zjk7ADkAdvg8WhDaXZfzNlwRSryg5Fcy_HtBW1pol1uWPpTgP81O1BPoB8VDCmCA7wnt2d7H4_0cQL4GMrQCAAAAa1IAAAAEaAEHmQMBylb4jaYqi3cawfFCRf_0QXKPkk4nV4caET60gjnpbF2C97M2Wvcs493lPa8_vF-4w1nZoScLAxDs2ta9lGE_fI76GLphUubCXdp23kSnZXfNuAUl8J6DPMxMqUMU36dYWj2dLj7hvhWBIdlj1Ie-YNZz2dT0AfXos9WmcLBcyF7Cd2XRvuMCYT2uvNjUl1IHe0-JlzleIyEFHPCJJlbPc7XS2S3UX4xkp570cUzh_a_tph58XTo3y7TUv1HaVbumdEVEi0iNtqVPtt9T24Ue7v0EaSCtZ0L5pdqd1USBohh7JuoUKsA3JTD1Zie3mz9Va7ZuHzCTYKOUEMgfJeeZiPcu6p01OT4CwZBMAzY93oFsaBLNdhsrogn73ZZdPjWLi993aQro9rVU1-4kJ0qU_Ipz3TgfAxFgJRiunhW959Ao16F511zLcqxdfjSM4C3sZt0QwLkeHZTy2UuGW-lgbsdEnepGgNqVFu0CTOtqlAMIFq2dfYnI-AurUtPU0FGfl3NMnhf9Sa2Q6F-3TUGxvtKoIrm0p5w9WDGN4l7Vy4_a-C91VwcA5BURWIWwOnVumOu2IuEPWsBGsiV7D4phGqMkcfDrZ92k7BDuCBEeo69KjRKt3f7NYT4ZUOvyxwUeI-XYWfZynUc0l8pyMTS3nj0nk70UcUM4O31XFpCu3ouknIQ5QgYW5OXy8Y-wtlRBxX8ss_K86UUL9BD3GiojW2WiqQSVS0WeyYqikgNRfA_EhdoZbaKQAXDlBjxv84UmENnyUfRRKeITX-HCXDt-HiI2O3jBGQZ51ODYj26Mo3bc3OcBJk3ixQDdowdRHOIFxUktPgWuaDQMF4mV97VTZPhMsiE5yGwNWLM5QhPvNlgKN9M38MLVd58uQJfbAhE7FSEHzjWTg2xG3FziFxjoZ3-D5GbfKTIH10PMZPU98SyFP2HeKzox2pQYJTvM16PJCe9BLj3hh3Fg6rlWCFJsSZjUHReZ0hQdBdHCYbdwuyfBI4K9kVfbBn-HpJCO4nI2pw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/ Frame E118
Redirect Chain

https://agent.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

54ms
54ms

Script
application/octet-stream

104.26.5.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol: H3
Server: 104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:36:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8880
alt-svc: h3=":443"; ma=86400
content-length: 40181
last-modified: Tue, 20 Jun 2023 03:04:26 GMT
server: cloudflare
etag: "6491173a-9cf5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ne8xh8w7sLtZXtjx01jwC8iQ896vz5XaAePKy16yzsGALpHiT99aMcTP%2BCQISdZBIbiXs%2BrxI%2B6bWy4DRcpfpLYu4uBNSJy1xWKg4zxvrsEAhoVSAt5X4x92aNunAMfLWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7ed85ccfcef803ae-LIS

Redirect headers

Location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection: close
Content-length: 0

GET
H3

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/ Frame 7FFB
Redirect Chain

https://agent.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

60ms
59ms

Script
application/octet-stream

104.26.5.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol: H3
Server: 104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:36:40 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8880
alt-svc: h3=":443"; ma=86400
content-length: 40181
last-modified: Tue, 20 Jun 2023 03:04:26 GMT
server: cloudflare
etag: "6491173a-9cf5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eG12ulvydHtMZUoeEamJeSKrPUgsot6ohbUr9yvKxOlN1MI528lAqH1w0KmpHRr0XVM4VWGOMK19Ew4BEGBwi%2FAgpHZKlFt9AbxLFYVzM%2BgYJ%2FnWo3KBKNQin3u%2BX7azHg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7ed85cd01f7303ae-LIS

Redirect headers

Location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection: close
Content-length: 0

GET
H3 200 ucfad-formats.css
cdn.aralego.net/css/dev/ Frame E118 975 B
751 B 54ms
54ms Stylesheet
text/css 104.26.5.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:36:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8732
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7kBOifqtzAVP9zQcLuyRm8vdydzcRDKRffJQAqM%2FWq4%2FyIoDcwOGC5DZvYqVQs%2F1Dtd2RDirGoB0depWeb2Lz8doQINYQk%2BwgXDN6vumhPVxq%2FAioYDQgjvqliVNyujV3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7ed85cd02f8c03ae-LIS

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ Frame E118 638 B
1 KB 530ms
233ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=adx.holmesmind.com&u=https%3A%2F%2Fwww.bg3.co%2F&adid=ad-47BD2AED499228741372878ADE27B2E&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=undefined&cb=0.8862165989267188&ao=https%3A%2F%2Fwww.bg3.co&uaMobile=%3F0
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 66d027e66c78d7572ee27c513433b6e7bf711e6033a564cae04397c713e79bb9

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 Jul 2023 22:36:40 GMT
X-Width: 300
X-Height: 250
X-AdStyle: banner
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://adx.holmesmind.com
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-AdSource: PSA
X-SspId: 20d4119a-1a9f-3283-b59f-9885aa806cb1
X-Adtype: html
Connection: close
Content-Length: 638

GET
H3 200 ucfad-formats.css
cdn.aralego.net/css/dev/ Frame 7FFB 975 B
750 B 54ms
54ms Stylesheet
text/css 104.26.5.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:36:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8732
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1OLW%2B4RBeE81Rnslp4wIL5hOojC5mOAYTkAxjKevn5xzOVpLHN7s0EQIJX447kYw%2BbKkmF5h1%2F%2BkWIk7YXfR1XffqcawF2EEHwYPdiSuwfTrBZGWLIHLBVzY7LHcnmNX4A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7ed85cd0781303ae-LIS

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ Frame 7FFB 638 B
1 KB 512ms
229ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=adx.holmesmind.com&u=https%3A%2F%2Fwww.bg3.co%2F&adid=ad-47BD2AED499228741372878ADE27B2E&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=undefined&cb=0.7945492064069897&ao=https%3A%2F%2Fwww.bg3.co&uaMobile=%3F0
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 66d027e66c78d7572ee27c513433b6e7bf711e6033a564cae04397c713e79bb9

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 Jul 2023 22:36:40 GMT
X-Width: 300
X-Height: 250
X-AdStyle: banner
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://adx.holmesmind.com
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-AdSource: PSA
X-SspId: 20d4119a-1a9f-3283-b59f-9885aa806cb1
X-Adtype: html
Connection: close
Content-Length: 638

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E118 0
0 276ms
119ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstYyWRwyURGuW1F2cmH-91fzkZqc3AzNqyAa198brBMeAMQApELgJEqR1XTwHSAG0GuZxl2Un02PjvQmSVpNrZ56rJj-ZkE9x5_Jxs7pSFQ2l4E8n7T-lIu1tdVAy6FGpaR9Fr8U9y2M1Z_jJmqt5403sM7WsjE-9d5MNvQ423CKRUi3nJRo-1yx7mGoT-lPz8tfBaz2GvV-38yhAygC_-Z5POZwYuyG2RXT-wzuC4KFoAPWIuNgMI1_p9TlHKsXYiJcRjdy2wVDUAa4ed23QWPpIDn6jNlgZnmGmfpgqSI19VUef50zM8XCO1fBGsRWZVltG6P4a7dqJNL4NfHvA&sai=AMfl-YQKrhpQMLoqJMlBjhPP7SOOCQiTVfMgGr6EmvXZsDDzEM-aw6obgHHYGdzEfhJKq9CJY6CsSzy2Cv_RwFM-H62G7g6F90UqjjLsKA&sig=Cg0ArKJSzJRc4twmR6TREAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:36:40 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 27 Jul 2023 22:36:40 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7FFB 0
0 229ms
116ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuCvEvWjrnfHJdOI9gTohzahepn1Tc-H8rHzIaZnBJ-LRPogoeIF7hpyPCtd2PUoM-HxBlPq0DEn7vj20tsZ5YIim3utDTGmXWXsMZaUGZ8sqFHYHAAPN2lr8Q1D0BGwm-8m68CVIg3K-s--rbOVgd60ytt5NWv93dMrpWVmeFHUo0AuQfYf2CHjmY52Xbmh1KbdsQN8JaaY91BaQvaRwTjisBszkwSGOUsArjbm_RXgTSNJhVpPoVOnlNKXG5tF1E8VjrabBoq0gRlIFknHfAJbmSyC0SBdFHbYq01SBoJ2cofaJt8okVrXDjRCqjChlra0q0xmeqSmW88w_YZuw&sai=AMfl-YQm6g5RPt_Lf02tJw5AKvtI8IKaY-yKmsw6SQGDHLMpTN-3ereoxQzP282Q_nDOdSql9yfoxEQF43Tef6EqUQnbkooA_s-tWtU3oQ&sig=Cg0ArKJSzPWGh117F9-3EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:36:40 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 27 Jul 2023 22:36:40 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 367F 144 KB
49 KB 132ms
131ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5961800537962381

Requested by

Host: agent.aralego.com
URL: https://agent.aralego.com/sdk

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

cec5e2df3f9a7a85ac9b3bb4451c3ff80e3602d61302d1e5a50540b41b5948e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Origin: https://adx.holmesmind.com
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:36:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50643
x-xss-protection: 0
server: cafe
etag: 16428298529906470733
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 27 Jul 2023 22:36:40 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame E537 144 KB
49 KB 208ms
207ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5961800537962381

Requested by

Host: agent.aralego.com
URL: https://agent.aralego.com/sdk

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

598981d493ae4648f92585aff8733001cd558922db430954376d409f19f6e46b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Origin: https://adx.holmesmind.com
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:36:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50641
x-xss-protection: 0
server: cafe
etag: 5736845860718579721
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 27 Jul 2023 22:36:41 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/ Frame 367F 363 KB
124 KB 147ms
147ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5961800537962381&plah=adx.holmesmind.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5961800537962381

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

ed2726612a0957ee5a12abcfed3cf37dfe0df3cf82c42442d995219a91faf1fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:36:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127312
x-xss-protection: 0
server: cafe
etag: 16439710092134313972
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 27 Jul 2023 22:36:41 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230726/r20190131/ Frame AEC6 10 KB
4 KB 83ms
83ms Document
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230726/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5961800537962381

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

age: 82610
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 26 Jul 2023 23:39:51 GMT
etag: 12368291122986407432
expires: Wed, 09 Aug 2023 23:39:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/ Frame E537 363 KB
124 KB 150ms
149ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5961800537962381&plah=adx.holmesmind.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5961800537962381

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

ec1feb9ca4a86fb3da2a89c7a683f56236befb266cc8f2cc150362448a8e31eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:36:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127312
x-xss-protection: 0
server: cafe
etag: 11577544494819289878
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 27 Jul 2023 22:36:41 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 76ms
75ms Ping
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je37q0&_p=9745&cid=1360509579.1690497396&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1690497396&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Faiqiang-fan-wan-lu-qi-wu-xian-qi-zhong-zhi-4lei-zhi-wu-gu-jie-fan-zhang-yu-1cheng.html&dt=AI%E6%90%B6%E9%A3%AF%E7%A2%97%EF%BC%81%E9%99%B8%E4%BC%81%E7%84%A1%E9%99%90%E6%9C%9F%E7%B5%82%E6%AD%A24%E9%A1%9E%E8%81%B7%E5%8B%99%E3%80%80%E8%82%A1%E5%83%B9%E5%8F%8D%E6%BC%B2%E9%80%BE1%E6%88%90%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_failed&_et=3
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jul 2023 22:36:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 28B2 603 B
66 B 145ms
144ms Document
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961800537962381&output=html&adk=1812271804&adf=376782690&lmt=1690497401&plat=1%3A66056%2C2%3A66056%2C3%3A2163200%2C4%3A2163200%2C8%3A66048%2C9%3A66056%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A66048%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690497401133&bpp=6&bdt=808&idt=243&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&nras=1&correlator=7686918196704&frm=8&ife=4&pv=2&ga_vid=1790434313.1690497401&ga_sid=1690497401&ga_hid=1743074779&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2327036039&scr_x=-12245933&scr_y=-12245933&eid=31076468%2C44759842%2C44759927%2C44759876%2C31076341%2C42531706%2C44788441%2C44798156%2C31076285%2C44797786&oid=2&pvsid=917084475447884&tmod=464361839&uas=0&nvt=1&fsapi=1&top=https%3A%2F%2Fwww.bg3.co%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.im5x50eihmzu&fsb=1&dtd=267

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Jul 2023 22:36:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 367F 15 KB
11 KB 143ms
142ms XHR
application/json 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230726&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

50587a77ce12a64658794dbe8aa17ce49ec698dededea711435333141480bc3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:36:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11726
x-xss-protection: 0

GET
H3 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 73D0 603 B
66 B 146ms
145ms Document
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961800537962381&output=html&h=250&slotname=9099904862&adk=3685774430&adf=712771304&pi=t.ma~as.9099904862&w=300&lmt=1690497401&format=300x250&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690497401133&bpp=5&bdt=808&idt=253&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=7686918196704&frm=8&ife=4&pv=1&ga_vid=1790434313.1690497401&ga_sid=1690497401&ga_hid=1743074779&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2327036039&scr_x=-12245933&scr_y=-12245933&eid=31076468%2C44759842%2C44759927%2C44759876%2C31076341%2C42531706%2C44788441%2C44798156%2C31076285%2C44797786&oid=2&pvsid=917084475447884&tmod=464361839&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.rkkb3fp6fpe4&fsb=1&dtd=277

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Jul 2023 22:36:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E118 42 B
64 B 117ms
117ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst9VcMVV5ocmpATu8y2gSYWfA6RdToVezr9vcrCS37xuXZcQLKtc0TlQlRXnnQPN9-1X6Tshc2_EJDdFffZ_ogHfx6j_SuUNCdNuJpSOl673kYsFSeZ&sig=Cg0ArKJSzCYS4V0JkQu2EAE&id=lidar2&mcvt=1017&p=0,0,250,300&mtos=1017,1017,1017,1017,1017&tos=1017,0,0,0,0&v=20230726&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=1911528252&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1690497398668&rpt=1720&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jul 2023 22:36:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AF79 603 B
66 B 136ms
134ms Document
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961800537962381&output=html&adk=1812271804&adf=376782691&lmt=1690497401&plat=1%3A66056%2C2%3A66056%2C3%3A2163200%2C4%3A2163200%2C8%3A66048%2C9%3A66056%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A66048%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690497401243&bpp=9&bdt=866&idt=250&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&nras=1&correlator=8550616329472&frm=8&ife=4&pv=2&ga_vid=1683500236.1690497402&ga_sid=1690497402&ga_hid=597446510&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=934484031&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759837%2C44759875%2C31076341%2C31076342%2C44788441%2C44798157&oid=2&pvsid=3445700770835679&tmod=948299991&uas=0&nvt=1&fsapi=1&top=https%3A%2F%2Fwww.bg3.co%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.qcxut15h8ki2&fsb=1&dtd=276

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Jul 2023 22:36:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame E537 15 KB
11 KB 131ms
131ms XHR
application/json 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230726&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

c1a8b5036f72fe51e585ad3e7ac256587074847d160f7f1bdef330d60fbe4362

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:36:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11745
x-xss-protection: 0

GET
H3 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B680 603 B
66 B 139ms
138ms Document
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961800537962381&output=html&h=250&slotname=9099904862&adk=3685774430&adf=712771305&pi=t.ma~as.9099904862&w=300&lmt=1690497401&format=300x250&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690497401243&bpp=2&bdt=866&idt=260&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=8550616329472&frm=8&ife=4&pv=1&ga_vid=1683500236.1690497402&ga_sid=1690497402&ga_hid=597446510&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=934484031&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759837%2C44759875%2C31076341%2C31076342%2C44788441%2C44798157&oid=2&pvsid=3445700770835679&tmod=948299991&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.fyj2uth3zj7&fsb=1&dtd=285

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Jul 2023 22:36:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 367F 17 KB
6 KB 120ms
119ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:36:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 27 Jul 2023 22:36:41 GMT

POST
H2 200 VideoBidRequestHandlerServlet Show response
am-wf.taboola.com/ 2 KB
799 B 152ms
119ms XHR
application/json 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1690497401602&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1536&pt=-735800996&tz=0&viewable=true&ddast=V8UBYCLAbQBSi0O-IlGBGgC1Bod8RLMCoAAABgYID-AEm4BsvlZrRYK4aT3Vo0GG7cysXE41YuHJ7RZDgbzJyTISAJ12C53IwWa8VwsluLBsONW7mYeNzKhcMzmgxng5lzMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZraDodPte9Xvf73SU-z1zj9yv8Cqfj6bD73DKH3a172N1i11vxdOteb-HTYXcrnm7p0W_3uaVHp1s0djnd0qPTrXu9da631Olyyxx2t_TosPvcytdbsTG67D670PQ22wEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AqxwM2Om5-O3-AAAAAAACAAAAgAQAAvphCYAY470T__________8xBugzb2T8____3zDoAfDgA-BBCAAAANCQeLDCVL5NBlEiBcBFGAEAAADIBUxYPjJJJ6hYVPn__--3AnAFACAgMfPv5CqL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iENNYL0wRLUOyp-QUEAFjzCwgAwEbdAAC8EYATdAhaMRisTkDMDgAAAMCd____fz0g43ANJxPbyDabbBa7xcSyWDkXFuNkNDJMdouZx3u6OS-QCEE2rvtsCMvs9x0UlNPTY3YZZCyXySA-aBiWk0EwPxO2GK0mk81yOFsuJoPhaDga7Y8ALgdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDBhHG2W1kcw7XMuDK5RZPNxi1xmQxr4cowGzl2G4fNNFuLXh_TxeLxzWaWLRIMmNuL5GmRThSulcdmWIwWJtNmsRptlrvlzOOZOScmh2W2cY4mYonmZJFOZJd9x-EaTia2kW022Sx2i4llsXIuLMbJaGSY7BYzj79hnO1WFsdwLTOuTG7RZLNxS1wmw1q4MsxGjt3GYTPN1qLXx3SxeHyzmWXfmC0Ho-VusxztG7PlYLTcbZajfYfO8F19zkZlWSX5uHQ7v826tjkNCpfB4n1-L9LQzmgz-jRfiUX1FOc8E6vQ7_f7_X6_3-_3ezdmg8dgMMw82m1i7PJrNj_lUeM9GBSxRHCRTgQPs9therklPs_GbxFLlKaLdKJX-BVOx9Nh97llDrtb97C7xa634unWvd7Cp8PuVjzd0qPf7nNLj063aOxyuqVHp1v3eutcb6nT5ZY57G7p0WH3uZWvt2JjdNl9dqHpbbaIJYLTRToRvYyni_qPGmK4mismw7lyLhlsVgkAAAAAAAAAwBJMM90EAAAAwMmghpvhYrVOBzOZTQa71XIBXARl6QIGAQAAAAAAKNbYYw3wMLsdppdb4vNs_FYGIMGcx2yzzwhirVbLGgAAgAA2AACAAG668SYQi4n7____HwcAAEBGDj0AAAD6fUBU1R64UeuF_wBUiLVarW431mq1AA!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=dfrc_vB!nonrv_vA!t45!ufm_vG!ul140669-607_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.6/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: dc8e1425fe0fc94486b6244aba1ae560e580fa020509517d5e8d9438609192f2

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Thu, 27 Jul 2023 22:36:41 GMT
content-encoding: gzip
server: nginx
machineid: 1402
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame E537 17 KB
6 KB 88ms
87ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:36:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 27 Jul 2023 22:36:41 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1429 13 KB
5 KB 80ms
79ms Document
text/html 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 317
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 27 Jul 2023 22:31:24 GMT
expires: Fri, 26 Jul 2024 22:31:24 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3EA4 783 B
535 B 89ms
88ms Document
text/html 142.250.181.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f4.1e100.net

Software

GSE /

Resource Hash

7a618fbae54c3f44927eace4b819ccc132ad8f16e8d59027a9eab47616d6c641

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-WpLV4QLyWwqOJR8ndbexww' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-WpLV4QLyWwqOJR8ndbexww' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 27 Jul 2023 22:36:41 GMT
expires: Thu, 27 Jul 2023 22:36:41 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2E32 13 KB
5 KB 82ms
79ms Document
text/html 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 317
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 27 Jul 2023 22:31:24 GMT
expires: Fri, 26 Jul 2024 22:31:24 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4448 783 B
533 B 90ms
88ms Document
text/html 142.250.181.228
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f4.1e100.net

Software

GSE /

Resource Hash

3d59fe7aa962d5eb105508c06481ef5668393c91ccb888f79e90986df90b369f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-EhZXbDYgHbMujAOhoHdoRg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-EhZXbDYgHbMujAOhoHdoRg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 27 Jul 2023 22:36:41 GMT
expires: Thu, 27 Jul 2023 22:36:41 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3EA4 0
0 123ms
122ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230726&jk=917084475447884&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 fEcdG_B7pUQXAq0S1D0jGwFCW0QHifFmsZMHxcblrt4.js Show response
pagead2.googlesyndication.com/bg/ Frame 1429 37 KB
14 KB 83ms
83ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fEcdG_B7pUQXAq0S1D0jGwFCW0QHifFmsZMHxcblrt4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

7c471d1bf07ba5441702ad12d43d231b01425b440789f166b19307c5c6e5aede

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 20:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8383
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14619
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 26 Jul 2024 20:16:58 GMT

POST
H2 204 visible Show response
trc.taboola.com/palmate-bg3co/log/3/ 0
255 B 157ms
157ms XHR
image/gif 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-bg3co/log/3/visible?route=IL%3AIL%3AV&lti=deflated
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230727-9-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 113
date: Thu, 27 Jul 2023 22:36:41 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 114879
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-lis1490054-LIS
pragma: no-cache
server: nginx
x-timer: S1690497402.873299,VS0,VE113
content-type: image/gif
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H3 200 fEcdG_B7pUQXAq0S1D0jGwFCW0QHifFmsZMHxcblrt4.js Show response
pagead2.googlesyndication.com/bg/ Frame 2E32 37 KB
14 KB 83ms
83ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fEcdG_B7pUQXAq0S1D0jGwFCW0QHifFmsZMHxcblrt4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

7c471d1bf07ba5441702ad12d43d231b01425b440789f166b19307c5c6e5aede

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 20:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8383
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14619
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 26 Jul 2024 20:16:58 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4448 0
0 116ms
116ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230726&jk=3445700770835679&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1429 0
10 B 79ms
79ms Image
text/plain 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?8AyyPw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:36:42 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2E32 0
10 B 79ms
79ms Image
text/plain 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?fdIiCw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 Jul 2023 22:36:42 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/006998956e9a8a6b23f045cac9807b43.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202203/d8691dde61ddc8dff691cb66b2697814.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202106/88e97816b66219f958206092fbab3940.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/a46b323b933c3a9c2bb27d25f8321ae2.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202106/eeb72fc3d9c5e949811f198a8b0e69a2.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202106/a1d41a2cd1066a0ecb605c8d599fba80.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202110/fda26940b69fac4b7b6c231066ee235f.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202109/a35514d610dba13cc5fa00f48edac4c0.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202108/a4dd9f1b834f2aabca6aa0d22bcd7d13.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202107/17b7b13f93f4555a9bfebf13705c5691.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/accf8e03faa280b459bb9355c7750ef7.jpg?w=150&h=100&q=100

Verdicts & Comments Add Verdict or Comment

136 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.bg3.co/	1970-01-20 22:20:33	Name: trc_cookie_storage Value: taboola%2520global%253Auser-id%3Da867eb18-f8ed-423c-bed0-8e06d17caf46-tuctbbc76f2
.aralego.com/	1970-01-20 22:20:33	Name: sspid Value: 20d4119a-1a9f-3283-b59f-9885aa806cb1
.quantserve.com/	1970-01-20 23:05:11	Name: mc Value: 64c2f173-63fe4-43b2b-682fd
.bg3.co/	1970-01-20 22:59:26	Name: __qca Value: P0-817092361-1690497394819
.www.bg3.co/	1970-01-20 14:18:09	Name: _im_vid Value: 01H6CQYAV3DYR13NXA2XC5VEXX
.aralego.com/	1970-01-20 22:20:33	Name: euconsent-v2 Value:
.aralego.com/	1970-01-20 22:20:33	Name: gdpr Value: 1
.doubleclick.net/	1970-01-20 22:56:33	Name: IDE Value: AHWqTUnu6zAVzuWoCp2GvOKiobw9pa3AXyPMi7R4e8T9dRC0ML6nugVFnK9n27szs3E
.bg3.co/	1970-01-20 22:56:33	Name: __gads Value: ID=615bb96ad1d5bbeb-225fbcc8b6e700e0:T=1690497395:RT=1690497395:S=ALNI_MbBzN1rssDQxZgYXcSOnDkde6UmjA
.bg3.co/	1970-01-20 22:56:33	Name: __gpi Value: UID=00000d26883b1116:T=1690497396:RT=1690497396:S=ALNI_MbSS8LGCJ-6jUqqU8TjbA0nIhRE6A
.bg3.co/	1970-01-20 23:10:57	Name: _ga Value: GA1.1.1360509579.1690497396
.bg3.co/	1970-01-20 23:10:57	Name: _ga_Z0TZ7TDHS1 Value: GS1.1.1690497396.1.0.1690497396.0.0.0

16 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://static.bg3.co/imgs/202105/006998956e9a8a6b23f045cac9807b43.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202203/d8691dde61ddc8dff691cb66b2697814.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202106/eeb72fc3d9c5e949811f198a8b0e69a2.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202106/88e97816b66219f958206092fbab3940.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/a46b323b933c3a9c2bb27d25f8321ae2.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202106/a1d41a2cd1066a0ecb605c8d599fba80.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202110/fda26940b69fac4b7b6c231066ee235f.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202109/a35514d610dba13cc5fa00f48edac4c0.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202107/17b7b13f93f4555a9bfebf13705c5691.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/accf8e03faa280b459bb9355c7750ef7.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202108/a4dd9f1b834f2aabca6aa0d22bcd7d13.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://cdn.adpushup.com/42753/L2EvYWlxaWFuZy1mYW4td2FuLWx1LXFpLXd1LXhpYW4tcWktemhvbmctemhpLTRsZWktemhpLXd1LWd1LWppZS1mYW4temhhbmcteXUtMWNoZW5nLmh0bWw=.json Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961800537962381&output=html&adk=1812271804&adf=376782690&lmt=1690497401&plat=1%3A66056%2C2%3A66056%2C3%3A2163200%2C4%3A2163200%2C8%3A66048%2C9%3A66056%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A66048%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690497401133&bpp=6&bdt=808&idt=243&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&nras=1&correlator=7686918196704&frm=8&ife=4&pv=2&ga_vid=1790434313.1690497401&ga_sid=1690497401&ga_hid=1743074779&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2327036039&scr_x=-12245933&scr_y=-12245933&eid=31076468%2C44759842%2C44759927%2C44759876%2C31076341%2C42531706%2C44788441%2C44798156%2C31076285%2C44797786&oid=2&pvsid=917084475447884&tmod=464361839&uas=0&nvt=1&fsapi=1&top=https%3A%2F%2Fwww.bg3.co%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.im5x50eihmzu&fsb=1&dtd=267 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961800537962381&output=html&h=250&slotname=9099904862&adk=3685774430&adf=712771304&pi=t.ma~as.9099904862&w=300&lmt=1690497401&format=300x250&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690497401133&bpp=5&bdt=808&idt=253&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=7686918196704&frm=8&ife=4&pv=1&ga_vid=1790434313.1690497401&ga_sid=1690497401&ga_hid=1743074779&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2327036039&scr_x=-12245933&scr_y=-12245933&eid=31076468%2C44759842%2C44759927%2C44759876%2C31076341%2C42531706%2C44788441%2C44798156%2C31076285%2C44797786&oid=2&pvsid=917084475447884&tmod=464361839&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.rkkb3fp6fpe4&fsb=1&dtd=277 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961800537962381&output=html&adk=1812271804&adf=376782691&lmt=1690497401&plat=1%3A66056%2C2%3A66056%2C3%3A2163200%2C4%3A2163200%2C8%3A66048%2C9%3A66056%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A66048%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690497401243&bpp=9&bdt=866&idt=250&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&nras=1&correlator=8550616329472&frm=8&ife=4&pv=2&ga_vid=1683500236.1690497402&ga_sid=1690497402&ga_hid=597446510&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=934484031&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759837%2C44759875%2C31076341%2C31076342%2C44788441%2C44798157&oid=2&pvsid=3445700770835679&tmod=948299991&uas=0&nvt=1&fsapi=1&top=https%3A%2F%2Fwww.bg3.co%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.qcxut15h8ki2&fsb=1&dtd=276 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961800537962381&output=html&h=250&slotname=9099904862&adk=3685774430&adf=712771305&pi=t.ma~as.9099904862&w=300&lmt=1690497401&format=300x250&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690497401243&bpp=2&bdt=866&idt=260&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=8550616329472&frm=8&ife=4&pv=1&ga_vid=1683500236.1690497402&ga_sid=1690497402&ga_hid=597446510&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=934484031&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759837%2C44759875%2C31076341%2C31076342%2C44788441%2C44798157&oid=2&pvsid=3445700770835679&tmod=948299991&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.fyj2uth3zj7&fsb=1&dtd=285 Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

21c81788391ff105edde2bd7be6f3be3.safeframe.googlesyndication.com
706ea89273d4f09bb9a949e5cb0e57fe.safeframe.googlesyndication.com
98b16d71c5b57fda7649ac051107e49c.safeframe.googlesyndication.com
ad.sitemaji.com
ads.aralego.com
ads.yap.yahoo.com
adx.holmesmind.com
agent.aralego.com
am-match.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
amp.analytics-debugger.com
audiencedata.im-apps.net
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.taboola.com
cds.taboola.com
code.jquery.com
d-337632010686777775.ampproject.net
delivery.adrecover.com
df0148ac9ef9f38f8b17dd4402a2e8b8.safeframe.googlesyndication.com
dmp.im-apps.net
e3.adpushup.com
eus.rubiconproject.com
fonts.googleapis.com
fundingchoicesmessages.google.com
geo.yahoo.com
googleads.g.doubleclick.net
gum.criteo.com
http-intake.logs.datadoghq.com
il-trc-events.taboola.com
images.taboola.com
imprammp.taboola.com
l.logly.co.jp
match.adsrvr.org
nt.compass-fit.jp
pagead2.googlesyndication.com
partner.googleadservices.com
pips.taboola.com
pixel-apac.rubiconproject.com
pixel.quantserve.com
pr-bh.ybp.yahoo.com
region1.google-analytics.com
rules.quantcount.com
s.yimg.com
secure-assets.rubiconproject.com
secure.quantserve.com
securepubads.g.doubleclick.net
static.bg3.co
stats.g.doubleclick.net
sync.aralego.com
sync.logly.co.jp
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
vidstat.taboola.com
vidstatb.taboola.com
wf.taboola.com
www.bg3.co
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
static.bg3.co
103.231.174.251
104.26.5.103
13.112.76.83
13.32.110.34
13.32.145.27
141.226.224.32
141.226.228.48
142.250.181.228
142.250.184.226
142.250.185.130
142.250.185.99
142.250.186.129
142.250.186.168
142.250.186.174
142.250.186.34
142.250.186.66
142.250.74.202
151.101.193.44
151.101.65.44
172.217.16.129
172.64.161.31
178.250.7.13
18.182.83.207
18.66.192.59
184.30.22.30
185.106.33.48
188.125.72.139
192.96.203.13
2.16.202.106
2.19.126.93
216.239.32.36
216.58.206.33
216.58.206.46
23.201.255.110
23.53.42.112
23.97.225.52
3.120.241.163
3.233.155.22
3.33.220.150
34.120.96.193
35.186.215.140
69.16.175.42
69.173.144.139
69.173.158.64
74.125.133.156
87.248.100.137
87.248.119.251
91.228.74.200
99.81.57.224
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0
0206609580036d8f0b5f32b836445fb52c6dadb24723714c4fb9fbfd5abe269c
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
0b297f12b2e58991faf5fe27973e438a679bdbaa42e28f062de20ff7b0a4c5c5
0ba09039ddead4e5786e8ac622b4429213a762d0ae478c53e593f1f5ded1b035
0cdc1d09aac29df4b32648b075b088d83174193624fe3c219cfd777692c9ba81
0d52e28e2f00236047c1ae1e1b2b9cbf80687d8df9fa6c825bf4caaa526eabd4
0e3d8fefb06a49434922a615f2f6fc7693bf2d59c6cfca15aabb91a8f9aca7c1
0f82b62ca70834fa28f5e86b2ff59f8a4b7fc58beff1c711b0fa922c0afe484b
10fb0898c2e80ebaa07c36e7c940df62bb9a2bf84ee6fb1b9c62b70b453eff8c
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1
13b01783a067f21e1a92d8fa559aa25c7f7bb60b7911dfa994efba7cc9e9d1d4
13d5c0f2451f0a14104098f72c6f3334114a68927e50beb4779a0bf98966d9f5
16ca4436ccbc7b885da06df96924689c3992e5f46c34810546c061e9f638c3d0
1855b233011b7815f72ae2d9871b5b8dd995fd86c43937a516782f43a4b03850
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
226047b6df5b3d94b3177a2d35e39b8814c03acfb95e61eccea40c5eb81328bc
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
279dff66fa9d2af3092f611485ee499aeb9bfe66a24c00f99bcb1135797371ab
287077b1aeaca25ca5387fa4bccd16aa0f098f48ab4630152689426db2d97470
2aec7a278e6dcbc6fe1215aa393f819226b5ce4c8e0490f7ff1e263f29b07f89
2b0a5c2ccea6f3a712b0a53b9a4735353c768a077de138a8003b4f708380259d
2dd0e8ef48f516bb1a89fb09bae7538cec2367bd467b174e8efcb1434b0829b7
2e1c308b644d5be0cb3ca8d1ed6ca9caf2f559a2db097ce23040bb7e6f352d6e
30440c593b86740ded122b76696292c5cdfc0cd98f9703bc15baf1e1bd191b53
33f6679ee7dde8e3e5ed3c350a0b7672b7c7ecb1edea39fa4190218747fbe289
3413a3b5c6fec6e0c8ba705edb4f59913d51455600b2a6c98be9b3c729f8684e
3619de6dd28979bd9795dae9f2c1a1d85b6e5d16e25215bcaad590a48ded4b32
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6
3731201e9605be2a0c37762908a089ce4e22e1276209497ff198fc2d6e8bbaa8
391add0d2045e77baa1b849271fcdfafdda692ea202619fcba7aa38d96cac4a5
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3d14af6714f8e174042d16f9ee9938f7986b826935f217c43cd3570945f8a8a5
3d59fe7aa962d5eb105508c06481ef5668393c91ccb888f79e90986df90b369f
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
43a31b0f62b97c29c5c8b76b0d8f0afd3160d6c4ea2546b8705cd5278b963a57
43a83648821763999517a452b242cd9dc3f25c9278aa8be1e242fd5c1b048e7e
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4fcde06d3963713e552d9d46936109ce6d3d389318c4c053217dd0a8b12e7b85
50587a77ce12a64658794dbe8aa17ce49ec698dededea711435333141480bc3b
523472fc73c3969e82d48016b529185a6c5601c65d8db79aec71ed2849f8f2ed
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54d276379c74a84f2a492dffd42961f41b243e4e938eef6d3125375cb91709de
554f41c382c558ca5515d29a6ae43ca483e4f8b4277293f825e3aea1efb03380
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
561a5bbef435b3225bcfc01da06de59c4ca0cb94f4f9eb0210b4f6c7c467524b
562d05a4489dcc4a637846701a691461ec04f4336cf49268b0dd36641c13a994
598981d493ae4648f92585aff8733001cd558922db430954376d409f19f6e46b
5a42323e0b1c4e0d4d08124e092838d317dec3536cedfeb797380f02c1ebc132
5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de
5bad07bad79738f145dfc824d071060df075e8fe5b3914f7401d5548be9be1cd
5c2aae51eadfcac5140a0b7eced1b25f1836855b465997e039fc7e9647b98ff2
5e6bd9cf799ddb4e4867ebbd8eda5ebb6de73f8a2adb0e7f01e238cd4e566cfd
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6227e2f11efa93c7eb0ea38ed73a866426f7080d40f3a34a6670bff550656d0a
62899b42b71def804b0b1ecb58d25c00a9908e912968311422441a4f5a5072c5
66d027e66c78d7572ee27c513433b6e7bf711e6033a564cae04397c713e79bb9
69fa4215009a4325ef2d8ed36a318853ec8597bfa8fc52197de529582b85a965
6a80566a14ad0c9ed05a4dca600dd0dcd7779caef2e98226cca37fbe89526d3a
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8
6cb6dbda7a7a8a0f321e7fa0f74da409e88fe539c23a5c5a5e1aa3a4185a0c1c
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
6f2c1824bd77fb29ea2311f2bf4f55d96a04eb241972816bd3390aab44b99eb2
70e35675bc66b12c6cf8422239384f51ada67cfa6d75b4a7675c99c39054f57d
78637d8a0d7809148efe84bbe2ba7bb712860fe6f5eeba55e0e442c220dc8841
7a12798fc8cad05d8b1a0d653eb4184a15501b69a016bc09b466f126955563d7
7a618fbae54c3f44927eace4b819ccc132ad8f16e8d59027a9eab47616d6c641
7c471d1bf07ba5441702ad12d43d231b01425b440789f166b19307c5c6e5aede
7cccc6ea8a6d3415fbe065ea3f1b0a95d5b3100521269da9da1395c3794ebb23
7d8a0b440d7068d5cb52547946da570da8238088d744ce73cbd6129b87200a12
7dca9308104842c01f8b7fe0ab12664c46388fd73c5dfce42bf5d1edd16fd747
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030
8065f98a0c313ee69495c3c529c6d093e08c980c4419bdf2c9c7318925056ead
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
8b53df54bbc1d7620104212635f28e252790da3ef3dbb5fa25c459f00bb6d4f9
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8fe4254eee235986d86e2f3a19fe44dc4f2ba672325928ff6db23b5b0fcf9cf0
91bf1a6cedc2b670e224abf867b580ebeee8076263c665b53d6c4aed3e37acfe
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
92f34307c9aa2d9c285ecdb1eaa33f006aadb4c34ba4e305514f60b9f3574d50
957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8
964783a75f5a7ecc32d48da45cc6025af80e263d6ba6530dc62cc25865b2eb00
98e6148a24faebb929a0138d6d686d44d5eedc6a33d9415eb0a0f803485bc656
9cab80f65f6d17fae9f2d787523ea7e4812c65feb9bdce929e95e7db1830d45f
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
a4d717e4a3db30d082da88e16c3e4a17f62f27efcd2a23d1a4e36de8011981dc
aa2f20b2eeb31a080bf389656e8106330860f9d87327d46e08148a9c570be765
ab4c3e8f250e3a7606463a9275be9ba303d52d59623fadabbcb0136cae779218
b031de3df41b8270548e7ef1e786892ff7d876ede2cd02e355b9cea2b9f63bf7
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b43c7d9a0574711bb94366bfda9c7e470d99193abb002225050d2f61c402ee6c
b5971a99365fc230e114d030dd7b2d488391074a6797da8a12a00ff39cf1ad72
b750900b775914263120999b2cc2b11394ea45f6d9ef5478329e3d1d69b17e60
b7ba0f19c70dbdde9802aba09e953b5f82c382c13dbef2d082f8eb16de41668c
bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336
bc3dcb4607fcf860f3b04077f02155d90001cec4df1af09acab0fda30a0ebc39
bd110b4002f47a83a112825349eae1f0198cf7e339fd26b633fc8146ae479daf
bf7d7e68ce9f086dd78826a80ccef3acccb365a5d820ce194f88dcc52e67b7d9
c15bc7cbd5ecddc091d50aebbb17b0635385c9a4fad3ed5ec37224ac201b5e39
c1a8b5036f72fe51e585ad3e7ac256587074847d160f7f1bdef330d60fbe4362
c36b2a6e516f95a7565daca995489c486f3af12e10cc2feb19c3b53b83cefff5
c3dd1c4c38c6dd45e5d7438ef5874f174322b270db4cfecb0be1c79f8f80888b
c3f417dccb5ad057ae85983a504bdf723d9ebeb0e00d316b14dc9c25d5f0a754
c7868c4a497dcbf5f97d2f2e8de58d03262dfc59426eeeaa86a54b7f2e0ea190
c7acc881e9cf06986917157dec024e7ece426958d682a62c69d73bd0068c03ed
c9eb6c80b3ac7c6046303f445441f326bf1ffe2b86dc42816a092f110fe4fcf7
ca66d86191935dda4bb067804600ef739a1ce8b11616cccd179b66a2292dcb67
cb982f3208ae1f48716dcc0a8129eb03aa8579bac839f29e4a3c3b0d8be3848f
ce1008fa4dd191756f6b02cf1f42a3e933eee8796ebccd67d7564d85e04a859b
cec5e2df3f9a7a85ac9b3bb4451c3ff80e3602d61302d1e5a50540b41b5948e8
cfb99c717c3b8c261e25756ba22ee4e89ef6892ab38f6755699749b4156de1a2
d04273e6e9b7f70c435216290cf89b73705f3d6776f029fb7381b4b9f9412712
d4ce5a31f628856a6d376d190308ff6ae29a20564df7a969d0e96351a6529338
d5263acb14521ee14316b49899c641ca2472c42c3c35c84d547a8e8cd98ed37d
da35073a3c7b1a26a8a634a2bef4ce89b8e66ea2f552c1505492856e180dc920
db9421b7a9bd0512445edeab8bc040b34c17bb15eaa88656701201997b730373
dc8e1425fe0fc94486b6244aba1ae560e580fa020509517d5e8d9438609192f2
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e19921e661a3f7ff32392ef0f64cd6a3fa7eb69909250343b492129a31da445f
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1
e36c7831be3ae3f2982e52d93fa577535c232a78fa029828264792f954e4f003
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e612f9a6f5ff5b150d727c789dade906a7a2ef57b85814a92c0b4ccc61eef230
e72ddceb4ffc4294fc6b71ee771f423c143eb1ac9cc81dcd46c915c8c382f37d
e9bb587429f7fd30586388a4940d422ccd4c7fcd668c92b20721955cec890f64
eae438576c20d429574bb39337c98179423e0ec301675c2ba564e15fd2e0ae0c
eafe6cacc6fab72984bf69d327dafaa26386aa8597a2bbe573ecc134583d9246
eb75d359ea282665e5c39a43e3692dbe7eadeb5a6f75423b1fa7c0089cedae81
ec1feb9ca4a86fb3da2a89c7a683f56236befb266cc8f2cc150362448a8e31eb
ecdce583240209e675bd219c031902309f47493f1f3bf05d9329d2186dcd8839
ed2726612a0957ee5a12abcfed3cf37dfe0df3cf82c42442d995219a91faf1fe
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1c94951e0291859e3aada471fb0d280aca6423ae9eee69618d4c808869def9a
f2464b544679bc6c80ea8fe6c6972805434a4db84abfffe83ab9a7ff4d3a4613
f3a1180a11cf3c79e0b45c05075a6537cd181d8be98b8be306369fdd3e2bf64f
f4c557c95855835a07b591d52282cf17f1a94a1bf3f93e496dfce6994a14b01e
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
fb1da1d908f70c6a28aa09f306ace4b641b5ec61b80b3ff947c8f2631d3fe7ff
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fbc4ea0dde0f8103b44061a4467419cf02883efc0143baa419a691eb101a46e0
fe397926b9153eef1ff4b993c12314dee516648b4b9eb17398b3e4252c0b61fe
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff8362bf5a6da094bfeff210601df3fe4865c95056d56555b96ff18462b98943
ff8d6ec5927e17f6354816bfeccb48856b23869c06f91c0a70f48ef6b3d15043

www.bg3.co Open in urlscan Pro 103.231.174.251 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

296 Requests

95 %HTTPS

0 %IPv6

32 Domains

65 Subdomains

49 IPs

10 Countries

4181 kBTransfer

12217 kBSize

12 Cookies

31 Outgoing links

Redirected requests

296 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.bg3.co Open in urlscan Pro
103.231.174.251 Public Scan

Screenshot
Live screenshot

Full Image

296
Requests

95 %
HTTPS

0 %
IPv6

32
Domains

65
Subdomains

49
IPs

10
Countries

4181 kB
Transfer

12217 kB
Size

12
Cookies

296 HTTP transactions
3 data transactions