urlscan.io logo urlscan.io
SecurityTrails logo

www.bg3.co Open in urlscan Pro
103.231.174.251  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Submission: On July 29 via manual from US — Scanned from PT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 71 IPs in 13 countries across 73 domains to perform 331 HTTP transactions. The main IP is 103.231.174.251, located in New York, United States and belongs to XLC-AS-AP XLC GLOBAL, HK. The main domain is www.bg3.co.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on May 22nd 2023. Valid for: a year.
This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 103.231.174.251 9744 (XLC-AS-AP...)
11 142.250.185.65 15169 (GOOGLE)
1 5 162.210.196.208 30633 (LEASEWEB-...)
10 104.26.5.103 13335 (CLOUDFLAR...)
2 2.16.238.159 20940 (AKAMAI-ASN1)
5 2.16.202.65 20940 (AKAMAI-ASN1)
49 151.101.65.44 54113 (FASTLY)
1 13.113.50.131 16509 (AMAZON-02)
2 69.16.175.10 20446 (STACKPATH...)
29 142.250.186.66 15169 (GOOGLE)
17 142.250.181.226 15169 (GOOGLE)
2 23.97.225.52 8075 (MICROSOFT...)
1 172.217.23.110 15169 (GOOGLE)
1 178.250.1.11 44788 (ASN-CRITE...)
3 7 192.96.203.13 30633 (LEASEWEB-...)
1 142.250.185.163 15169 (GOOGLE)
1 3 91.228.74.166 16509 (AMAZON-02)
1 172.64.103.25 13335 (CLOUDFLAR...)
2 142.250.185.168 15169 (GOOGLE)
2 2.16.241.77 20940 (AKAMAI-ASN1)
1 108.138.7.39 16509 (AMAZON-02)
16 185.106.33.48 200478 (TABOOLA-AS)
1 18.66.97.52 16509 (AMAZON-02)
4 142.250.185.174 15169 (GOOGLE)
1 64.233.167.157 15169 (GOOGLE)
1 142.250.186.138 15169 (GOOGLE)
3 3 23.212.211.47 16625 (AKAMAI-AS)
6 88.221.169.246 16625 (AKAMAI-AS)
2 3 142.250.186.130 15169 (GOOGLE)
1 34.120.96.193 396982 (GOOGLE-CL...)
2 21 141.226.228.48 200478 (TABOOLA-AS)
3 52.198.195.5 16509 (AMAZON-02)
7 7 15.197.193.217 16509 (AMAZON-02)
3 4 54.217.214.211 16509 (AMAZON-02)
6 7 35.156.62.67 16509 (AMAZON-02)
4 4 3.122.46.227 16509 (AMAZON-02)
2 3.233.145.252 14618 (AMAZON-AES)
3 3 3.75.62.37 16509 (AMAZON-02)
3 216.58.206.33 15169 (GOOGLE)
1 142.250.186.65 15169 (GOOGLE)
3 6 69.173.144.165 26667 (RUBICONPR...)
2 142.250.184.194 15169 (GOOGLE)
2 99.86.91.74 16509 (AMAZON-02)
18 216.58.212.161 15169 (GOOGLE)
1 151.101.193.44 54113 (FASTLY)
6 8 69.173.144.138 26667 (RUBICONPR...)
1 1 69.173.158.64 26667 (RUBICONPR...)
2 4 52.46.128.147 16509 (AMAZON-02)
2 4 67.220.228.200 16509 (AMAZON-02)
6 9 172.217.18.2 15169 (GOOGLE)
1 13.107.42.14 8068 (MICROSOFT...)
6 142.250.186.132 15169 (GOOGLE)
1 1 124.146.215.52 2514 (INFOSPHER...)
2 2 52.57.87.82 16509 (AMAZON-02)
1 185.86.138.150 201081 (SMARTADSE...)
10 185.64.191.210 62713 (AS-PUBMATIC)
1 2 216.52.2.86 30282 (AS-INAPCD...)
1 208.93.169.131 46244 (WEBMD-IDC...)
1 185.86.139.93 201081 (SMARTADSE...)
2 2 178.250.1.9 44788 (ASN-CRITE...)
1 162.19.138.120 16276 (OVH)
1 1 35.210.239.72 19527 (GOOGLE-2)
3 4 35.244.159.8 15169 (GOOGLE)
1 2 76.223.111.18 16509 (AMAZON-02)
2 2 54.166.70.66 14618 (AMAZON-AES)
1 82.145.213.8 39832 (NO-OPERA)
1 151.101.129.44 54113 (FASTLY)
1 141.226.224.32 ()
4 35.186.215.140 15169 (GOOGLE)
4 4 46.228.174.117 56396 (AMOBEE)
2 2 46.228.164.11 56396 (AMOBEE)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
2 23.36.224.187 16625 (AKAMAI-AS)
2 172.217.16.130 15169 (GOOGLE)
1 198.47.127.19 62713 (AS-PUBMATIC)
2 87.248.119.252 34010 (YAHOO-IRD)
2 87.248.100.137 ()
2 188.125.72.139 ()
1 1 193.0.160.131 ()
5 198.47.127.205 ()
1 213.155.156.168 ()
2 2 37.252.173.215 ()
1 1 85.114.159.118 ()
1 2 151.101.2.49 ()
1 72.251.245.179 ()
2 2 37.157.6.254 ()
2 185.64.190.81 ()
1 1 3.65.77.190 ()
2 2 63.215.202.137 ()
2 2 98.98.134.241 ()
331 71
1    103.231.174.251 (New York, United States)

ASN9744 (XLC-AS-AP XLC GLOBAL, HK)
www.bg3.co
11    142.250.185.65 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f1.1e100.net
cdn.ampproject.org
5    162.210.196.208 (Ashburn, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ads.aralego.com
10    104.26.5.103 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
2    2.16.238.159 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-238-159.deploy.static.akamaitechnologies.com
delivery.adrecover.com
5    2.16.202.65 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-202-65.deploy.static.akamaitechnologies.com
cdn.adpushup.com
49    151.101.65.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
vidstat.taboola.com
images.taboola.com
imprammp.taboola.com
wf.taboola.com
match.taboola.com
vidstatb.taboola.com
1    13.113.50.131 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-113-50-131.ap-northeast-1.compute.amazonaws.com
nt.compass-fit.jp
2    69.16.175.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: hwcdn.net
code.jquery.com
29    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
pagead2.googlesyndication.com
17    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
securepubads.g.doubleclick.net
2    23.97.225.52 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e3.adpushup.com
1    172.217.23.110 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f110.1e100.net
fundingchoicesmessages.google.com
1    178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
7    192.96.203.13 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
sync.aralego.com
agent.aralego.com
1    142.250.185.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f3.1e100.net
d-40685177173055300122.ampproject.net
3    91.228.74.166 (United Kingdom)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
1    172.64.103.25 (United States)

ASN13335 (CLOUDFLARENET, US)
amp.analytics-debugger.com
2    142.250.185.168 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f8.1e100.net
www.googletagmanager.com
2    2.16.241.77 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-241-77.deploy.static.akamaitechnologies.com
dmp.im-apps.net
1    108.138.7.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-39.fra56.r.cloudfront.net
l.logly.co.jp
16    185.106.33.48 (Israel)

ASN200478 (TABOOLA-AS, IL)
il-trc-events.taboola.com
1    18.66.97.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-52.fra56.r.cloudfront.net
rules.quantcount.com
4    142.250.185.174 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f14.1e100.net
www.google-analytics.com
1    64.233.167.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wl-in-f157.1e100.net
stats.g.doubleclick.net
1    142.250.186.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f10.1e100.net
fonts.googleapis.com
3    23.212.211.47 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-211-47.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
6    88.221.169.246 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-169-246.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
3    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
googleads.g.doubleclick.net
1    34.120.96.193 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 193.96.120.34.bc.googleusercontent.com
audiencedata.im-apps.net
21    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
am-match.taboola.com
am-vid-events.taboola.com
sync.taboola.com
sync-t1.taboola.com
am-wf.taboola.com
3    52.198.195.5 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-198-195-5.ap-northeast-1.compute.amazonaws.com
sync.logly.co.jp
7    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
4    54.217.214.211 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-217-214-211.eu-west-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
7    35.156.62.67 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-62-67.eu-central-1.compute.amazonaws.com
x.bidswitch.net
4    3.122.46.227 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-46-227.eu-central-1.compute.amazonaws.com
rtb.mfadsrvr.com
2    3.233.145.252 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-145-252.compute-1.amazonaws.com
http-intake.logs.datadoghq.com
3    3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
3    216.58.206.33 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f1.1e100.net
26a913cfa320d0f204fd1581ad0e5bf0.safeframe.googlesyndication.com
8a90b2bd4764c30f3c7245686ebb31fa.safeframe.googlesyndication.com
72c64af70e5eb37bb8d4e610b6a77eac.safeframe.googlesyndication.com
1    142.250.186.65 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f1.1e100.net
ab1d08d97462a9db334f967904413160.safeframe.googlesyndication.com
6    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
2    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
partner.googleadservices.com
2    99.86.91.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-91-74.cdg50.r.cloudfront.net
adx.holmesmind.com
18    216.58.212.161 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f161.1e100.net
tpc.googlesyndication.com
1    151.101.193.44 (United States)

ASN54113 (FASTLY, US)
vidstat.taboola.com
8    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    69.173.158.64 (Singapore)

ASN26667 (RUBICONPROJECT, US)
pixel-apac.rubiconproject.com
4    52.46.128.147 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
4    67.220.228.200 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
9    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net
cm.g.doubleclick.net
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
6    142.250.186.132 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f4.1e100.net
www.google.com
1    124.146.215.52 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
2    52.57.87.82 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-87-82.eu-central-1.compute.amazonaws.com
ih.adscale.de
1    185.86.138.150 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
10    185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
2    216.52.2.86 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ce.lijit.com
1    208.93.169.131 (United States)

ASN46244 (WEBMD-IDC1-AS, US)
bh.contextweb.com
1    185.86.139.93 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
2    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    162.19.138.120 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu
id5-sync.com
1    35.210.239.72 (Brussels, Belgium)

ASN19527 (GOOGLE-2, US)
PTR: 72.239.210.35.bc.googleusercontent.com
u.ipw.metadsp.co.uk
4    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
u.openx.net
2    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
2    54.166.70.66 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-166-70-66.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    82.145.213.8 (South Africa)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
1    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
pips.taboola.com
1    141.226.224.32 (None, )

ASN- ()
cds.taboola.com
4    35.186.215.140 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 140.215.186.35.bc.googleusercontent.com
ad.sitemaji.com
4    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
2    46.228.164.11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
2    23.36.224.187 (Glattbrugg, Switzerland)

ASN16625 (AKAMAI-AS, US)
PTR: a23-36-224-187.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net
www.googletagservices.com
1    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    87.248.119.252 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
PTR: e2-bmr.ycpi.vip.deb.yahoo.com
s.yimg.com
2    87.248.100.137 (None, )

ASN- ()
ads.yap.yahoo.com
2    188.125.72.139 (None, )

ASN- ()
geo.yahoo.com
1    193.0.160.131 (None, )

ASN- ()
p.rfihub.com
5    198.47.127.205 (None, )

ASN- ()
image2.pubmatic.com
1    213.155.156.168 (None, )

ASN- ()
d5p.de17a.com
2    37.252.173.215 (None, )

ASN- ()
ib.adnxs.com
1    85.114.159.118 (None, )

ASN- ()
dsp.adfarm1.adition.com
2    151.101.2.49 (None, )

ASN- ()
sync-tm.everesttech.net
1    72.251.245.179 (None, )

ASN- ()
cm.adgrx.com
2    37.157.6.254 (None, )

ASN- ()
c1.adform.net
2    185.64.190.81 (None, )

ASN- ()
image4.pubmatic.com
simage4.pubmatic.com
1    3.65.77.190 (None, )

ASN- ()
sonata-notifications.taptapnetworks.com
2    63.215.202.137 (None, )

ASN- ()
pubmatic-match.dotomi.com
2    98.98.134.241 (None, )

ASN- ()
pixel-sync.sitescout.com
Apex Domain
Subdomains		 Transfer
89 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 861
trc.taboola.com — Cisco Umbrella Rank: 616
vidstat.taboola.com — Cisco Umbrella Rank: 2544
il-trc-events.taboola.com — Cisco Umbrella Rank: 18940
images.taboola.com — Cisco Umbrella Rank: 1756
imprammp.taboola.com — Cisco Umbrella Rank: 13588
am-match.taboola.com — Cisco Umbrella Rank: 13614
wf.taboola.com — Cisco Umbrella Rank: 2645
am-vid-events.taboola.com — Cisco Umbrella Rank: 12767
sync.taboola.com — Cisco Umbrella Rank: 1093
sync-t1.taboola.com — Cisco Umbrella Rank: 1328
match.taboola.com — Cisco Umbrella Rank: 5811
pips.taboola.com — Cisco Umbrella Rank: 1537
cds.taboola.com
vidstatb.taboola.com — Cisco Umbrella Rank: 4741
am-wf.taboola.com
1 MB
51 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 130
26a913cfa320d0f204fd1581ad0e5bf0.safeframe.googlesyndication.com
ab1d08d97462a9db334f967904413160.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 155
8a90b2bd4764c30f3c7245686ebb31fa.safeframe.googlesyndication.com
72c64af70e5eb37bb8d4e610b6a77eac.safeframe.googlesyndication.com
548 KB
30 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 204
stats.g.doubleclick.net — Cisco Umbrella Rank: 114
googleads.g.doubleclick.net — Cisco Umbrella Rank: 55
cm.g.doubleclick.net — Cisco Umbrella Rank: 239
776 KB
24 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1155
eus.rubiconproject.com — Cisco Umbrella Rank: 618
token.rubiconproject.com — Cisco Umbrella Rank: 613
pixel.rubiconproject.com — Cisco Umbrella Rank: 380
pixel-apac.rubiconproject.com — Cisco Umbrella Rank: 30277
43 KB
20 pubmatic.com
simage2.pubmatic.com — Cisco Umbrella Rank: 763
ads.pubmatic.com — Cisco Umbrella Rank: 553
image6.pubmatic.com — Cisco Umbrella Rank: 767
image2.pubmatic.com
image4.pubmatic.com
simage4.pubmatic.com
31 KB
12 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 34825
sync.aralego.com — Cisco Umbrella Rank: 3157
agent.aralego.com — Cisco Umbrella Rank: 259927
7 KB
11 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 466
ups.analytics.yahoo.com — Cisco Umbrella Rank: 321
ads.yap.yahoo.com
geo.yahoo.com
5 KB
11 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 427
219 KB
10 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 13254
163 KB
8 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 319
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1121
5 KB
7 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 350
2 KB
7 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 379
3 KB
7 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1659
www.google.com — Cisco Umbrella Rank: 3
13 KB
7 adpushup.com
cdn.adpushup.com — Cisco Umbrella Rank: 18007
e3.adpushup.com — Cisco Umbrella Rank: 18875
277 KB
4 sitemaji.com
ad.sitemaji.com — Cisco Umbrella Rank: 96246
39 KB
4 openx.net
u.openx.net — Cisco Umbrella Rank: 716
1 KB
4 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 1139
3 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 58
480 B
4 logly.co.jp
l.logly.co.jp — Cisco Umbrella Rank: 62021
sync.logly.co.jp — Cisco Umbrella Rank: 67250
2 KB
3 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 590
2 KB
3 im-apps.net
dmp.im-apps.net — Cisco Umbrella Rank: 26212
audiencedata.im-apps.net — Cisco Umbrella Rank: 28818
3 KB
3 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1273
pixel.quantserve.com — Cisco Umbrella Rank: 1017
cms.quantserve.com — Cisco Umbrella Rank: 802
10 KB
3 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 417
dis.criteo.com — Cisco Umbrella Rank: 623
1 KB
2 sitescout.com
pixel-sync.sitescout.com
938 B
2 dotomi.com
pubmatic-match.dotomi.com
743 B
2 adform.net
dmp.adform.net Failed
c1.adform.net
1 KB
2 everesttech.net
sync-tm.everesttech.net
768 B
2 adnxs.com
ib.adnxs.com
2 KB
2 yimg.com
s.yimg.com — Cisco Umbrella Rank: 561
60 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 213
113 KB
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 514
722 B
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 912
952 B
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 764
2 KB
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 403
740 B
2 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 1006
1 KB
2 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 823
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 689
670 B
2 adscale.de
ih.adscale.de — Cisco Umbrella Rank: 2950
633 B
2 holmesmind.com
adx.holmesmind.com — Cisco Umbrella Rank: 973736
2 KB
2 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1196
916 B
2 datadoghq.com
http-intake.logs.datadoghq.com — Cisco Umbrella Rank: 9286
505 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 73
83 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 743
60 KB
2 adrecover.com
delivery.adrecover.com — Cisco Umbrella Rank: 29387
12 KB
1 taptapnetworks.com
sonata-notifications.taptapnetworks.com
347 B
1 adgrx.com
cm.adgrx.com
283 B
1 adition.com
dsp.adfarm1.adition.com
524 B
1 de17a.com
d5p.de17a.com
125 B
1 rfihub.com
p.rfihub.com
795 B
1 unrulymedia.com
sync.targeting.unrulymedia.com
453 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1818
467 B
1 metadsp.co.uk
u.ipw.metadsp.co.uk — Cisco Umbrella Rank: 6565
236 B
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 423
1 KB
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 554
882 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1129
731 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 384
514 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 79
1 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1198
632 B
1 analytics-debugger.com
amp.analytics-debugger.com — Cisco Umbrella Rank: 20002
3 KB
1 ampproject.net
d-40685177173055300122.ampproject.net
1 compass-fit.jp
nt.compass-fit.jp — Cisco Umbrella Rank: 88617
17 KB
1 bg3.co
www.bg3.co
static.bg3.co Failed
14 KB
0 bidtheatre.com Failed
match.adsby.bidtheatre.com Failed
0 simpli.fi Failed
um.simpli.fi Failed
0 weborama.fr Failed
cr.frontend.weborama.fr Failed
0 crwdcntrl.net Failed
sync.crwdcntrl.net Failed
0 mrtnsvr.com Failed
ad.mrtnsvr.com Failed
0 tribalfusion.com Failed
a.tribalfusion.com Failed
0 ctnsnet.com Failed
ipac.ctnsnet.com Failed
0 iprom.net Failed
core.iprom.net Failed
0 gammaplatform.com Failed
cm-supply-web.gammaplatform.com Failed
0 loopme.me Failed
csync.loopme.me Failed
0 bidr.io Failed
match.prod.bidr.io Failed
0 mediago.io Failed
trace.mediago.io Failed
331 73
Domain Requested by
29 pagead2.googlesyndication.com cdn.ampproject.org
ads.aralego.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.bg3.co
19 cdn.taboola.com www.bg3.co
cdn.taboola.com
18 tpc.googlesyndication.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.bg3.co
17 securepubads.g.doubleclick.net cdn.adpushup.com
securepubads.g.doubleclick.net
cdn.aralego.net
agent.aralego.com
www.bg3.co
www.googletagservices.com
16 il-trc-events.taboola.com www.bg3.co
14 images.taboola.com www.bg3.co
13 sync.taboola.com 2 redirects imprammp.taboola.com
am-match.taboola.com
www.bg3.co
ads.pubmatic.com
11 cdn.ampproject.org www.bg3.co
cdn.ampproject.org
10 simage2.pubmatic.com www.bg3.co
ads.pubmatic.com
10 cdn.aralego.net www.bg3.co
ads.aralego.com
adx.holmesmind.com
agent.aralego.com
9 cm.g.doubleclick.net 6 redirects www.bg3.co
8 pixel.rubiconproject.com 6 redirects www.bg3.co
7 x.bidswitch.net 6 redirects www.bg3.co
7 match.adsrvr.org 7 redirects
7 trc.taboola.com cdn.taboola.com
imprammp.taboola.com
am-match.taboola.com
www.bg3.co
6 www.google.com tpc.googlesyndication.com
6 token.rubiconproject.com 3 redirects eus.rubiconproject.com
6 eus.rubiconproject.com ads.aralego.com
nt.compass-fit.jp
eus.rubiconproject.com
5 image2.pubmatic.com ads.pubmatic.com
5 vidstat.taboola.com cdn.taboola.com
vidstat.taboola.com
5 cdn.adpushup.com www.bg3.co
cdn.adpushup.com
5 ads.aralego.com 1 redirects ads.aralego.com
agent.aralego.com
4 ad.sitemaji.com adx.holmesmind.com
securepubads.g.doubleclick.net
4 u.openx.net 3 redirects www.bg3.co
4 aax-eu.amazon-adsystem.com 2 redirects www.bg3.co
ads.pubmatic.com
4 s.amazon-adsystem.com 2 redirects www.bg3.co
4 rtb.mfadsrvr.com 4 redirects
4 pr-bh.ybp.yahoo.com 3 redirects ads.pubmatic.com
4 www.google-analytics.com cdn.ampproject.org
www.bg3.co
www.googletagmanager.com
4 sync.aralego.com ads.aralego.com
www.bg3.co
eus.rubiconproject.com
3 sync.1rx.io 3 redirects
3 agent.aralego.com 3 redirects ad.sitemaji.com
3 ups.analytics.yahoo.com 3 redirects
3 sync-t1.taboola.com imprammp.taboola.com
www.bg3.co
3 sync.logly.co.jp nt.compass-fit.jp
eus.rubiconproject.com
sync.logly.co.jp
3 googleads.g.doubleclick.net 2 redirects cdn.ampproject.org
3 secure-assets.rubiconproject.com 3 redirects
2 pixel-sync.sitescout.com 2 redirects
2 pubmatic-match.dotomi.com 2 redirects
2 c1.adform.net 2 redirects
2 sync-tm.everesttech.net 1 redirects ads.pubmatic.com
2 ib.adnxs.com 2 redirects
2 geo.yahoo.com adx.holmesmind.com
s.yimg.com
2 ads.yap.yahoo.com s.yimg.com
2 s.yimg.com ad.sitemaji.com
2 www.googletagservices.com securepubads.g.doubleclick.net
2 ads.pubmatic.com am-match.taboola.com
ads.pubmatic.com
2 creativecdn.com 2 redirects
2 ad.turn.com 2 redirects
2 sync.srv.stackadapt.com 2 redirects
2 eb2.3lift.com 1 redirects www.bg3.co
2 dis.criteo.com 2 redirects
2 ce.lijit.com 1 redirects www.bg3.co
2 ih.adscale.de 2 redirects
2 adx.holmesmind.com pagead2.googlesyndication.com
2 partner.googleadservices.com pagead2.googlesyndication.com
2 http-intake.logs.datadoghq.com cdn.adpushup.com
2 am-vid-events.taboola.com www.bg3.co
2 wf.taboola.com vidstat.taboola.com
2 am-match.taboola.com vidstat.taboola.com
2 dmp.im-apps.net nt.compass-fit.jp
dmp.im-apps.net
2 www.googletagmanager.com cdn.ampproject.org
cdn.adpushup.com
2 e3.adpushup.com www.bg3.co
2 code.jquery.com delivery.adrecover.com
cdn.adpushup.com
2 delivery.adrecover.com www.bg3.co
1 simage4.pubmatic.com ads.pubmatic.com
1 am-wf.taboola.com vidstat.taboola.com
1 sonata-notifications.taptapnetworks.com 1 redirects
1 image4.pubmatic.com ads.pubmatic.com
1 cm.adgrx.com ads.pubmatic.com
1 dsp.adfarm1.adition.com 1 redirects
1 cms.quantserve.com 1 redirects
1 d5p.de17a.com ads.pubmatic.com
1 p.rfihub.com 1 redirects
1 image6.pubmatic.com ads.pubmatic.com
1 72c64af70e5eb37bb8d4e610b6a77eac.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 8a90b2bd4764c30f3c7245686ebb31fa.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 sync.targeting.unrulymedia.com 1 redirects
1 vidstatb.taboola.com www.bg3.co
1 cds.taboola.com cdn.taboola.com
1 pips.taboola.com cdn.taboola.com
1 t.adx.opera.com www.bg3.co
ads.pubmatic.com
1 match.taboola.com www.bg3.co
1 u.ipw.metadsp.co.uk 1 redirects
1 id5-sync.com www.bg3.co
1 rtb-csync.smartadserver.com www.bg3.co
1 bh.contextweb.com www.bg3.co
1 ssbsync.smartadserver.com www.bg3.co
1 tg.socdm.com 1 redirects
1 px.ads.linkedin.com www.bg3.co
1 pixel-apac.rubiconproject.com 1 redirects
1 ab1d08d97462a9db334f967904413160.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 26a913cfa320d0f204fd1581ad0e5bf0.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 pixel.quantserve.com www.bg3.co
1 imprammp.taboola.com vidstat.taboola.com
1 audiencedata.im-apps.net dmp.im-apps.net
1 fonts.googleapis.com cdn.taboola.com
1 stats.g.doubleclick.net cdn.ampproject.org
1 rules.quantcount.com secure.quantserve.com
1 l.logly.co.jp nt.compass-fit.jp
1 amp.analytics-debugger.com cdn.ampproject.org
1 secure.quantserve.com cdn.adpushup.com
1 d-40685177173055300122.ampproject.net cdn.ampproject.org
1 gum.criteo.com cdn.taboola.com
1 fundingchoicesmessages.google.com cdn.adpushup.com
1 nt.compass-fit.jp www.bg3.co
1 www.bg3.co
0 match.adsby.bidtheatre.com Failed ads.pubmatic.com
0 um.simpli.fi Failed ads.pubmatic.com
0 dmp.adform.net Failed ads.pubmatic.com
0 cr.frontend.weborama.fr Failed ads.pubmatic.com
0 sync.crwdcntrl.net Failed ads.pubmatic.com
0 ad.mrtnsvr.com Failed ads.pubmatic.com
0 a.tribalfusion.com Failed ads.pubmatic.com
0 ipac.ctnsnet.com Failed ads.pubmatic.com
0 core.iprom.net Failed ads.pubmatic.com
0 cm-supply-web.gammaplatform.com Failed ads.pubmatic.com
0 csync.loopme.me Failed ads.pubmatic.com
0 match.prod.bidr.io Failed ads.pubmatic.com
0 trace.mediago.io Failed www.bg3.co
0 static.bg3.co Failed www.bg3.co
331 121
Subject Issuer Validity Valid
*.bg3.co
AlphaSSL CA - SHA256 - G4		 2023-05-22 -
2024-06-22		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
cdn.adpushup.com
R3		 2023-06-14 -
2023-09-12		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
*.compass-fit.jp
GlobalSign RSA OV SSL CA 2018		 2023-04-11 -
2024-05-12		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
*.adpushup.com
Sectigo ECC Domain Validation Secure Server CA		 2022-08-02 -
2023-09-02		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-19 -
2023-10-18		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-18 -
2024-04-17		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-19 -
2023-11-19		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
analytics-debugger.com
GTS CA 1P5		 2023-07-18 -
2023-10-16		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
*.im-apps.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-13 -
2024-04-13		 a year crt.sh
*.logly.co.jp
Amazon RSA 2048 M02		 2023-04-05 -
2024-05-04		 a year crt.sh
quantserve.com
R3		 2023-06-13 -
2023-09-11		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
audiencedata.im-apps.net
GTS CA 1D4		 2023-06-08 -
2023-09-06		 3 months crt.sh
*.logs.datadoghq.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-22 -
2024-03-22		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
*.holmesmind.com
Go Daddy Secure Certificate Authority - G2		 2023-05-19 -
2024-06-19		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
*.contextweb.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-10 -
2024-05-09		 a year crt.sh
*.id5-sync.com
R3		 2023-07-04 -
2023-10-02		 3 months crt.sh
*.adx.opera.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-22 -
2024-06-20		 a year crt.sh
feebee.com.tw
R3		 2023-07-04 -
2023-10-02		 3 months crt.sh
*.api.fantasysports.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-07-03 -
2023-08-23		 2 months crt.sh
*.pubgw.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-07-03 -
2023-08-23		 2 months crt.sh
yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-05-02 -
2023-10-25		 6 months crt.sh
*.de17a.com
Sectigo ECC Domain Validation Secure Server CA		 2022-11-30 -
2023-12-30		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-11-07 -
2023-12-09		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-03 -
2024-03-31		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-04-04 -
2023-09-27		 6 months crt.sh

This page contains 56 frames:

Primary Page: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Frame ID: FE1BF5E7CA0C71F335E4843563F85B1E
Requests: 140 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: B458A6881CCD789BABE24A2BAD517975
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 5E22A09AF24559EA46129CA7DE8EA00E
Requests: 6 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 723E8F599F108FE8146BA2C465783E09
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: 9AB053D2F2BFE8DBB4C4C30ABF39B230
Requests: 11 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 38107FB7A69D971568536347CD91C2A9
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: B3B1A91A01AD2F182C0E528532E1DA83
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-491935379740991621&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=2955&oid=2&is_amp=5&amp_v=2307150128000&d_imp=1&c=4541008550&ga_cid=amp-agW4eEHknI5vl4jbuKtc1g&ga_hid=8550&dt=1690662493905&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html&bdt=1073&dtd=2&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Frame ID: EEA2F21C928CD55CA94D56A3F29406E3
Requests: 1 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8n44CLAacvlxV9WPmnBE4fbmq6sfMOSsAAABgYID-AAlZFsaZaTVxK1Ymw1o0GHnWEsds4VYYR7vRxLPcWFaWISAhy8I4M60mbsXKZFiLBiPPWuKYLdwK42g3mniWG8vKMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZnaDodPte9Xvf73SU-z1zj9yv8yr_rrfy73mKnw-5WO-0-t-LpcEudDrvPrXE43VKnW-20-9zSo9OtfLo1R6db4nor_3afW_pwuqVPt-Rld4scfrfa5bQLTW-zHQAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAgtkGgieRAAK-7yx8AAAAAQAAAAACQAEBAPywBEGO8d-L_________P8YAfeaNjP____8bBj0AHnwAPAgBAAAAGqIoXP5s-7DNTaRAswgjAAAAAFvN5sNHJukEFYsq_____VYArgAABCSOWnlxZNEdlHgLAwAAIDBmgR4Wv9_ssGv8bpf5_________zfzf-YfTRClmVkaocnRazW_gAAAa34BAQDYqBsAgDcBcIIOQSsGg9UJiNkBAAAAuPP___-vB2QsvtlsMJuZBhPjZmOy2GYz18ozm7hMG9vKMXF4z113x3UweCRsnw1hmf2-g4JyenrMLoOM5TIZxAcNw3IyCOZnwhaj1WSyWQ5ny8VkMBwNR6P9EcDlAE3EYLmcTBaT3Wq0Gm2Gu9FssEACMZggihYNJqvRaLKYDFejyWq2XOx2G0TRqtVstBkMV7PJbLdbDQfD5WiEJmwxWk0mm-VwtlxMBsPRcDQaIphyzBa-xW6zFg0Gw7VouFu5FY6JYy0abkzOxWY0Mw5ma9HrY7pYXDaLyeRFggFte5E8LdKJbDObbXajwcJl801Gho1lZNsMlpvZxrDxWIwjz0Qs0Zws0onssu9YfLPZYDYzDSbGzcZksc1mrpVnNnGZNraVY-LwtxyzhW-x26xFg8FwLRruVm6FY-JYi4Ybk3OxGc2Mg9la9PqYLhaXzWIy-Ruz5WA2m4yWm31jthzMZpPRcrPv0Bm-q8_ZqCyrJB-dR5tMGw83p0HhMli8a_XpLCwKD9ZouOh0ScTHzs7o9_v9fr_f7_f7_Qat52A2KHzPw184fSzP5XA2ehAbFIpYIrhIJ4KH2e0wvdwSn2fjt4glStNFOtEr_Mq_6638u95ip8PuVjvtPrfi6XBLnQ67z61xON1Sp1vttPvc0qPTrXy6NUenW-J6K_92n1v6cLqlT7fkZXeLHH632uW0C01vs0UsEZwu0onoZTxd1H_kkIu5ZLCaSzaDuWK5WiUAAAAAAAAAAEswyXQTAAAAACeDGm6Gi9U6HcxkNhnsVssFcBGUpQsYBAAAAAAAoFhjjzXAw-x2mF5uic-z8VsZgARzHrPNPiOItVotawAAAALYAAAAArjpxptAEynu____fxwAAAAZOfQAAADo9wFNxa0XeuBK8SuIxWIw3D8AFWKtVqvbjbVaLQ!&cmcv=&pix=undefined&cb=1690662494584&uv=3308&tms=1690662494584&abt=lvlstst-in2_vC!lvlstst1_vC!nonrv_vA!t45!ufm_vD!ul3310_vB&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=d2a8f45b-1ed0-40d3-b16a-a8474b39c2e2&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 9BEB10DC96EC5D49FE31CE810AC2E8DD
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8n44CLAacvlxV9WPmnBE4fbmq6sfMOSsAAABgYID-AAlZFsaZaTVxK1Ymw1o0GHnWEsds4VYYR7vRxLPcWFaWISAhy8I4M60mbsXKZFiLBiPPWuKYLdwK42g3mniWG8vKMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZnaDodPte9Xvf73SU-z1zj9yv8yr_rrfy73mKnw-5WO-0-t-LpcEudDrvPrXE43VKnW-20-9zSo9OtfLo1R6db4nor_3afW_pwuqVPt-Rld4scfrfa5bQLTW-zHQAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAgtkGgieRAAK-7yx8AAAAAQAAAAACQAEBAPywBEGO8d-L_________P8YAfeaNjP____8bBj0AHnwAPAgBAAAAGqIoXP5s-7DNTaRAswgjAAAAAFvN5sNHJukEFYsq_____VYArgAABCSOWnlxZNEdlHgLAwAAIDBmgR4Wv9_ssGv8bpf5_________zfzf-YfTRClmVkaocnRazW_gAAAa34BAQDYqBsAgDcBcIIOQSsGg9UJiNkBAAAAuPP___-vB2QsvtlsMJuZBhPjZmOy2GYz18ozm7hMG9vKMXF4z113x3UweCRsnw1hmf2-g4JyenrMLoOM5TIZxAcNw3IyCOZnwhaj1WSyWQ5ny8VkMBwNR6P9EcDlAE3EYLmcTBaT3Wq0Gm2Gu9FssEACMZggihYNJqvRaLKYDFejyWq2XOx2G0TRqtVstBkMV7PJbLdbDQfD5WiEJmwxWk0mm-VwtlxMBsPRcDQaIphyzBa-xW6zFg0Gw7VouFu5FY6JYy0abkzOxWY0Mw5ma9HrY7pYXDaLyeRFggFte5E8LdKJbDObbXajwcJl801Gho1lZNsMlpvZxrDxWIwjz0Qs0Zws0onssu9YfLPZYDYzDSbGzcZksc1mrpVnNnGZNraVY-LwtxyzhW-x26xFg8FwLRruVm6FY-JYi4Ybk3OxGc2Mg9la9PqYLhaXzWIy-Ruz5WA2m4yWm31jthzMZpPRcrPv0Bm-q8_ZqCyrJB-dR5tMGw83p0HhMli8a_XpLCwKD9ZouOh0ScTHzs7o9_v9fr_f7_f7_Qat52A2KHzPw184fSzP5XA2ehAbFIpYIrhIJ4KH2e0wvdwSn2fjt4glStNFOtEr_Mq_6638u95ip8PuVjvtPrfi6XBLnQ67z61xON1Sp1vttPvc0qPTrXy6NUenW-J6K_92n1v6cLqlT7fkZXeLHH632uW0C01vs0UsEZwu0onoZTxd1H_kkIu5ZLCaSzaDuWK5WiUAAAAAAAAAAEswyXQTAAAAACeDGm6Gi9U6HcxkNhnsVssFcBGUpQsYBAAAAAAAoFhjjzXAw-x2mF5uic-z8VsZgARzHrPNPiOItVotawAAAALYAAAAArjpxptAEynu____fxwAAAAZOfQAAADo9wFNxa0XeuBK8SuIxWIw3D8AFWKtVqvbjbVaLQ!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 875A7DB6174B0FA52DB28BE2FF28FBBA
Requests: 4 HTTP requests in this frame

Frame: https://sync.logly.co.jp/sync/sync.html
Frame ID: D4D9B5C8D65319261A5A242D294BCFF8
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
Frame ID: CD65F3F73B34CFBAED05832D6A674192
Requests: 4 HTTP requests in this frame

Frame: https://26a913cfa320d0f204fd1581ad0e5bf0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 7B97A0EA24318AFFC91003861D6F01A7
Requests: 1 HTTP requests in this frame

Frame: https://ab1d08d97462a9db334f967904413160.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 1416B99A2051F74D2DF489C941B92989
Requests: 1 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Frame ID: 45A6CD3C8ACC56F5C866DAF6E4FFDA81
Requests: 5 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Frame ID: A7049BEFFC7B57610819A79F0E219889
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E92A933C6F0BB3D869BCEAFF0BF8B2ED
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F89F0975A08FB15CEC766E8815E55595
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B1FE64DEAB6AA64143DDAEB77CA2FF1B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 107DC0F133BBA92D705400614D5971DF
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 560432F03E8CDC8E34392D88446A81E7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: ED251C4A8FC85673634A3C2987F79B8D
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6C8F64BCDC0C2EAEA8A8BB47F92314A7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 276624C9BF5033D5E63DA9A408DD0B61
Requests: 2 HTTP requests in this frame

Frame: https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZMV2YcCo8YMAANUkDiMAAAAA
Frame ID: 45AEDCE94246C61D1CB9ED5F483A6756
Requests: 22 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: C09CDC6EE4F96745FFE8181D7DA93753
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 3E57558A5BDCF59F0FF6747309B5F55F
Requests: 6 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8n44CLAacvlxV9WPmnBE4fbmq6sfMOSsAAABgYID-AAlZFsaZaTVxK1Ymw1o0GHnWEsds4VYYR7vRxLPcWFaWISAhy8I4M60mbsXKZFiLBiPPWuKYLdwK42g3mniWG8vKMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZnaDodPte9Xvf73SU-z1zj9yv8yr_rrfy73mKnw-5WO-0-t-LpcEudDrvPrXE43VKnW-20-9zSo9OtfLo1R6db4nor_3afW_pwuqVPt-Rld4scfrfa5bQLTW-zHQAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAgtkGgieRAAK-7yx8AAAAAQAAAAACQAEBAPywBEGO8d-L_________P8YAfeaNjP____8bBj0AHnwAPAgBAAAAGqIoXP5s-7DNTaRAswgjAAAAAFvN5sNHJukEFYsq_____VYArgAABCSOWnlxZNEdlHgLAwAAIDBmgR4Wv9_ssGv8bpf5_________zfzf-YfTRClmVkaocnRazW_gAAAa34BAQDYqBsAgDcBcIIOQSsGg9UJiNkBAAAAuPP___-vB2QsvtlsMJuZBhPjZmOy2GYz18ozm7hMG9vKMXF4z113x3UweCRsnw1hmf2-g4JyenrMLoOM5TIZxAcNw3IyCOZnwhaj1WSyWQ5ny8VkMBwNR6P9EcDlAE3EYLmcTBaT3Wq0Gm2Gu9FssEACMZggihYNJqvRaLKYDFejyWq2XOx2G0TRqtVstBkMV7PJbLdbDQfD5WiEJmwxWk0mm-VwtlxMBsPRcDQaIphyzBa-xW6zFg0Gw7VouFu5FY6JYy0abkzOxWY0Mw5ma9HrY7pYXDaLyeRFggFte5E8LdKJbDObbXajwcJl801Gho1lZNsMlpvZxrDxWIwjz0Qs0Zws0onssu9YfLPZYDYzDSbGzcZksc1mrpVnNnGZNraVY-LwtxyzhW-x26xFg8FwLRruVm6FY-JYi4Ybk3OxGc2Mg9la9PqYLhaXzWIy-Ruz5WA2m4yWm31jthzMZpPRcrPv0Bm-q8_ZqCyrJB-dR5tMGw83p0HhMli8a_XpLCwKD9ZouOh0ScTHzs7o9_v9fr_f7_f7_Qat52A2KHzPw184fSzP5XA2ehAbFIpYIrhIJ4KH2e0wvdwSn2fjt4glStNFOtEr_Mq_6638u95ip8PuVjvtPrfi6XBLnQ67z61xON1Sp1vttPvc0qPTrXy6NUenW-J6K_92n1v6cLqlT7fkZXeLHH632uW0C01vs0UsEZwu0onoZTxd1H_kkIu5ZLCaSzaDuWK5WiUAAAAAAAAAAEswyXQTAAAAACeDGm6Gi9U6HcxkNhnsVssFcBGUpQsYBAAAAAAAoFhjjzXAw-x2mF5uic-z8VsZgARzHrPNPiOItVotawAAAALYAAAAArjpxptAEynu____fxwAAAAZOfQAAADo9wFNxa0XeuBK8SuIxWIw3D8AFWKtVqvbjbVaLQ!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 4B70A3551B32893F46A758A4FC9BE931
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Frame ID: E5E945E71F1149EDB7BB4E6078F0B273
Requests: 19 HTTP requests in this frame

Frame: https://8a90b2bd4764c30f3c7245686ebb31fa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Frame ID: DADB5EB0EFFE7704FC78ABB3B1CC72A8
Requests: 1 HTTP requests in this frame

Frame: https://72c64af70e5eb37bb8d4e610b6a77eac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Frame ID: 15C93C4AE163267F550EC06689A63D97
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst7c8YGH_Appj7wZDhRSg9rosWm1wXK-1HjfCIxzesK5jtT7oyPO_teOZHmryqqYAPYqnvVl6Ji1zhtvfuzosHOBIb5Gjej6kbRnDBN7e6StYJCLrf3CrUJBrty2tGpAwxkGDaK2mp0CczYvEYTHDuqoh396968GazsPfqsLlFUqWSSjh8Xf9OC2cfyT-TcXGQ8CQkLD2YEclG08Z4Dz4PrJlw8suG0Y3WHBK86UvXbucvnvp4C4w32WPEg98hXDmGX-ljvvMX2CnoGP-8bL03u-xIeHaGER3DNHrFufJGBsFb1K3nij5UHQYXGhArKhzqwwucVvSHDzkH9&sai=AMfl-YR8pT7qIYEtpgKsIRc5SgW6116CRv-Z4kaH5SA4d_XPoNz9n3MTAPDhHJs9NpbYOJHHAl4sSLEp_0nsPY6TH57Jtrv4Twkkcy5pig&sig=Cg0ArKJSzBT3iIpWZLbdEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 0D259C53D3C2E0214DB3D7B0664EEEA9
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4B83C001996CDBC079C438DF08C55661
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7481F5842B04B461C0B997EF873E074C
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvENFxUO0hIn8WQaYlptp8qavyyql6WtunsSVhwDFgfgePTaqBQhkJqRNIHoo-stiotrziRZSUh8KuGGfAagFqAJHJZH2Drw-1hNBBfeII-V3dBD2qgLn1RV2IjBUCYQqBpOt9Wm6RAesizAuxuooL0IdISoyPrOkrtgY9mH8y5uxr332Lw-XJH9TeNhyiNgGnoMGPJePy6SC1ZsVPNiHg7HI1H0MGHIA1OlCGh2vBOw7xVrZ3v4RbzQRwqdRxn2zYP_vCWbTnCjOa7oaxj9Akag-kH0204bBuBoX-Id1yY9rN974zxh-uPDq0TnhLgkwtIEIzXQnZ6ffCj&sai=AMfl-YSXOAzBmG1jlhiqWvQAxekJfETV1yRfMLNYsbsh0QnMY7gK6ca69CseennOMaTtCx_brObZNdavrI-luvMG0-sC-YU4Dc8iisRUyQ&sig=Cg0ArKJSzCzJaUvqpg5dEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 78F67F7AE3EB68FD6D9DDD73A8C97E04
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1FBB1B6455A687B2D959718DD27C517C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 95A5B47153C22CF1CBD976D8C1284525
Requests: 2 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5107433829100500179
Frame ID: 6634AD1D245B0CA5D0ECB37222FD8B6E
Requests: 1 HTTP requests in this frame

Frame: https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Frame ID: B6D637B2EBEB4A5FDEC2EC3C28B3F5C8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 64842D00254E692B5077D44E76AF2D9C
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=75D8FE22-98F9-4FFF-A1EF-8DD3948A4671&redir=true&gdpr=0&gdpr_consent=
Frame ID: ECF933E4AEDDC388643E6398EDCDBE86
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=vQCd7LwCy7ymUJzh6gbTu7kFy-imVp29swEBjFdZ
Frame ID: ABC0F709A0601AB0C4EA68AC39E54FA6
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=968244379336290942&gdpr=0&gdpr_consent=
Frame ID: 552317FA00E98406985B400A334C6FF4
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7261340150374463631&gdpr=0&gdpr_consent=
Frame ID: 65C65ADB336A1C7DED874715DC2105C3
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=ibJxpZ-JWxpKSH8HagjfhFvN5sM&gdpr=0&gdpr_consent=
Frame ID: B2BD5D3967890766DF5964F438FBC18C
Requests: 1 HTTP requests in this frame

Frame: https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
Frame ID: 1D30EDBF2F9C2A3F0883C81F80B26820
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
Frame ID: F589F664F0043B49E5515BCD78767129
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZMV2ZQAEkkgX0ABY
Frame ID: 9A654E1CCB6577C5CA51F867BFBEE4B8
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
Frame ID: 1235B1E6730C7650E658D303AB4A4B9E
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 6A0B7AAC3402F8412B4A1B326DE441F3
Requests: 1 HTTP requests in this frame

Frame: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Frame ID: 760C3574AF19D530AA091B4B31F1899C
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 7FD798309F873D6321145A55782A6286
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 07F9C147A53B3B9E0B9EC30B5CA0E0F6
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 8BFEBBA49D1EAB0590C9749708262788
Requests: 1 HTTP requests in this frame

Frame: https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Frame ID: B30F3EDF66F3B1D1B44E41E1316EBEFE
Requests: 1 HTTP requests in this frame

Frame: https://sync.taboola.com/sg/rtb-pubmatic-network/1/rtb-h/?gdpr=0&taboola_hm=75D8FE22-98F9-4FFF-A1EF-8DD3948A4671&orig=video&us_privacy=1---
Frame ID: BFCD5E6C0408EE0775EBD52B33043453
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

悠遊聯名卡將採記名制 遺失不用再自認倒楣 - 天天要聞

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

331
Requests

75 %
HTTPS

0 %
IPv6

73
Domains

121
Subdomains

71
IPs

13
Countries

3797 kB
Transfer

11020 kB
Size

71
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Request Chain 109
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adiiix
Request Chain 112
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adiiix
Request Chain 128
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=logly&endpoint=apac HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
Request Chain 130
  • https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP 302
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=fcde6ae8-8588-4830-a265-ccc13a104767
Request Chain 131
  • https://pr-bh.ybp.yahoo.com/sync/taboola/e16a7173-4008-487e-a1b1-48cd9134f806-tuctbbefbdd?gdpr=0&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-l5L45jlE2oQfoXrbq5UAyuPbLSeF.bfxjCy1Iw--~A
Request Chain 132
  • https://x.bidswitch.net/sync?gdpr=0&us_privacy=1---&ssp=taboola HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?gdpr=0&us_privacy=1---&ssp=taboola HTTP 302
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=0c810efa-1685-4093-af12-4c678061e3d0&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=0c810efa-1685-4093-af12-4c678061e3d0&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=0dc529a4-adc5-407c-9e86-900c65fed442&ssp=taboola&gdpr=0&us_privacy=1--- HTTP 302
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=0c810efa-1685-4093-af12-4c678061e3d0&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1---
Request Chain 139
  • https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP 302
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=fcde6ae8-8588-4830-a265-ccc13a104767
Request Chain 140
  • https://pr-bh.ybp.yahoo.com/sync/taboola/e16a7173-4008-487e-a1b1-48cd9134f806-tuctbbefbdd?gdpr=0&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-52NgEqtE2oRAezkWGIWi00ox0ugT9tRTgG4QhQ--~A
Request Chain 141
  • https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=0&us_privacy=1--- HTTP 302
  • https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=0&us_privacy=1---&verify=true HTTP 302
  • https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-QMKIuG5E2uH87SLwNIeKsTJ8N_A9LSbQ~A&gdpr_in_effect=0
Request Chain 154
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134176&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1690662495&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690662494717&bpp=17&bdt=990&idt=348&shv=r20230726&mjsv=m202307200101&ptt=5&saldr=sa&correlator=6162315228152&frm=23&ife=1&pv=2&ga_vid=1135277556.1690662495&ga_sid=1690662495&ga_hid=1899537615&ga_fc=0&ga_cid=amp-agW4eEHknI5vl4jbuKtc1g&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=2539613976&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759837%2C31076343%2C44788441&oid=2&pvsid=3378564622677880&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.my4afyxlatc9&fsb=1&dtd=388 HTTP 302
  • https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Request Chain 160
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134177&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1690662495&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690662494741&bpp=14&bdt=1000&idt=407&shv=r20230726&mjsv=m202307200101&ptt=5&saldr=sa&correlator=6162315228152&frm=23&ife=1&pv=1&ga_vid=1485912785.1690662495&ga_sid=1690662495&ga_hid=1973253402&ga_fc=0&ga_cid=amp-agW4eEHknI5vl4jbuKtc1g&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2142&biw=1600&bih=1200&isw=336&ish=280&ifk=2135817349&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31076444%2C31076512%2C44788441&oid=2&pvsid=2561499019739910&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.rwvo9x482k6l&btvi=1&fsb=1&dtd=421 HTTP 302
  • https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Request Chain 171
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LKOGSQDZ-3-ED2T HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LKOGSQDZ-3-ED2T
Request Chain 172
  • https://pixel-apac.rubiconproject.com/exchange/sync.php?p=logly&khaos=LKOGSQGA-W-IT7N HTTP 302
  • https://sync.logly.co.jp/rtb/rubicon.gif?buyeruid=LKOGSQGA-W-IT7N
Request Chain 173
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=ZN0gDFeaQ2i-f82XZeuVNA&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=ZN0gDFeaQ2i-f82XZeuVNA
Request Chain 174
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=FIjw7A-cSJW5HEfBIJNcTQ&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=FIjw7A-cSJW5HEfBIJNcTQ
Request Chain 175
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjM2ZTY1M2VlODQ0MDExMTVlNDY0NjI4YWViODU4ZjFhN2VjYzUzOA
Request Chain 176
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LKOGSQGA-W-IT7N&ex=d-rubiconproject.com&status=ok
Request Chain 177
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEtPR1NRR0EtVy1JVDdO HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBHi9IuSS9O_8zMvflfY-Eg&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEtPR1NRR0EtVy1JVDdO&google_push=
Request Chain 178
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LKOGSQGA-W-IT7N
Request Chain 179
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJaWj9yQcxNUy-V5-725zGA&google_cver=1
Request Chain 180
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=fcde6ae8-8588-4830-a265-ccc13a104767&gdpr=0&gdpr_consent=&expires=30
Request Chain 197
  • https://tg.socdm.com/aux/idsync?proto=taboola HTTP 302
  • https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZMV2YcCo8YMAANUkDiMAAAAA
Request Chain 198
  • https://ih.adscale.de/su?gdpr=0&gdpr_consent=&tpid=22688&cburl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstroerrtbeur-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__STROEER_USER_ID__ HTTP 302
  • https://ih.adscale.de/su?gdpr=0&gdpr_consent=&tpid=22688&cburl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstroerrtbeur-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__STROEER_USER_ID__&nut&uu=e7b19e4558b141d8a2c33506ad0490e0 HTTP 302
  • https://sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/?taboola_hm=e7b19e4558b141d8a2c33506ad0490e0
Request Chain 200
  • https://pixel.rubiconproject.com/exchange/sync.php?p=16698 HTTP 302
  • https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LKOGSQGA-W-IT7N
Request Chain 201
  • https://pr-bh.ybp.yahoo.com/sync/taboola/e16a7173-4008-487e-a1b1-48cd9134f806-tuctbbefbdd?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-SvDXr59E2oRtTN0CK2T4h8MDjNM9nIejv_PgUg--~A
Request Chain 203
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEJHNGQq5-8M7KOdSWDjuDTc&google_cver=1
Request Chain 205
  • https://sync.taboola.com/sg/google-network/1/rtb/?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=e16a7173-4008-487e-a1b1-48cd9134f806-tuctbbefbdd
Request Chain 206
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=fcde6ae8-8588-4830-a265-ccc13a104767
Request Chain 207
  • https://ce.lijit.com/merge?pid=42&3pid=e16a7173-4008-487e-a1b1-48cd9134f806-tuctbbefbdd&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=42&3pid=e16a7173-4008-487e-a1b1-48cd9134f806-tuctbbefbdd&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Request Chain 210
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=7ffabb06-d983-4a97-a752-e871b6e8cf36
Request Chain 212
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=${BSW_USER_UD}&bsw_param=0c810efa-1685-4093-af12-4c678061e3d0&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=taboola&bsw_param=0c810efa-1685-4093-af12-4c678061e3d0
Request Chain 213
  • https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=fad5c2eb-8327-428c-bcef-9e7602da2817 HTTP 302
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=fad5c2eb-8327-428c-bcef-9e7602da2817&tbid=e16a7173-4008-487e-a1b1-48cd9134f806-tuctbbefbdd&query=taboola_hm%3Dfad5c2eb-8327-428c-bcef-9e7602da2817&isDirect=0
Request Chain 214
  • https://u.openx.net/w/1.0/sd?id=543998486&val=e16a7173-4008-487e-a1b1-48cd9134f806-tuctbbefbdd&gdpr=0&gdpr_consent= HTTP 302
  • https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=e16a7173-4008-487e-a1b1-48cd9134f806-tuctbbefbdd&gdpr=0&gdpr_consent=
Request Chain 215
  • https://eb2.3lift.com/xuid?mid=7772&xuid=e16a7173-4008-487e-a1b1-48cd9134f806-tuctbbefbdd&dongle=tbla&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=e16a7173-4008-487e-a1b1-48cd9134f806-tuctbbefbdd&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=
Request Chain 216
  • https://sync.srv.stackadapt.com/sync?nid=140 HTTP 302
  • https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=ibJxpZ-JWxpKSH8HagjfhFvN5sM
Request Chain 218
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&ph=295bf259-a378-4089-aae8-a2a995ba8627&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26us_privacy%3D1---%26orig%3Dvideo%26taboola_hm%3D HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&gdpr=0&gdpr_consent=&ph=295bf259-a378-4089-aae8-a2a995ba8627&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26us_privacy%3D1---%26orig%3Dvideo%26taboola_hm%3D HTTP 302
  • https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=76073804-beb2-08c1-0de8-5240c144bcff
Request Chain 235
  • https://agent.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Request Chain 236
  • https://agent.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Request Chain 251
  • https://sync.1rx.io/usersync2/rmpssp?sub=taboola HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=taboola&zcc=1&cb=1690662499095 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=6741284012 HTTP 302
  • https://sync.1rx.io/usersync/turn/2355267517082634137?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-6e5fd2fc-6824-4845-be29-f2e3f8c45d3d-003?redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Funrulyrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5BUSER-ID%5D HTTP 302
  • https://sync.taboola.com/sg/unrulyrtb-network/1/rtb-h/?taboola_hm=[USER-ID]
Request Chain 252
  • https://creativecdn.com/cm-notify?pi=taboola HTTP 302
  • https://creativecdn.com/cm-notify?pi=taboola&tc=1 HTTP 302
  • https://sync.taboola.com/sg/rtbhouse-network/1/rtb-h?taboola_hm=llV2ZmVhoA2yewaWt7Oj&pi=taboola&tc=1
Request Chain 287
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5107433829100500179
Request Chain 289
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 291
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=vQCd7LwCy7ymUJzh6gbTu7kFy-imVp29swEBjFdZ
Request Chain 292
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=968244379336290942&gdpr=0&gdpr_consent=
Request Chain 293
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7261340150374463631&gdpr=0&gdpr_consent=
Request Chain 294
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=ibJxpZ-JWxpKSH8HagjfhFvN5sM&gdpr=0&gdpr_consent=
Request Chain 297
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZMV2ZQAEkkgX0ABY
Request Chain 306
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ddj-Ipj5T_-h743TlIpGcQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 309
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=75D8FE22-98F9-4FFF-A1EF-8DD3948A4671 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=Z2VtYTVMTktVVVlUOWFyLUxMR3R1QTdhZw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
Request Chain 310
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NzVEOEZFMjItOThGOS00RkZGLUExRUYtOEREMzk0OEE0Njcx&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 311
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEbJiMDwbKl_5zFkmGivJms&google_cver=1
Request Chain 313
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4557570919883808046
Request Chain 314
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=fcde6ae8-8588-4830-a265-ccc13a104767&gdpr=0&gdpr_consent=
Request Chain 316
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=75D8FE22-98F9-4FFF-A1EF-8DD3948A4671&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-0CiNqKxE2uUtrwCTvyeUDrAlbABnGAA-~A&gdpr=0
Request Chain 317
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=0c810efa-1685-4093-af12-4c678061e3d0&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_9f1af562-b244-4186-964a-de9835d4fb14&bsw_param=0c810efa-1685-4093-af12-4c678061e3d0&expires=10&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=0c810efa-1685-4093-af12-4c678061e3d0&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 318
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=75D8FE22-98F9-4FFF-A1EF-8DD3948A4671&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=e58dd153197197b&is_secure=true&networkId=17100&version=1&nuid=75D8FE22-98F9-4FFF-A1EF-8DD3948A4671&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALGSFrVDgMbgNPb4nsAAAAAAA&expiration=1690748900&nuid=75D8FE22-98F9-4FFF-A1EF-8DD3948A4671&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 319
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2355267517082634137&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 320
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=0a8dc93f-e62f-4ffb-bec6-500b4f75b0c8-64c57665-5858&gdpr=0&gdpr_consent=
Request Chain 326
  • https://agent.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk

331 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
www.bg3.co/a/ 		51 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.231.174.251 New York, United States, ASN9744 (XLC-AS-AP XLC GLOBAL, HK),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1aaf025f639a470b07578e4d8ff25534d985e0a1b823e48adcd03d565461b76f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

cache-control
max-age=900
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 29 Jul 2023 20:28:12 GMT
etag
"ca26-A7bbz2RUYde2Q34LzZ9O8SBnZM0"
expires
Sat, 29 Jul 2023 20:43:12 GMT
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
v0.js
cdn.ampproject.org/ 		277 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
sffe /
Resource Hash
98e6148a24faebb929a0138d6d686d44d5eedc6a33d9415eb0a0f803485bc656
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sat, 29 Jul 2023 20:28:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72978
x-xss-protection
0
server
sffe
etag
"c0980513e2e94248"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 29 Jul 2023 20:28:13 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
sffe /
Resource Hash
226047b6df5b3d94b3177a2d35e39b8814c03acfb95e61eccea40c5eb81328bc
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sat, 29 Jul 2023 20:28:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9690
x-xss-protection
0
server
sffe
etag
"bf0e1f4c4e9c9147"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 29 Jul 2023 20:28:13 GMT
amp-auto-ads-0.1.js
cdn.ampproject.org/v0/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
sffe /
Resource Hash
cfb99c717c3b8c261e25756ba22ee4e89ef6892ab38f6755699749b4156de1a2
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sat, 29 Jul 2023 20:28:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7621
x-xss-protection
0
server
sffe
etag
"87192053f7ea25a5"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 29 Jul 2023 20:28:13 GMT
sdk
cdn.aralego.net/ucfad/sdk/us-east/
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
39 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H2
Server
104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:28:13 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1078
alt-svc
h3=":443"; ma=86400
content-length
40181
last-modified
Tue, 20 Jun 2023 03:04:26 GMT
server
cloudflare
etag
"6491173a-9cf5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TsRxrBB6p6Eugj4CNOIQyt5PkAf%2B3P9rz0i5OSXYg%2F9FBR%2BGmQ0m5WveDGAlzfjpNhZono192Gt3Av2gKXxXcq11rmGfExfzfvsh%2BpZ2gZpF9TcKSiT7R9v6d%2FjX8zB5Cg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7ee81b69181a03d2-LIS

Redirect headers

location
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
connection
close
content-length
0
adRecover.js
delivery.adrecover.com/43519/ 		41 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.adrecover.com/43519/adRecover.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.238.159 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-238-159.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
6a80566a14ad0c9ed05a4dca600dd0dcd7779caef2e98226cca37fbe89526d3a

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
PT
date
Sat, 29 Jul 2023 20:28:13 GMT
content-encoding
br
last-modified
Sat, 29 Jul 2023 07:00:27 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
x-cf-geodata
PT
content-length
10988
expires
Sat, 29 Jul 2023 21:28:13 GMT
adpushup.js
cdn.adpushup.com/42753/ 		650 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/adpushup.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.202.65 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-202-65.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
b8a6b67b95245dbbe4fddb8aa4395636d755750b2affdf62f2256bc5cc3b2b93

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
PT
date
Sat, 29 Jul 2023 20:28:13 GMT
content-encoding
br
last-modified
Sat, 29 Jul 2023 11:30:26 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=12, origin; dur=0, ak_p; desc="469628_34654781_537146544_1267_1677_45_0_146";dur=1
x-cf-geodata
PT
content-length
139375
expires
Sat, 29 Jul 2023 21:28:13 GMT
loader.js
cdn.taboola.com/libtrc/palmate-bg3co/ 		399 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
86195014b2476ea609c147c86ffca7082fb59d5c2cd9d1d67f8706b93ec5164e

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
qW6d.Zg4BbVWBfaFJZoMUUWX9JUTZqmW
content-encoding
gzip
via
1.1 varnish
date
Sat, 29 Jul 2023 20:28:13 GMT
x-amz-request-id
DS1TP15HDKMW2JQT
age
0
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
FAILED
content-length
49034
x-amz-id-2
d0y+ph5a8d4xokFaHr0ecUE+ih/yiyBXKRRRVxMVZn2g4/nPF5QOEcdVJYrIZHbvpXzrq3VGGs4=
x-served-by
cache-lis1490045-LIS
last-modified
Thu, 27 Jul 2023 19:47:14 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1690662493.970434,VS0,VE209
etag
"746b1af5916b0fc93a132e8906d5cb48"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
48
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
1
lift_widget.js
nt.compass-fit.jp/ 		78 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.113.50.131 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-113-50-131.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
04a4da74868876d08873ac8dfa79b120cc7614ba36031cef19e655588ae6cbfe

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Jul 2023 20:28:13 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"
content-type
text/javascript
cache-control
private, no-cache, no-cache="Set-Cookie", proxy-revalidate
jquery-2.2.2.min.js
code.jquery.com/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.2.min.js
Requested by
Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:28:13 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-14e98"
surrogate-control
max-age=315360000;hw-h2proxy
vary
Accept-Encoding
x-hw
1690662493.cdn4-pxy026-mad02.ma1.evs,1690662493.cds035.ma1.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000,public
accept-ranges
bytes
content-length
29880
2b8b4ecb3b1cb55363901b8a176686b8.jpg
static.bg3.co/imgs/202105/ 		0
0
f5ea085274908fd0a3878df4278663e7.jpg
static.bg3.co/imgs/202105/ 		0
0
02dcdf68c81501029fa1b6e468ce0905.jpg
static.bg3.co/imgs/202105/ 		0
0
51342a488381ca61e86428b650f40475.jpg
static.bg3.co/imgs/202105/ 		0
0
a6b823deb358b4ad4afd5bea617848e3.jpg
static.bg3.co/imgs/202106/ 		0
0
752b7d2ac71d9233c4b5a47a014b3aa4.jpg
static.bg3.co/imgs/202105/ 		0
0
2390823954f202a91068b11a95b987fb.jpg
static.bg3.co/imgs/202105/ 		0
0
c384fb3bac808cc700dcdcbb5f12bd8c.jpg
static.bg3.co/imgs/202105/ 		0
0
fbde1a3f949f8d8990624f85ecc6774e.jpg
static.bg3.co/imgs/202105/ 		0
0
ea700ea2d53f67801c0691f5eb5ad8e4.jpg
static.bg3.co/imgs/202105/ 		0
0
5679d32d0b8b4b34035d459fcb2a7b80.jpg
static.bg3.co/imgs/202105/ 		0
0
f21bcbfdb2adcf8614966cf76987457b.jpg
static.bg3.co/imgs/202105/ 		0
0
12016a8614d70f1881ec43a9b74ad017.jpg
static.bg3.co/imgs/202106/ 		0
0
c3393d50b4fa27a1914d2552f66416a7.jpg
static.bg3.co/imgs/202105/ 		0
0
c7fb89a1517986682f9cb4ebc504aaa2.jpg
static.bg3.co/imgs/202105/ 		0
0
b673493b78a256bbaf4174276ed7d55d.jpg
static.bg3.co/imgs/202105/ 		0
0
218a15524fc5be8b6179620e81cb5630.jpg
static.bg3.co/imgs/202105/ 		0
0
ec95270e3e7da2d4b3b0f97c8fe65486.jpg
static.bg3.co/imgs/202105/ 		0
0
0fcb057975ed80f76443b1fb9dd719f6.jpg
static.bg3.co/imgs/202105/ 		0
0
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012307150128000/v0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307150128000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
sffe /
Resource Hash
b031de3df41b8270548e7ef1e786892ff7d876ede2cd02e355b9cea2b9f63bf7
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 28 Jul 2023 04:17:43 GMT
age
144630
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3031
x-xss-protection
0
server
sffe
etag
"ab4976f290799864"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 27 Jul 2024 04:17:43 GMT
amp-ad-0.1.js
cdn.ampproject.org/rtv/012307150128000/v0/ 		82 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307150128000/v0/amp-ad-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
sffe /
Resource Hash
c9eb6c80b3ac7c6046303f445441f326bf1ffe2b86dc42816a092f110fe4fcf7
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 28 Jul 2023 19:22:22 GMT
age
90351
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23158
x-xss-protection
0
server
sffe
etag
"79cbf92139ba05f8"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 27 Jul 2024 19:22:22 GMT
ama
pagead2.googlesyndication.com/getconfig/ 		3 KB
822 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/ama?client=ca-pub-3216231935713038&plah=www.bg3.co&ama_t=amp&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
354870399cd25b9a3e2d93b89ab95c7d37b034d9a813a3508eebeba38b09330b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:28:13 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
474
x-xss-protection
0
amp-loader-0.1.js
cdn.ampproject.org/rtv/012307150128000/v0/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307150128000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
sffe /
Resource Hash
0f82b62ca70834fa28f5e86b2ff59f8a4b7fc58beff1c711b0fa922c0afe484b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 28 Jul 2023 09:03:00 GMT
age
127513
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4005
x-xss-protection
0
server
sffe
etag
"41886e59cfb0dca0"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 27 Jul 2024 09:03:00 GMT
impl.20230727-9-RELEASE.js
cdn.taboola.com/libtrc/ 		790 KB
164 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20230727-9-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
43a83648821763999517a452b242cd9dc3f25c9278aa8be1e242fd5c1b048e7e

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
P1Qu3yvrKOHpC36FNk8YMgJiSiUmC7do
content-encoding
br
via
1.1 varnish
date
Sat, 29 Jul 2023 20:28:13 GMT
x-amz-request-id
X4B0JKW6XD1YSF26
age
10485
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
167336
x-amz-id-2
Ii3mZxmi9aSA4aLZKcX/lz754Pb8COUr5Y9YE7Zy2x/HQBaPeRygA4CdMv3NXyU0eZXwDHCnOJY=
x-served-by
cache-lis1490045-LIS
last-modified
Thu, 27 Jul 2023 09:32:23 GMT
server
AmazonS3-br
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1690662493.335894,VS0,VE0
etag
"5315a99ad6ffedb46c02101d15c92185"
vary
Accept-Encoding
content-type
application/javascript
abp
90
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
10708
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:28:13 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-15d9d"
surrogate-control
max-age=315360000;hw-h2proxy
vary
Accept-Encoding
x-hw
1690662493.cdn4-pxy026-mad02.ma1.evs,1690662493.cds208.ma1.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000,public
accept-ranges
bytes
content-length
30875
block.jpg
delivery.adrecover.com/ 		631 B
857 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://delivery.adrecover.com/block.jpg?ts=1690662493394
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.238.159 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-238-159.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
PT
date
Sat, 29 Jul 2023 20:28:13 GMT
last-modified
Wed, 23 Jun 2021 06:37:54 GMT
server
nginx/1.18.0
etag
"60d2d6c2-277"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
accept-ranges
bytes
content-length
631
expires
Sat, 29 Jul 2023 21:28:13 GMT
pb.42753.1685716554093.js
cdn.adpushup.com/prebid/ 		409 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.202.65 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-202-65.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
2e1c308b644d5be0cb3ca8d1ed6ca9caf2f559a2db097ce23040bb7e6f352d6e

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
PT
date
Sat, 29 Jul 2023 20:28:13 GMT
content-encoding
br
last-modified
Wed, 19 Jul 2023 17:13:32 GMT
server
nginx/1.18.0
etag
W/"64b819bc-66521"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=16, origin; dur=0, ak_p; desc="469628_34654781_537147020_1748_1537_41_0_146";dur=1
content-length
122286
expires
Sun, 28 Jul 2024 20:28:13 GMT
quantcast.js
cdn.adpushup.com/pbuseridscripts/ 		450 B
556 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.202.65 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-202-65.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
PT
date
Sat, 29 Jul 2023 20:28:13 GMT
content-encoding
br
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
nginx/1.18.0
etag
W/"60d94cdb-1c2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=57, ak_p; desc="469628_34654781_537147022_5759_1989_41_0_146";dur=1
content-length
211
expires
Sun, 28 Jul 2024 20:28:13 GMT
linkPreview.js
cdn.adpushup.com/42753/ 		75 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/linkPreview.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.202.65 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-202-65.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
PT
date
Sat, 29 Jul 2023 20:28:13 GMT
content-encoding
br
last-modified
Tue, 13 Dec 2022 07:20:55 GMT
server
nginx/1.18.0
etag
W/"639827d7-12dc3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=42, origin; dur=0, ak_p; desc="469628_34654781_537147021_4300_1997_41_0_146";dur=1
content-length
18371
expires
Sat, 29 Jul 2023 21:28:13 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		81 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
90272552cc714c842df1bc17bf5b899eec2263a7eda39b1718460b49413adf93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:28:13 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27973
x-xss-protection
0
server
cafe
etag
984 / 19567 / m202307250102 / config-hash: 5693953215715342715
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 29 Jul 2023 20:28:13 GMT
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2OTA2NjI0OTM0NzYsInBhY2tldElkIjoiMDAwMEE3MDEtZjc2ZDc1NDEtYWUwNS00ZWQzLWI5MzQtYmUzZmQ2Zjc5ODg1Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3lvdS15b3UtbGlhbi1taW5nLXFpYS1qaWFuZy1jYWktamktbWluZy16aGkteWktc2hpLWJ1LXlvbmctemFpLXppLXJlbi1kYW8tbWVpLmh0bWwiLCJtb2RlIjo0LCJlcnJvckNvZGUiOjAsInJlZmVycmVyIjoiIiwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6bnVsbCwiY291bnRyeSI6IlBUIn0%3D&c_b=1970
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Jul 2023 20:28:13 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 		70 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Jul 2023 20:28:13 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
AGSKWxWGtL7zuZ1y1IcNdDu97XV3A1nSFYlAxzUsMF11iBnZwCEpDsaZDLJvauA2_Cx3VImW-PkAxWSsA1Yld5y1tqA=
fundingchoicesmessages.google.com/f/ 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWGtL7zuZ1y1IcNdDu97XV3A1nSFYlAxzUsMF11iBnZwCEpDsaZDLJvauA2_Cx3VImW-PkAxWSsA1Yld5y1tqA=
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f110.1e100.net
Software
ESF /
Resource Hash
19a95ba9c933d2d3798025717a189d2f87680fc882f2fb956b272b59fe97d706
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-7AMI7-8gN8QBoyQtG6jpiQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:28:13 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-7AMI7-8gN8QBoyQtG6jpiQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
sync
gum.criteo.com/ 		46 B
288 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230727-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:28:13 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
275708
expires
60
json
trc.taboola.com/palmate-bg3co/trc/3/ 		72 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/trc/3/json?tim=20%3A28%3A13.526&lti=deflated&data=%7B%22id%22%3A459%2C%22ii%22%3A%22%2Fa%2Fyou-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1690487230568%2C%22vi%22%3A1690662493521%2C%22cv%22%3A%2220230727-9-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html%22%2C%22vpi%22%3A%22%2Fa%2Fyou-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A3045%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Feed%22%2C%22orig_uip%22%3A%22Below%20Article%20Feed%22%2C%22cd%22%3A1838%2C%22mw%22%3A760%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fa%2Fyou-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html%2CBelow%20Article%20Feed%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230727-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5cadff2350fc773eb3b6a411312da427b6fb32db569f2ba7769f4aac55091dc0

Request headers

Referer
https://www.bg3.co/
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
517
date
Sat, 29 Jul 2023 20:28:14 GMT
content-encoding
gzip
via
1.1 varnish
x-fastly-to-nlb-rtt
108234
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-lis1490045-LIS
server
nginx
x-timer
S1690662494.558303,VS0,VE517
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
amp-sticky-ad-1.0.js
cdn.ampproject.org/rtv/012307150128000/v0/ 		40 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307150128000/v0/amp-sticky-ad-1.0.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
sffe /
Resource Hash
bc3dcb4607fcf860f3b04077f02155d90001cec4df1af09acab0fda30a0ebc39
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 28 Jul 2023 19:41:21 GMT
age
89212
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10402
x-xss-protection
0
server
sffe
etag
"c578ba47d9485b23"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 27 Jul 2024 19:41:21 GMT
amp-ad-network-adsense-impl-0.1.js
cdn.ampproject.org/rtv/012307150128000/v0/ 		213 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307150128000/v0/amp-ad-network-adsense-impl-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
sffe /
Resource Hash
13b01783a067f21e1a92d8fa559aa25c7f7bb60b7911dfa994efba7cc9e9d1d4
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 29 Jul 2023 13:19:18 GMT
age
25735
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57626
x-xss-protection
0
server
sffe
etag
"3e8e186b2ecc0e4f"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 28 Jul 2024 13:19:18 GMT
ucfad-formats.css
cdn.aralego.net/css/dev/ 		975 B
619 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:28:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
866
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wcgtEThHpWW61KKgxeEBxrDpUqLKwiFxkcrj07Hn%2Bb0%2FOz0KM6%2FmIpsLLIP%2F5a0oJJlTyVT1K8CMiVAPf%2BHyZwcx2wqjVTpsEW7ZprNcK9l6DEJLUdTa3zxoYlB6dPx55Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
7ee81b69e99403d2-LIS
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
9ac13a3b749d313c0d9735b75c2f13090f88ad739e9cb6a5846cfe3355ce29ce

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 29 Jul 2023 20:28:14 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
9ac13a3b749d313c0d9735b75c2f13090f88ad739e9cb6a5846cfe3355ce29ce

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 29 Jul 2023 20:28:14 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
ad_request
ads.aralego.com/ 		564 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.36393923196335076&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Ashburn, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:28:14 GMT
x-width
336
x-height
280
x-adstyle
banner
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
vary
Accept-Encoding
access-control-allow-credentials
true
x-adsource
PSA
x-adtype
html
connection
close
content-length
564
ad_request
ads.aralego.com/ 		564 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=1&cb=0.7760126581765787&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Ashburn, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:28:14 GMT
x-width
336
x-height
280
x-adstyle
banner
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
vary
Accept-Encoding
access-control-allow-credentials
true
x-adsource
PSA
x-adtype
html
connection
close
content-length
564
amp-analytics-0.1.js
cdn.ampproject.org/rtv/012307150128000/v0/ 		110 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307150128000/v0/amp-analytics-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
sffe /
Resource Hash
b750900b775914263120999b2cc2b11394ea45f6d9ef5478329e3d1d69b17e60
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 27 Jul 2023 12:51:26 GMT
age
200207
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32157
x-xss-protection
0
server
sffe
etag
"908a1aa3777c50a9"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 26 Jul 2024 12:51:26 GMT
nameframe.html
d-40685177173055300122.ampproject.net/2307150128000/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://d-40685177173055300122.ampproject.net/2307150128000/nameframe.html
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f3.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
quant.js
secure.quantserve.com/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.166 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:28:14 GMT
content-encoding
gzip
etag
"sLp6xTjO7svFVaOemhLWUQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Sat, 05 Aug 2023 20:28:14 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/ 		386 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
964783a75f5a7ecc32d48da45cc6025af80e263d6ba6530dc62cc25865b2eb00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:18:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
557
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
125535
x-xss-protection
0
server
cafe
etag
10403599952857238940
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 28 Jul 2024 20:18:56 GMT
googleanalytics.json
cdn.ampproject.org/rtv/012307150128000/v0/analytics-vendors/ 		2 KB
812 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307150128000/v0/analytics-vendors/googleanalytics.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
sffe /
Resource Hash
8065f98a0c313ee69495c3c529c6d093e08c980c4419bdf2c9c7318925056ead
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 28 Jul 2023 05:12:27 GMT
age
141346
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
782
x-xss-protection
0
server
sffe
etag
"c5b3128fd0184624"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 27 Jul 2024 05:12:27 GMT
ga4.json
amp.analytics-debugger.com/ 		7 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://amp.analytics-debugger.com/ga4.json?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.103.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fcde06d3963713e552d9d46936109ce6d3d389318c4c053217dd0a8b12e7b85

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:28:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
40
alt-svc
h3=":443"; ma=86400
last-modified
Sat, 29 Jul 2023 20:27:34 GMT
server
cloudflare
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=32ZGn4K3Zbpb%2FyoxtSjX5ym666YOccrRTrpFjr4OycMSoHNlZPo6YXMsyMtxOlbWCjA6X44Y2It4vRvtGo2iqbPn%2FkM0wh89nDFgiS8vS4YMXQ%2B0B3xgOPA0B1QFh7AwsgPYKxKGmYG%2BOs9yhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=86400
access-control-allow-credentials
true
x-debug-em-all-ga4amp-version
20230607
cf-ray
7ee81b6bfbe02fa7-MAD
gtag.json
cdn.ampproject.org/rtv/012307150128000/v0/analytics-vendors/ 		3 KB
956 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307150128000/v0/analytics-vendors/gtag.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
sffe /
Resource Hash
0cdc1d09aac29df4b32648b075b088d83174193624fe3c219cfd777692c9ba81
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 27 Jul 2023 21:10:33 GMT
age
170260
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
926
x-xss-protection
0
server
sffe
etag
"abaaf95b36ef21fc"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 26 Jul 2024 21:10:33 GMT
amp
www.googletagmanager.com/gtag/ 		684 B
762 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
2aec7a278e6dcbc6fe1215aa393f819226b5ce4c8e0490f7ff1e263f29b07f89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=utf-8

Response headers

date
Sat, 29 Jul 2023 20:28:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="amp.json"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
305
x-xss-protection
0
pragma
no-cache
amp-access-control-allow-source-origin
https://www.bg3.co
server
Google Tag Manager
vary
*
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
im-uid-hook.js
dmp.im-apps.net/scripts/ 		633 B
568 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=6858
Requested by
Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.241.77 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-241-77.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
69fa4215009a4325ef2d8ed36a318853ec8597bfa8fc52197de529582b85a965

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/javascript
date
Sat, 29 Jul 2023 20:28:14 GMT
content-encoding
gzip
cache-control
private, no-store
content-length
445
vary
Accept-Encoding
p3p
CP="NOI PSD OTR"
lift.json
l.logly.co.jp/ 		0
603 B 		Script
General
Check archive.org
Download Go to
Full URL
https://l.logly.co.jp/lift.json?adspot_id=4308934&widget_id=92995&auc_id=&callback=_lgy_lift_callback_4308934&render_id=MTY5MDY2MjQ5M18xXzY4ZDNmNmM5NzNmNg%3D%3D&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html&ref=
Requested by
Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-39.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 29 Jul 2023 20:28:14 GMT
Via
1.1 c3fc8d1fb362a6655af993732c376dc4.cloudfront.net (CloudFront)
Server
nginx
X-Amz-Cf-Pop
FRA56-P6
Transfer-Encoding
chunked
X-Cache
Miss from cloudfront
P3P
CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"
Access-Control-Allow-Origin
*
Cache-Control
private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
X-Amz-Cf-Id
Q68eHsoY9QQJ9v8J4dPPBEhX3H2QLLed9GtlGc-C9Hb-glesqzhYPw==
truncated
/ 		34 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/webp
em-items-corner-0px.js
cdn.taboola.com/ui-ab-tests/em-items-corner-0px/ 		0
285 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/ui-ab-tests/em-items-corner-0px/em-items-corner-0px.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230727-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
QyY.nkPk1.ve5PsXMkXjouL3Sxtk2NDO
date
Sat, 29 Jul 2023 20:28:14 GMT
via
1.1 varnish
x-amz-request-id
A5XG7X33XTHNYTQG
age
539
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
0
x-amz-id-2
kxvqkGit4jcUgAGbsf09rb/e+msovgLsOgOkg/mmwePBt9lc/Wu4GYU/TSn6JyTNrdniKThJwwg=
x-served-by
cache-lis1490045-LIS
last-modified
Tue, 09 May 2023 11:30:18 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1690662494.141983,VS0,VE0
etag
"d41d8cd98f00b204e9800998ecf8427e"
vary
Accept-Encoding
content-type
application/x-javascript
abp
79
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
48
em-items-corner-0px.css
cdn.taboola.com/ui-ab-tests/em-items-corner-0px/ 		67 B
460 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/ui-ab-tests/em-items-corner-0px/em-items-corner-0px.css
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230727-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6d1a486fb7bf4bf3652ed47683e0564b1d331a8972766b017eb442f6fc743a73

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
NSq6c0QHyRJqoEbbnjUa.rSb9Jx8_u7V
content-encoding
gzip
via
1.1 varnish
date
Sat, 29 Jul 2023 20:28:14 GMT
x-amz-request-id
H3FV714KE1GGB3M9
age
539
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
84
x-amz-id-2
w5UjcMA5ppLUml2Sk0TH+xEbLkVqbKV8CKriXZsexugH2UVntiNhIPxIqMG8jDSP7L73HCTth28=
x-served-by
cache-lis1490045-LIS
last-modified
Tue, 09 May 2023 11:30:16 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1690662494.141977,VS0,VE0
etag
"5d09465519f94b2d5c15d28243828d62"
vary
Accept-Encoding
content-type
text/css
abp
54
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
47
floating-unit.20230727-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/floating-unit.20230727-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0d52e28e2f00236047c1ae1e1b2b9cbf80687d8df9fa6c825bf4caaa526eabd4

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
2WpsNJPH90OEarkKvUMMzuZQVO1eXe0c
content-encoding
gzip
via
1.1 varnish
date
Sat, 29 Jul 2023 20:28:14 GMT
x-amz-request-id
89348555ENNQ5BRJ
age
129943
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2473
x-amz-id-2
1dv1MAO5+4eIED5nDTXSTjZLIZD/IPhV0l+lvkGy303InP8/E9yc13FBCt0zbdNelLDscTZZCEY=
x-served-by
cache-lis1490045-LIS
last-modified
Fri, 28 Jul 2023 08:22:32 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1690662494.146950,VS0,VE0
etag
"0ad8e98b8638363eab678bed577a126f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
73
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
15420
taboola-vignette-new-scanning.20230727-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/taboola-vignette-new-scanning.20230727-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7d8a0b440d7068d5cb52547946da570da8238088d744ce73cbd6129b87200a12

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
EsUuvtHarpCPXN.nV8SaiI8VppZ9XOJk
content-encoding
gzip
via
1.1 varnish
date
Sat, 29 Jul 2023 20:28:14 GMT
x-amz-request-id
CMEPE7V7W0B50E6X
age
129923
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
8011
x-amz-id-2
bp5+nywS1GOwWQX3uXlUPzmrxZ0CvSoYWyRElSyaHzVUDgJ8CGFsb4g+159bhw1mU/Q117ql++4=
x-served-by
cache-lis1490045-LIS
last-modified
Fri, 28 Jul 2023 08:22:51 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1690662494.147362,VS0,VE0
etag
"8295deef603701ecd7b23f274d2080a4"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
17
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
12023
distance-from-article.20230727-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20230727-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
391add0d2045e77baa1b849271fcdfafdda692ea202619fcba7aa38d96cac4a5

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
1vvwwDTlPsd_L_mk.c.m0Gs4b.AYuRGy
content-encoding
gzip
via
1.1 varnish
date
Sat, 29 Jul 2023 20:28:14 GMT
x-amz-request-id
K2HAD3T3QDDTMT1T
age
129953
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1133
x-amz-id-2
N8fi51bS727oij14LR6YIinBTgoIGyOJcJurAiZ3jJHRam4lDR5zKMoegIvhTN5e3rvBNwgFg0c=
x-served-by
cache-lis1490045-LIS
last-modified
Fri, 28 Jul 2023 08:22:21 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1690662494.156828,VS0,VE0
etag
"8db15f3ca0ef2fc76b365691189d41f2"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
83
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
97658
article-detection.20230727-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-detection.20230727-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
54d276379c74a84f2a492dffd42961f41b243e4e938eef6d3125375cb91709de

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
N2PN0vAaorPUvvk19oD9RRrFc_2r5gn2
content-encoding
gzip
via
1.1 varnish
date
Sat, 29 Jul 2023 20:28:14 GMT
x-amz-request-id
9NPTPFWBTHQJ8GH5
age
129960
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1271
x-amz-id-2
P6IBUah74BV9ysEiIEmVH56hVVgzvNU/zHlqK88eZZu+mMEuFXjnHOcD4hVfIq2mKrHRYB8UZbo=
x-served-by
cache-lis1490045-LIS
last-modified
Fri, 28 Jul 2023 08:22:14 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1690662494.156958,VS0,VE0
etag
"2ddb5ce84174e516dfa7d41f580c44f5"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
56
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
97662
article-and-feed-area-scanner.20230727-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-and-feed-area-scanner.20230727-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
feff14ae38fc7613f73173ce4bf6b37b28aa8e50516acc0dbd03d09c8240ff72

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
rXyqmoy1ZF42AheOvlUGOFy9dwpBIBSI
content-encoding
gzip
via
1.1 varnish
date
Sat, 29 Jul 2023 20:28:14 GMT
x-amz-request-id
KMZYPC7JN9P5KR3Q
age
129962
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1154
x-amz-id-2
h/qBI6sew/aQreesANqZcJIse/qL2581y8mKX0i+Sp4R5ELtgOp4tO/fIR2yAvc3JAo/cg52gMM=
x-served-by
cache-lis1490045-LIS
last-modified
Fri, 28 Jul 2023 08:22:12 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1690662494.156961,VS0,VE0
etag
"9679b8aff2d5ba1013a38855f70246d6"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
44
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
22321
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/4.1.6/ 		123 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/4.1.6/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230727-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f4c557c95855835a07b591d52282cf17f1a94a1bf3f93e496dfce6994a14b01e

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:28:14 GMT
via
1.1 9286764bc0c8327719870fa33a225c9a.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
LIS50-C1
age
206679
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront, HIT
content-length
35355
x-served-by
cache-lis1490045-LIS
last-modified
Thu, 27 Jul 2023 11:02:49 GMT
server
AmazonS3
x-timer
S1690662494.158304,VS0,VE0
etag
"23fd6bc627e1f80544a173529f6c0abc"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
20IPOPP-LHgPz2jF0Ol30SqS7QgTJOXsGvlKAmpauBDpL4IOseRg_w==
x-cache-hits
6412
feed-card-placeholder.20230727-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20230727-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bd110b4002f47a83a112825349eae1f0198cf7e339fd26b633fc8146ae479daf

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
a.CizdY4YDhEJzwYaj_09BYotzDpxcBZ
content-encoding
gzip
via
1.1 varnish
date
Sat, 29 Jul 2023 20:28:14 GMT
x-amz-request-id
6WQYS0JCZ4JTDEXT
age
129948
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1262
x-amz-id-2
5kd2HbuXukqocjxeh6Qj57dzAmwWh6lNXEBHFJKchq9PlBMcCtwvcXPFnzxrHf1YPTv2XYZpOtM=
x-served-by
cache-lis1490045-LIS
last-modified
Fri, 28 Jul 2023 08:22:26 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1690662494.158808,VS0,VE0
etag
"d72141d67c328c0ef8b577abb34b370d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
19
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
72601
userx.20230727-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20230727-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c36b2a6e516f95a7565daca995489c486f3af12e10cc2feb19c3b53b83cefff5

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
j22NuxXuWQwv5r2dKtahcQk41KlcTitX
content-encoding
gzip
via
1.1 varnish
date
Sat, 29 Jul 2023 20:28:14 GMT
x-amz-request-id
M440Q6EGRHVC668Y
age
129920
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5398
x-amz-id-2
a5vd7mGTnI98ugRbqnOPXwgVHjLxKkEASQyjzrgOjZzCRuW1Pshhg3+3K7GuHCLAcjIG3f9yGpg=
x-served-by
cache-lis1490045-LIS
last-modified
Fri, 28 Jul 2023 08:22:54 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1690662494.163106,VS0,VE0
etag
"fb1f0beee9fcbe2ba80b90fb585a8044"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
54
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
12571
explore-more.20230727-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/explore-more.20230727-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
91bf1a6cedc2b670e224abf867b580ebeee8076263c665b53d6c4aed3e37acfe

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
8HJGiqq64l.2Zd331zH.p3YHpekHKsFV
content-encoding
gzip
via
1.1 varnish
date
Sat, 29 Jul 2023 20:28:14 GMT
x-amz-request-id
9K63489TFVXACHFK
age
129950
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
8777
x-amz-id-2
ijvduKOnT42RYKsZa3X/jMxegqbPurYzhrV7sgjcS0WAWzORq3I32eqYQOUmxbw9VHp+UqOcvXw=
x-served-by
cache-lis1490045-LIS
last-modified
Fri, 28 Jul 2023 08:22:25 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1690662494.185999,VS0,VE0
etag
"edf758b47d6a232675d6fc2d5521396c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
27
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
44160
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=HK:IL:V&lti=deflated&ri=84657a4b88163c2c396559f4156e7244&sd=v2_cb76606f40b83cdb66f5e36be4c6e1ba_e16a7173-4008-487e-a1b1-48cd9134f806-tuctbbefbdd_1690662493_1690662493_CNawjgYQ2YJdGNG62ZqaMSABKAEwZziY0QpA548QSKDx1gNQ____________AVgAYABosa_ptcr9986tAXAB&ui=e16a7173-4008-487e-a1b1-48cd9134f806-tuctbbefbdd&pi=/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html&wi=-8541759245857858711&pt=text&vi=1690662493521&d=%7B%22event_type%22%3A%22next_up%22%2C%22event_state%22%3A%22RENDERED%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3Anull%7D&tim=20%3A28%3A14.125&id=1584&llvl=2&cv=20230727-9-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 29 Jul 2023 20:28:14 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=HK:IL:V&lti=deflated&ri=84657a4b88163c2c396559f4156e7244&sd=v2_cb76606f40b83cdb66f5e36be4c6e1ba_e16a7173-4008-487e-a1b1-48cd9134f806-tuctbbefbdd_1690662493_1690662493_CNawjgYQ2YJdGNG62ZqaMSABKAEwZziY0QpA548QSKDx1gNQ____________AVgAYABosa_ptcr9986tAXAB&ui=e16a7173-4008-487e-a1b1-48cd9134f806-tuctbbefbdd&pi=/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html&wi=-8541759245857858711&pt=text&vi=1690662493521&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-before-load%22%2C%22eventTime%22%3A1690662494126%7D&tim=20%3A28%3A14.126&id=3391&llvl=2&cv=20230727-9-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 29 Jul 2023 20:28:14 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=HK:IL:V&lti=deflated&ri=84657a4b88163c2c396559f4156e7244&sd=v2_cb76606f40b83cdb66f5e36be4c6e1ba_e16a7173-4008-487e-a1b1-48cd9134f806-tuctbbefbdd_1690662493_1690662493_CNawjgYQ2YJdGNG62ZqaMSABKAEwZziY0QpA548QSKDx1gNQ____________AVgAYABosa_ptcr9986tAXAB&ui=e16a7173-4008-487e-a1b1-48cd9134f806-tuctbbefbdd&pi=/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html&wi=-8541759245857858711&pt=text&vi=1690662493521&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1690662494131%7D&tim=20%3A28%3A14.131&id=3575&llvl=2&cv=20230727-9-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 29 Jul 2023 20:28:14 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=HK:IL:V&lti=deflated&ri=84657a4b88163c2c396559f4156e7244&sd=v2_cb76606f40b83cdb66f5e36be4c6e1ba_e16a7173-4008-487e-a1b1-48cd9134f806-tuctbbefbdd_1690662493_1690662493_CNawjgYQ2YJdGNG62ZqaMSABKAEwZziY0QpA548QSKDx1gNQ____________AVgAYABosa_ptcr9986tAXAB&ui=e16a7173-4008-487e-a1b1-48cd9134f806-tuctbbefbdd&pi=/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html&wi=-8541759245857858711&pt=text&vi=1690662493521&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=20%3A28%3A14.149&id=5351&llvl=2&cv=20230727-9-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 29 Jul 2023 20:28:14 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=20%3A28%3A14.151&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-rec-reel-01-x-delta&llvl=2&id=3387&cv=20230727-9-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:28:14 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
84011
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=20%3A28%3A14.151&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-x-delta&llvl=2&id=9820&cv=20230727-9-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:28:14 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
84011
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=20%3A28%3A14.152&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-b-em-delta&llvl=2&id=3161&cv=20230727-9-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:28:14 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
84011
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=20%3A28%3A14.156&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-y-em-delta&llvl=2&id=4383&cv=20230727-9-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:28:14 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
84011
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=20%3A28%3A14.159&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=7046&cv=20230727-9-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:28:14 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
84011
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
via
1.1 varnish
date
Sat, 29 Jul 2023 20:28:14 GMT
x-amz-request-id
059ZEMN3RJ2RVDH8
age
26
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
Uqp3/so7O5QYv3FWcpwAOgju02flQmqVEsjYqRmHIJMcvUuXH0zuWlPp4rIZfSi9EKtGo6/hebw=
x-served-by
cache-lis1490045-LIS
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1690662494.185997,VS0,VE0
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
abp
55
cache-control
private,max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
12
f020aeb95474d22a30a8aa7bb4320f20.jpg
images.taboola.com/taboola/image/fetch/h_570,w_760,c_fill,g_xy_center,x_930,y_412/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		121 KB
122 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/h_570,w_760,c_fill,g_xy_center,x_930,y_412/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f020aeb95474d22a30a8aa7bb4320f20.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f879746a70583d6f77d1b458fff9f6f31be647429f96f27d9c62642d453fc618

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
14
date
Sat, 29 Jul 2023 20:28:14 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/h_570,w_760,c_fill,g_xy_center,x_930,y_412/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f020aeb95474d22a30a8aa7bb4320f20.jpg
age
2176077
edge-cache-tag
461953597764467041444520499259236964687,404172241566223208021377545750819875407,29ecf9b93bbf306179626feeda1fab70
cache-tag
461953597764467041444520499259236964687,404172241566223208021377545750819875407,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
466
req-referer
https://thedailywobble.com/entertainment-new-and-improved/?utm_source=&utm_medium=&utm_campaign=a845c6ea-8951-42ca-b2f4-f1214d5175d4&cid=wj6v6f1okabr4k8qia0reu3o
content-length
124260
x-request-id
0735ff6e66ea43ba808f3be83e26b632
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kjyo7100024-IAD, cache-iad-kcgs7200134-IAD, cache-sna10730-LGB, cache-iad-kjyo7100033-IAD, cache-lis1490045-LIS
last-modified
Sat, 10 Jun 2023 00:57:48 GMT
server
nginx
x-timer
S1690662494.220294,VS0,VE14
etag
"307efa7c9e6d995922bbead1dfe00d1d"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 37, 1
f020aeb95474d22a30a8aa7bb4320f20.jpg
images.taboola.com/taboola/image/fetch/h_460,w_920,c_fill,g_xy_center,x_930,y_412/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		111 KB
112 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/h_460,w_920,c_fill,g_xy_center,x_930,y_412/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f020aeb95474d22a30a8aa7bb4320f20.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
22e086dfa5f95b6b57f03fe1510874b80bbf43952fa16e97c661ef65afd7cd39

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sat, 29 Jul 2023 20:28:14 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/h_460,w_920,c_fill,g_xy_center,x_930,y_412/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f020aeb95474d22a30a8aa7bb4320f20.jpg
age
4055776
edge-cache-tag
461953597764467041444520499259236964687,512103743358072422513015710232849045550,29ecf9b93bbf306179626feeda1fab70
cache-tag
461953597764467041444520499259236964687,512103743358072422513015710232849045550,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
315
expiration
expiry-date="Wed, 21 Jun 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://conceptodefinicion.de/
content-length
114030
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by
cache-iad-kjyo7100025-IAD, cache-iad-kjyo7100088-IAD, cache-lga21951-LGA, cache-iad-kjyo7100120-IAD, cache-lis1490045-LIS
last-modified
Sun, 21 May 2023 12:33:18 GMT
server
nginx
x-timer
S1690662494.220304,VS0,VE1
etag
"1a75af4013cd7e2d842f6d6a6513081b"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 1, 39, 1
5462NYGEPMI6XCNEW6XCFKQZHY.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//arc-anglerfish-washpost-prod-washpost.s3.amazonaws.com/public/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//arc-anglerfish-washpost-prod-washpost.s3.amazonaws.com/public/5462NYGEPMI6XCNEW6XCFKQZHY.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d0f3d7754e1bf4449ded1ebfc66565b5f6a315ab23ab58b77d5a2e93f044217b

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
92
date
Sat, 29 Jul 2023 20:28:14 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//arc-anglerfish-washpost-prod-washpost.s3.amazonaws.com/public/5462NYGEPMI6XCNEW6XCFKQZHY.jpg
age
981724
edge-cache-tag
519209865531776270636015712600000366918,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
519209865531776270636015712600000366918,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, MISS
x-envoy-upstream-service-time
950
expiration
expiry-date="Sat, 05 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://tvshowsace.com/
content-length
50020
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by
cache-iad-kcgs7200094-IAD, cache-iad-kjyo7100084-IAD, cache-sna10726-LGB, cache-iad-kcgs7200167-IAD, cache-lis1490045-LIS
last-modified
Wed, 05 Jul 2023 17:47:42 GMT
server
nginx
x-timer
S1690662494.287542,VS0,VE92
etag
"21aa2f8ef8e4957aeafe6352c1305552"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 113, 0
c4fdfbe9fe2755ec0b70d609b7107ad3.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c4fdfbe9fe2755ec0b70d609b7107ad3.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9861eb034ef45f9f5cab43f085a41b48d9914860983209d1146c9ef7f8ee9220

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
94
date
Sat, 29 Jul 2023 20:28:14 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c4fdfbe9fe2755ec0b70d609b7107ad3.jpg
age
568579
edge-cache-tag
445967995282226405907556987996838831145,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
445967995282226405907556987996838831145,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, MISS, HIT, MISS
x-envoy-upstream-service-time
117
content-length
8970
x-request-id
a085d4c38b314ab5e2653de161fc4935
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by
cache-iad-kcgs7200134-IAD, cache-iad-kjyo7100145-IAD, cache-chi-kigq8000021-CHI, cache-iad-kjyo7100140-IAD, cache-lis1490045-LIS
last-modified
Thu, 29 Jun 2023 21:27:23 GMT
server
nginx
x-timer
S1690662494.309848,VS0,VE94
etag
"d89dbad6c3c402f9bcf8af878007e096"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 30, 0
1348830933__r9rWG5hy.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1348830933__r9rWG5hy.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
06eda23d73af6a281c07f5f8da4665297a1d339e0ea7a79928ea0b2381e1e3b6

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sat, 29 Jul 2023 20:28:14 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1348830933__r9rWG5hy.jpg
age
483131
edge-cache-tag
611858960620029445510705160531468931155,498584393636076703798430334516519001030,29ecf9b93bbf306179626feeda1fab70
cache-tag
611858960620029445510705160531468931155,498584393636076703798430334516519001030,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
250
expiration
expiry-date="Sat, 05 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.gulte.com/
content-length
26870
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by
cache-iad-kjyo7100087-IAD, cache-iad-kiad7000025-IAD, cache-lga21962-LGA, cache-iad-kiad7000112-IAD, cache-lis1490045-LIS
last-modified
Wed, 05 Jul 2023 15:07:25 GMT
server
nginx
x-timer
S1690662494.363110,VS0,VE1
etag
"6d739ef6af5df0009c5584a00f00b1b6"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 2, 1
94d46af3c04ce81136e598d0ec794ab7.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/94d46af3c04ce81136e598d0ec794ab7.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c40f4202b123681dc33040e0be4ac0a4a2f1b00c830270756b5a5b837fee6cac

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sat, 29 Jul 2023 20:28:14 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/94d46af3c04ce81136e598d0ec794ab7.jpg
age
2191672
edge-cache-tag
331972698464505008723261319863681396859,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
331972698464505008723261319863681396859,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
173
expiration
expiry-date="Thu, 13 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.bangkokpost.com/
content-length
33440
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kjyo7100176-IAD, cache-iad-kiad7000037-IAD, cache-sna10746-LGB, cache-iad-kjyo7100028-IAD, cache-lis1490045-LIS
last-modified
Mon, 12 Jun 2023 21:17:56 GMT
server
nginx
x-timer
S1690662494.412235,VS0,VE1
etag
"f8941668c0a4e39b344093c680d14d9a"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 320, 1
5021654a11149898dd1abae801dd5a78.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5021654a11149898dd1abae801dd5a78.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2302f9f18f9519c66d0372bc2474ac255fad28b087c578ccf6d0f653b2149e61

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
114
date
Sat, 29 Jul 2023 20:28:14 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5021654a11149898dd1abae801dd5a78.jpg
age
2527232
edge-cache-tag
342549545182752002680660558842806155460,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
342549545182752002680660558842806155460,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, MISS, HIT, MISS
x-envoy-upstream-service-time
145
expiration
expiry-date="Sat, 15 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.huffpost.com/entry/eric-trump-indictment-rant-newsmax_n_648ab96ee4b06725aee49903
content-length
11624
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kiad7000021-IAD, cache-iad-kjyo7100092-IAD, cache-chi-kigq8000160-CHI, cache-iad-kjyo7100101-IAD, cache-lis1490045-LIS
last-modified
Wed, 14 Jun 2023 12:58:31 GMT
server
nginx
x-timer
S1690662494.429582,VS0,VE114
etag
"8a0c5c75c08a6e1dfe3892982b8b0e5e"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 0, 559, 0
f020aeb95474d22a30a8aa7bb4320f20.jpg
images.taboola.com/taboola/image/fetch/h_523,w_940,c_fill,g_xy_center,x_930,y_412/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		130 KB
131 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/h_523,w_940,c_fill,g_xy_center,x_930,y_412/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f020aeb95474d22a30a8aa7bb4320f20.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1fa0616a1df4a0404c8640f675de1f19aefdb9be8fd52a889683cc9f7d888318

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sat, 29 Jul 2023 20:28:14 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/h_523,w_940,c_fill,g_xy_center,x_930,y_412/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f020aeb95474d22a30a8aa7bb4320f20.jpg
age
2366027
edge-cache-tag
461953597764467041444520499259236964687,304054793718910432623321288043234533042,29ecf9b93bbf306179626feeda1fab70
cache-tag
461953597764467041444520499259236964687,304054793718910432623321288043234533042,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
374
expiration
expiry-date="Mon, 17 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://flytant.com/
content-length
132760
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by
cache-iad-kiad7000135-IAD, cache-iad-kiad7000062-IAD, cache-lax10639-LGB, cache-iad-kiad7000068-IAD, cache-lis1490045-LIS
last-modified
Fri, 16 Jun 2023 13:13:41 GMT
server
nginx
x-timer
S1690662494.450721,VS0,VE1
etag
"fd12b02fda1e3bbd941e2da7d9e2b920"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 1070, 1
1348830933__r9rWG5hy.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/ 		52 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1348830933__r9rWG5hy.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
cf32a0b22742f77f0abb7f5700289413dcf6de02ce36f38c7f10a5f4110cdf48

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
204
date
Sat, 29 Jul 2023 20:28:14 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1348830933__r9rWG5hy.jpg
age
0
edge-cache-tag
611858960620029445510705160531468931155,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
cache-tag
611858960620029445510705160531468931155,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS
expiration
expiry-date="Mon, 21 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
fastly-restarts
1
content-length
53496
x-backend-name
CLOUDINARY-FALLBACK:3FP7YNX3LMizprTZsG7BSW--F_addr_taboola_res_cloudinary_com
x-served-by
cache-iad-kiad7000072-IAD, cache-iad-kiad7000072-IAD, cache-lis1490045-LIS
last-modified
Fri, 21 Jul 2023 04:59:23 GMT
server
cloudinary
x-timer
S1690662494.462049,VS0,VE204
etag
"14df7286dd946da024a3a484b586d8df"
vary
ImageFormat
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0
5462NYGEPMI6XCNEW6XCFKQZHY.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//arc-anglerfish-washpost-prod-washpost.s3.amazonaws.com/public/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//arc-anglerfish-washpost-prod-washpost.s3.amazonaws.com/public/5462NYGEPMI6XCNEW6XCFKQZHY.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3c2fd3338f40d87ff3958f3658ae46766a81eaf3f5831537868a7c8e8ca70e4

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
90
date
Sat, 29 Jul 2023 20:28:14 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//arc-anglerfish-washpost-prod-washpost.s3.amazonaws.com/public/5462NYGEPMI6XCNEW6XCFKQZHY.jpg
age
1479042
edge-cache-tag
519209865531776270636015712600000366918,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
cache-tag
519209865531776270636015712600000366918,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, MISS
x-envoy-upstream-service-time
482
expiration
expiry-date="Sat, 05 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://apnews.com/
content-length
44144
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kcgs7200111-IAD, cache-iad-kiad7000037-IAD, cache-chi-kigq8000104-CHI, cache-iad-kiad7000157-IAD, cache-lis1490045-LIS
last-modified
Wed, 05 Jul 2023 11:16:12 GMT
server
nginx
x-timer
S1690662495.511874,VS0,VE90
etag
"b11aceab5d26d2e1d2c8949508f9dbe9"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 14, 0
c4fdfbe9fe2755ec0b70d609b7107ad3.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c4fdfbe9fe2755ec0b70d609b7107ad3.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
d4ee5589a97dff6c4f94d8ece14b927c3368f973c4904acd293cb3124fccb9ae

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
555
date
Sat, 29 Jul 2023 20:28:15 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c4fdfbe9fe2755ec0b70d609b7107ad3.jpg
age
0
edge-cache-tag
445967995282226405907556987996838831145,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
cache-tag
445967995282226405907556987996838831145,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS
fastly-restarts
1
content-length
13220
x-request-id
2605e16709ec6b3905aab0da798b8b52
x-backend-name
CLOUDINARY-FALLBACK:3FP7YNX3LMizprTZsG7BSW--F_addr_taboola_res_cloudinary_com
x-served-by
cache-iad-kiad7000052-IAD, cache-iad-kiad7000052-IAD, cache-lis1490045-LIS
last-modified
Thu, 29 Jun 2023 21:27:23 GMT
server
cloudinary
x-timer
S1690662495.614196,VS0,VE555
etag
"ed101f84f716f3f2f6b49b303e7da656"
vary
ImageFormat
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/ 		160 B
632 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-52.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:17:16 GMT
via
1.1 4d0ae7ca3bb5e2d6eaa1450e1906adb4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
659
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 15:29:19 GMT
server
AmazonS3
etag
"05b131079c67d484167fd1b1f6c79577"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
jAo8sXrtBSml4Fa3LMBo7_seh6mBaWYnFkJthfh_vPMfOvQh14w6LA==
collect
www.google-analytics.com/g/ 		0
106 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?__read_this=https%3A%2F%2Fbit.ly%2Fofficial-ga4&v=2&tid=G-JLX4K2W8JS&ds=AMP&_p=8550&cid=amp-agW4eEHknI5vl4jbuKtc1g&ul=en-us&sr=1600x1200&_s=1&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html&dr=&dt=%E6%82%A0%E9%81%8A%E8%81%AF%E5%90%8D%E5%8D%A1%E5%B0%87%E6%8E%A1%E8%A8%98%E5%90%8D%E5%88%B6%E3%80%80%E9%81%BA%E5%A4%B1%E4%B8%8D%E7%94%A8%E5%86%8D%E8%87%AA%E8%AA%8D%E5%80%92%E6%A5%A3%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&_fv=1&_ss=1&__dbg=1&__nuid=&en=page_view&sid=1690662494&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307150128000/v0/amp-analytics-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 29 Jul 2023 20:28:14 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
242 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-JLX4K2W8JS&cid=amp-agW4eEHknI5vl4jbuKtc1g&aip=1&sid=1690662494&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307150128000/v0/amp-analytics-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.167.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wl-in-f157.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 29 Jul 2023 20:28:14 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=HK:IL:V&lti=deflated&ri=84657a4b88163c2c396559f4156e7244&sd=v2_cb76606f40b83cdb66f5e36be4c6e1ba_e16a7173-4008-487e-a1b1-48cd9134f806-tuctbbefbdd_1690662493_1690662493_CNawjgYQ2YJdGNG62ZqaMSABKAEwZziY0QpA548QSKDx1gNQ____________AVgAYABosa_ptcr9986tAXAB&ui=e16a7173-4008-487e-a1b1-48cd9134f806-tuctbbefbdd&pi=/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html&wi=-8541759245857858711&pt=text&vi=1690662493521&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-script-loaded%22%2C%22type%22%3A%22%7B%5C%22timeFromLoad%5C%22%3A1461%7D%22%2C%22eventTime%22%3A1690662494292%7D&tim=20%3A28%3A14.292&id=6562&llvl=2&cv=20230727-9-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 29 Jul 2023 20:28:14 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=20%3A28%3A14.306&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=1510&cv=20230727-9-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:28:14 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
84114
next-up-widget.20230727-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/next-up-widget.20230727-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0e3d8fefb06a49434922a615f2f6fc7693bf2d59c6cfca15aabb91a8f9aca7c1

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
tFoMTmjAQiY.AGgc7QD0X8.vm7LrdX6O
content-encoding
gzip
via
1.1 varnish
date
Sat, 29 Jul 2023 20:28:14 GMT
x-amz-request-id
W9A7RD31QPEKMCZY
age
129939
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4623
x-amz-id-2
WeBBsHLfxNpDEcmUcmB7+mFWhQ5q8Z7zY9D25QPYBbeTuXzfka5+jh5ekZtbublaLDszpfSAXFk=
x-served-by
cache-lis1490045-LIS
last-modified
Fri, 28 Jul 2023 08:22:35 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1690662494.332565,VS0,VE0
etag
"0e2e4a56e106f372a41c750ae738705f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
28
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
15074
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame B458 		93 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
eeeb1b748dff92e0111bdb9a7753df82f4895c0f794b05f38798fb1e59a68766
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:28:14 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32917
x-xss-protection
0
server
cafe
etag
5527067540846027245
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 29 Jul 2023 20:28:14 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 5E22 		93 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
4c91faa70440659b95d1141959a87f0298fbd6239057f57b03910c7a395dd9eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:28:14 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32918
x-xss-protection
0
server
cafe
etag
12414590751152876546
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 29 Jul 2023 20:28:14 GMT
css2
fonts.googleapis.com/ 		20 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230727-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f10.1e100.net
Software
ESF /
Resource Hash
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 29 Jul 2023 20:28:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 29 Jul 2023 20:28:14 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 29 Jul 2023 20:28:14 GMT
spa-detector.20230727-9-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/spa-detector.20230727-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
16ca4436ccbc7b885da06df96924689c3992e5f46c34810546c061e9f638c3d0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
X8QqOe1snJKPaIDOeaMSNYiMxJgtu0Qu
content-encoding
gzip
via
1.1 varnish
date
Sat, 29 Jul 2023 20:28:14 GMT
x-amz-request-id
ZXM8KW3PRJZXQBSG
age
129932
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
809
x-amz-id-2
oTB80Ftn1d0Vew8UrxnuqMhvPrCHAQcO+X7YnDC752qQlOSvFS10ck9HQeRpNg3FweQv57aN0hc=
x-served-by
cache-lis1490045-LIS
last-modified
Fri, 28 Jul 2023 08:22:42 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1690662494.357137,VS0,VE0
etag
"3e9c41a418b54e4c6ddf043af9a9362b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
27
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
45289
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=HK:IL:V&lti=deflated&ri=84657a4b88163c2c396559f4156e7244&sd=v2_cb76606f40b83cdb66f5e36be4c6e1ba_e16a7173-4008-487e-a1b1-48cd9134f806-tuctbbefbdd_1690662493_1690662493_CNawjgYQ2YJdGNG62ZqaMSABKAEwZziY0QpA548QSKDx1gNQ____________AVgAYABosa_ptcr9986tAXAB&ui=e16a7173-4008-487e-a1b1-48cd9134f806-tuctbbefbdd&pi=/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html&wi=-8541759245857858711&pt=text&vi=1690662493521&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=20%3A28%3A14.331&id=829&llvl=2&cv=20230727-9-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 29 Jul 2023 20:28:14 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=HK:IL:V&lti=deflated&ri=84657a4b88163c2c396559f4156e7244&sd=v2_cb76606f40b83cdb66f5e36be4c6e1ba_e16a7173-4008-487e-a1b1-48cd9134f806-tuctbbefbdd_1690662493_1690662493_CNawjgYQ2YJdGNG62ZqaMSABKAEwZziY0QpA548QSKDx1gNQ____________AVgAYABosa_ptcr9986tAXAB&ui=e16a7173-4008-487e-a1b1-48cd9134f806-tuctbbefbdd&pi=/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html&wi=-8541759245857858711&pt=text&vi=1690662493521&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22header%20found%22%2C%22eventTime%22%3A1690662494332%7D&tim=20%3A28%3A14.332&id=4625&llvl=2&cv=20230727-9-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 29 Jul 2023 20:28:14 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=HK:IL:V&lti=deflated&ri=84657a4b88163c2c396559f4156e7244&sd=v2_cb76606f40b83cdb66f5e36be4c6e1ba_e16a7173-4008-487e-a1b1-48cd9134f806-tuctbbefbdd_1690662493_1690662493_CNawjgYQ2YJdGNG62ZqaMSABKAEwZziY0QpA548QSKDx1gNQ____________AVgAYABosa_ptcr9986tAXAB&ui=e16a7173-4008-487e-a1b1-48cd9134f806-tuctbbefbdd&pi=/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html&wi=-8541759245857858711&pt=text&vi=1690662493521&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=20%3A28%3A14.333&id=879&llvl=2&cv=20230727-9-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 29 Jul 2023 20:28:14 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=HK:IL:V&lti=deflated&ri=84657a4b88163c2c396559f4156e7244&sd=v2_cb76606f40b83cdb66f5e36be4c6e1ba_e16a7173-4008-487e-a1b1-48cd9134f806-tuctbbefbdd_1690662493_1690662493_CNawjgYQ2YJdGNG62ZqaMSABKAEwZziY0QpA548QSKDx1gNQ____________AVgAYABosa_ptcr9986tAXAB&ui=e16a7173-4008-487e-a1b1-48cd9134f806-tuctbbefbdd&pi=/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html&wi=-8541759245857858711&pt=text&vi=1690662493521&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1690662494335%7D&tim=20%3A28%3A14.335&id=5948&llvl=2&cv=20230727-9-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 29 Jul 2023 20:28:14 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 723E 		714 B
739 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

access-control-allow-credentials
true
age
124
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
7ee81b6dbb8b03b2-LIS
content-encoding
br
content-type
text/html
date
Sat, 29 Jul 2023 20:28:14 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WLtOLbW8uKqc2oguVGxq3%2Bwe8i7DZulW43VM3WeBTt9uec%2FiBlRuY4FR%2BDnEFwWxDgwEUHUC0dRGf0p%2FSzJkTe6rncLfWoV9VEccEjQ2LxrKf7v0KH07fvSW%2Bu5vXvNVEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 9AB0
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
  • https://eus.rubiconproject.com/usync.html?p=adiiix
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 29 Jul 2023 20:28:14 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 29 Jul 2023 20:28:14 GMT
location
https://eus.rubiconproject.com/usync.html?p=adiiix
server
AkamaiGHost
idsync
sync.aralego.com/ 		35 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 29 Jul 2023 20:28:14 GMT
Connection
close
Content-Length
35
Content-Type
image/gif
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 3810 		714 B
769 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

access-control-allow-credentials
true
age
124
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
7ee81b6dcb9303b2-LIS
content-encoding
br
content-type
text/html
date
Sat, 29 Jul 2023 20:28:14 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m3t8rWiWKWgFjurKoMQr4pfAnRuikvRg2WdYawzMMuDTuTbH0m9IGnndtUdYm4XTaVi7l3hthXkprVibauAk1heGy0U%2BcC%2FyGAtrvLxYMpNeBHxucTqmGTik98QpJ9zZnA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame B3B1
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
  • https://eus.rubiconproject.com/usync.html?p=adiiix
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 29 Jul 2023 20:28:14 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 29 Jul 2023 20:28:14 GMT
location
https://eus.rubiconproject.com/usync.html?p=adiiix
server
AkamaiGHost
collect
www.google-analytics.com/r/ 		35 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=%E6%82%A0%E9%81%8A%E8%81%AF%E5%90%8D%E5%8D%A1%E5%B0%87%E6%8E%A1%E8%A8%98%E5%90%8D%E5%88%B6%E3%80%80%E9%81%BA%E5%A4%B1%E4%B8%8D%E7%94%A8%E5%86%8D%E8%87%AA%E8%AA%8D%E5%80%92%E6%A5%A3%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-agW4eEHknI5vl4jbuKtc1g&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.6293205245712556&gjid=0.05689814305373808&_r=1&a=8550&z=0.2187853565151332&gtm=45De1110
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Jul 2023 20:28:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
im-uid.js
dmp.im-apps.net/sdk/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dmp.im-apps.net/sdk/im-uid.js
Requested by
Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=6858
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.241.77 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-241-77.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Ewv0cV5pGNUFzf4cpCFpusOmzbO5pqOY
content-encoding
gzip
date
Sat, 29 Jul 2023 20:28:14 GMT
last-modified
Fri, 21 Apr 2023 06:05:08 GMT
etag
"14ccaf76e8933bdcf899015e943cd2df"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI PSD OTR"
cache-control
max-age=10800
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
2434
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=HK:IL:V&lti=deflated&ri=84657a4b88163c2c396559f4156e7244&sd=v2_cb76606f40b83cdb66f5e36be4c6e1ba_e16a7173-4008-487e-a1b1-48cd9134f806-tuctbbefbdd_1690662493_1690662493_CNawjgYQ2YJdGNG62ZqaMSABKAEwZziY0QpA548QSKDx1gNQ____________AVgAYABosa_ptcr9986tAXAB&ui=e16a7173-4008-487e-a1b1-48cd9134f806-tuctbbefbdd&pi=/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html&wi=-8541759245857858711&pt=text&vi=1690662493521&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%22303%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=20%3A28%3A14.375&id=6344&llvl=2&cv=20230727-9-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 29 Jul 2023 20:28:14 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
f020aeb95474d22a30a8aa7bb4320f20.jpg
images.taboola.com/taboola/image/fetch/h_160,w_160,c_fill,g_xy_center,x_930,y_412/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/h_160,w_160,c_fill,g_xy_center,x_930,y_412/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f020aeb95474d22a30a8aa7bb4320f20.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c3e5aa1b802f28e02cc30d7af3a93b0486acd6d760a0f37b9d6d8062d8fc78e2

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sat, 29 Jul 2023 20:28:14 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/h_160,w_160,c_fill,g_xy_center,x_930,y_412/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f020aeb95474d22a30a8aa7bb4320f20.jpg
age
2402764
edge-cache-tag
461953597764467041444520499259236964687,581390042539224802985120490848274723897,29ecf9b93bbf306179626feeda1fab70
cache-tag
461953597764467041444520499259236964687,581390042539224802985120490848274723897,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
122
expiration
expiry-date="Sat, 22 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.douban.com/note/698211938/?_i=8434717MZwQOQ5
content-length
7108
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kiad7000088-IAD, cache-iad-kcgs7200091-IAD, cache-chi-klot8100157-CHI, cache-iad-kiad7000121-IAD, cache-lis1490045-LIS
last-modified
Wed, 21 Jun 2023 15:07:12 GMT
server
nginx
x-timer
S1690662495.614521,VS0,VE1
etag
"40b48c634dc33005d159eef6575c5bb5"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 0, 502, 1
1348830933__r9rWG5hy.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1348830933__r9rWG5hy.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
426464c2334334cbbabcfa4f07137c7aefa6264e2ae68528e9a1e346d5f14067

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sat, 29 Jul 2023 20:28:14 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1348830933__r9rWG5hy.jpg
age
2209058
edge-cache-tag
611858960620029445510705160531468931155,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
611858960620029445510705160531468931155,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
486
req-referer
https://mgronline.com/
content-length
5112
x-request-id
bb1a3ee60eb6f7b5fb064ee0fe55b215
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kjyo7100173-IAD, cache-iad-kcgs7200026-IAD, cache-sna10728-LGB, cache-iad-kjyo7100110-IAD, cache-lis1490045-LIS
last-modified
Thu, 08 Jun 2023 17:42:12 GMT
server
nginx
x-timer
S1690662495.614498,VS0,VE1
etag
"516f2411c46e553ef77adddd0b8169e4"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 94, 1
5462NYGEPMI6XCNEW6XCFKQZHY.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//arc-anglerfish-washpost-prod-washpost.s3.amazonaws.com/public/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//arc-anglerfish-washpost-prod-washpost.s3.amazonaws.com/public/5462NYGEPMI6XCNEW6XCFKQZHY.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
12c891a24b58fed07f1273f81563003d72560e5373a75681759182c474517d0f

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
181
date
Sat, 29 Jul 2023 20:28:14 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//arc-anglerfish-washpost-prod-washpost.s3.amazonaws.com/public/5462NYGEPMI6XCNEW6XCFKQZHY.jpg
age
564655
edge-cache-tag
519209865531776270636015712600000366918,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
519209865531776270636015712600000366918,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, MISS
x-envoy-upstream-service-time
4786
req-referer
https://nghethanhca.com/
content-length
12476
x-request-id
642b1eec760cd4ac1b701672ebb1be59
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kiad7000105-IAD, cache-iad-kcgs7200128-IAD, cache-lax10635-LGB, cache-iad-kcgs7200118-IAD, cache-lis1490045-LIS
last-modified
Mon, 03 Jul 2023 19:09:39 GMT
server
nginx
x-timer
S1690662495.614485,VS0,VE181
etag
"4bde1c30b30cc1f97f818f99b967258e"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 8, 0
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 3810 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
2720161e5d2e0d31c75451adf76cf9c533c2db7e130dd9d2b0565feda0f96828
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:28:14 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27654
x-xss-protection
0
server
cafe
etag
417 / 19567 / 31076566 / config-hash: 5693953215715342715
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 29 Jul 2023 20:28:14 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 723E 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
6ddbb71ac5e7ebafb5abfa20ebb2bfa3a987971835a10112cabd7d54f45c2c30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:28:14 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27633
x-xss-protection
0
server
cafe
etag
493 / 19567 / m202307250102 / config-hash: 5693953215715342715
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 29 Jul 2023 20:28:14 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame EEA2 		603 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-491935379740991621&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=2955&oid=2&is_amp=5&amp_v=2307150128000&d_imp=1&c=4541008550&ga_cid=amp-agW4eEHknI5vl4jbuKtc1g&ga_hid=8550&dt=1690662493905&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html&bdt=1073&dtd=2&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307150128000/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 29 Jul 2023 20:28:15 GMT
expires
Sat, 29 Jul 2023 20:28:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
get
audiencedata.im-apps.net/imuid/ 		10 B
180 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://audiencedata.im-apps.net/imuid/get?cid=6858&vid=01H6HNCR7MX26M6QH6VXXN23MT
Requested by
Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/sdk/im-uid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.96.193 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
193.96.120.34.bc.googleusercontent.com
Software
/
Resource Hash
bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://www.bg3.co
date
Sat, 29 Jul 2023 20:28:14 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10
content-type
application/json
st
imprammp.taboola.com/ Frame 9BEB 		422 B
384 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8n44CLAacvlxV9WPmnBE4fbmq6sfMOSsAAABgYID-AAlZFsaZaTVxK1Ymw1o0GHnWEsds4VYYR7vRxLPcWFaWISAhy8I4M60mbsXKZFiLBiPPWuKYLdwK42g3mniWG8vKMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZnaDodPte9Xvf73SU-z1zj9yv8yr_rrfy73mKnw-5WO-0-t-LpcEudDrvPrXE43VKnW-20-9zSo9OtfLo1R6db4nor_3afW_pwuqVPt-Rld4scfrfa5bQLTW-zHQAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAgtkGgieRAAK-7yx8AAAAAQAAAAACQAEBAPywBEGO8d-L_________P8YAfeaNjP____8bBj0AHnwAPAgBAAAAGqIoXP5s-7DNTaRAswgjAAAAAFvN5sNHJukEFYsq_____VYArgAABCSOWnlxZNEdlHgLAwAAIDBmgR4Wv9_ssGv8bpf5_________zfzf-YfTRClmVkaocnRazW_gAAAa34BAQDYqBsAgDcBcIIOQSsGg9UJiNkBAAAAuPP___-vB2QsvtlsMJuZBhPjZmOy2GYz18ozm7hMG9vKMXF4z113x3UweCRsnw1hmf2-g4JyenrMLoOM5TIZxAcNw3IyCOZnwhaj1WSyWQ5ny8VkMBwNR6P9EcDlAE3EYLmcTBaT3Wq0Gm2Gu9FssEACMZggihYNJqvRaLKYDFejyWq2XOx2G0TRqtVstBkMV7PJbLdbDQfD5WiEJmwxWk0mm-VwtlxMBsPRcDQaIphyzBa-xW6zFg0Gw7VouFu5FY6JYy0abkzOxWY0Mw5ma9HrY7pYXDaLyeRFggFte5E8LdKJbDObbXajwcJl801Gho1lZNsMlpvZxrDxWIwjz0Qs0Zws0onssu9YfLPZYDYzDSbGzcZksc1mrpVnNnGZNraVY-LwtxyzhW-x26xFg8FwLRruVm6FY-JYi4Ybk3OxGc2Mg9la9PqYLhaXzWIy-Ruz5WA2m4yWm31jthzMZpPRcrPv0Bm-q8_ZqCyrJB-dR5tMGw83p0HhMli8a_XpLCwKD9ZouOh0ScTHzs7o9_v9fr_f7_f7_Qat52A2KHzPw184fSzP5XA2ehAbFIpYIrhIJ4KH2e0wvdwSn2fjt4glStNFOtEr_Mq_6638u95ip8PuVjvtPrfi6XBLnQ67z61xON1Sp1vttPvc0qPTrXy6NUenW-J6K_92n1v6cLqlT7fkZXeLHH632uW0C01vs0UsEZwu0onoZTxd1H_kkIu5ZLCaSzaDuWK5WiUAAAAAAAAAAEswyXQTAAAAACeDGm6Gi9U6HcxkNhnsVssFcBGUpQsYBAAAAAAAoFhjjzXAw-x2mF5uic-z8VsZgARzHrPNPiOItVotawAAAALYAAAAArjpxptAEynu____fxwAAAAZOfQAAADo9wFNxa0XeuBK8SuIxWIw3D8AFWKtVqvbjbVaLQ!&cmcv=&pix=undefined&cb=1690662494584&uv=3308&tms=1690662494584&abt=lvlstst-in2_vC!lvlstst1_vC!nonrv_vA!t45!ufm_vD!ul3310_vB&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=d2a8f45b-1ed0-40d3-b16a-a8474b39c2e2&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.6/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
fe5cd899825d3c11ef63d2c9e2ce6aa1d84b13370d14ebf28225492c62ed43b1

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Sat, 29 Jul 2023 20:28:14 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-lis1490045-LIS
x-timer
S1690662495.631524,VS0,VE41
sync
am-match.taboola.com/ Frame 875A 		439 B
525 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V8n44CLAacvlxV9WPmnBE4fbmq6sfMOSsAAABgYID-AAlZFsaZaTVxK1Ymw1o0GHnWEsds4VYYR7vRxLPcWFaWISAhy8I4M60mbsXKZFiLBiPPWuKYLdwK42g3mniWG8vKMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZnaDodPte9Xvf73SU-z1zj9yv8yr_rrfy73mKnw-5WO-0-t-LpcEudDrvPrXE43VKnW-20-9zSo9OtfLo1R6db4nor_3afW_pwuqVPt-Rld4scfrfa5bQLTW-zHQAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAgtkGgieRAAK-7yx8AAAAAQAAAAACQAEBAPywBEGO8d-L_________P8YAfeaNjP____8bBj0AHnwAPAgBAAAAGqIoXP5s-7DNTaRAswgjAAAAAFvN5sNHJukEFYsq_____VYArgAABCSOWnlxZNEdlHgLAwAAIDBmgR4Wv9_ssGv8bpf5_________zfzf-YfTRClmVkaocnRazW_gAAAa34BAQDYqBsAgDcBcIIOQSsGg9UJiNkBAAAAuPP___-vB2QsvtlsMJuZBhPjZmOy2GYz18ozm7hMG9vKMXF4z113x3UweCRsnw1hmf2-g4JyenrMLoOM5TIZxAcNw3IyCOZnwhaj1WSyWQ5ny8VkMBwNR6P9EcDlAE3EYLmcTBaT3Wq0Gm2Gu9FssEACMZggihYNJqvRaLKYDFejyWq2XOx2G0TRqtVstBkMV7PJbLdbDQfD5WiEJmwxWk0mm-VwtlxMBsPRcDQaIphyzBa-xW6zFg0Gw7VouFu5FY6JYy0abkzOxWY0Mw5ma9HrY7pYXDaLyeRFggFte5E8LdKJbDObbXajwcJl801Gho1lZNsMlpvZxrDxWIwjz0Qs0Zws0onssu9YfLPZYDYzDSbGzcZksc1mrpVnNnGZNraVY-LwtxyzhW-x26xFg8FwLRruVm6FY-JYi4Ybk3OxGc2Mg9la9PqYLhaXzWIy-Ruz5WA2m4yWm31jthzMZpPRcrPv0Bm-q8_ZqCyrJB-dR5tMGw83p0HhMli8a_XpLCwKD9ZouOh0ScTHzs7o9_v9fr_f7_f7_Qat52A2KHzPw184fSzP5XA2ehAbFIpYIrhIJ4KH2e0wvdwSn2fjt4glStNFOtEr_Mq_6638u95ip8PuVjvtPrfi6XBLnQ67z61xON1Sp1vttPvc0qPTrXy6NUenW-J6K_92n1v6cLqlT7fkZXeLHH632uW0C01vs0UsEZwu0onoZTxd1H_kkIu5ZLCaSzaDuWK5WiUAAAAAAAAAAEswyXQTAAAAACeDGm6Gi9U6HcxkNhnsVssFcBGUpQsYBAAAAAAAoFhjjzXAw-x2mF5uic-z8VsZgARzHrPNPiOItVotawAAAALYAAAAArjpxptAEynu____fxwAAAAZOfQAAADo9wFNxa0XeuBK8SuIxWIw3D8AFWKtVqvbjbVaLQ!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.6/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
6b6ea3431c92182abf69cd7d5ae0fcc5463a22a48d89e39514eba875749dbdbc

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Sat, 29 Jul 2023 20:28:14 GMT
machineid
3407
server
nginx
VideoBidRequestHandlerServlet
wf.taboola.com/ 		1 KB
773 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=165757&tagid=946347&crid=-1&noaop=3&sortOrderType=0&cb=1690662494612&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1536&pt=-529745949&tz=0&viewable=true&ddast=V8n44CLAacvlxV9WPmnBE4fbmq6sfMOSsAAABgYID-AAlZFsaZaTVxK1Ymw1o0GHnWEsds4VYYR7vRxLPcWFaWISAhy8I4M60mbsXKZFiLBiPPWuKYLdwK42g3mniWG8vKMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZnaDodPte9Xvf73SU-z1zj9yv8yr_rrfy73mKnw-5WO-0-t-LpcEudDrvPrXE43VKnW-20-9zSo9OtfLo1R6db4nor_3afW_pwuqVPt-Rld4scfrfa5bQLTW-zHQAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAgtkGgieRAAK-7yx8AAAAAQAAAAACQAEBAPywBEGO8d-L_________P8YAfeaNjP____8bBj0AHnwAPAgBAAAAGqIoXP5s-7DNTaRAswgjAAAAAFvN5sNHJukEFYsq_____VYArgAABCSOWnlxZNEdlHgLAwAAIDBmgR4Wv9_ssGv8bpf5_________zfzf-YfTRClmVkaocnRazW_gAAAa34BAQDYqBsAgDcBcIIOQSsGg9UJiNkBAAAAuPP___-vB2QsvtlsMJuZBhPjZmOy2GYz18ozm7hMG9vKMXF4z113x3UweCRsnw1hmf2-g4JyenrMLoOM5TIZxAcNw3IyCOZnwhaj1WSyWQ5ny8VkMBwNR6P9EcDlAE3EYLmcTBaT3Wq0Gm2Gu9FssEACMZggihYNJqvRaLKYDFejyWq2XOx2G0TRqtVstBkMV7PJbLdbDQfD5WiEJmwxWk0mm-VwtlxMBsPRcDQaIphyzBa-xW6zFg0Gw7VouFu5FY6JYy0abkzOxWY0Mw5ma9HrY7pYXDaLyeRFggFte5E8LdKJbDObbXajwcJl801Gho1lZNsMlpvZxrDxWIwjz0Qs0Zws0onssu9YfLPZYDYzDSbGzcZksc1mrpVnNnGZNraVY-LwtxyzhW-x26xFg8FwLRruVm6FY-JYi4Ybk3OxGc2Mg9la9PqYLhaXzWIy-Ruz5WA2m4yWm31jthzMZpPRcrPv0Bm-q8_ZqCyrJB-dR5tMGw83p0HhMli8a_XpLCwKD9ZouOh0ScTHzs7o9_v9fr_f7_f7_Qat52A2KHzPw184fSzP5XA2ehAbFIpYIrhIJ4KH2e0wvdwSn2fjt4glStNFOtEr_Mq_6638u95ip8PuVjvtPrfi6XBLnQ67z61xON1Sp1vttPvc0qPTrXy6NUenW-J6K_92n1v6cLqlT7fkZXeLHH632uW0C01vs0UsEZwu0onoZTxd1H_kkIu5ZLCaSzaDuWK5WiUAAAAAAAAAAEswyXQTAAAAACeDGm6Gi9U6HcxkNhnsVssFcBGUpQsYBAAAAAAAoFhjjzXAw-x2mF5uic-z8VsZgARzHrPNPiOItVotawAAAALYAAAAArjpxptAEynu____fxwAAAAZOfQAAADo9wFNxa0XeuBK8SuIxWIw3D8AFWKtVqvbjbVaLQ!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=3262075&dpubid=583815&abtst=lvlstst-in2_vC!lvlstst1_vC!nonrv_vA!t45!ufm_vD!ul3310_vB&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.6/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5770d0ab0f132c17e357c960ca4e6e0c48ea1cdb4136c2b032c84d99cffa40ef

Request headers

Referer
https://www.bg3.co/
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Sat, 29 Jul 2023 20:28:15 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1304
x-cache
MISS
x-served-by
cache-lis1490045-LIS
pragma
no-cache
server
nginx
x-timer
S1690662495.687943,VS0,VE580
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
st
am-vid-events.taboola.com/ 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8n44CLAacvlxV9WPmnBE4fbmq6sfMOSsAAABgYID-AAlZFsaZaTVxK1Ymw1o0GHnWEsds4VYYR7vRxLPcWFaWISAhy8I4M60mbsXKZFiLBiPPWuKYLdwK42g3mniWG8vKMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZnaDodPte9Xvf73SU-z1zj9yv8yr_rrfy73mKnw-5WO-0-t-LpcEudDrvPrXE43VKnW-20-9zSo9OtfLo1R6db4nor_3afW_pwuqVPt-Rld4scfrfa5bQLTW-zHQAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAgtkGgieRAAK-7yx8AAAAAQAAAAACQAEBAPywBEGO8d-L_________P8YAfeaNjP____8bBj0AHnwAPAgBAAAAGqIoXP5s-7DNTaRAswgjAAAAAFvN5sNHJukEFYsq_____VYArgAABCSOWnlxZNEdlHgLAwAAIDBmgR4Wv9_ssGv8bpf5_________zfzf-YfTRClmVkaocnRazW_gAAAa34BAQDYqBsAgDcBcIIOQSsGg9UJiNkBAAAAuPP___-vB2QsvtlsMJuZBhPjZmOy2GYz18ozm7hMG9vKMXF4z113x3UweCRsnw1hmf2-g4JyenrMLoOM5TIZxAcNw3IyCOZnwhaj1WSyWQ5ny8VkMBwNR6P9EcDlAE3EYLmcTBaT3Wq0Gm2Gu9FssEACMZggihYNJqvRaLKYDFejyWq2XOx2G0TRqtVstBkMV7PJbLdbDQfD5WiEJmwxWk0mm-VwtlxMBsPRcDQaIphyzBa-xW6zFg0Gw7VouFu5FY6JYy0abkzOxWY0Mw5ma9HrY7pYXDaLyeRFggFte5E8LdKJbDObbXajwcJl801Gho1lZNsMlpvZxrDxWIwjz0Qs0Zws0onssu9YfLPZYDYzDSbGzcZksc1mrpVnNnGZNraVY-LwtxyzhW-x26xFg8FwLRruVm6FY-JYi4Ybk3OxGc2Mg9la9PqYLhaXzWIy-Ruz5WA2m4yWm31jthzMZpPRcrPv0Bm-q8_ZqCyrJB-dR5tMGw83p0HhMli8a_XpLCwKD9ZouOh0ScTHzs7o9_v9fr_f7_f7_Qat52A2KHzPw184fSzP5XA2ehAbFIpYIrhIJ4KH2e0wvdwSn2fjt4glStNFOtEr_Mq_6638u95ip8PuVjvtPrfi6XBLnQ67z61xON1Sp1vttPvc0qPTrXy6NUenW-J6K_92n1v6cLqlT7fkZXeLHH632uW0C01vs0UsEZwu0onoZTxd1H_kkIu5ZLCaSzaDuWK5WiUAAAAAAAAAAEswyXQTAAAAACeDGm6Gi9U6HcxkNhnsVssFcBGUpQsYBAAAAAAAoFhjjzXAw-x2mF5uic-z8VsZgARzHrPNPiOItVotawAAAALYAAAAArjpxptAEynu____fxwAAAAZOfQAAADo9wFNxa0XeuBK8SuIxWIw3D8AFWKtVqvbjbVaLQ!&cmcv=&pix=31589837&cb=1690662494583&uv=3308&tms=1690662494583&abt=lvlstst-in2_vC!lvlstst1_vC!nonrv_vA!t45!ufm_vD!ul3310_vB&ft=0&su=3&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1690662491506.7!ts:1690662494583&mntl=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:28:14 GMT
content-length
0
server
nginx
sync.html
sync.logly.co.jp/sync/ Frame D4D9 		495 B
665 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.logly.co.jp/sync/sync.html
Requested by
Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.198.195.5 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-198-195-5.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
13d5c0f2451f0a14104098f72c6f3334114a68927e50beb4779a0bf98966d9f5

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=2592000
content-length
495
content-type
text/html
date
Sat, 29 Jul 2023 20:28:16 GMT
etag
"64c22ce0-1ef"
last-modified
Thu, 27 Jul 2023 08:37:52 GMT
server
nginx
usync.html
eus.rubiconproject.com/ Frame CD65
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=logly&endpoint=apac
  • https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
Requested by
Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 29 Jul 2023 20:28:14 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 29 Jul 2023 20:28:14 GMT
location
https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
server
AkamaiGHost
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307260102/ Frame 3810 		387 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307260102/pubads_impl.js?cb=31076566
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
aecbcd81ab4ba067ecfc856682cb5d34b2249db6564ae0e4f3f23422b734dc31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 13:44:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
24245
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
125612
x-xss-protection
0
server
cafe
etag
13662757064411976442
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 28 Jul 2024 13:44:09 GMT
/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 9BEB
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=fcde6ae8-8588-4830-a265-ccc13a104767
0
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=fcde6ae8-8588-4830-a265-ccc13a104767
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8n44CLAacvlxV9WPmnBE4fbmq6sfMOSsAAABgYID-AAlZFsaZaTVxK1Ymw1o0GHnWEsds4VYYR7vRxLPcWFaWISAhy8I4M60mbsXKZFiLBiPPWuKYLdwK42g3mniWG8vKMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZnaDodPte9Xvf73SU-z1zj9yv8yr_rrfy73mKnw-5WO-0-t-LpcEudDrvPrXE43VKnW-20-9zSo9OtfLo1R6db4nor_3afW_pwuqVPt-Rld4scfrfa5bQLTW-zHQAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAgtkGgieRAAK-7yx8AAAAAQAAAAACQAEBAPywBEGO8d-L_________P8YAfeaNjP____8bBj0AHnwAPAgBAAAAGqIoXP5s-7DNTaRAswgjAAAAAFvN5sNHJukEFYsq_____VYArgAABCSOWnlxZNEdlHgLAwAAIDBmgR4Wv9_ssGv8bpf5_________zfzf-YfTRClmVkaocnRazW_gAAAa34BAQDYqBsAgDcBcIIOQSsGg9UJiNkBAAAAuPP___-vB2QsvtlsMJuZBhPjZmOy2GYz18ozm7hMG9vKMXF4z113x3UweCRsnw1hmf2-g4JyenrMLoOM5TIZxAcNw3IyCOZnwhaj1WSyWQ5ny8VkMBwNR6P9EcDlAE3EYLmcTBaT3Wq0Gm2Gu9FssEACMZggihYNJqvRaLKYDFejyWq2XOx2G0TRqtVstBkMV7PJbLdbDQfD5WiEJmwxWk0mm-VwtlxMBsPRcDQaIphyzBa-xW6zFg0Gw7VouFu5FY6JYy0abkzOxWY0Mw5ma9HrY7pYXDaLyeRFggFte5E8LdKJbDObbXajwcJl801Gho1lZNsMlpvZxrDxWIwjz0Qs0Zws0onssu9YfLPZYDYzDSbGzcZksc1mrpVnNnGZNraVY-LwtxyzhW-x26xFg8FwLRruVm6FY-JYi4Ybk3OxGc2Mg9la9PqYLhaXzWIy-Ruz5WA2m4yWm31jthzMZpPRcrPv0Bm-q8_ZqCyrJB-dR5tMGw83p0HhMli8a_XpLCwKD9ZouOh0ScTHzs7o9_v9fr_f7_f7_Qat52A2KHzPw184fSzP5XA2ehAbFIpYIrhIJ4KH2e0wvdwSn2fjt4glStNFOtEr_Mq_6638u95ip8PuVjvtPrfi6XBLnQ67z61xON1Sp1vttPvc0qPTrXy6NUenW-J6K_92n1v6cLqlT7fkZXeLHH632uW0C01vs0UsEZwu0onoZTxd1H_kkIu5ZLCaSzaDuWK5WiUAAAAAAAAAAEswyXQTAAAAACeDGm6Gi9U6HcxkNhnsVssFcBGUpQsYBAAAAAAAoFhjjzXAw-x2mF5uic-z8VsZgARzHrPNPiOItVotawAAAALYAAAAArjpxptAEynu____fxwAAAAZOfQAAADo9wFNxa0XeuBK8SuIxWIw3D8AFWKtVqvbjbVaLQ!&cmcv=&pix=undefined&cb=1690662494584&uv=3308&tms=1690662494584&abt=lvlstst-in2_vC!lvlstst1_vC!nonrv_vA!t45!ufm_vD!ul3310_vB&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=d2a8f45b-1ed0-40d3-b16a-a8474b39c2e2&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
109
date
Sat, 29 Jul 2023 20:28:15 GMT
via
1.1 varnish
x-served-by
cache-lis1490045-LIS
server
nginx
x-timer
S1690662495.250571,VS0,VE109
x-fastly-to-nlb-rtt
111183
x-cache
MISS
accept-ranges
bytes
content-length
0
x-service-version
v1
x-cache-hits
0

Redirect headers

pragma
no-cache
date
Sat, 29 Jul 2023 20:28:15 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=fcde6ae8-8588-4830-a265-ccc13a104767
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
239
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame 9BEB
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/e16a7173-4008-487e-a1b1-48cd9134f806-tuctbbefbdd?gdpr=0&us_privacy=1---
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-l5L45jlE2oQfoXrbq5UAyuPbLSeF.bfxjCy1Iw--~A
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-l5L45jlE2oQfoXrbq5UAyuPbLSeF.bfxjCy1Iw--~A
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8n44CLAacvlxV9WPmnBE4fbmq6sfMOSsAAABgYID-AAlZFsaZaTVxK1Ymw1o0GHnWEsds4VYYR7vRxLPcWFaWISAhy8I4M60mbsXKZFiLBiPPWuKYLdwK42g3mniWG8vKMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZnaDodPte9Xvf73SU-z1zj9yv8yr_rrfy73mKnw-5WO-0-t-LpcEudDrvPrXE43VKnW-20-9zSo9OtfLo1R6db4nor_3afW_pwuqVPt-Rld4scfrfa5bQLTW-zHQAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAgtkGgieRAAK-7yx8AAAAAQAAAAACQAEBAPywBEGO8d-L_________P8YAfeaNjP____8bBj0AHnwAPAgBAAAAGqIoXP5s-7DNTaRAswgjAAAAAFvN5sNHJukEFYsq_____VYArgAABCSOWnlxZNEdlHgLAwAAIDBmgR4Wv9_ssGv8bpf5_________zfzf-YfTRClmVkaocnRazW_gAAAa34BAQDYqBsAgDcBcIIOQSsGg9UJiNkBAAAAuPP___-vB2QsvtlsMJuZBhPjZmOy2GYz18ozm7hMG9vKMXF4z113x3UweCRsnw1hmf2-g4JyenrMLoOM5TIZxAcNw3IyCOZnwhaj1WSyWQ5ny8VkMBwNR6P9EcDlAE3EYLmcTBaT3Wq0Gm2Gu9FssEACMZggihYNJqvRaLKYDFejyWq2XOx2G0TRqtVstBkMV7PJbLdbDQfD5WiEJmwxWk0mm-VwtlxMBsPRcDQaIphyzBa-xW6zFg0Gw7VouFu5FY6JYy0abkzOxWY0Mw5ma9HrY7pYXDaLyeRFggFte5E8LdKJbDObbXajwcJl801Gho1lZNsMlpvZxrDxWIwjz0Qs0Zws0onssu9YfLPZYDYzDSbGzcZksc1mrpVnNnGZNraVY-LwtxyzhW-x26xFg8FwLRruVm6FY-JYi4Ybk3OxGc2Mg9la9PqYLhaXzWIy-Ruz5WA2m4yWm31jthzMZpPRcrPv0Bm-q8_ZqCyrJB-dR5tMGw83p0HhMli8a_XpLCwKD9ZouOh0ScTHzs7o9_v9fr_f7_f7_Qat52A2KHzPw184fSzP5XA2ehAbFIpYIrhIJ4KH2e0wvdwSn2fjt4glStNFOtEr_Mq_6638u95ip8PuVjvtPrfi6XBLnQ67z61xON1Sp1vttPvc0qPTrXy6NUenW-J6K_92n1v6cLqlT7fkZXeLHH632uW0C01vs0UsEZwu0onoZTxd1H_kkIu5ZLCaSzaDuWK5WiUAAAAAAAAAAEswyXQTAAAAACeDGm6Gi9U6HcxkNhnsVssFcBGUpQsYBAAAAAAAoFhjjzXAw-x2mF5uic-z8VsZgARzHrPNPiOItVotawAAAALYAAAAArjpxptAEynu____fxwAAAAZOfQAAADo9wFNxa0XeuBK8SuIxWIw3D8AFWKtVqvbjbVaLQ!&cmcv=&pix=undefined&cb=1690662494584&uv=3308&tms=1690662494584&abt=lvlstst-in2_vC!lvlstst1_vC!nonrv_vA!t45!ufm_vD!ul3310_vB&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=d2a8f45b-1ed0-40d3-b16a-a8474b39c2e2&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:28:15 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
38660

Redirect headers

date
Sat, 29 Jul 2023 20:28:14 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-l5L45jlE2oQfoXrbq5UAyuPbLSeF.bfxjCy1Iw--~A
content-length
0
rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame 9BEB
Redirect Chain
  • https://x.bidswitch.net/sync?gdpr=0&us_privacy=1---&ssp=taboola
  • https://x.bidswitch.net/ul_cb/sync?gdpr=0&us_privacy=1---&ssp=taboola
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=0c810efa-1685-4093-af12-4c678061e3d0&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=0c810efa-1685-4093-af12-4c678061e3d0&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=0dc529a4-adc5-407c-9e86-900c65fed442&ssp=taboola&gdpr=0&us_privacy=1---
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=0c810efa-1685-4093-af12-4c678061e3d0&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1---
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=0c810efa-1685-4093-af12-4c678061e3d0&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8n44CLAacvlxV9WPmnBE4fbmq6sfMOSsAAABgYID-AAlZFsaZaTVxK1Ymw1o0GHnWEsds4VYYR7vRxLPcWFaWISAhy8I4M60mbsXKZFiLBiPPWuKYLdwK42g3mniWG8vKMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZnaDodPte9Xvf73SU-z1zj9yv8yr_rrfy73mKnw-5WO-0-t-LpcEudDrvPrXE43VKnW-20-9zSo9OtfLo1R6db4nor_3afW_pwuqVPt-Rld4scfrfa5bQLTW-zHQAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAgtkGgieRAAK-7yx8AAAAAQAAAAACQAEBAPywBEGO8d-L_________P8YAfeaNjP____8bBj0AHnwAPAgBAAAAGqIoXP5s-7DNTaRAswgjAAAAAFvN5sNHJukEFYsq_____VYArgAABCSOWnlxZNEdlHgLAwAAIDBmgR4Wv9_ssGv8bpf5_________zfzf-YfTRClmVkaocnRazW_gAAAa34BAQDYqBsAgDcBcIIOQSsGg9UJiNkBAAAAuPP___-vB2QsvtlsMJuZBhPjZmOy2GYz18ozm7hMG9vKMXF4z113x3UweCRsnw1hmf2-g4JyenrMLoOM5TIZxAcNw3IyCOZnwhaj1WSyWQ5ny8VkMBwNR6P9EcDlAE3EYLmcTBaT3Wq0Gm2Gu9FssEACMZggihYNJqvRaLKYDFejyWq2XOx2G0TRqtVstBkMV7PJbLdbDQfD5WiEJmwxWk0mm-VwtlxMBsPRcDQaIphyzBa-xW6zFg0Gw7VouFu5FY6JYy0abkzOxWY0Mw5ma9HrY7pYXDaLyeRFggFte5E8LdKJbDObbXajwcJl801Gho1lZNsMlpvZxrDxWIwjz0Qs0Zws0onssu9YfLPZYDYzDSbGzcZksc1mrpVnNnGZNraVY-LwtxyzhW-x26xFg8FwLRruVm6FY-JYi4Ybk3OxGc2Mg9la9PqYLhaXzWIy-Ruz5WA2m4yWm31jthzMZpPRcrPv0Bm-q8_ZqCyrJB-dR5tMGw83p0HhMli8a_XpLCwKD9ZouOh0ScTHzs7o9_v9fr_f7_f7_Qat52A2KHzPw184fSzP5XA2ehAbFIpYIrhIJ4KH2e0wvdwSn2fjt4glStNFOtEr_Mq_6638u95ip8PuVjvtPrfi6XBLnQ67z61xON1Sp1vttPvc0qPTrXy6NUenW-J6K_92n1v6cLqlT7fkZXeLHH632uW0C01vs0UsEZwu0onoZTxd1H_kkIu5ZLCaSzaDuWK5WiUAAAAAAAAAAEswyXQTAAAAACeDGm6Gi9U6HcxkNhnsVssFcBGUpQsYBAAAAAAAoFhjjzXAw-x2mF5uic-z8VsZgARzHrPNPiOItVotawAAAALYAAAAArjpxptAEynu____fxwAAAAZOfQAAADo9wFNxa0XeuBK8SuIxWIw3D8AFWKtVqvbjbVaLQ!&cmcv=&pix=undefined&cb=1690662494584&uv=3308&tms=1690662494584&abt=lvlstst-in2_vC!lvlstst1_vC!nonrv_vA!t45!ufm_vD!ul3310_vB&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=d2a8f45b-1ed0-40d3-b16a-a8474b39c2e2&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:28:17 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
41392

Redirect headers

location
//sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=0c810efa-1685-4093-af12-4c678061e3d0&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1---
date
Sat, 29 Jul 2023 20:28:17 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/ Frame 723E 		386 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
964783a75f5a7ecc32d48da45cc6025af80e263d6ba6530dc62cc25865b2eb00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:18:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
558
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
125535
x-xss-protection
0
server
cafe
etag
10403599952857238940
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 28 Jul 2024 20:18:56 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/ Frame B458 		363 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
4c08aed45b6d50840298de3ecde4f178161e5d27d3519ee9a074458db0d1f3ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:28:14 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127291
x-xss-protection
0
server
cafe
etag
6108688157266077649
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 29 Jul 2023 20:28:14 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/ Frame 5E22 		363 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
6b58feb38239b5401f1a51db3c0229ac8890f933ca12a2d3f5b7b6a1ba9a85a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:28:14 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127278
x-xss-protection
0
server
cafe
etag
13150802376573000623
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 29 Jul 2023 20:28:14 GMT
pixel;r=1004834565;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33b...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1004834565;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-1377713212-1690662494228;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;ref=;d=bg3.co;dst=0;et=1690662494851;tzo=0;ogl=;ses=a87d5cd4-9af5-4c22-abc4-ecbd31469f3a;mdl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.166 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Jul 2023 20:28:14 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
252 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.233.145.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-145-252.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 29 Jul 2023 20:28:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
L2EveW91LXlvdS1saWFuLW1pbmctcWlhLWppYW5nLWNhaS1qaS1taW5nLXpoaS15aS1zaGktYnUteW9uZy16YWktemktcmVuLWRhby1tZWkuaHRtbA==.json
cdn.adpushup.com/42753/ 		555 B
870 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/L2EveW91LXlvdS1saWFuLW1pbmctcWlhLWppYW5nLWNhaS1qaS1taW5nLXpoaS15aS1zaGktYnUteW9uZy16YWktemktcmVuLWRhby1tZWkuaHRtbA==.json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.202.65 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-202-65.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
PT
date
Sat, 29 Jul 2023 20:28:15 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=MISS, edge; dur=31, origin; dur=89, ak_p; desc="469628_34654781_537148125_11966_1731_45_0_219";dur=1
content-length
555
expires
Sat, 29 Jul 2023 21:28:15 GMT
/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 875A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=fcde6ae8-8588-4830-a265-ccc13a104767
0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=fcde6ae8-8588-4830-a265-ccc13a104767
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8n44CLAacvlxV9WPmnBE4fbmq6sfMOSsAAABgYID-AAlZFsaZaTVxK1Ymw1o0GHnWEsds4VYYR7vRxLPcWFaWISAhy8I4M60mbsXKZFiLBiPPWuKYLdwK42g3mniWG8vKMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZnaDodPte9Xvf73SU-z1zj9yv8yr_rrfy73mKnw-5WO-0-t-LpcEudDrvPrXE43VKnW-20-9zSo9OtfLo1R6db4nor_3afW_pwuqVPt-Rld4scfrfa5bQLTW-zHQAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAgtkGgieRAAK-7yx8AAAAAQAAAAACQAEBAPywBEGO8d-L_________P8YAfeaNjP____8bBj0AHnwAPAgBAAAAGqIoXP5s-7DNTaRAswgjAAAAAFvN5sNHJukEFYsq_____VYArgAABCSOWnlxZNEdlHgLAwAAIDBmgR4Wv9_ssGv8bpf5_________zfzf-YfTRClmVkaocnRazW_gAAAa34BAQDYqBsAgDcBcIIOQSsGg9UJiNkBAAAAuPP___-vB2QsvtlsMJuZBhPjZmOy2GYz18ozm7hMG9vKMXF4z113x3UweCRsnw1hmf2-g4JyenrMLoOM5TIZxAcNw3IyCOZnwhaj1WSyWQ5ny8VkMBwNR6P9EcDlAE3EYLmcTBaT3Wq0Gm2Gu9FssEACMZggihYNJqvRaLKYDFejyWq2XOx2G0TRqtVstBkMV7PJbLdbDQfD5WiEJmwxWk0mm-VwtlxMBsPRcDQaIphyzBa-xW6zFg0Gw7VouFu5FY6JYy0abkzOxWY0Mw5ma9HrY7pYXDaLyeRFggFte5E8LdKJbDObbXajwcJl801Gho1lZNsMlpvZxrDxWIwjz0Qs0Zws0onssu9YfLPZYDYzDSbGzcZksc1mrpVnNnGZNraVY-LwtxyzhW-x26xFg8FwLRruVm6FY-JYi4Ybk3OxGc2Mg9la9PqYLhaXzWIy-Ruz5WA2m4yWm31jthzMZpPRcrPv0Bm-q8_ZqCyrJB-dR5tMGw83p0HhMli8a_XpLCwKD9ZouOh0ScTHzs7o9_v9fr_f7_f7_Qat52A2KHzPw184fSzP5XA2ehAbFIpYIrhIJ4KH2e0wvdwSn2fjt4glStNFOtEr_Mq_6638u95ip8PuVjvtPrfi6XBLnQ67z61xON1Sp1vttPvc0qPTrXy6NUenW-J6K_92n1v6cLqlT7fkZXeLHH632uW0C01vs0UsEZwu0onoZTxd1H_kkIu5ZLCaSzaDuWK5WiUAAAAAAAAAAEswyXQTAAAAACeDGm6Gi9U6HcxkNhnsVssFcBGUpQsYBAAAAAAAoFhjjzXAw-x2mF5uic-z8VsZgARzHrPNPiOItVotawAAAALYAAAAArjpxptAEynu____fxwAAAAZOfQAAADo9wFNxa0XeuBK8SuIxWIw3D8AFWKtVqvbjbVaLQ!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
109
date
Sat, 29 Jul 2023 20:28:15 GMT
via
1.1 varnish
x-served-by
cache-lis1490045-LIS
server
nginx
x-timer
S1690662495.250563,VS0,VE109
x-fastly-to-nlb-rtt
107698
x-cache
MISS
accept-ranges
bytes
content-length
0
x-service-version
v1
x-cache-hits
0

Redirect headers

pragma
no-cache
date
Sat, 29 Jul 2023 20:28:15 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=fcde6ae8-8588-4830-a265-ccc13a104767
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
239
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame 875A
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/e16a7173-4008-487e-a1b1-48cd9134f806-tuctbbefbdd?gdpr=0&us_privacy=1---
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-52NgEqtE2oRAezkWGIWi00ox0ugT9tRTgG4QhQ--~A
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-52NgEqtE2oRAezkWGIWi00ox0ugT9tRTgG4QhQ--~A
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8n44CLAacvlxV9WPmnBE4fbmq6sfMOSsAAABgYID-AAlZFsaZaTVxK1Ymw1o0GHnWEsds4VYYR7vRxLPcWFaWISAhy8I4M60mbsXKZFiLBiPPWuKYLdwK42g3mniWG8vKMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZnaDodPte9Xvf73SU-z1zj9yv8yr_rrfy73mKnw-5WO-0-t-LpcEudDrvPrXE43VKnW-20-9zSo9OtfLo1R6db4nor_3afW_pwuqVPt-Rld4scfrfa5bQLTW-zHQAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAgtkGgieRAAK-7yx8AAAAAQAAAAACQAEBAPywBEGO8d-L_________P8YAfeaNjP____8bBj0AHnwAPAgBAAAAGqIoXP5s-7DNTaRAswgjAAAAAFvN5sNHJukEFYsq_____VYArgAABCSOWnlxZNEdlHgLAwAAIDBmgR4Wv9_ssGv8bpf5_________zfzf-YfTRClmVkaocnRazW_gAAAa34BAQDYqBsAgDcBcIIOQSsGg9UJiNkBAAAAuPP___-vB2QsvtlsMJuZBhPjZmOy2GYz18ozm7hMG9vKMXF4z113x3UweCRsnw1hmf2-g4JyenrMLoOM5TIZxAcNw3IyCOZnwhaj1WSyWQ5ny8VkMBwNR6P9EcDlAE3EYLmcTBaT3Wq0Gm2Gu9FssEACMZggihYNJqvRaLKYDFejyWq2XOx2G0TRqtVstBkMV7PJbLdbDQfD5WiEJmwxWk0mm-VwtlxMBsPRcDQaIphyzBa-xW6zFg0Gw7VouFu5FY6JYy0abkzOxWY0Mw5ma9HrY7pYXDaLyeRFggFte5E8LdKJbDObbXajwcJl801Gho1lZNsMlpvZxrDxWIwjz0Qs0Zws0onssu9YfLPZYDYzDSbGzcZksc1mrpVnNnGZNraVY-LwtxyzhW-x26xFg8FwLRruVm6FY-JYi4Ybk3OxGc2Mg9la9PqYLhaXzWIy-Ruz5WA2m4yWm31jthzMZpPRcrPv0Bm-q8_ZqCyrJB-dR5tMGw83p0HhMli8a_XpLCwKD9ZouOh0ScTHzs7o9_v9fr_f7_f7_Qat52A2KHzPw184fSzP5XA2ehAbFIpYIrhIJ4KH2e0wvdwSn2fjt4glStNFOtEr_Mq_6638u95ip8PuVjvtPrfi6XBLnQ67z61xON1Sp1vttPvc0qPTrXy6NUenW-J6K_92n1v6cLqlT7fkZXeLHH632uW0C01vs0UsEZwu0onoZTxd1H_kkIu5ZLCaSzaDuWK5WiUAAAAAAAAAAEswyXQTAAAAACeDGm6Gi9U6HcxkNhnsVssFcBGUpQsYBAAAAAAAoFhjjzXAw-x2mF5uic-z8VsZgARzHrPNPiOItVotawAAAALYAAAAArjpxptAEynu____fxwAAAAZOfQAAADo9wFNxa0XeuBK8SuIxWIw3D8AFWKtVqvbjbVaLQ!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:28:15 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
38660

Redirect headers

date
Sat, 29 Jul 2023 20:28:14 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-52NgEqtE2oRAezkWGIWi00ox0ugT9tRTgG4QhQ--~A
content-length
0
/
sync.taboola.com/sg/yahoosspus-network/1/rtb-h/ Frame 875A
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=0&us_privacy=1---
  • https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=0&us_privacy=1---&verify=true
  • https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-QMKIuG5E2uH87SLwNIeKsTJ8N_A9LSbQ~A&gdpr_in_effect=0
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-QMKIuG5E2uH87SLwNIeKsTJ8N_A9LSbQ~A&gdpr_in_effect=0
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8n44CLAacvlxV9WPmnBE4fbmq6sfMOSsAAABgYID-AAlZFsaZaTVxK1Ymw1o0GHnWEsds4VYYR7vRxLPcWFaWISAhy8I4M60mbsXKZFiLBiPPWuKYLdwK42g3mniWG8vKMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZnaDodPte9Xvf73SU-z1zj9yv8yr_rrfy73mKnw-5WO-0-t-LpcEudDrvPrXE43VKnW-20-9zSo9OtfLo1R6db4nor_3afW_pwuqVPt-Rld4scfrfa5bQLTW-zHQAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAgtkGgieRAAK-7yx8AAAAAQAAAAACQAEBAPywBEGO8d-L_________P8YAfeaNjP____8bBj0AHnwAPAgBAAAAGqIoXP5s-7DNTaRAswgjAAAAAFvN5sNHJukEFYsq_____VYArgAABCSOWnlxZNEdlHgLAwAAIDBmgR4Wv9_ssGv8bpf5_________zfzf-YfTRClmVkaocnRazW_gAAAa34BAQDYqBsAgDcBcIIOQSsGg9UJiNkBAAAAuPP___-vB2QsvtlsMJuZBhPjZmOy2GYz18ozm7hMG9vKMXF4z113x3UweCRsnw1hmf2-g4JyenrMLoOM5TIZxAcNw3IyCOZnwhaj1WSyWQ5ny8VkMBwNR6P9EcDlAE3EYLmcTBaT3Wq0Gm2Gu9FssEACMZggihYNJqvRaLKYDFejyWq2XOx2G0TRqtVstBkMV7PJbLdbDQfD5WiEJmwxWk0mm-VwtlxMBsPRcDQaIphyzBa-xW6zFg0Gw7VouFu5FY6JYy0abkzOxWY0Mw5ma9HrY7pYXDaLyeRFggFte5E8LdKJbDObbXajwcJl801Gho1lZNsMlpvZxrDxWIwjz0Qs0Zws0onssu9YfLPZYDYzDSbGzcZksc1mrpVnNnGZNraVY-LwtxyzhW-x26xFg8FwLRruVm6FY-JYi4Ybk3OxGc2Mg9la9PqYLhaXzWIy-Ruz5WA2m4yWm31jthzMZpPRcrPv0Bm-q8_ZqCyrJB-dR5tMGw83p0HhMli8a_XpLCwKD9ZouOh0ScTHzs7o9_v9fr_f7_f7_Qat52A2KHzPw184fSzP5XA2ehAbFIpYIrhIJ4KH2e0wvdwSn2fjt4glStNFOtEr_Mq_6638u95ip8PuVjvtPrfi6XBLnQ67z61xON1Sp1vttPvc0qPTrXy6NUenW-J6K_92n1v6cLqlT7fkZXeLHH632uW0C01vs0UsEZwu0onoZTxd1H_kkIu5ZLCaSzaDuWK5WiUAAAAAAAAAAEswyXQTAAAAACeDGm6Gi9U6HcxkNhnsVssFcBGUpQsYBAAAAAAAoFhjjzXAw-x2mF5uic-z8VsZgARzHrPNPiOItVotawAAAALYAAAAArjpxptAEynu____fxwAAAAZOfQAAADo9wFNxa0XeuBK8SuIxWIw3D8AFWKtVqvbjbVaLQ!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:28:15 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
38667

Redirect headers

location
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-QMKIuG5E2uH87SLwNIeKsTJ8N_A9LSbQ~A&gdpr_in_effect=0
date
Sat, 29 Jul 2023 20:28:15 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.64
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
usync.js
eus.rubiconproject.com/ Frame B3B1 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4bf2dc242cae49d2b3f8d24aebb7354d3304d257435af62ba6245481e765858a

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 29 Jul 2023 20:28:14 GMT
Content-Encoding
gzip
Last-Modified
Sat, 29 Jul 2023 18:46:31 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=80297
Connection
keep-alive
Content-Length
10114
Expires
Sun, 30 Jul 2023 18:46:31 GMT
usync.js
eus.rubiconproject.com/ Frame 9AB0 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4bf2dc242cae49d2b3f8d24aebb7354d3304d257435af62ba6245481e765858a

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 29 Jul 2023 20:28:14 GMT
Content-Encoding
gzip
Last-Modified
Sat, 29 Jul 2023 18:46:31 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=80297
Connection
keep-alive
Content-Length
10114
Expires
Sun, 30 Jul 2023 18:46:31 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 3810 		492 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1984459234597001&correlator=1576748085801177&eid=31076566&output=ldjh&gdfp_req=1&vrg=202307260102&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1690662495013&lmt=1644386353&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=bb4usdpphf43&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=379517396.1690662495&ga_sid=1690662495&ga_hid=246401070&ga_fc=false&dlt=1690662494401&idt=561
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307260102/pubads_impl.js?cb=31076566
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
795d055db93e8db11f35f8c20d60ffa7109e9c162c1eb4f7d5ced34d3aff4e11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:28:15 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
234
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 3810 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307260102&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307260102/pubads_impl.js?cb=31076566
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
3890daf7d48a0e1db6064078f5fcac464194d2b8a84d386acdf93b4d84bb322b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:28:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11760
x-xss-protection
0
container.html
26a913cfa320d0f204fd1581ad0e5bf0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7B97 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://26a913cfa320d0f204fd1581ad0e5bf0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307260102/pubads_impl.js?cb=31076566
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 29 Jul 2023 20:28:15 GMT
expires
Sun, 28 Jul 2024 20:28:15 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
usync.js
eus.rubiconproject.com/ Frame CD65 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4bf2dc242cae49d2b3f8d24aebb7354d3304d257435af62ba6245481e765858a

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 29 Jul 2023 20:28:15 GMT
Content-Encoding
gzip
Last-Modified
Sat, 29 Jul 2023 18:46:31 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=80296
Connection
keep-alive
Content-Length
10114
Expires
Sun, 30 Jul 2023 18:46:31 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 723E 		492 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1853337233912651&correlator=4107357829476873&eid=31072020&output=ldjh&gdfp_req=1&vrg=202307250102&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1690662495049&lmt=1644386353&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=5j1wjtmkwmeo&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=291743670.1690662495&ga_sid=1690662495&ga_hid=28362020&ga_fc=false&dlt=1690662494402&idt=590
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
744d7fd2eff83541a5bb71b6a8a7d78898279e1e4ad18d066a0aaead5f451583
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:28:15 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
234
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 723E 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307250102&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
68cde69b89dc60568795e7009e5e712873a1ccd7a2883b11d0beab7261bb8f08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:28:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11719
x-xss-protection
0
container.html
ab1d08d97462a9db334f967904413160.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1416 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ab1d08d97462a9db334f967904413160.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 29 Jul 2023 20:28:16 GMT
expires
Sun, 28 Jul 2024 20:28:16 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
khaos.jpg
token.rubiconproject.com/ Frame 9AB0 		284 B
921 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
f5982f4f9cc79eb2b489dda8b92e3144
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
khaos.jpg
token.rubiconproject.com/ Frame B3B1 		284 B
934 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cookie.js
partner.googleadservices.com/gampad/ Frame B458 		379 B
598 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
054e46e8e697376f028a8bcbeb426d6569965da575478f81fbffa9cdfc3d4bed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:28:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
246
x-xss-protection
0
GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
adx.holmesmind.com/adx-file/20230617/ Frame 45A6
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134176&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=169066...
  • https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
459 B
871 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.91.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-91-74.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eae438576c20d429574bb39337c98179423e0ec301675c2ba564e15fd2e0ae0c

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

accept-ranges
bytes
age
1634
content-length
459
content-type
text/html
date
Sat, 29 Jul 2023 20:01:03 GMT
etag
"b488597db51c4a25cc169c0690d8eea0"
last-modified
Sat, 17 Jun 2023 07:13:44 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 343bfbd831f62ab698056c2ca0efaabc.cloudfront.net (CloudFront)
x-amz-cf-id
qlbSE66obguQs4Xi20An-JrkgEbCg8ozmG_pMOeZXFGgmFtkKymYrQ==
x-amz-cf-pop
CDG50-C1
x-amz-server-side-encryption
AES256
x-amz-version-id
YJSjBgr7qtGU8YTUZxdm49TPP59hJ0a5
x-cache
Hit from cloudfront

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 29 Jul 2023 20:28:15 GMT
location
https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame B458 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230726&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
f36301af8d50584ad99a661ebc5e8f0a713472f64051735f04972c32cb0c9b32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:28:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11719
x-xss-protection
0
js
www.googletagmanager.com/gtag/ 		241 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
2f5cecd935167816a958b990c159685f19df5d42134d4edd46f15ba67b5a7f67
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:28:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
84362
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 29 Jul 2023 20:28:15 GMT
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
253 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.233.145.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-145-252.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 29 Jul 2023 20:28:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
khaos.jpg
token.rubiconproject.com/ Frame CD65 		284 B
921 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cookie.js
partner.googleadservices.com/gampad/ Frame 5E22 		379 B
318 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
02bf991484254138d067721b5df53637469c8b5023d0ba8fc49097b51f847316
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:28:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
249
x-xss-protection
0
GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
adx.holmesmind.com/adx-file/20230617/ Frame A704
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134177&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=169066...
  • https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
459 B
869 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.91.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-91-74.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eae438576c20d429574bb39337c98179423e0ec301675c2ba564e15fd2e0ae0c

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

accept-ranges
bytes
age
1634
content-length
459
content-type
text/html
date
Sat, 29 Jul 2023 20:01:03 GMT
etag
"b488597db51c4a25cc169c0690d8eea0"
last-modified
Sat, 17 Jun 2023 07:13:44 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 343bfbd831f62ab698056c2ca0efaabc.cloudfront.net (CloudFront)
x-amz-cf-id
fT_-3Rc7qrJqmLu96Xegf6JP3Ai6UrC_Kbn3EGgx3o0QcvcgFHc4FA==
x-amz-cf-pop
CDG50-C1
x-amz-server-side-encryption
AES256
x-amz-version-id
YJSjBgr7qtGU8YTUZxdm49TPP59hJ0a5
x-cache
Hit from cloudfront

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 29 Jul 2023 20:28:15 GMT
location
https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 5E22 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230726&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
4250cad4df87001d8741c81b205806e7e6d450e4570e56711af3c1feb20addd1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:28:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11730
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 3810 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307260102/pubads_impl.js?cb=31076566
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f161.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:28:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 29 Jul 2023 20:28:15 GMT
bulk
trc.taboola.com/palmate-bg3co/log/3/ 		0
246 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/log/3/bulk?route=HK%3AIL%3AV&lti=deflated&bulkSize=12
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230727-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
125
date
Sat, 29 Jul 2023 20:28:15 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
115015
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-lis1490045-LIS
pragma
no-cache
server
nginx
x-timer
S1690662495.250127,VS0,VE125
content-type
image/gif
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 723E 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f161.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:28:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 29 Jul 2023 20:28:15 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame B458 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f161.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:28:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 29 Jul 2023 20:28:15 GMT
cmTagFEED_MANAGER.js
vidstat.taboola.com/vpaid/units/33_0_8/infra/ 		889 KB
148 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/33_0_8/infra/cmTagFEED_MANAGER.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.6/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
30440c593b86740ded122b76696292c5cdfc0cd98f9703bc15baf1e1bd191b53

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime
1690189710
date
Sat, 29 Jul 2023 20:28:18 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
1EGY211EJA3NCCST
age
472646
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1690189711
x-amz-meta-mode
33188
content-length
150941
x-amz-id-2
SjAIXHO1D0oUntY2GbB7vyWiwzvUPCfIg3FSa4eZtpuPwnpbopplW16Rgw9n0Fnknx8J1oTrAfk=
x-served-by
cache-lis1490040-LIS
last-modified
Mon, 24 Jul 2023 09:08:32 GMT
server
AmazonS3-br
x-timer
S1690662498.495007,VS0,VE0
etag
"2653a0c8d7fe85b3a9f7075f29ed0624"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
107100
cmOsUnit.css
vidstat.taboola.com/vpaid/units/33_0_8/assets/css/ 		60 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/33_0_8/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.6/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime
1690189728
date
Sat, 29 Jul 2023 20:28:15 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
1EGXBHVBRZP6GW94
age
472643
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1690189728
x-amz-meta-mode
33188
content-length
7924
x-amz-id-2
KAWgGmTqU8XyRkDoqr1ZPXfsNiW5KRoJ1paTShJAcRNNrUT7taT3DKrwJlKLNjO2R0BvBP/gXco=
x-served-by
cache-lis1490045-LIS
last-modified
Mon, 24 Jul 2023 09:08:49 GMT
server
AmazonS3-br
x-timer
S1690662495.316544,VS0,VE0
etag
"a6067988de416f653559cce5285c7c1b"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
130848
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
718 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Sat, 29 Jul 2023 20:28:15 GMT
via
1.1 varnish
x-amz-request-id
4T9HD5F03CQKWW5F
age
306
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
lSoEvzXhqJLoKpvfWFl7Ah/8uMlGPX5JSuu1fj0iX8SuZTcXX+ikn4ChNiw6KH21t9pdaNS54d4=
x-served-by
cache-lis1490045-LIS
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1690662495.328440,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
96
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
29
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 5E22 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f161.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:28:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 29 Jul 2023 20:28:15 GMT
collect
www.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je37q0&_p=8550&cid=882518502.1690662495&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1690662495&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html&dt=%E6%82%A0%E9%81%8A%E8%81%AF%E5%90%8D%E5%8D%A1%E5%B0%87%E6%8E%A1%E8%A8%98%E5%90%8D%E5%88%B6%E3%80%80%E9%81%BA%E5%A4%B1%E4%B8%8D%E7%94%A8%E5%86%8D%E8%87%AA%E8%AA%8D%E5%80%92%E6%A5%A3%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_nsi=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Jul 2023 20:28:15 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
idsync
sync.aralego.com/ Frame B3B1
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LKOGSQDZ-3-ED2T
  • https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LKOGSQDZ-3-ED2T
35 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LKOGSQDZ-3-ED2T
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Server
192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 29 Jul 2023 20:28:19 GMT
Connection
close
Content-Length
35
Content-Type
image/gif

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LKOGSQDZ-3-ED2T
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Expires
0
rubicon.gif
sync.logly.co.jp/rtb/ Frame CD65
Redirect Chain
  • https://pixel-apac.rubiconproject.com/exchange/sync.php?p=logly&khaos=LKOGSQGA-W-IT7N
  • https://sync.logly.co.jp/rtb/rubicon.gif?buyeruid=LKOGSQGA-W-IT7N
0
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.logly.co.jp/rtb/rubicon.gif?buyeruid=LKOGSQGA-W-IT7N
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
Protocol
H2
Server
52.198.195.5 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-198-195-5.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 29 Jul 2023 20:28:16 GMT
cache-control
private, no-cache, no-cache="Set-Cookie", proxy-revalidate
server
nginx
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
p3p
CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.logly.co.jp/rtb/rubicon.gif?buyeruid=LKOGSQGA-W-IT7N
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f60a7260b0ebb7a40a81234af4a9e826
Expires
0
ecm3
s.amazon-adsystem.com/ Frame 9AB0
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=ZN0gDFeaQ2i-f82XZeuVNA&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=ZN0gDFeaQ2i-f82XZeuVNA
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=ZN0gDFeaQ2i-f82XZeuVNA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 29 Jul 2023 20:28:16 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
DTFGNDP8K1QR57NTPW8C
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=ZN0gDFeaQ2i-f82XZeuVNA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 9AB0
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=FIjw7A-cSJW5HEfBIJNcTQ&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=FIjw7A-cSJW5HEfBIJNcTQ
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=FIjw7A-cSJW5HEfBIJNcTQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
HTTP/1.1
Server
67.220.228.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 29 Jul 2023 20:28:17 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
TPJQHR301V63SAQWXPN2
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=FIjw7A-cSJW5HEfBIJNcTQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 9AB0
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjM2ZTY1M2VlODQ0MDExMTVlNDY0NjI4YWViODU4ZjFhN2VjYzUzOA
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjM2ZTY1M2VlODQ0MDExMTVlNDY0NjI4YWViODU4ZjFhN2VjYzUzOA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H2
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Jul 2023 20:28:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjM2ZTY1M2VlODQ0MDExMTVlNDY0NjI4YWViODU4ZjFhN2VjYzUzOA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 9AB0
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
  • https://s.amazon-adsystem.com/ecm3?id=LKOGSQGA-W-IT7N&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LKOGSQGA-W-IT7N&ex=d-rubiconproject.com&status=ok
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 29 Jul 2023 20:28:16 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
9AZX44X54V1SPP1424BP
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LKOGSQGA-W-IT7N&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Expires
0
pixel
cm.g.doubleclick.net/ Frame 9AB0
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEtPR1NRR0EtVy1JVDdO
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBHi9IuSS9O_8zMvflfY-Eg&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEtPR1NRR0EtVy1JVDdO&google_push=
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEtPR1NRR0EtVy1JVDdO&google_push=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H2
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Jul 2023 20:28:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEtPR1NRR0EtVy1JVDdO&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Expires
0
setuid
px.ads.linkedin.com/ Frame 9AB0
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LKOGSQGA-W-IT7N
0
514 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LKOGSQGA-W-IT7N
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:28:15 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: FF7059905D994DCB8FC32C0D4E2238F9 Ref B: LIS01EDGE0605 Ref C: 2023-07-29T20:28:15Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYBpgmCFH6jHcbQkQmoeA==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LKOGSQGA-W-IT7N
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 9AB0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJaWj9yQcxNUy-V5-725zGA&google_cver=1
42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJaWj9yQcxNUy-V5-725zGA&google_cver=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sat, 29 Jul 2023 20:28:16 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJaWj9yQcxNUy-V5-725zGA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 9AB0
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=fcde6ae8-8588-4830-a265-ccc13a104767&gdpr=0&gdpr_consent=&expires=30
42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=fcde6ae8-8588-4830-a265-ccc13a104767&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sat, 29 Jul 2023 20:28:15 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=fcde6ae8-8588-4830-a265-ccc13a104767&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E92A 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f161.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

accept-ranges
bytes
age
5055
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 29 Jul 2023 19:04:00 GMT
expires
Sun, 28 Jul 2024 19:04:00 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame F89F 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f4.1e100.net
Software
GSE /
Resource Hash
b437d1ea8c9296a76a0a849a07df4506bf624c3e0f3c70a14f03aa88f5fec89b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-eJsd0lzdjBjzKDk_j2-rig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-eJsd0lzdjBjzKDk_j2-rig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 29 Jul 2023 20:28:16 GMT
expires
Sat, 29 Jul 2023 20:28:16 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B1FE 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f161.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

accept-ranges
bytes
age
5055
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 29 Jul 2023 19:04:00 GMT
expires
Sun, 28 Jul 2024 19:04:00 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 107D 		783 B
743 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f4.1e100.net
Software
GSE /
Resource Hash
d4b6b3a570aaaee50d8c32037a81201e0743dd5784cb2210a5294bed22bf55ef
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Pa528X-tVUS_u-QMGDhPZg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-Pa528X-tVUS_u-QMGDhPZg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 29 Jul 2023 20:28:16 GMT
expires
Sat, 29 Jul 2023 20:28:16 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5604 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f161.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

accept-ranges
bytes
age
5055
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 29 Jul 2023 19:04:00 GMT
expires
Sun, 28 Jul 2024 19:04:00 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame ED25 		783 B
741 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f4.1e100.net
Software
GSE /
Resource Hash
9cdc95083c5dd815740afe83dea84a27d82d2d69a56dda26d1330bfc525f7086
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-125SitjffzbktHxCW5hiKg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-125SitjffzbktHxCW5hiKg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 29 Jul 2023 20:28:16 GMT
expires
Sat, 29 Jul 2023 20:28:16 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6C8F 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f161.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

accept-ranges
bytes
age
5055
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 29 Jul 2023 19:04:00 GMT
expires
Sun, 28 Jul 2024 19:04:00 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 2766 		783 B
740 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f4.1e100.net
Software
GSE /
Resource Hash
b673b0fa1f8bc3b2b034f13fa12aafb26e144ac9dcf166968b105c2fddb15f99
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-qgcrRtks2VqmoD9MNnDLRQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-qgcrRtks2VqmoD9MNnDLRQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 29 Jul 2023 20:28:16 GMT
expires
Sat, 29 Jul 2023 20:28:16 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
g3YyfgUK0ye4_zZ0TZo1Byqq3c9tr_Gw3_pcFoz461A.js
pagead2.googlesyndication.com/bg/ Frame E92A 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/g3YyfgUK0ye4_zZ0TZo1Byqq3c9tr_Gw3_pcFoz461A.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
8376327e050ad327b8ff36744d9a35072aaaddcf6daff1b0dffa5c168cf8eb50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 15:29:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
17935
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14577
x-xss-protection
0
last-modified
Mon, 24 Jul 2023 13:39:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 28 Jul 2024 15:29:20 GMT
g3YyfgUK0ye4_zZ0TZo1Byqq3c9tr_Gw3_pcFoz461A.js
pagead2.googlesyndication.com/bg/ Frame B1FE 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/g3YyfgUK0ye4_zZ0TZo1Byqq3c9tr_Gw3_pcFoz461A.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
8376327e050ad327b8ff36744d9a35072aaaddcf6daff1b0dffa5c168cf8eb50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 15:29:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
17935
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14577
x-xss-protection
0
last-modified
Mon, 24 Jul 2023 13:39:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 28 Jul 2024 15:29:20 GMT
g3YyfgUK0ye4_zZ0TZo1Byqq3c9tr_Gw3_pcFoz461A.js
pagead2.googlesyndication.com/bg/ Frame 5604 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/g3YyfgUK0ye4_zZ0TZo1Byqq3c9tr_Gw3_pcFoz461A.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
8376327e050ad327b8ff36744d9a35072aaaddcf6daff1b0dffa5c168cf8eb50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 15:29:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
17935
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14577
x-xss-protection
0
last-modified
Mon, 24 Jul 2023 13:39:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 28 Jul 2024 15:29:20 GMT
g3YyfgUK0ye4_zZ0TZo1Byqq3c9tr_Gw3_pcFoz461A.js
pagead2.googlesyndication.com/bg/ Frame 6C8F 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/g3YyfgUK0ye4_zZ0TZo1Byqq3c9tr_Gw3_pcFoz461A.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
8376327e050ad327b8ff36744d9a35072aaaddcf6daff1b0dffa5c168cf8eb50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 15:29:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
17935
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14577
x-xss-protection
0
last-modified
Mon, 24 Jul 2023 13:39:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 28 Jul 2024 15:29:20 GMT
generate_204
tpc.googlesyndication.com/ Frame E92A 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?RHzJug
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f161.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:28:16 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
generate_204
tpc.googlesyndication.com/ Frame B1FE 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?T9bisw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f161.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:28:16 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 5604 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?SAh83g
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f161.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:28:16 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 6C8F 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?4Z0gZw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f161.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:28:16 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
rtb-h
sync.taboola.com/sg/supershiprtb-display-network/1/ Frame 45AE
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=taboola
  • https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZMV2YcCo8YMAANUkDiMAAAAA
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZMV2YcCo8YMAANUkDiMAAAAA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:28:17 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
41789

Redirect headers

X-SO-Cluster-ID
0
Date
Sat, 29 Jul 2023 20:28:17 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=taboola","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZMV2YcCo8YMAANUkDiMAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"a-ad40140"}
X-SO-Key
ZMV2YcCo8YMAANUkDiMAAAAA
Server
nginx
X-SO-Upstream-ID
a-ad40140
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZMV2YcCo8YMAANUkDiMAAAAA
Cache-Control
private
X-SO-HostName
a-ad40140.dc2p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
3
Content-Length
0
X-SO-LB-Hostname
m-tgng31.dc4p.scaleout.jp
X-SO-IP
91.205.230.195
/
sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/ Frame 45AE
Redirect Chain
  • https://ih.adscale.de/su?gdpr=0&gdpr_consent=&tpid=22688&cburl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstroerrtbeur-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__STROEER_USER_ID__
  • https://ih.adscale.de/su?gdpr=0&gdpr_consent=&tpid=22688&cburl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstroerrtbeur-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__STROEER_USER_ID__&nut&uu=e7b19e4558b141d8a2...
  • https://sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/?taboola_hm=e7b19e4558b141d8a2c33506ad0490e0
0
221 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/?taboola_hm=e7b19e4558b141d8a2c33506ad0490e0
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:28:19 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
39858

Redirect headers

location
https://sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/?taboola_hm=e7b19e4558b141d8a2c33506ad0490e0
date
Sat, 29 Jul 2023 20:28:19 GMT
content-length
0
sync
ssbsync.smartadserver.com/api/ Frame 45AE 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.150 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:28:17 GMT
content-length
0
/
sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/ Frame 45AE
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=16698
  • https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LKOGSQGA-W-IT7N
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LKOGSQGA-W-IT7N
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:28:16 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
43370

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LKOGSQGA-W-IT7N
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Expires
0
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame 45AE
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/e16a7173-4008-487e-a1b1-48cd9134f806-tuctbbefbdd?gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-SvDXr59E2oRtTN0CK2T4h8MDjNM9nIejv_PgUg--~A
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-SvDXr59E2oRtTN0CK2T4h8MDjNM9nIejv_PgUg--~A
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:28:16 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
43370

Redirect headers

date
Sat, 29 Jul 2023 20:28:16 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-SvDXr59E2oRtTN0CK2T4h8MDjNM9nIejv_PgUg--~A
content-length
0
taboola
trace.mediago.io/ju/cs/ Frame 45AE 		0
0
/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame 45AE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEJHNGQq5-8M7KOdSWDjuDTc&google_cver=1
0
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEJHNGQq5-8M7KOdSWDjuDTc&google_cver=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H2
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
109
date
Sat, 29 Jul 2023 20:28:16 GMT
via
1.1 varnish
x-served-by
cache-lis1490045-LIS
server
nginx
x-timer
S1690662497.510506,VS0,VE109
x-fastly-to-nlb-rtt
107696
x-cache
MISS
accept-ranges
bytes
content-length
0
x-service-version
v1
x-cache-hits
0

Redirect headers

pragma
no-cache
date
Sat, 29 Jul 2023 20:28:16 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEJHNGQq5-8M7KOdSWDjuDTc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
304
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 45AE 		42 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=e16a7173-4008-487e-a1b1-48cd9134f806-tuctbbefbdd:$UID
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 29 Jul 2023 20:28:16 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pixel
cm.g.doubleclick.net/ Frame 45AE
Redirect Chain
  • https://sync.taboola.com/sg/google-network/1/rtb/?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=e16a7173-4008-487e-a1b1-48cd9134f806-tuctbbefbdd
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=e16a7173-4008-487e-a1b1-48cd9134f806-tuctbbefbdd
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H2
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Jul 2023 20:28:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=e16a7173-4008-487e-a1b1-48cd9134f806-tuctbbefbdd
date
Sat, 29 Jul 2023 20:28:16 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
44048
/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 45AE
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=fcde6ae8-8588-4830-a265-ccc13a104767
0
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=fcde6ae8-8588-4830-a265-ccc13a104767
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H2
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
109
date
Sat, 29 Jul 2023 20:28:16 GMT
via
1.1 varnish
x-served-by
cache-lis1490045-LIS
server
nginx
x-timer
S1690662496.287920,VS0,VE109
x-fastly-to-nlb-rtt
108033
x-cache
MISS
accept-ranges
bytes
content-length
0
x-service-version
v1
x-cache-hits
0

Redirect headers

pragma
no-cache
date
Sat, 29 Jul 2023 20:28:16 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=fcde6ae8-8588-4830-a265-ccc13a104767
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
239
merge
ce.lijit.com/ Frame 45AE
Redirect Chain
  • https://ce.lijit.com/merge?pid=42&3pid=e16a7173-4008-487e-a1b1-48cd9134f806-tuctbbefbdd&us_privacy=&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=42&3pid=e16a7173-4008-487e-a1b1-48cd9134f806-tuctbbefbdd&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
43 B
696 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=42&3pid=e16a7173-4008-487e-a1b1-48cd9134f806-tuctbbefbdd&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
HTTP/1.1
Server
216.52.2.86 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 29 Jul 2023 20:28:19 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ams1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 29 Jul 2023 20:28:19 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ce.lijit.com/merge?pid=42&3pid=e16a7173-4008-487e-a1b1-48cd9134f806-tuctbbefbdd&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame 45AE 		49 B
882 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=e16a7173-4008-487e-a1b1-48cd9134f806-tuctbbefbdd
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
208.93.169.131 , United States, ASN46244 (WEBMD-IDC1-AS, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
pt-PT
content-type
image/gif;charset=iso-8859-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-848647674d-rqbhh
expires
-1
/
rtb-csync.smartadserver.com/redir/ Frame 45AE 		43 B
595 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=e16a7173-4008-487e-a1b1-48cd9134f806-tuctbbefbdd&gdpr=0&gdpr_consent=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.93 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 29 Jul 2023 20:28:16 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 45AE
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=7ffabb06-d983-4a97-a752-e871b6e8cf36
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=7ffabb06-d983-4a97-a752-e871b6e8cf36
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:28:17 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
41048

Redirect headers

pragma
no-cache
date
Sat, 29 Jul 2023 20:28:17 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=7ffabb06-d983-4a97-a752-e871b6e8cf36
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1261946
content-length
0
expires
Sat, 29 Jul 2023 00:00:00 GMT
9.gif
id5-sync.com/s/464/ Frame 45AE 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/s/464/9.gif?puid=e16a7173-4008-487e-a1b1-48cd9134f806-tuctbbefbdd&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533571.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Sat, 29 Jul 2023 20:28:17 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"
sync
x.bidswitch.net/ Frame 45AE
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy=
  • https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=${BSW_USER_UD}&bsw_param=0c810efa-1685-4093-af12-4c678061e3d0&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=taboola&bsw_param=0c810efa-1685-4093-af12-4c678061e3d0
43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=taboola&bsw_param=0c810efa-1685-4093-af12-4c678061e3d0
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H2
Server
35.156.62.67 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-62-67.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:28:18 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

location
https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=taboola&bsw_param=0c810efa-1685-4093-af12-4c678061e3d0
date
Sat, 29 Jul 2023 20:28:18 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame 45AE
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=taboola
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=fad5c2eb-8327-428c-bcef-9e7602da2817
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=fad5c2eb-8327-428c-bcef-9e7602da2817&tbid=e16a7173-4008-487e-a1b1-48cd9134f806-tuctbbefbdd&query=taboola_hm%3Dfad5c2eb-8327-...
0
78 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=fad5c2eb-8327-428c-bcef-9e7602da2817&tbid=e16a7173-4008-487e-a1b1-48cd9134f806-tuctbbefbdd&query=taboola_hm%3Dfad5c2eb-8327-428c-bcef-9e7602da2817&isDirect=0
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H2
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cache-hits
0
date
Sat, 29 Jul 2023 20:28:17 GMT
via
1.1 varnish
server
nginx
x-timer
S1690662497.305321,VS0,VE246
x-cache
MISS
accept-ranges
bytes
content-length
0
x-served-by
cache-lis1490045-LIS

Redirect headers

location
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=fad5c2eb-8327-428c-bcef-9e7602da2817&tbid=e16a7173-4008-487e-a1b1-48cd9134f806-tuctbbefbdd&query=taboola_hm%3Dfad5c2eb-8327-428c-bcef-9e7602da2817&isDirect=0
date
Sat, 29 Jul 2023 20:28:17 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
42250
sd
u.openx.net/w/1.0/ Frame 45AE
Redirect Chain
  • https://u.openx.net/w/1.0/sd?id=543998486&val=e16a7173-4008-487e-a1b1-48cd9134f806-tuctbbefbdd&gdpr=0&gdpr_consent=
  • https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=e16a7173-4008-487e-a1b1-48cd9134f806-tuctbbefbdd&gdpr=0&gdpr_consent=
43 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=e16a7173-4008-487e-a1b1-48cd9134f806-tuctbbefbdd&gdpr=0&gdpr_consent=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Jul 2023 20:28:18 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=e16a7173-4008-487e-a1b1-48cd9134f806-tuctbbefbdd&gdpr=0&gdpr_consent=
date
Sat, 29 Jul 2023 20:28:18 GMT
via
1.1 google
server
OXGW/0.0.0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
xuid
eb2.3lift.com/ Frame 45AE
Redirect Chain
  • https://eb2.3lift.com/xuid?mid=7772&xuid=e16a7173-4008-487e-a1b1-48cd9134f806-tuctbbefbdd&dongle=tbla&gdpr=0&gdpr_consent=&us_privacy=
  • https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=e16a7173-4008-487e-a1b1-48cd9134f806-tuctbbefbdd&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=e16a7173-4008-487e-a1b1-48cd9134f806-tuctbbefbdd&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 29 Jul 2023 20:28:17 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
/xuid?ld=1&mid=7772&xuid=e16a7173-4008-487e-a1b1-48cd9134f806-tuctbbefbdd&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=
date
Sat, 29 Jul 2023 20:28:17 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
rtb-h
sync.taboola.com/sg/stackadaptrtb-network/1/ Frame 45AE
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=140
  • https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=ibJxpZ-JWxpKSH8HagjfhFvN5sM
0
221 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=ibJxpZ-JWxpKSH8HagjfhFvN5sM
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:28:18 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
40742

Redirect headers

Location
https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=ibJxpZ-JWxpKSH8HagjfhFvN5sM
Date
Sat, 29 Jul 2023 20:28:18 GMT
Connection
keep-alive
Content-Length
119
Content-Type
text/html; charset=utf-8
sync
t.adx.opera.com/ Frame 45AE 		35 B
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.adx.opera.com/sync?vendor=60151&uid=e16a7173-4008-487e-a1b1-48cd9134f806-tuctbbefbdd
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.145.213.8 , South Africa, ASN39832 (NO-OPERA, NO),
Reverse DNS
n-sysadmin-jumpbox-03.feednews.opera.technology
Software
Tengine /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Jul 2023 20:28:18 GMT
server
Tengine
access-control-allow-methods
POST, GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/ Frame 45AE
Redirect Chain
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&ph=295bf259-a378-4089-aae8-a2a995ba8627&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Fr...
  • https://u.openx.net/w/1.0/cm?cc=1&gdpr=0&gdpr_consent=&ph=295bf259-a378-4089-aae8-a2a995ba8627&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F...
  • https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=76073804-beb2-08c1-0de8-5240c144bcff
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=76073804-beb2-08c1-0de8-5240c144bcff
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:28:18 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
40742

Redirect headers

date
Sat, 29 Jul 2023 20:28:18 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=76073804-beb2-08c1-0de8-5240c144bcff
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230727-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding
gzip
via
1.1 varnish
date
Sat, 29 Jul 2023 20:28:16 GMT
x-amz-request-id
2QTT4DE5AQFM88XF
age
2346
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1340
x-amz-id-2
dMpQEqvpkPUA1yI5WlgLWI6aQfPUJsjmB2fSziQmvtojBztCAzUgZKiq9ChhsF8Gs3NDPvc2z0Y=
x-served-by
cache-lis1490045-LIS
last-modified
Wed, 12 Oct 2022 13:57:57 GMT
server
AmazonS3
x-timer
S1690662496.168217,VS0,VE0
etag
"383fa66d2a0a09f4a6e64a9593ad43bb"
vary
Accept-Encoding
content-type
application/javascript
abp
58
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
3810
fraud-detect.js
cdn.taboola.com/scripts/ 		121 B
488 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/fraud-detect.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230727-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
392c32f20b9f867852a946a6ed1c5e21476df9619083548b6585d80a3b5f9bd4

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
vOXBAr_FxKHpU348.XTQhP6DWnVyKple
content-encoding
gzip
via
1.1 varnish
date
Sat, 29 Jul 2023 20:28:16 GMT
x-amz-request-id
G0B8B06BNHR34ZN2
age
21046
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
125
x-amz-id-2
hmZamERHDmM7HPGheDgTxfCBlpKmrNgKchCV6gu3wwlGqanZsZGHuPiLEz/LgMvPa3DA8G+4Cxo=
x-served-by
cache-lis1490045-LIS
last-modified
Thu, 15 Dec 2022 16:50:08 GMT
server
AmazonS3
x-timer
S1690662496.168213,VS0,VE0
etag
"f7a185d92ac2162dc0bc36c5d7ef7dfe"
vary
Accept-Encoding
content-type
application/javascript
abp
41
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
24148
eidf.es5.js
cdn.taboola.com/scripts/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/eidf.es5.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230727-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
3979WkHCSLO5cQCJAWoE4w7tW4Dv40AW
content-encoding
gzip
via
1.1 varnish
date
Sat, 29 Jul 2023 20:28:16 GMT
x-amz-request-id
J5K710VF90255GNC
age
23716
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
6467
x-amz-id-2
DH/pchBgnxSXENNBa2oaAs0ZM/x/Bpa5vBCgyzpf4YXE9oXnMromC9TPSgWfIZ6toSs0ZNd4M8Y=
x-served-by
cache-lis1490045-LIS
last-modified
Sun, 02 Apr 2023 13:49:08 GMT
server
AmazonS3
x-timer
S1690662496.168219,VS0,VE0
etag
"2fdf3e79d5e851201a0d52a886453d8b"
vary
Accept-Encoding
content-type
application/javascript
abp
43
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
23455
/
pips.taboola.com/ 		4 B
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by
cache-lis1490047-LIS
date
Sat, 29 Jul 2023 20:28:16 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://www.bg3.co
cache-control
no-store
accept-ranges
bytes
content-length
4
retry-after
0
x-cache-hits
0
/
cds.taboola.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=e16a7173-4008-487e-a1b1-48cd9134f806-tuctbbefbdd&mbl=ZmFsc2U=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 29 Jul 2023 20:28:20 GMT
cache-control
no-store
server
nginx
sodar
pagead2.googlesyndication.com/pagead/ Frame 3810 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307260102&jk=1984459234597001&bg=!pKelp_PNAAZGOVy5Zjk7ADkAdvg8WjEV_jjtvHptdgJGDa9GftIK9QN-rJvVnh6kfO72nb4djlbdUf1KdMftIP8QpnRieRdPQacCAAAAyVIAAAAIaAEHmQLCLlqj7ExDtCiXapqM7yCjLBQYRIB7Ziy_val2WRzqoY9LOKTJ2AwZXFZxfdqMHK-lkHkxakcaEMRlKyZ3EWEseBA4f0AbiGdPaB2B5GsMJRZlStPeBVqQMs55Ss0zaS-mo9f6SBNSuTSfkDFPoYywFwBNaK3m8URBL-4lrBPXJM0LPlUXNkpQMebEAcr_6eRm63uOXjeVxP4C1fdj-_Po9QdWNYRTLV1Lb1XGF8iiLrtR0mnuj9sG00xXcQ5Dz2lrkyOd5iwDUJVrDH8SOkCMHTwyrGvemGTmWIQF1SlPz88y_n6htP9xRypbuCVQXOJHq64SOraoBdVh9u9Uxjc6abcFdNF_mCl5LpDdgHOoloroo7L2oAGFCzfsxLPG3z2pDMgLKfzlF3pA3k4LTtuPkBvexFTs60xlh6avZiXiwS1mIE1IG-zuK4PTMZ1oYk-LIH0E_fFPuJWistv0sJ4EyXph2weVOrfnOKWHnRFf-1CnCEQ9AsFDrFLMoZ64Of1TSD707nrFNe5lrNPr9UUexaBei1a2TmrsyUBkd5ajayT4PVFIivD7wlEA2ljR61ZqmXH9KTPTpNkvXPP2s8TvUqrBRYqEVgTtrGNOey3ta5jz3zgyBE3Vwu1fpa_UvLQWjyjhqvvy4UF_f5OhXQhHFQ7m4qwti5hpa93RqcjPMsvfG11U5tTdP_QTmwx4hAlAvggha7PhchBL2mprzQo_xgVZ_rCL168DIzVwZ35o0Ho3u8mWXgFmYB3EGGpnOLNWaj9TGYzw1aETbk4vzYBoVAdIkTOh9zNW0q4NiL-eu_dYm-Xn9UrpYpjG4BwEp7Mgi8j_0w5BCNIqi712tgCCFVHP3i4dD0Ya3BTxQcupHT6HyNqFe3grWt4aqwP-aKtVE5vOiIxY4OAjC_Ra0vQ7E3wvTMrBeAmue6wiDskfhaV9AQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame B458 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230726&jk=3378564622677880&bg=!HxylHEjNAAZGOVy5Zjk7ADkAdvg8WrsJ_UcNqJ7t4Q1v7onBV8V-sW0VyE5MjuTkKlYrypeMPY7s-wV2CJPzJjVCu3-m_g97C2gCAAAAxFIAAAAGaAEHmQLGdY19G06dTC_cTLoJmXKUanWvSy34iLGCUOoILBfnYT_yhYCF1h6No4oogmM8T-X7KO25OlwpblWAttS4x5LW9D3YPgGoLzVNRRcRa7cAGy7Y6P9U8pJedTJtF7TTELUPnZ9TdSR8IGg0bOLuTkORnp35wOj9-7FeCKU47nQagqYq9k_5hLDlxY4Vh4R-fKJvToOZSPcDLHJtTfbzPb1mmstSu7hLhuBv8GyNj3Hn1hHFnZgQhZD_w8Q_VnzBG53usOcjaNyAFuqLuvuzPpwwQX8SsmejlSKi3OQx1852fk7E_8XiIhdszz3yX5F1xMIzdxY2L8LisPJ55RIzlbhyhsDBl7CXDxLQUJYcKSCUvPcetNJyrbk0yo0Nzz6KHSXqYSjLH-VBEGPR4gvpECpE2A_LeMnpkVqxxtLZLUZ85aT-RAKqIwsQFsIO2teceIIaYX0IK-jZqj0Su9nyBueTMM-NNpPL95BmlQ9ECuN-JUSUJWQMR559D_VIKi6JQeJqKJGaTOvrEwDmw_icEQ8wKB3yZ9GfaAAiuxpDKCWOvvOYNUJpKr6at8PY2bLRrbboYV05Kaq_9aubHvOL8nlin9m_Qy5rt-0B7bK5n-3pxXbVYcI3geNC9i7XjNQethnLI0yhrE0TVLHJxdBK2AiqFjAlerhVRXFThHAgMOtyD_nHnJZ46yWIXDPEsrfvkWEHNW4j_bub7vQmbZHdw4vEYxtSTXTrYo6hBTcTB7iyd7U6-tBsRtdYFNz9KyPTlT22C0PUxnV2sOW8FIxkORdk51YRv7ACrJKBaRO7xezowgMijQT4iKkMz5DrdIPjQ5pXqtjTjDZQufJ2oNCsROb9m4OKvBC5wKRDUdJpAjXcIUmQ5kWUbcPBni_Mv4yMwHyDwePlDwf4jTT5RHT9khJXyjapfYppiZo7c_umKSgc06V9cVtGGMc
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 723E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307250102&jk=1853337233912651&bg=!kJOlk8fNAAZGOVy5Zjk7ADkAdvg8Wh0xtvUi0Nu80EKkZtopHKk0X8KqEajFMQeEJGmmENLaeBtWGAwBSKuHkjVa0KHeuqCkcf4CAAAAw1IAAAAHaAEHCgDCOIVfesSk20PGr2PKB0ngejv6KFUS6tjNbaLRmPFLczycQqYVVK3wxuFq5BfeWl3KzQb9W7bGmIZMuH-dvw704sYkHR34byGLKjitdpJ-7ZKvh_Eymiw_waZNI-QI9KH1YMhfbWkuzzAOgBLl6-NSjb_VdQbRJWFpzEn1KZOGdfVGTmkSv6vSpxZxkMA9eMvA8ZoGQYsGaJhtoMGM2oGBaI3tnqcgmuGuUPo7gvje1oCdZbAMUcivGEA1eUzezag12VuZAsIJOpV7cGSDIOgY9w0sz7MpQRGgiISTUhPQIfuqeYFdoqNz-_by7W3jwVr19NVgSFdAgr95arge8ZV1i-9m6PO2lVjCN_RG7T0ztHRbpueP2m0h-lhA8gWcNW8BbTkCR41BtEDEetLy3KNkgioH_Svv3ozURLbwsdcMWgt0LOELtNAw3nv61jQWQW5ks8LB41XmaSvIjCsm8nFtSlTvALtP3lMC1hWfhIvT17mdpJ_rvcZ30Ae-cXJD3Gbdt5l53XDDa8HeCIsjEMHOxw7tyuPnDjhSEJ51WHKfHVgdxNscBL2b3Qlqo6NejU7W4kpaJnQPoCFX5IyKRjCeMB-I7UEU6yzSECbsPVUaQ3SVCB44QioAyyK1aSbopLSgucAyf_eQx1EOcut9rXDatvaa1G8icJOQrvsuUcRw_xk6K-7QEWPAbz_rdHDnClMDcINtHAHBicu4otJM5fEBXJPFIFqAXZa-xB026EpKUmxZLh57kyBG3suouj2r2V5R13DHDjSY8GycSZbSDt1VPCuwvi-oaWp6uP5mkqjRHhIOIOaLMnuH75hRgMSkVto3_5_PEaafC6ErzAzzN1G0lFVusLJ6FUAVwfoDxNdPhD51j6K_TyjE_-tj8kQRTPfOuorES2S9MqnILLEAJJaMValIao4aRLV6wnjQjbaVFDKobCrmYDzg8gtkNzjNJZCc-HJLZYyNwhd7Zq3Agt_BLNVTfcYO5DBSHviwFWjeVwY3jU1KYkmRRRuEQ0xHVrPbydglCkPwWbrnSPDf_eEPfTNkKA1O0Lol9NGmm7SPJgsnZzWFE2rAa4ZCbg5e9DIhWpgCoEqIlgCqTrNLiiQQfV_ldIvkl7ZsIDYsx7jTYQkZM6ko8gWy61MZMrinYoBzH_4O0AL1I4pxUjUhkg6AUEMtsZbqP5F87kN0WoA-JS1Jtehx1NkA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 5E22 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230726&jk=2561499019739910&bg=!sLOls-fNAAZGOVy5Zjk7ADkAdvg8Wh-5bTDW3UHFi8l2SlD_nPBbK1AxumdnOO82EnFe9orlF1W4XT-5tywrff-PrijRBBb4uKoCAAAAulIAAAAIaAEHCgDNYetjB0arLoPxiJi3-v0mIuE6MgwLqqYetHMI3HnXQLkr5VGlGdM1EQ8SSH0aYPLiyzSdNfATvUBu_g8Eiuznl2dEtdP1dG6dwOmsT0Le4rXqfNqawNS38eNwf5q2W2Xe_KqQJ2NDLnA8-7hOiW38hNVqmCb78wcFKbh5f9fiofUh_RswPNIss4qG52OUdotRmaSYowinKnULmX4DRxc6vJZZkDx0zdh2y8Cs0MnyvvrWh02vc1teS4bbtQ1qD4_gc_vkM9YHWCgRFnvTrJkCvESJitxGBaqtL2Ah-0WCGX0l1gEJEIUV6nJH5jg2Skl1uoXF7ZT4xXJTpGJxHhNzJ81YG90ytlur4bEr2gcULh8LFgub7wR3qx7fucFZzesA1Xp3Mgz8W98ntHbRDYxQhgPK6BSU4w64P2p0dCQdtCmvjHe5a4tYPsFice8JU-Gi93ukR5i_LvJTF5ot9sMnXeXhrdcCjv73Was0sZJtQJQvDjq4ShPQ0QhwNGHiUp8b9-Qo8fxkplHkUvxIsE_47xj9jvt-iIFOdUQZkmJQ_5qQNBNmbjKB8ilpAYcmOjwcRrXfgQ3VWjL7gq-CaqH-z78WR_B9q39DodnKMtL_cCxokrBVLMzudjzPmDwsmEwLy6DqSRQDI62yUpi0yYJY75pori_Vp0TLOHHyfT_4MiCTGXrXFH2yZymYFvQGvcIuKQnRplqdxNCDZYoC5dqa6NTt7nLtL43oQiLCRJphvq-_O4KF-eo-wMrICbAmCfuqRjfmuXFeTpmKLT2O-yDxeEm-thI3T8IQe5dp1Jd6SdLqRmanTwxFoXOvUkB9JUs9YMm25KCyrAxth81bjkDvusFl_UHztR3VxvbRUxxoM4yaImM-OgQpqvKJgX3ZPgq5U_1MQDIzdwWB1y_QC2htfInzYib4d5AGi0G4SaDuS5ijQ9roeWTI8xmC5NRvNSBQqrHl9NXRaYeaVjc0fpRspcT_s65_T_d1VWbm3lK6YB7n7alqepnYE-6XQazQtgGk8aQpBUl_Xbior5RV1POUTYFad3L5AIKPTJcdztGFJUTvVpkmFxefUcKWjfsnCKOW8Bq82UrYUxgKumd4ej9l6mHJuJmt9ZHUuEnpq2IeG0v_E_LR3vRV0AscfpSTgPMlaERcCFz50ABrRs8E1QmKBPnDun1c6kbIlGhtuMF28yP0PzuQ8oiK1gh5BAE
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sync.js
sync.logly.co.jp/sync/ Frame D4D9 		0
268 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync.logly.co.jp/sync/sync.js
Requested by
Host: sync.logly.co.jp
URL: https://sync.logly.co.jp/sync/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.198.195.5 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-198-195-5.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://sync.logly.co.jp/sync/sync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sat, 29 Jul 2023 20:28:16 GMT
cache-control
private, no-cache, no-cache="Set-Cookie", proxy-revalidate
server
nginx
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
p3p
CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"
ysm_bg3.js
ad.sitemaji.com/ Frame 45A6 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.sitemaji.com/ysm_bg3.js
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.215.186.35.bc.googleusercontent.com
Software
nginx/1.12.1 (Ubuntu) /
Resource Hash
287077b1aeaca25ca5387fa4bccd16aa0f098f48ab4630152689426db2d97470

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 19:02:54 GMT
content-encoding
br
via
1.1 google
last-modified
Mon, 26 Jun 2023 06:28:33 GMT
server
nginx/1.12.1 (Ubuntu)
age
5123
etag
W/"64993011-7b8f"
vary
Accept-Encoding,Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9956
expires
Sun, 30 Jul 2023 19:02:54 GMT
ysm_bg3.js
ad.sitemaji.com/ Frame A704 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.sitemaji.com/ysm_bg3.js
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.215.186.35.bc.googleusercontent.com
Software
nginx/1.12.1 (Ubuntu) /
Resource Hash
287077b1aeaca25ca5387fa4bccd16aa0f098f48ab4630152689426db2d97470

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 19:02:54 GMT
content-encoding
br
via
1.1 google
last-modified
Mon, 26 Jun 2023 06:28:33 GMT
server
nginx/1.12.1 (Ubuntu)
age
5123
etag
W/"64993011-7b8f"
vary
Accept-Encoding,Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9956
expires
Sun, 30 Jul 2023 19:02:54 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame F89F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307260102&jk=1984459234597001&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame ED25 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307250102&jk=1853337233912651&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 2766 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230726&jk=2561499019739910&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 107D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230726&jk=3378564622677880&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sdk
cdn.aralego.net/ucfad/sdk/us-east/ Frame 45A6
Redirect Chain
  • https://agent.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
39 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol
H3
Server
104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:28:17 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1082
alt-svc
h3=":443"; ma=86400
content-length
40181
last-modified
Tue, 20 Jun 2023 03:04:26 GMT
server
cloudflare
etag
"6491173a-9cf5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ue%2B6VSvxKs5a%2By1QquX5Bp61uxPkPdkbu7oAPH%2BFlg7GebvhjKyBsvY4aH3dHPs5CnLFV1XxmOZCPwapfmfysin5moOCKl%2B71f8plBrStoz71UsIg1awzmDgsFEekYmF3A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7ee81b84586203b2-LIS

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection
close
Content-length
0
sdk
cdn.aralego.net/ucfad/sdk/us-east/ Frame A704
Redirect Chain
  • https://agent.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
39 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol
H3
Server
104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:28:18 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1083
alt-svc
h3=":443"; ma=86400
content-length
40181
last-modified
Tue, 20 Jun 2023 03:04:26 GMT
server
cloudflare
etag
"6491173a-9cf5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=59x4t0A3%2FqpdoLAI4gtxfQp57rq4hTYlLl9t9qR0Mz9skNIHZxy1d6bqbOdrwhShlGviq96gu0NYO1TCqmnhHaiLu3oVhE92GD2woyfGFiys0wkLapa%2FY1QS6prSbGn5RQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7ee81b84788303b2-LIS

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection
close
Content-length
0
ucfad-formats.css
cdn.aralego.net/css/dev/ Frame 45A6 		975 B
753 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:28:18 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
871
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DSEeRzBvSozIC5QlFK8FTpMuwjJ4nMg0j4nmZZYAHHUsXBBetEhvUp3w5B%2B%2Bfcg%2F002Nom%2FXnG4RfgprbaShaV3vdErLiztVu7RhcJjWq%2B%2FEgypy1wjeNgyBVY3MjmT%2Fig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
7ee81b856a6f03b2-LIS
ad_request
ads.aralego.com/ Frame 45A6 		661 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=adx.holmesmind.com&u=https%3A%2F%2Fwww.bg3.co%2F&adid=ad-D23E94E4EBE8E97E1A2434368A94EA6&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=undefined&cb=0.49805392146612126&ao=https%3A%2F%2Fwww.bg3.co&uaMobile=%3F0
Requested by
Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Ashburn, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
5a42323e0b1c4e0d4d08124e092838d317dec3536cedfeb797380f02c1ebc132

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:28:18 GMT
x-width
300
x-height
250
x-adstyle
banner
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://adx.holmesmind.com
access-control-expose-headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
vary
Accept-Encoding
access-control-allow-credentials
true
x-adsource
PSA
x-sspid
f7625b99-7ca4-3c1a-b239-e2d79e12e9bd
x-adtype
html
connection
close
content-length
661
ucfad-formats.css
cdn.aralego.net/css/dev/ Frame A704 		975 B
751 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:28:18 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
871
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fZIdzEIhFKHOEt%2BUQEP42H7uysILR3X1wvdRWqWrZ%2FGPlIoaMujo16oGBUwWqLDL%2F327IC3qqlkfLsCCfgTKUVVyTq8PFqRaLjR4tYm9%2FRJEQfLMk7vx2m8xCkYI31YWLw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
7ee81b85ab1803b2-LIS
ad_request
ads.aralego.com/ Frame A704 		661 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=adx.holmesmind.com&u=https%3A%2F%2Fwww.bg3.co%2F&adid=ad-D23E94E4EBE8E97E1A2434368A94EA6&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=undefined&cb=0.31603737664215004&ao=https%3A%2F%2Fwww.bg3.co&uaMobile=%3F0
Requested by
Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Ashburn, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
5a42323e0b1c4e0d4d08124e092838d317dec3536cedfeb797380f02c1ebc132

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:28:18 GMT
x-width
300
x-height
250
x-adstyle
banner
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://adx.holmesmind.com
access-control-expose-headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
vary
Accept-Encoding
access-control-allow-credentials
true
x-adsource
PSA
x-sspid
f7625b99-7ca4-3c1a-b239-e2d79e12e9bd
x-adtype
html
connection
close
content-length
661
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame C09C 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
6186e8ee89cd8af48bfa175c4c301e586b4683d8d24768162478dfbe00fab148
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:28:18 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27634
x-xss-protection
0
server
cafe
etag
2 / 19567 / m202307250102 / config-hash: 5693953215715342715
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 29 Jul 2023 20:28:18 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 3E57 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
8a22964b2ebdc11d24988421a5d2f93bd9347282a837c664c4515e0b3611b3d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:28:18 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27635
x-xss-protection
0
server
cafe
etag
941 / 19567 / m202307250102 / config-hash: 5693953215715342715
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 29 Jul 2023 20:28:18 GMT
content_v3.js
vidstat.taboola.com/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/content_v3.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_0_8/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:28:18 GMT
via
1.1 cb4f40303e252a22c4df5918669814ac.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
LIS50-C1
age
1502022
x-cache
Hit from cloudfront, HIT
content-length
4839
x-served-by
cache-lis1490045-LIS
last-modified
Wed, 20 Jul 2022 13:23:50 GMT
server
AmazonS3
x-timer
S1690662499.771471,VS0,VE0
etag
"f7533e747bb02a8eb527ada4f2749620"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
OmMK25KHDtLgJBdHJS5nTmzdwO3Z6tWEggH3i8sti68ZYnuzVlmfQw==
x-cache-hits
206829
OvaMediaPlayer.js
vidstat.taboola.com/vpaid/vPlayer/player/v15.3.6/ 		446 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v15.3.6/OvaMediaPlayer.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_0_8/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
e72ddceb4ffc4294fc6b71ee771f423c143eb1ac9cc81dcd46c915c8c382f37d

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime
1690439347
date
Sat, 29 Jul 2023 20:28:18 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
A3N10TATEMVHA5QR
age
223070
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1690439362
x-amz-meta-mode
33188
content-length
85839
x-amz-id-2
YpLsidS2POsIKt23Ufq53o+kIa+03QWIhvzNyWX5RqYAx9tb3V1X7ZUuAJ8mMhdUUbsPS9EPyeA=
x-served-by
cache-lis1490045-LIS
last-modified
Thu, 27 Jul 2023 06:29:23 GMT
server
AmazonS3-br
x-timer
S1690662499.793430,VS0,VE0
etag
"b33cf048d4d632bd93b30c09e2201e4c"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
74174
sync
am-match.taboola.com/ Frame 4B70 		508 B
593 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V8n44CLAacvlxV9WPmnBE4fbmq6sfMOSsAAABgYID-AAlZFsaZaTVxK1Ymw1o0GHnWEsds4VYYR7vRxLPcWFaWISAhy8I4M60mbsXKZFiLBiPPWuKYLdwK42g3mniWG8vKMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZnaDodPte9Xvf73SU-z1zj9yv8yr_rrfy73mKnw-5WO-0-t-LpcEudDrvPrXE43VKnW-20-9zSo9OtfLo1R6db4nor_3afW_pwuqVPt-Rld4scfrfa5bQLTW-zHQAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAgtkGgieRAAK-7yx8AAAAAQAAAAACQAEBAPywBEGO8d-L_________P8YAfeaNjP____8bBj0AHnwAPAgBAAAAGqIoXP5s-7DNTaRAswgjAAAAAFvN5sNHJukEFYsq_____VYArgAABCSOWnlxZNEdlHgLAwAAIDBmgR4Wv9_ssGv8bpf5_________zfzf-YfTRClmVkaocnRazW_gAAAa34BAQDYqBsAgDcBcIIOQSsGg9UJiNkBAAAAuPP___-vB2QsvtlsMJuZBhPjZmOy2GYz18ozm7hMG9vKMXF4z113x3UweCRsnw1hmf2-g4JyenrMLoOM5TIZxAcNw3IyCOZnwhaj1WSyWQ5ny8VkMBwNR6P9EcDlAE3EYLmcTBaT3Wq0Gm2Gu9FssEACMZggihYNJqvRaLKYDFejyWq2XOx2G0TRqtVstBkMV7PJbLdbDQfD5WiEJmwxWk0mm-VwtlxMBsPRcDQaIphyzBa-xW6zFg0Gw7VouFu5FY6JYy0abkzOxWY0Mw5ma9HrY7pYXDaLyeRFggFte5E8LdKJbDObbXajwcJl801Gho1lZNsMlpvZxrDxWIwjz0Qs0Zws0onssu9YfLPZYDYzDSbGzcZksc1mrpVnNnGZNraVY-LwtxyzhW-x26xFg8FwLRruVm6FY-JYi4Ybk3OxGc2Mg9la9PqYLhaXzWIy-Ruz5WA2m4yWm31jthzMZpPRcrPv0Bm-q8_ZqCyrJB-dR5tMGw83p0HhMli8a_XpLCwKD9ZouOh0ScTHzs7o9_v9fr_f7_f7_Qat52A2KHzPw184fSzP5XA2ehAbFIpYIrhIJ4KH2e0wvdwSn2fjt4glStNFOtEr_Mq_6638u95ip8PuVjvtPrfi6XBLnQ67z61xON1Sp1vttPvc0qPTrXy6NUenW-J6K_92n1v6cLqlT7fkZXeLHH632uW0C01vs0UsEZwu0onoZTxd1H_kkIu5ZLCaSzaDuWK5WiUAAAAAAAAAAEswyXQTAAAAACeDGm6Gi9U6HcxkNhnsVssFcBGUpQsYBAAAAAAAoFhjjzXAw-x2mF5uic-z8VsZgARzHrPNPiOItVotawAAAALYAAAAArjpxptAEynu____fxwAAAAZOfQAAADo9wFNxa0XeuBK8SuIxWIw3D8AFWKtVqvbjbVaLQ!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_0_8/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
1e1cfc9ea007507336a48da366da275f8e35e341e544267e6082a12417afe29c

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Sat, 29 Jul 2023 20:28:18 GMT
machineid
3408
server
nginx
st
am-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=66361655&crid=-1&dast=V8n44CLAacvlxV9WPmnBE4fbmq6sfMOSsAAABgYID-AAlZFsaZaTVxK1Ymw1o0GHnWEsds4VYYR7vRxLPcWFaWISAhy8I4M60mbsXKZFiLBiPPWuKYLdwK42g3mniWG8vKMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZnaDodPte9Xvf73SU-z1zj9yv8yr_rrfy73mKnw-5WO-0-t-LpcEudDrvPrXE43VKnW-20-9zSo9OtfLo1R6db4nor_3afW_pwuqVPt-Rld4scfrfa5bQLTW-zHQAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAgtkGgieRAAK-7yx8AAAAAQAAAAACQAEBAPywBEGO8d-L_________P8YAfeaNjP____8bBj0AHnwAPAgBAAAAGqIoXP5s-7DNTaRAswgjAAAAAFvN5sNHJukEFYsq_____VYArgAABCSOWnlxZNEdlHgLAwAAIDBmgR4Wv9_ssGv8bpf5_________zfzf-YfTRClmVkaocnRazW_gAAAa34BAQDYqBsAgDcBcIIOQSsGg9UJiNkBAAAAuPP___-vB2QsvtlsMJuZBhPjZmOy2GYz18ozm7hMG9vKMXF4z113x3UweCRsnw1hmf2-g4JyenrMLoOM5TIZxAcNw3IyCOZnwhaj1WSyWQ5ny8VkMBwNR6P9EcDlAE3EYLmcTBaT3Wq0Gm2Gu9FssEACMZggihYNJqvRaLKYDFejyWq2XOx2G0TRqtVstBkMV7PJbLdbDQfD5WiEJmwxWk0mm-VwtlxMBsPRcDQaIphyzBa-xW6zFg0Gw7VouFu5FY6JYy0abkzOxWY0Mw5ma9HrY7pYXDaLyeRFggFte5E8LdKJbDObbXajwcJl801Gho1lZNsMlpvZxrDxWIwjz0Qs0Zws0onssu9YfLPZYDYzDSbGzcZksc1mrpVnNnGZNraVY-LwtxyzhW-x26xFg8FwLRruVm6FY-JYi4Ybk3OxGc2Mg9la9PqYLhaXzWIy-Ruz5WA2m4yWm31jthzMZpPRcrPv0Bm-q8_ZqCyrJB-dR5tMGw83p0HhMli8a_XpLCwKD9ZouOh0ScTHzs7o9_v9fr_f7_f7_Qat52A2KHzPw184fSzP5XA2ehAbFIpYIrhIJ4KH2e0wvdwSn2fjt4glStNFOtEr_Mq_6638u95ip8PuVjvtPrfi6XBLnQ67z61xON1Sp1vttPvc0qPTrXy6NUenW-J6K_92n1v6cLqlT7fkZXeLHH632uW0C01vs0UsEZwu0onoZTxd1H_kkIu5ZLCaSzaDuWK5WiUAAAAAAAAAAEswyXQTAAAAACeDGm6Gi9U6HcxkNhnsVssFcBGUpQsYBAAAAAAAoFhjjzXAw-x2mF5uic-z8VsZgARzHrPNPiOItVotawAAAALYAAAAArjpxptAEynu____fxwAAAAZOfQAAADo9wFNxa0XeuBK8SuIxWIw3D8AFWKtVqvbjbVaLQ!&cmcv=&pix=31579697&cb=1690662498775&uv=3308&tms=1690662498775&su=3&abt=lvlstst-in2_vC!lvlstst-in2_vC!lvlstst1_vC!nonrv_vA!t45!ufm_vG!ul3310_vB&ft=0&unm=FEED_MANAGER&su=3&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:28:18 GMT
content-length
0
server
nginx
blackScreen5.mp4
vidstatb.taboola.com/vid/ 		89 KB
89 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

x-amz-meta-mtime
1497790207
date
Sat, 29 Jul 2023 20:28:18 GMT
via
1.1 65fac79c4b1023a8d83e5e5bfb978ce0.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop
LIS50-C1
age
1096659
x-cache
Miss from cloudfront, HIT
Content-Range
bytes 0-90783/90784
x-amz-meta-mode
33188
Content-Length
90784
x-served-by
cache-lis1490045-LIS
last-modified
Sun, 02 Jul 2017 20:40:57 GMT
server
AmazonS3
x-timer
S1690662499.837258,VS0,VE0
etag
"b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid
0
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
video/mp4
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
eL06zMABtpJic7IknWTjIcZ5BL2bh74ZaMAl4Dcqky23Vc0714d_9w==
x-cache-hits
344384
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/ Frame C09C 		386 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
964783a75f5a7ecc32d48da45cc6025af80e263d6ba6530dc62cc25865b2eb00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:18:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
562
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
125535
x-xss-protection
0
server
cafe
etag
10403599952857238940
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 28 Jul 2024 20:18:56 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/ Frame 3E57 		386 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
964783a75f5a7ecc32d48da45cc6025af80e263d6ba6530dc62cc25865b2eb00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:18:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
562
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
125535
x-xss-protection
0
server
cafe
etag
10403599952857238940
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 28 Jul 2024 20:18:56 GMT
VideoBidRequestHandlerServlet
wf.taboola.com/ 		1 KB
887 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=165757&tagid=946347&crid=-1&noaop=3&sortOrderType=0&cb=1690662498868&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1536&pt=495135474&tz=0&viewable=true&ddast=V8n44CLAacvlxV9WPmnBE4fbmq6sfMOSsAAABgYID-AAlZFsaZaTVxK1Ymw1o0GHnWEsds4VYYR7vRxLPcWFaWISAhy8I4M60mbsXKZFiLBiPPWuKYLdwK42g3mniWG8vKMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZnaDodPte9Xvf73SU-z1zj9yv8yr_rrfy73mKnw-5WO-0-t-LpcEudDrvPrXE43VKnW-20-9zSo9OtfLo1R6db4nor_3afW_pwuqVPt-Rld4scfrfa5bQLTW-zHQAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAgtkGgieRAAK-7yx8AAAAAQAAAAACQAEBAPywBEGO8d-L_________P8YAfeaNjP____8bBj0AHnwAPAgBAAAAGqIoXP5s-7DNTaRAswgjAAAAAFvN5sNHJukEFYsq_____VYArgAABCSOWnlxZNEdlHgLAwAAIDBmgR4Wv9_ssGv8bpf5_________zfzf-YfTRClmVkaocnRazW_gAAAa34BAQDYqBsAgDcBcIIOQSsGg9UJiNkBAAAAuPP___-vB2QsvtlsMJuZBhPjZmOy2GYz18ozm7hMG9vKMXF4z113x3UweCRsnw1hmf2-g4JyenrMLoOM5TIZxAcNw3IyCOZnwhaj1WSyWQ5ny8VkMBwNR6P9EcDlAE3EYLmcTBaT3Wq0Gm2Gu9FssEACMZggihYNJqvRaLKYDFejyWq2XOx2G0TRqtVstBkMV7PJbLdbDQfD5WiEJmwxWk0mm-VwtlxMBsPRcDQaIphyzBa-xW6zFg0Gw7VouFu5FY6JYy0abkzOxWY0Mw5ma9HrY7pYXDaLyeRFggFte5E8LdKJbDObbXajwcJl801Gho1lZNsMlpvZxrDxWIwjz0Qs0Zws0onssu9YfLPZYDYzDSbGzcZksc1mrpVnNnGZNraVY-LwtxyzhW-x26xFg8FwLRruVm6FY-JYi4Ybk3OxGc2Mg9la9PqYLhaXzWIy-Ruz5WA2m4yWm31jthzMZpPRcrPv0Bm-q8_ZqCyrJB-dR5tMGw83p0HhMli8a_XpLCwKD9ZouOh0ScTHzs7o9_v9fr_f7_f7_Qat52A2KHzPw184fSzP5XA2ehAbFIpYIrhIJ4KH2e0wvdwSn2fjt4glStNFOtEr_Mq_6638u95ip8PuVjvtPrfi6XBLnQ67z61xON1Sp1vttPvc0qPTrXy6NUenW-J6K_92n1v6cLqlT7fkZXeLHH632uW0C01vs0UsEZwu0onoZTxd1H_kkIu5ZLCaSzaDuWK5WiUAAAAAAAAAAEswyXQTAAAAACeDGm6Gi9U6HcxkNhnsVssFcBGUpQsYBAAAAAAAoFhjjzXAw-x2mF5uic-z8VsZgARzHrPNPiOItVotawAAAALYAAAAArjpxptAEynu____fxwAAAAZOfQAAADo9wFNxa0XeuBK8SuIxWIw3D8AFWKtVqvbjbVaLQ!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=lvlstst-in2_vC!lvlstst-in2_vC!lvlstst1_vC!nonrv_vA!t45!ufm_vG!ul3310_vB&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.6/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7ba3673609431c0870316b3662d1d1c33e7cf76395d8403d7d3e10bfeb8c55d6

Request headers

Referer
https://www.bg3.co/
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Sat, 29 Jul 2023 20:28:19 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1308
x-cache
MISS
x-served-by
cache-lis1490045-LIS
pragma
no-cache
server
nginx
x-timer
S1690662499.890768,VS0,VE573
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
/
sync.taboola.com/sg/unrulyrtb-network/1/rtb-h/ Frame 4B70
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=taboola
  • https://sync.1rx.io/usersync2/rmpssp?sub=taboola&zcc=1&cb=1690662499095
  • https://ad.turn.com/r/cs?pid=45&rndcb=6741284012
  • https://sync.1rx.io/usersync/turn/2355267517082634137?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-6e5fd2fc-6824-4845-be29-f2e3f8c45d3d-003?redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Funrulyrtb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5BUSER-ID%5D
  • https://sync.taboola.com/sg/unrulyrtb-network/1/rtb-h/?taboola_hm=[USER-ID]
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/unrulyrtb-network/1/rtb-h/?taboola_hm=[USER-ID]
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8n44CLAacvlxV9WPmnBE4fbmq6sfMOSsAAABgYID-AAlZFsaZaTVxK1Ymw1o0GHnWEsds4VYYR7vRxLPcWFaWISAhy8I4M60mbsXKZFiLBiPPWuKYLdwK42g3mniWG8vKMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZnaDodPte9Xvf73SU-z1zj9yv8yr_rrfy73mKnw-5WO-0-t-LpcEudDrvPrXE43VKnW-20-9zSo9OtfLo1R6db4nor_3afW_pwuqVPt-Rld4scfrfa5bQLTW-zHQAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAgtkGgieRAAK-7yx8AAAAAQAAAAACQAEBAPywBEGO8d-L_________P8YAfeaNjP____8bBj0AHnwAPAgBAAAAGqIoXP5s-7DNTaRAswgjAAAAAFvN5sNHJukEFYsq_____VYArgAABCSOWnlxZNEdlHgLAwAAIDBmgR4Wv9_ssGv8bpf5_________zfzf-YfTRClmVkaocnRazW_gAAAa34BAQDYqBsAgDcBcIIOQSsGg9UJiNkBAAAAuPP___-vB2QsvtlsMJuZBhPjZmOy2GYz18ozm7hMG9vKMXF4z113x3UweCRsnw1hmf2-g4JyenrMLoOM5TIZxAcNw3IyCOZnwhaj1WSyWQ5ny8VkMBwNR6P9EcDlAE3EYLmcTBaT3Wq0Gm2Gu9FssEACMZggihYNJqvRaLKYDFejyWq2XOx2G0TRqtVstBkMV7PJbLdbDQfD5WiEJmwxWk0mm-VwtlxMBsPRcDQaIphyzBa-xW6zFg0Gw7VouFu5FY6JYy0abkzOxWY0Mw5ma9HrY7pYXDaLyeRFggFte5E8LdKJbDObbXajwcJl801Gho1lZNsMlpvZxrDxWIwjz0Qs0Zws0onssu9YfLPZYDYzDSbGzcZksc1mrpVnNnGZNraVY-LwtxyzhW-x26xFg8FwLRruVm6FY-JYi4Ybk3OxGc2Mg9la9PqYLhaXzWIy-Ruz5WA2m4yWm31jthzMZpPRcrPv0Bm-q8_ZqCyrJB-dR5tMGw83p0HhMli8a_XpLCwKD9ZouOh0ScTHzs7o9_v9fr_f7_f7_Qat52A2KHzPw184fSzP5XA2ehAbFIpYIrhIJ4KH2e0wvdwSn2fjt4glStNFOtEr_Mq_6638u95ip8PuVjvtPrfi6XBLnQ67z61xON1Sp1vttPvc0qPTrXy6NUenW-J6K_92n1v6cLqlT7fkZXeLHH632uW0C01vs0UsEZwu0onoZTxd1H_kkIu5ZLCaSzaDuWK5WiUAAAAAAAAAAEswyXQTAAAAACeDGm6Gi9U6HcxkNhnsVssFcBGUpQsYBAAAAAAAoFhjjzXAw-x2mF5uic-z8VsZgARzHrPNPiOItVotawAAAALYAAAAArjpxptAEynu____fxwAAAAZOfQAAADo9wFNxa0XeuBK8SuIxWIw3D8AFWKtVqvbjbVaLQ!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:28:20 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
39568

Redirect headers

location
https://sync.taboola.com/sg/unrulyrtb-network/1/rtb-h/?taboola_hm=[USER-ID]
date
Sat, 29 Jul 2023 20:28:20 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX6e5fd2fc68244845be29f2e3f8c45d3d003
content-type
text/html
rtb-h
sync.taboola.com/sg/rtbhouse-network/1/ Frame 4B70
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=taboola
  • https://creativecdn.com/cm-notify?pi=taboola&tc=1
  • https://sync.taboola.com/sg/rtbhouse-network/1/rtb-h?taboola_hm=llV2ZmVhoA2yewaWt7Oj&pi=taboola&tc=1
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/rtbhouse-network/1/rtb-h?taboola_hm=llV2ZmVhoA2yewaWt7Oj&pi=taboola&tc=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8n44CLAacvlxV9WPmnBE4fbmq6sfMOSsAAABgYID-AAlZFsaZaTVxK1Ymw1o0GHnWEsds4VYYR7vRxLPcWFaWISAhy8I4M60mbsXKZFiLBiPPWuKYLdwK42g3mniWG8vKMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZnaDodPte9Xvf73SU-z1zj9yv8yr_rrfy73mKnw-5WO-0-t-LpcEudDrvPrXE43VKnW-20-9zSo9OtfLo1R6db4nor_3afW_pwuqVPt-Rld4scfrfa5bQLTW-zHQAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAgtkGgieRAAK-7yx8AAAAAQAAAAACQAEBAPywBEGO8d-L_________P8YAfeaNjP____8bBj0AHnwAPAgBAAAAGqIoXP5s-7DNTaRAswgjAAAAAFvN5sNHJukEFYsq_____VYArgAABCSOWnlxZNEdlHgLAwAAIDBmgR4Wv9_ssGv8bpf5_________zfzf-YfTRClmVkaocnRazW_gAAAa34BAQDYqBsAgDcBcIIOQSsGg9UJiNkBAAAAuPP___-vB2QsvtlsMJuZBhPjZmOy2GYz18ozm7hMG9vKMXF4z113x3UweCRsnw1hmf2-g4JyenrMLoOM5TIZxAcNw3IyCOZnwhaj1WSyWQ5ny8VkMBwNR6P9EcDlAE3EYLmcTBaT3Wq0Gm2Gu9FssEACMZggihYNJqvRaLKYDFejyWq2XOx2G0TRqtVstBkMV7PJbLdbDQfD5WiEJmwxWk0mm-VwtlxMBsPRcDQaIphyzBa-xW6zFg0Gw7VouFu5FY6JYy0abkzOxWY0Mw5ma9HrY7pYXDaLyeRFggFte5E8LdKJbDObbXajwcJl801Gho1lZNsMlpvZxrDxWIwjz0Qs0Zws0onssu9YfLPZYDYzDSbGzcZksc1mrpVnNnGZNraVY-LwtxyzhW-x26xFg8FwLRruVm6FY-JYi4Ybk3OxGc2Mg9la9PqYLhaXzWIy-Ruz5WA2m4yWm31jthzMZpPRcrPv0Bm-q8_ZqCyrJB-dR5tMGw83p0HhMli8a_XpLCwKD9ZouOh0ScTHzs7o9_v9fr_f7_f7_Qat52A2KHzPw184fSzP5XA2ehAbFIpYIrhIJ4KH2e0wvdwSn2fjt4glStNFOtEr_Mq_6638u95ip8PuVjvtPrfi6XBLnQ67z61xON1Sp1vttPvc0qPTrXy6NUenW-J6K_92n1v6cLqlT7fkZXeLHH632uW0C01vs0UsEZwu0onoZTxd1H_kkIu5ZLCaSzaDuWK5WiUAAAAAAAAAAEswyXQTAAAAACeDGm6Gi9U6HcxkNhnsVssFcBGUpQsYBAAAAAAAoFhjjzXAw-x2mF5uic-z8VsZgARzHrPNPiOItVotawAAAALYAAAAArjpxptAEynu____fxwAAAAZOfQAAADo9wFNxa0XeuBK8SuIxWIw3D8AFWKtVqvbjbVaLQ!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:28:19 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
40029

Redirect headers

location
https://sync.taboola.com/sg/rtbhouse-network/1/rtb-h?taboola_hm=llV2ZmVhoA2yewaWt7Oj&pi=taboola&tc=1
pragma
no-cache
date
Sat, 29 Jul 2023 20:28:19 GMT, Sat, 29 Jul 2023 20:28:19 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E5E9 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8n44CLAacvlxV9WPmnBE4fbmq6sfMOSsAAABgYID-AAlZFsaZaTVxK1Ymw1o0GHnWEsds4VYYR7vRxLPcWFaWISAhy8I4M60mbsXKZFiLBiPPWuKYLdwK42g3mniWG8vKMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZnaDodPte9Xvf73SU-z1zj9yv8yr_rrfy73mKnw-5WO-0-t-LpcEudDrvPrXE43VKnW-20-9zSo9OtfLo1R6db4nor_3afW_pwuqVPt-Rld4scfrfa5bQLTW-zHQAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAgtkGgieRAAK-7yx8AAAAAQAAAAACQAEBAPywBEGO8d-L_________P8YAfeaNjP____8bBj0AHnwAPAgBAAAAGqIoXP5s-7DNTaRAswgjAAAAAFvN5sNHJukEFYsq_____VYArgAABCSOWnlxZNEdlHgLAwAAIDBmgR4Wv9_ssGv8bpf5_________zfzf-YfTRClmVkaocnRazW_gAAAa34BAQDYqBsAgDcBcIIOQSsGg9UJiNkBAAAAuPP___-vB2QsvtlsMJuZBhPjZmOy2GYz18ozm7hMG9vKMXF4z113x3UweCRsnw1hmf2-g4JyenrMLoOM5TIZxAcNw3IyCOZnwhaj1WSyWQ5ny8VkMBwNR6P9EcDlAE3EYLmcTBaT3Wq0Gm2Gu9FssEACMZggihYNJqvRaLKYDFejyWq2XOx2G0TRqtVstBkMV7PJbLdbDQfD5WiEJmwxWk0mm-VwtlxMBsPRcDQaIphyzBa-xW6zFg0Gw7VouFu5FY6JYy0abkzOxWY0Mw5ma9HrY7pYXDaLyeRFggFte5E8LdKJbDObbXajwcJl801Gho1lZNsMlpvZxrDxWIwjz0Qs0Zws0onssu9YfLPZYDYzDSbGzcZksc1mrpVnNnGZNraVY-LwtxyzhW-x26xFg8FwLRruVm6FY-JYi4Ybk3OxGc2Mg9la9PqYLhaXzWIy-Ruz5WA2m4yWm31jthzMZpPRcrPv0Bm-q8_ZqCyrJB-dR5tMGw83p0HhMli8a_XpLCwKD9ZouOh0ScTHzs7o9_v9fr_f7_f7_Qat52A2KHzPw184fSzP5XA2ehAbFIpYIrhIJ4KH2e0wvdwSn2fjt4glStNFOtEr_Mq_6638u95ip8PuVjvtPrfi6XBLnQ67z61xON1Sp1vttPvc0qPTrXy6NUenW-J6K_92n1v6cLqlT7fkZXeLHH632uW0C01vs0UsEZwu0onoZTxd1H_kkIu5ZLCaSzaDuWK5WiUAAAAAAAAAAEswyXQTAAAAACeDGm6Gi9U6HcxkNhnsVssFcBGUpQsYBAAAAAAAoFhjjzXAw-x2mF5uic-z8VsZgARzHrPNPiOItVotawAAAALYAAAAArjpxptAEynu____fxwAAAAZOfQAAADo9wFNxa0XeuBK8SuIxWIw3D8AFWKtVqvbjbVaLQ!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.36.224.187 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-224-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://am-match.taboola.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=44522
content-encoding
gzip
content-length
5606
content-type
text/html
date
Sat, 29 Jul 2023 20:28:19 GMT
expires
Sun, 30 Jul 2023 08:50:21 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
ads
securepubads.g.doubleclick.net/gampad/ Frame C09C 		27 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3826556028592078&correlator=1877698086292816&eid=31075591&output=ldjh&gdfp_req=1&vrg=202307250102&ptt=17&impl=fif&iu_parts=22670248360%2Cbg3_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=1911528252&sfv=1-0-40&sc=1&abxe=1&dt=1690662498964&lmt=1690662498&adxs=0&adys=125&biw=-12245933&bih=-12245933&isw=300&ish=250&scr_x=-12245933&scr_y=-12245933&ucis=64sv8my3xj27&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=3&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ref=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&top=https%3A%2F%2Fwww.bg3.co%2F&frm=8&vis=1&psz=300x250&msz=300x0&fws=260&ohw=300&ea=0&ga_vid=493599721.1690662499&ga_sid=1690662499&ga_hid=36933227&ga_fc=false&dlt=1690662498126&idt=829
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e9d2e472df016fd88041e028c9013f1da9c88ae1b53e15662cbadaff27f1575f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:28:19 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12018
x-xss-protection
0
google-lineitem-id
6336189971
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138437415221
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://adx.holmesmind.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame C09C 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307250102&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
a1e0104a48426dc0e5046b42b03fd47e86d9ba08e52cca42c730f0234420ec90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:28:19 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11855
x-xss-protection
0
container.html
8a90b2bd4764c30f3c7245686ebb31fa.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DADB 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8a90b2bd4764c30f3c7245686ebb31fa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 29 Jul 2023 20:28:19 GMT
expires
Sun, 28 Jul 2024 20:28:19 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 3E57 		27 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4180726031202261&correlator=3433794787769150&eid=21065724%2C44769661&output=ldjh&gdfp_req=1&vrg=202307250102&ptt=17&impl=fif&iu_parts=22670248360%2Cbg3_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=1911528252&sfv=1-0-40&sc=1&abxe=1&dt=1690662499009&lmt=1690662499&adxs=0&adys=125&biw=-12245933&bih=-12245933&isw=300&ish=250&scr_x=-12245933&scr_y=-12245933&ucis=codaodq3430j&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=3&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ref=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&top=https%3A%2F%2Fwww.bg3.co%2F&frm=8&vis=1&psz=300x250&msz=300x0&fws=260&ohw=300&ea=0&ga_vid=109074656.1690662499&ga_sid=1690662499&ga_hid=1574068650&ga_fc=false&dlt=1690662498173&idt=826
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
3d82042ad290dcced0c94b6634da2d1e0c51fad71a2952e5e97accb3256ffb53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:28:19 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12012
x-xss-protection
0
google-lineitem-id
6336189971
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138437415221
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://adx.holmesmind.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 3E57 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307250102&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
772d8483dc798469eea18fd2f54c65b20f1ea04be605c7a88deddf020abe47bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:28:19 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11806
x-xss-protection
0
container.html
72c64af70e5eb37bb8d4e610b6a77eac.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 15C9 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://72c64af70e5eb37bb8d4e610b6a77eac.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 29 Jul 2023 20:28:19 GMT
expires
Sun, 28 Jul 2024 20:28:19 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame C09C 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f161.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:28:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 29 Jul 2023 20:28:19 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 0D25 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst7c8YGH_Appj7wZDhRSg9rosWm1wXK-1HjfCIxzesK5jtT7oyPO_teOZHmryqqYAPYqnvVl6Ji1zhtvfuzosHOBIb5Gjej6kbRnDBN7e6StYJCLrf3CrUJBrty2tGpAwxkGDaK2mp0CczYvEYTHDuqoh396968GazsPfqsLlFUqWSSjh8Xf9OC2cfyT-TcXGQ8CQkLD2YEclG08Z4Dz4PrJlw8suG0Y3WHBK86UvXbucvnvp4C4w32WPEg98hXDmGX-ljvvMX2CnoGP-8bL03u-xIeHaGER3DNHrFufJGBsFb1K3nij5UHQYXGhArKhzqwwucVvSHDzkH9&sai=AMfl-YR8pT7qIYEtpgKsIRc5SgW6116CRv-Z4kaH5SA4d_XPoNz9n3MTAPDhHJs9NpbYOJHHAl4sSLEp_0nsPY6TH57Jtrv4Twkkcy5pig&sig=Cg0ArKJSzBT3iIpWZLbdEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:28:19 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
ysm_bg3.js
ad.sitemaji.com/ Frame 0D25 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.sitemaji.com/ysm_bg3.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.215.186.35.bc.googleusercontent.com
Software
nginx/1.12.1 (Ubuntu) /
Resource Hash
287077b1aeaca25ca5387fa4bccd16aa0f098f48ab4630152689426db2d97470

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 19:02:54 GMT
content-encoding
br
via
1.1 google
last-modified
Mon, 26 Jun 2023 06:28:33 GMT
server
nginx/1.12.1 (Ubuntu)
age
5125
etag
W/"64993011-7b8f"
vary
Accept-Encoding,Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9956
expires
Sun, 30 Jul 2023 19:02:54 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0D25 		179 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
sffe /
Resource Hash
5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:28:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57355
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1690371356542162"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 29 Jul 2023 20:28:19 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 3E57 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f161.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:28:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 29 Jul 2023 20:28:19 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4B83 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f161.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

accept-ranges
bytes
age
270
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 29 Jul 2023 20:23:49 GMT
expires
Sun, 28 Jul 2024 20:23:49 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 7481 		783 B
761 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f4.1e100.net
Software
GSE /
Resource Hash
a17345f4abaec8554f4d73763a88c08376893754f5ec5feee5316affbc1152f6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Ud2GhnqH7K6jM0naV_yrfQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-Ud2GhnqH7K6jM0naV_yrfQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 29 Jul 2023 20:28:19 GMT
expires
Sat, 29 Jul 2023 20:28:19 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
view
securepubads.g.doubleclick.net/pcs/ Frame 78F6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvENFxUO0hIn8WQaYlptp8qavyyql6WtunsSVhwDFgfgePTaqBQhkJqRNIHoo-stiotrziRZSUh8KuGGfAagFqAJHJZH2Drw-1hNBBfeII-V3dBD2qgLn1RV2IjBUCYQqBpOt9Wm6RAesizAuxuooL0IdISoyPrOkrtgY9mH8y5uxr332Lw-XJH9TeNhyiNgGnoMGPJePy6SC1ZsVPNiHg7HI1H0MGHIA1OlCGh2vBOw7xVrZ3v4RbzQRwqdRxn2zYP_vCWbTnCjOa7oaxj9Akag-kH0204bBuBoX-Id1yY9rN974zxh-uPDq0TnhLgkwtIEIzXQnZ6ffCj&sai=AMfl-YSXOAzBmG1jlhiqWvQAxekJfETV1yRfMLNYsbsh0QnMY7gK6ca69CseennOMaTtCx_brObZNdavrI-luvMG0-sC-YU4Dc8iisRUyQ&sig=Cg0ArKJSzCzJaUvqpg5dEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:28:19 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
ysm_bg3.js
ad.sitemaji.com/ Frame 78F6 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.sitemaji.com/ysm_bg3.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.215.186.35.bc.googleusercontent.com
Software
nginx/1.12.1 (Ubuntu) /
Resource Hash
287077b1aeaca25ca5387fa4bccd16aa0f098f48ab4630152689426db2d97470

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 19:02:54 GMT
content-encoding
br
via
1.1 google
last-modified
Mon, 26 Jun 2023 06:28:33 GMT
server
nginx/1.12.1 (Ubuntu)
age
5125
etag
W/"64993011-7b8f"
vary
Accept-Encoding,Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9956
expires
Sun, 30 Jul 2023 19:02:54 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 78F6 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
sffe /
Resource Hash
5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:28:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57355
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1690371356542162"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 29 Jul 2023 20:28:19 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1FBB 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f161.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

accept-ranges
bytes
age
270
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 29 Jul 2023 20:23:49 GMT
expires
Sun, 28 Jul 2024 20:23:49 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 95A5 		783 B
738 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f4.1e100.net
Software
GSE /
Resource Hash
e29d3608e200a6a41e61fe6456ddcb0244365f58b4ca23e5b42bb61b36f98f1c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-dCtbvKKePK9B4C7OxvzJ8Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-dCtbvKKePK9B4C7OxvzJ8Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 29 Jul 2023 20:28:19 GMT
expires
Sat, 29 Jul 2023 20:28:19 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame 7481 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307250102&jk=3826556028592078&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
g3YyfgUK0ye4_zZ0TZo1Byqq3c9tr_Gw3_pcFoz461A.js
pagead2.googlesyndication.com/bg/ Frame 4B83 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/g3YyfgUK0ye4_zZ0TZo1Byqq3c9tr_Gw3_pcFoz461A.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
8376327e050ad327b8ff36744d9a35072aaaddcf6daff1b0dffa5c168cf8eb50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 15:29:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
17939
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14577
x-xss-protection
0
last-modified
Mon, 24 Jul 2023 13:39:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 28 Jul 2024 15:29:20 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 95A5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307250102&jk=4180726031202261&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
g3YyfgUK0ye4_zZ0TZo1Byqq3c9tr_Gw3_pcFoz461A.js
pagead2.googlesyndication.com/bg/ Frame 1FBB 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/g3YyfgUK0ye4_zZ0TZo1Byqq3c9tr_Gw3_pcFoz461A.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
8376327e050ad327b8ff36744d9a35072aaaddcf6daff1b0dffa5c168cf8eb50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 15:29:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
17939
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14577
x-xss-protection
0
last-modified
Mon, 24 Jul 2023 13:39:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 28 Jul 2024 15:29:20 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame E5E9 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=35537559&p=156307&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
031277f080ed721fc6e52f0a1bbd9564bf809e727203e54b60add0f9b3335061

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Sat, 29 Jul 2023 20:28:17 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
native.js
s.yimg.com/dy/ads/ Frame 0D25 		80 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/dy/ads/native.js
Requested by
Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_bg3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
87.248.119.252 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
e2-bmr.ycpi.vip.deb.yahoo.com
Software
ATS /
Resource Hash
fe397926b9153eef1ff4b993c12314dee516648b4b9eb17398b3e4252c0b61fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:26:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-request-id
1TMV1XWSWNF9ZMWK
age
85
x-amz-server-side-encryption
AES256
x-amz-id-2
0h+qAEA1IRXzXYRf1jR3MbHcmvDoCtpygO3H2ljo3RYiDS962zloEIvKIBuRcBf/c3jZagRX4QY=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 09 Feb 2023 17:58:02 GMT
server
ATS
etag
"1ec4e10d0dddd5bd001bd7317afd4f4c-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
accept-ranges
bytes
truncated
/ Frame 0D25 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9bdf605dce5d98ec561eba36fab55657cd4b1946cfc975cc8b6a33ec42491ca9

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
native.js
s.yimg.com/dy/ads/ Frame 78F6 		80 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/dy/ads/native.js
Requested by
Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_bg3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
87.248.119.252 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
e2-bmr.ycpi.vip.deb.yahoo.com
Software
ATS /
Resource Hash
fe397926b9153eef1ff4b993c12314dee516648b4b9eb17398b3e4252c0b61fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:26:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-request-id
1TMV1XWSWNF9ZMWK
age
85
x-amz-server-side-encryption
AES256
x-amz-id-2
0h+qAEA1IRXzXYRf1jR3MbHcmvDoCtpygO3H2ljo3RYiDS962zloEIvKIBuRcBf/c3jZagRX4QY=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 09 Feb 2023 17:58:02 GMT
server
ATS
etag
"1ec4e10d0dddd5bd001bd7317afd4f4c-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
accept-ranges
bytes
truncated
/ Frame 78F6 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3d546c4f84d9a0cb28607cab6c0113774500893658fd1b63b0cac9951296b046

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
generate_204
tpc.googlesyndication.com/ Frame 4B83 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?Mwrzzg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f161.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:28:19 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 1FBB 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?seSWeg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f161.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:28:19 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
getAds.do
ads.yap.yahoo.com/nosdk/wj/v1/ Frame 0D25 		290 B
614 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?agentVersion=205&adTrackingEnabled=true&locale=en&adUnitCode=bcca64ee-253d-4aef-a886-21cefca8d05d&apiKey=SXG6B5X3FQVQPXFZFMVG&gpp=&gppSid=&usp=&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Frisu.io%2F&caps=16&cb=jsonpCallback0
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
87.248.100.137 -, , ASN (),
Reverse DNS
Software
ATS /
Resource Hash
6227e2f11efa93c7eb0ea38ed73a866426f7080d40f3a34a6670bff550656d0a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
date
Sat, 29 Jul 2023 20:28:20 GMT
server
ATS
age
1
x-content-type-options
nosniff
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Accept-Encoding, User-Agent
content-type
application/javascript; charset=UTF-8
x-envoy-upstream-service-time
10
x-xss-protection
1; mode=block
x-request-id
4a6c7b92-00d1-42e6-9df6-7babff7c9db3
b
geo.yahoo.com/ Frame 0D25 		43 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geo.yahoo.com/b?t=xhkd7&9sdk8454
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.125.72.139 -, , ASN (),
Reverse DNS
Software
ATS /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Jul 2023 20:28:20 GMT
strict-transport-security
max-age=31536000
server
ATS
age
0
content-type
image/gif
p3p
policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control
no-cache, no-store, private
x-envoy-upstream-service-time
1
content-length
43
b
geo.yahoo.com/ Frame 78F6 		43 B
832 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geo.yahoo.com/b?t=xhkd7&9sdk8454
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.125.72.139 -, , ASN (),
Reverse DNS
Software
ATS /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Jul 2023 20:28:20 GMT
strict-transport-security
max-age=31536000
server
ATS
age
0
content-type
image/gif
p3p
policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control
no-cache, no-store, private
x-envoy-upstream-service-time
0
content-length
43
getAds.do
ads.yap.yahoo.com/nosdk/wj/v1/ Frame 78F6 		290 B
381 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?agentVersion=205&adTrackingEnabled=true&locale=en&adUnitCode=bcca64ee-253d-4aef-a886-21cefca8d05d&apiKey=SXG6B5X3FQVQPXFZFMVG&gpp=&gppSid=&usp=&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Frisu.io%2F&caps=16&cb=jsonpCallback0
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
87.248.100.137 -, , ASN (),
Reverse DNS
Software
ATS /
Resource Hash
6227e2f11efa93c7eb0ea38ed73a866426f7080d40f3a34a6670bff550656d0a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
date
Sat, 29 Jul 2023 20:28:21 GMT
server
ATS
age
0
x-content-type-options
nosniff
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Accept-Encoding, User-Agent
content-type
application/javascript; charset=UTF-8
x-envoy-upstream-service-time
11
x-xss-protection
1; mode=block
x-request-id
c22ecc24-8d2e-495b-ae19-0ab6ac1abd8f
Pug
image2.pubmatic.com/AdServer/ Frame 6634
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5107433829100500179
42 B
273 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5107433829100500179
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 29 Jul 2023 20:28:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Sat, 29 Jul 2023 20:28:20 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5107433829100500179
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
pubmatic
d5p.de17a.com/getuid/ Frame B6D6 		35 B
125 B 		Document
General
Check archive.org
Download Go to
Full URL
https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.155.156.168 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

content-length
35
content-type
image/gif
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 6484
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 29 Jul 2023 20:28:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Sat, 29 Jul 2023 20:28:19 GMT
expires
Sat, 29 Jul 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
799255
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame ECF9 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=75D8FE22-98F9-4FFF-A1EF-8DD3948A4671&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.228.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sat, 29 Jul 2023 20:28:19 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
JK4RYQB4PHHCNTQYJ73K
Pug
image2.pubmatic.com/AdServer/ Frame ABC0
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=vQCd7LwCy7ymUJzh6gbTu7kFy-imVp29swEBjFdZ
42 B
570 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=vQCd7LwCy7ymUJzh6gbTu7kFy-imVp29swEBjFdZ
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 29 Jul 2023 20:28:18 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Sat, 29 Jul 2023 20:28:19 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=vQCd7LwCy7ymUJzh6gbTu7kFy-imVp29swEBjFdZ
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 5523
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=968244379336290942&gdpr=0&gdpr_consent=
42 B
296 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=968244379336290942&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 29 Jul 2023 20:28:21 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
1c1fd7df-9805-4d86-afd8-7c5dc5452637
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Sat, 29 Jul 2023 20:28:21 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=968244379336290942&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
91.205.230.195; 91.205.230.195; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame 65C6
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7261340150374463631&gdpr=0&gdpr_consent=
42 B
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7261340150374463631&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 29 Jul 2023 20:28:19 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Sat, 29 Jul 2023 20:28:21 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7261340150374463631&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Pug
simage2.pubmatic.com/AdServer/ Frame B2BD
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=ibJxpZ-JWxpKSH8HagjfhFvN5sM&gdpr=0&gdpr_consent=
42 B
379 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=ibJxpZ-JWxpKSH8HagjfhFvN5sM&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 29 Jul 2023 20:28:18 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Sat, 29 Jul 2023 20:28:20 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=ibJxpZ-JWxpKSH8HagjfhFvN5sM&gdpr=0&gdpr_consent=
sync
t.adx.opera.com/pub/ Frame 1D30 		0
0
pm
match.prod.bidr.io/cookie-sync/ Frame F589 		0
0
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame 9A65
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
85 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZMV2ZQAEkkgX0ABY
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 -, , ASN (),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Sat, 29 Jul 2023 20:28:21 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-lis1490056-LIS
x-timer
S1690662501.243738,VS0,VE93

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Sat, 29 Jul 2023 20:28:21 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZMV2ZQAEkkgX0ABY
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-lis1490056-LIS
x-timer
S1690662501.102823,VS0,VE92
/
csync.loopme.me/ Frame 1235 		0
0
bridge
cm.adgrx.com/ Frame 6A0B 		43 B
283 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.245.179 -, , ASN (),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Sat, 29 Jul 2023 20:28:21 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-7
usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame 760C 		0
0
cookiesync
core.iprom.net/ Frame 7FD7 		0
0
cm
ipac.ctnsnet.com/int/ Frame 07F9 		0
0
i.match
a.tribalfusion.com/ Frame 8BFE 		0
0
pubmatic
ad.mrtnsvr.com/sync/ Frame B30F 		0
0
/
sync.taboola.com/sg/rtb-pubmatic-network/1/rtb-h/ Frame BFCD 		0
230 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.taboola.com/sg/rtb-pubmatic-network/1/rtb-h/?gdpr=0&taboola_hm=75D8FE22-98F9-4FFF-A1EF-8DD3948A4671&orig=video&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
pt-PT,pt;q=0.9

Response headers

access-control-allow-credentials
true
date
Sat, 29 Jul 2023 20:28:20 GMT
server
nginx
x-fastly-to-nlb-rtt
39700
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E5E9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ddj-Ipj5T_-h743TlIpGcQ%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Protocol
H2
Server
23.36.224.187 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-224-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:28:20 GMT
content-encoding
gzip
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=44521
accept-ranges
bytes
content-length
5606
expires
Sun, 30 Jul 2023 08:50:21 GMT

Redirect headers

pragma
no-cache
date
Sat, 29 Jul 2023 20:28:20 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame E5E9 		0
0
cr
cr.frontend.weborama.fr/ Frame E5E9 		0
0
/
dmp.adform.net/serving/cookie/match/ Frame E5E9
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=75D8FE22-98F9-4FFF-A1EF-8DD3948A4671
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=Z2VtYTVMTktVVVlUOWFyLUxMR3R1QTdhZw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
0
0
Pug
image2.pubmatic.com/AdServer/ Frame E5E9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NzVEOEZFMjItOThGOS00RkZGLUExRUYtOEREMzk0OEE0Njcx&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Protocol
H2
Server
198.47.127.205 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 29 Jul 2023 20:28:19 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 29 Jul 2023 20:28:20 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame E5E9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEbJiMDwbKl_5zFkmGivJms&google_cver=1
42 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEbJiMDwbKl_5zFkmGivJms&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Protocol
H2
Server
198.47.127.205 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 29 Jul 2023 20:28:18 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 29 Jul 2023 20:28:20 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEbJiMDwbKl_5zFkmGivJms&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame E5E9 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame E5E9
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4557570919883808046
42 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4557570919883808046
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 29 Jul 2023 20:28:21 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 29 Jul 2023 20:28:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4557570919883808046
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame E5E9
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=fcde6ae8-8588-4830-a265-ccc13a104767&gdpr=0&gdpr_consent=
42 B
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=fcde6ae8-8588-4830-a265-ccc13a104767&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 29 Jul 2023 20:28:20 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 29 Jul 2023 20:28:20 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=fcde6ae8-8588-4830-a265-ccc13a104767&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
355
75D8FE22-98F9-4FFF-A1EF-8DD3948A4671
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame E5E9 		43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/75D8FE22-98F9-4FFF-A1EF-8DD3948A4671?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.217.214.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-217-214-211.eu-west-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:28:20 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame E5E9
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=75D8FE22-98F9-4FFF-A1EF-8DD3948A4671&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-0CiNqKxE2uUtrwCTvyeUDrAlbABnGAA-~A&gdpr=0
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-0CiNqKxE2uUtrwCTvyeUDrAlbABnGAA-~A&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Protocol
H2
Server
185.64.190.81 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:28:21 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-0CiNqKxE2uUtrwCTvyeUDrAlbABnGAA-~A&gdpr=0
date
Sat, 29 Jul 2023 20:28:20 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.64
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame E5E9
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=0c810efa-1685-4093-af12-4c678061e3d0&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_9f1af562-b244-4186-964a-de9835d4fb14&bsw_param=0c810efa-1685-4093-af12-4c678061e3d0&expires=10&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=0c810efa-1685-4093-af12-4c678061e3d0&gdpr=0&gdpr_consent=&gdpr_pd=
1 B
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=0c810efa-1685-4093-af12-4c678061e3d0&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Sat, 29 Jul 2023 20:28:20 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=0c810efa-1685-4093-af12-4c678061e3d0&gdpr=0&gdpr_consent=&gdpr_pd=
date
Sat, 29 Jul 2023 20:28:20 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame E5E9
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=75D8FE22-98F9-4FFF-A1EF-8DD3948A4671&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=e58dd153197197b&is_secure=true&networkId=17100&version=1&nuid=75D8FE22-98F9-4FFF-A1EF-8DD3948A4671&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALGSFrVDgMbgNPb4nsAAAAAAA&expiration=1690748900&nuid=75D8FE22-98F9-4FFF-A1EF-8DD3948A4671&...
42 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALGSFrVDgMbgNPb4nsAAAAAAA&expiration=1690748900&nuid=75D8FE22-98F9-4FFF-A1EF-8DD3948A4671&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 29 Jul 2023 20:28:20 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 29 Jul 2023 20:28:20 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAALGSFrVDgMbgNPb4nsAAAAAAA&expiration=1690748900&nuid=75D8FE22-98F9-4FFF-A1EF-8DD3948A4671&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame E5E9
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2355267517082634137&gdpr=0&gdpr_consent=&us_privacy=
1 B
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2355267517082634137&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Sat, 29 Jul 2023 20:28:20 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2355267517082634137&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sat, 29 Jul 2023 20:28:19 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
image2.pubmatic.com/AdServer/ Frame E5E9
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=0a8dc93f-e62f-4ffb-bec6-500b4f75b0c8-64c57665-5858&gdpr=0&gdpr_consent=
42 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=0a8dc93f-e62f-4ffb-bec6-500b4f75b0c8-64c57665-5858&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Protocol
H2
Server
198.47.127.205 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 29 Jul 2023 20:28:20 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 29 Jul 2023 20:28:20 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=0a8dc93f-e62f-4ffb-bec6-500b4f75b0c8-64c57665-5858&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
pubmaticmatch
match.adsby.bidtheatre.com/ Frame E5E9 		0
0
sodar
pagead2.googlesyndication.com/pagead/ Frame C09C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307250102&jk=3826556028592078&bg=!LS6lLnrNAAZGOVy5Zjk7ADkAdvg8WrAWJyypJng9cS9e_xBiABP9WD7DYpbAg_hwEcxQE_OBUzmo9aryVy66MP__Cco_zhDF2NECAAAAulIAAAAHaAEHmQLtjW_DrYEO1DB0o7Lt_2HbmliY1jKu3SFOf6BzDzwEImL9CEGHBdxW43wmoslHGqhqlBYV-7kuvAYrsqz8EUlN1hYHQna9769UE1sa_OX7yroE35wM7u_zTU3Uc7SZSRPv3VymlN1iqQCBkeFOZXtgG-R2GbSQ-nNFaLWLODUaaVSeW8fYfADvIZlbszkNVXqIZ50AHxm5Qsjfm1onhSLHGXbUjIsZYNQ33aAHyQT3mC1RKF4q6nUXe_m2hkAXD-WgGG_YG0Y6EU3n53Q2rtMd3KdrzLxb15vKaj4Qkg---g24W2974VRZTONc85br-BU-atOWzd78Wsyf0blwnnh70shvZtkdvWZR4wPO9lR-obLYBbItqqgnPBTV-H-BZwbjajjVN9h6wOZTkRRkH5E6EFAh8WRVmrAv8465AKftS6CSrJ7dl8p6zKD5MEAF77neIhA8tpF_YNuzdhpvsICtChUC_skIfb7RROsHaTHISVL6WPuE_2pkz_SNJOgipHstHjCv7jTD9Q3eVFXsj0q2d47sru5nM-q6KVETj6F9wIoq79Knxiwmr0WmR4jvBx-EO9Y1DjSYKZ-yZF4Ab7ykAs5wZqEB9reK6-9XwXORGchtrs6bCXUFlm3zkdMjCozKKnct2xbjRIfF-1W1zD3xdydY7UMHs89VW7COeYM-9kZ5bg9QW69Ze2chAia4d9c7Yr9o3c4ay_sXpbfq-rDSVLGnkoyQIQ12LOYA6haADW5h5T4CIEs-V0DFZlOH5TbQ9nsFmN22kxu4TlGkf7rejTmlhX2t4UHHOrmAU1NiBGbMZ6H3zAe1c574w6uj8c53ECdnIIW2qLEsR47TQe8XQQDRcrdCO2Kk8gLtwlP2Gc6PrkP0vCJ5IBNyT38-JbgG4tJTgHvgBYuO32KLJT_kIrwTaM1TJYMLqiCRATvZTDpyz2MZBZIqFCpV8KNZiGBaXP7lwR1epNNhS5suCv-uX6udh0Do_03QX-Wbf9U
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 3E57 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307250102&jk=4180726031202261&bg=!rK-lr_vNAAZGOVy5Zjk7ADkAdvg8WsHPKcc6rFJFJv6cnpfeTnfXlTWe1DCxDGwbSYRS2vpgtRptdEngIbTpget8SKCEMLG2zWYCAAAAm1IAAAAIaAEHmQLstLhL0XDsmyjZUNBRUUur2EILjRMfOfyFjIgbstwMQ404J2iUW5mA8aR4x4O-H9gfncUAo8AQD-7Lnp8l6iDcZxOI7RrdkbNT0fxGZo4TiAUfZMO_WtIiH1rk1hT7AjEbo8WxV-rj9sXSbyyMs2QAhHy1gB1jqjQZWVeOgTZ9V47cuphBKpRGhb4zaOAoVn2taAsp8_lu3qajQOoOnDqwTaRKr4v_6bEHjCN7ldxDEqLpnY6zehjCE7Z4L8srKF-aPuA08zNaOsp030zlJYDVX0ReBf4cHLRNN_fZdHlJTGZRQprSRl8qOTDlB9Gm2Jly8d6JwDnpblU0PrHd6I0NjAtlmCA3Yms_dOBWOIQEEa-5dZtsW2ocdErIqX4YI7sBhuJaXbeWKgtuBF5ckjCJAiW7taANRsLYkh-7W_-UsZLBNzDCu9tUnbBbBt6mlBx0TLYbl2omBZ3aDm_T6NnTPJY12pXaLvj0Sj2IFA3xuGC45tH_0wjpF3g9jcXfsHWPFwDpk90SvXD9w7-Mi38Fmf4EKKgDZ_HCI5tOqvpwYDPF-eS8vGL1-zS11-BkCyMAH7rL7lOeklvEjF9pjLZzx3J0RAhTa9-GC8UY4WbFty1AIpLFCHJ3ds6upIMg1pIV_1iilxFw1aHQuIROvzJ2qbSBRQZ7trWYYmoXvZNju2qBq2uRZFKWJ0QBBEoL52HUPpTc1_4t2co7-mBTUoW0b98oDEC3n7HOBrEEoSybER0fEbmLaaS7SCAnICRyGqtRwhg_X4gJwxJFYZ-vNFluC7Yhrk5pMLkUMc_uTxflt1zrU6EKT5MzOgqfiAbsDB2nM12tCHbXTU0ulsjoURsJUZPL4Z9wya7prbrPfHGJItlupg56BMjmyc_OYuq_3JuymNryRZYJFOzxoVF5T7wxOiLgQ7GMgLVgjWmcSUtfBD1pFhW9UoH_rUWwVI5i_HoTzxNMm30qyroZkiQ4f_Pb-NrM0SZRl03S7qpseQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je37q0&_p=8550&cid=882518502.1690662495&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1690662495&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fyou-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html&dt=%E6%82%A0%E9%81%8A%E8%81%AF%E5%90%8D%E5%8D%A1%E5%B0%87%E6%8E%A1%E8%A8%98%E5%90%8D%E5%88%B6%E3%80%80%E9%81%BA%E5%A4%B1%E4%B8%8D%E7%94%A8%E5%86%8D%E8%87%AA%E8%AA%8D%E5%80%92%E6%A5%A3%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_failed&_et=3
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Jul 2023 20:28:20 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
visible
trc.taboola.com/palmate-bg3co/log/3/ 		0
378 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/log/3/visible?route=HK%3AIL%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230727-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
112
date
Sat, 29 Jul 2023 20:28:21 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
108283
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-lis1490045-LIS
pragma
no-cache
server
nginx
x-timer
S1690662501.095277,VS0,VE112
content-type
image/gif
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
sdk
cdn.aralego.net/ucfad/sdk/us-east/ Frame 0D25
Redirect Chain
  • https://agent.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
39 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol
H3
Server
104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:28:21 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1086
alt-svc
h3=":443"; ma=86400
content-length
40181
last-modified
Tue, 20 Jun 2023 03:04:26 GMT
server
cloudflare
etag
"6491173a-9cf5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wj3xNqAaSjy%2FKQEUd7GE0oAumbmaWmknaI6EVI0x2tCUTTPCdDJzJmZDH%2F2zhAd%2F%2FO8ZmujN9zGNLuI96bNiyMCFF%2B8buWN9MrvzMovlBxHQoN8q9RNZXVzs2u8wBF0y0w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7ee81b9aff8403b2-LIS

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection
close
Content-length
0
sdk
agent.aralego.com/ Frame 78F6 		0
0
ucfad-formats.css
cdn.aralego.net/css/dev/ Frame 0D25 		975 B
744 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:28:21 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
874
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BeKDgOaWwRhaxmcRFAENPF0KGZtn73U5Uyz1dR%2FAt%2FRxbalJDFG8atAag0Haal1MJ%2FJyaohNgKHA8hxCK2nYZ5tOcrkxsjJs0Scg2MmibiShPs1YrKRe6LOgj2du0UCGHg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
7ee81b9b684b03b2-LIS
ad_request
ads.aralego.com/ Frame 0D25 		0
0
view
securepubads.g.doubleclick.net/pcs/ Frame 0D25 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssxm6CtRAuVe79pJ_A0T3L6xEd24NoxFIHfPcqLJmEoN-bWxNzKq8NGvIgr7iEf_YKwYv0K52KfmhsWyuuGS92xKXG2ziZfATfSucrhpn1oC0WQg_p_ud0YPT7FO4e15FAf8Ayv1ZhY8mdJ0ar3jADfzVDoEEev3FJPxY_RtgmZhbpdgUZ-JemsJdJYMn5NYWRdPk0b6slGIiC8lE7qXjrYpuNNj7NuVnuAVkfH2VMx0dAA1KjMkh9InbOhHC7awXGV-K_X64nOEmWuIYxV56NRT9MbADnAKMzm6KMYp4-10XN0dsiOU7RvaVWY1jSw8aDJza0E-ILkTGKMcFg&sai=AMfl-YRmPy71vEUAJGif9uwYEbAJjjQNwWIC8lbjoYc4Im6RRr8aX3wjG3sRKs8jr82Se6smRFQM70h4WoATMdpV-s6VC8fCzPpH-A0d-A&sig=Cg0ArKJSzKxkZTMPQfyvEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:28:21 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 29 Jul 2023 20:28:21 GMT
VideoBidRequestHandlerServlet
am-wf.taboola.com/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=165757&tagid=946347&crid=-1&noaop=3&sortOrderType=0&cb=1690662501868&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1536&pt=495135474&tz=0&viewable=true&ddast=V8n44CLAacvlxV9WPmnBE4fbmq6sfMOSsAAABgYID-AAlZFsaZaTVxK1Ymw1o0GHnWEsds4VYYR7vRxLPcWFaWISAhy8I4M60mbsXKZFiLBiPPWuKYLdwK42g3mniWG8vKMgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZnaDodPte9Xvf73SU-z1zj9yv8yr_rrfy73mKnw-5WO-0-t-LpcEudDrvPrXE43VKnW-20-9zSo9OtfLo1R6db4nor_3afW_pwuqVPt-Rld4scfrfa5bQLTW-zHQAAAAA8-P___4cAAAAAEAEAAABAAgAAAACFgAr_FgQuAAAAAGD4____1wAgtkGgieRAAK-7yx8AAAAAQAAAAACQAEBAPywBEGO8d-L_________P8YAfeaNjP____8bBj0AHnwAPAgBAAAAGqIoXP5s-7DNTaRAswgjAAAAAFvN5sNHJukEFYsq_____VYArgAABCSOWnlxZNEdlHgLAwAAIDBmgR4Wv9_ssGv8bpf5_________zfzf-YfTRClmVkaocnRazW_gAAAa34BAQDYqBsAgDcBcIIOQSsGg9UJiNkBAAAAuPP___-vB2QsvtlsMJuZBhPjZmOy2GYz18ozm7hMG9vKMXF4z113x3UweCRsnw1hmf2-g4JyenrMLoOM5TIZxAcNw3IyCOZnwhaj1WSyWQ5ny8VkMBwNR6P9EcDlAE3EYLmcTBaT3Wq0Gm2Gu9FssEACMZggihYNJqvRaLKYDFejyWq2XOx2G0TRqtVstBkMV7PJbLdbDQfD5WiEJmwxWk0mm-VwtlxMBsPRcDQaIphyzBa-xW6zFg0Gw7VouFu5FY6JYy0abkzOxWY0Mw5ma9HrY7pYXDaLyeRFggFte5E8LdKJbDObbXajwcJl801Gho1lZNsMlpvZxrDxWIwjz0Qs0Zws0onssu9YfLPZYDYzDSbGzcZksc1mrpVnNnGZNraVY-LwtxyzhW-x26xFg8FwLRruVm6FY-JYi4Ybk3OxGc2Mg9la9PqYLhaXzWIy-Ruz5WA2m4yWm31jthzMZpPRcrPv0Bm-q8_ZqCyrJB-dR5tMGw83p0HhMli8a_XpLCwKD9ZouOh0ScTHzs7o9_v9fr_f7_f7_Qat52A2KHzPw184fSzP5XA2ehAbFIpYIrhIJ4KH2e0wvdwSn2fjt4glStNFOtEr_Mq_6638u95ip8PuVjvtPrfi6XBLnQ67z61xON1Sp1vttPvc0qPTrXy6NUenW-J6K_92n1v6cLqlT7fkZXeLHH632uW0C01vs0UsEZwu0onoZTxd1H_kkIu5ZLCaSzaDuWK5WiUAAAAAAAAAAEswyXQTAAAAACeDGm6Gi9U6HcxkNhnsVssFcBGUpQsYBAAAAAAAoFhjjzXAw-x2mF5uic-z8VsZgARzHrPNPiOItVotawAAAALYAAAAArjpxptAEynu____fxwAAAAZOfQAAADo9wFNxa0XeuBK8SuIxWIw3D8AFWKtVqvbjbVaLQ!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=lvlstst-in2_vC!lvlstst-in2_vC!lvlstst1_vC!nonrv_vA!t45!ufm_vG!ul3310_vB&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.6/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
a865e2239835d63494c807cc398e08ec999b37548036c991412c99fbd4ee2562

Request headers

Referer
https://www.bg3.co/
accept-language
pt-PT,pt;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Sat, 29 Jul 2023 20:28:22 GMT
content-encoding
gzip
server
nginx
machineid
1464
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame E5E9 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156307&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.81 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
pt-PT,pt;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 20:28:22 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/2b8b4ecb3b1cb55363901b8a176686b8.jpg
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/f5ea085274908fd0a3878df4278663e7.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/02dcdf68c81501029fa1b6e468ce0905.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/51342a488381ca61e86428b650f40475.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/a6b823deb358b4ad4afd5bea617848e3.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/752b7d2ac71d9233c4b5a47a014b3aa4.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/2390823954f202a91068b11a95b987fb.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/c384fb3bac808cc700dcdcbb5f12bd8c.jpg
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/fbde1a3f949f8d8990624f85ecc6774e.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/ea700ea2d53f67801c0691f5eb5ad8e4.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/5679d32d0b8b4b34035d459fcb2a7b80.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/f21bcbfdb2adcf8614966cf76987457b.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/12016a8614d70f1881ec43a9b74ad017.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/c3393d50b4fa27a1914d2552f66416a7.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/c7fb89a1517986682f9cb4ebc504aaa2.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/b673493b78a256bbaf4174276ed7d55d.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/218a15524fc5be8b6179620e81cb5630.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/ec95270e3e7da2d4b3b0f97c8fe65486.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/0fcb057975ed80f76443b1fb9dd719f6.jpg?w=150&h=100&q=100
Domain
trace.mediago.io
URL
https://trace.mediago.io/ju/cs/taboola
Domain
t.adx.opera.com
URL
https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
Domain
match.prod.bidr.io
URL
https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
Domain
csync.loopme.me
URL
https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
Domain
cm-supply-web.gammaplatform.com
URL
https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Domain
core.iprom.net
URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Domain
ipac.ctnsnet.com
URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Domain
a.tribalfusion.com
URL
https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Domain
ad.mrtnsvr.com
URL
https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Domain
sync.crwdcntrl.net
URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=75D8FE22-98F9-4FFF-A1EF-8DD3948A4671&gdpr=0&gdpr_consent=
Domain
cr.frontend.weborama.fr
URL
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
Domain
dmp.adform.net
URL
https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
Domain
um.simpli.fi
URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Domain
match.adsby.bidtheatre.com
URL
https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Domain
agent.aralego.com
URL
https://agent.aralego.com/sdk
Domain
ads.aralego.com
URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=adx.holmesmind.com&u=https%3A%2F%2Fwww.bg3.co%2F&adid=ad-47BD2AED499228741372878ADE27B2E&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=undefined&cb=0.9095064572198917&ao=https%3A%2F%2Fwww.bg3.co&uaMobile=%3F0

Verdicts & Comments Add Verdict or Comment

140 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| _taboola object| adpushup object| ucfad_async object| adRecover object| AMP object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_URL_CACHE object| __AMP__EXPERIMENT_TOGGLES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS function| _typeof object| TRC object| _tblConsole undefined| msg function| setImmediate function| clearImmediate undefined| $ undefined| jQuery function| jqAlias function| runAnimCheck string| currentState object| adpGlobals object| googletag object| _apPbJs object| hbAnalytics object| adpTags object| googlefc function| __d3lUW8vwsKlB__ function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl number| taboola_view_id number| ampAdSlotIdCounter object| ucf object| request string| paramsString object| __AMP_EXPERIMENT_BRANCHES string| __AMP_DEFAULT_BOOTSTRAP_SUBDOMAIN number| ampAdGoogleIfiCounter object| gaGlobal number| ampAdPageCorrelator function| __an6na521li18__ object| NmI2NmEyN2Y1NDFlYzE1ZWxvYWRlcl9qcw== string| NmI2NmEyN2Y1NDFlYzE1ZWNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| _apPbJsChunk object| _pbjsGlobals object| mnet string| nobidVersion object| nobid object| ap_link_preview_states object| apLinkPreviewUtils object| apEuCountries object| _qevents object| ggeac object| google_tag_data object| google_js_reporting_queue function| _lgy_lift_callback_4308934 undefined| google_measure_js_timing string| nam object| placementData function| quantserve function| __qc object| ezt object| _qoptions object| cmTag object| IMUIDPushed object| IMUIDRequest object| listeningFors number| 3pla object| IMUID object| _cm_wfCounters string| lastWfUrl object| google_reactive_ads_global_state boolean| descriptionPage object| google_ad_modifications number| google_global_correlator object| google_prev_clients object| dataLayer function| gtag object| google_tag_manager function| onYouTubeIframeAPIReady function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray object| regeneratorRuntime function| webpackHotUpdate function| startCMTagMain string| category function| shuffle object| entertainment object| arrToUse object| playlist function| OvaMediaPlayer

71 Cookies

Domain/Path Name / Value
.taboola.com/palmate-bg3co/ Name: taboola_session_id
Value: v2_cb76606f40b83cdb66f5e36be4c6e1ba_e16a7173-4008-487e-a1b1-48cd9134f806-tuctbbefbdd_1690662493_1690662493_CNawjgYQ2YJdGNG62ZqaMSABKAEwZziY0QpA548QSKDx1gNQ____________AVgAYABosa_ptcr9986tAXAB
.taboola.com/ Name: t_gid
Value: e16a7173-4008-487e-a1b1-48cd9134f806-tuctbbefbdd
www.bg3.co/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3De16a7173-4008-487e-a1b1-48cd9134f806-tuctbbefbdd
.aralego.com/ Name: sspid
Value: f7625b99-7ca4-3c1a-b239-e2d79e12e9bd
.www.bg3.co/ Name: _im_vid
Value: 01H6HNCR7MX26M6QH6VXXN23MT
.quantserve.com/ Name: mc
Value: 64c5765e-db8a2-b2151-bcd85
.bg3.co/ Name: __qca
Value: P0-1377713212-1690662494228
.aralego.com/ Name: euconsent-v2
Value:
.aralego.com/ Name: gdpr
Value: 1
.adsrvr.org/ Name: TDID
Value: fcde6ae8-8588-4830-a265-ccc13a104767
.yahoo.com/ Name: A3
Value: d=AQABBF92xWQCEE-kQE_45jqpyHGxbx90CTsFEgEBAQHHxmTPZFkWyyMA_eMAAA&S=AQAAAmVsiPPQPR-fx06UuDHZDZY
.bg3.co/ Name: _ga
Value: GA1.1.882518502.1690662495
.bg3.co/ Name: _ga_Z0TZ7TDHS1
Value: GS1.1.1690662495.1.0.1690662495.0.0.0
.bg3.co/ Name: __gads
Value: ID=9d30a95d176349bf-22cf14ec0ce300a5:T=1690662495:RT=1690662495:S=ALNI_MagNi7TJtG8BuwzHsZm9CWGZPQrsw
.bg3.co/ Name: __gpi
Value: UID=00000d30e3f9188d:T=1690662495:RT=1690662495:S=ALNI_MYfUIfnHFp3j8e2WMqb4DusoX6agg
.rubiconproject.com/ Name: khaos
Value: LKOGSQGA-W-IT7N
.linkedin.com/ Name: bcookie
Value: "v=2&831c9e19-17f0-4ede-8a55-900f09d1a7ae"
.linkedin.com/ Name: lidc
Value: "b=TGST02:s=T:r=T:a=T:p=T:g=3053:u=1:x=1:i=1690662495:t=1690748895:v=2:sig=AQHOcHsH5eJAoUBMBL6fpD1J0IZ_Slii"
.bidswitch.net/ Name: tuuid
Value: 0c810efa-1685-4093-af12-4c678061e3d0
.bidswitch.net/ Name: c
Value: 1690662496
.bidswitch.net/ Name: tuuid_lu
Value: 1690662496
.doubleclick.net/ Name: IDE
Value: AHWqTUmaciYuB4EK2ih0CdMXW4CnjITpZINvEaSvcXFrPR7wVRUFFfTqEx1uXpELq5A
.contextweb.com/ Name: V
Value: Rc1V9QkqZbLI
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1lzr|5Ql.0.e16a7173-4008-487e-a1b1-48cd9134f806-tuctbbefbdd
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 5d5c2001d082f189
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.smartadserver.com/ Name: pid
Value: 585183440520965183
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 107:e16a7173-4008-487e-a1b1-48cd9134f806-tuctbbefbdd
.mfadsrvr.com/ Name: c
Value: 1690662496
.mfadsrvr.com/ Name: tuuid_lu
Value: 1690662497
.amazon-adsystem.com/ Name: ad-id
Value: A6BRsKgHTEKfk2WKQag8ytA
.mfadsrvr.com/ Name: tuuid
Value: fad5c2eb-8327-428c-bcef-9e7602da2817
.mfadsrvr.com/ Name: ssh
Value: !taboola,1690662497
.rubiconproject.com/ Name: audit
Value: 1|jIxqdqF/j3FYJBcNUPwmKsWiR67S6kFKOsReOlEMI2I5MNZGg2bWXac0IJbacQ3HgQ1RwURAZ7EiZ07GJqnMno4BjqNRGrmz
.3lift.com/ Name: tluid
Value: 1804489621073982743212
.criteo.com/ Name: uid
Value: 7ffabb06-d983-4a97-a752-e871b6e8cf36
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.openx.net/ Name: i
Value: 2291e47e-fd34-0661-2590-9b2e041e2bb6|1690662498
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-89b271a5-9f89-5b1a-4a48-7f076a08df84.lOx5k9dsDD86jWWvqZR%2BvZPsHJ2vfSa8uIGy2HpXe24
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-89b271a5-9f89-5b1a-4a48-7f076a08df84.lOx5k9dsDD86jWWvqZR%2BvZPsHJ2vfSa8uIGy2HpXe24
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AibJxpZ-JWxpKSH8HagjfhFvN5sM.pggWv8CKOwbxR4GD5%2F46aqA09MahTaDrXQij12R5MA8
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AibJxpZ-JWxpKSH8HagjfhFvN5sM.pggWv8CKOwbxR4GD5%2F46aqA09MahTaDrXQij12R5MA8
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIMUxcEjstsY0pNEFcvgXe-dyHuxbYAlo1XESRibKtWraEHwYBCDi7JWmBjABOgTwi70wQgQIKyCM.QpFv6nvKR1vCdETsTP6cSu3o14Ff4bZEG7UwEIWcuP8
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIMUxcEjstsY0pNEFcvgXe-dyHuxbYAlo1XESRibKtWraEHwYBCDi7JWmBjABOgTwi70wQgQIKyCM.QpFv6nvKR1vCdETsTP6cSu3o14Ff4bZEG7UwEIWcuP8
.adx.opera.com/ Name: UID
Value: OPU3e70f210a7f9448dba0de0b96d7d081b
.creativecdn.com/ Name: u
Value: llV2ZmVhoA2yewaWt7Oj
.creativecdn.com/ Name: ts
Value: 1690662499
.ads.pubmatic.com/ Name: KCCH
Value: YES
.lijit.com/ Name: ljt_reader
Value: HEDssQZHmMymOLj1Riuo01lI
.lijit.com/ Name: _ljtrtb_42
Value: e16a7173-4008-487e-a1b1-48cd9134f806-tuctbbefbdd
.adscale.de/ Name: uu
Value: e7b19e4558b141d8a2c33506ad0490e0
.turn.com/ Name: uid
Value: 2355267517082634137
.adscale.de/ Name: cct
Value: 1690662499768
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-6e5fd2fc-6824-4845-be29-f2e3f8c45d3d-003%22%2C%22nxtrdr%22%3Afalse%7D
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 75D8FE22-98F9-4FFF-A1EF-8DD3948A4671
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 156307:2
.pubmatic.com/ Name: DPSync3
Value: 1691798400%3A201_245_241_235
.pubmatic.com/ Name: SyncRTB3
Value: 1691452800%3A63%7C1691798400%3A161_55_254_233_264_166_22_238_3_249_54_71_165_21_56_8_81_214_176_220_46_234_13_251%7C1691884800%3A35%7C1691193600%3A15_2_223%7C1693180800%3A203
.quantserve.com/ Name: d
Value: EKMBCwHKKfijAA
.analytics.yahoo.com/ Name: IDSYNC
Value: "19cx~2d1w:18z8~2d1w"
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-6e5fd2fc-6824-4845-be29-f2e3f8c45d3d-003%22%7D
.adsrvr.org/ Name: TDCPM
Value: CAESFwoIcHVibWF0aWMSCwju9dSXjJ-IPBAFGAEgASgCMgsI7u3XxKKfiDwQBTgBWghwdWJtYXRpY2AC
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-2355267517082634137&KRTB&23150-2355267517082634137
.pubmatic.com/ Name: PugT
Value: 1690662500

21 Console Messages

Source Level URL
Text
network error URL: https://static.bg3.co/imgs/202105/2390823954f202a91068b11a95b987fb.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/752b7d2ac71d9233c4b5a47a014b3aa4.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/2b8b4ecb3b1cb55363901b8a176686b8.jpg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/f5ea085274908fd0a3878df4278663e7.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/51342a488381ca61e86428b650f40475.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/02dcdf68c81501029fa1b6e468ce0905.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/a6b823deb358b4ad4afd5bea617848e3.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/c384fb3bac808cc700dcdcbb5f12bd8c.jpg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/ea700ea2d53f67801c0691f5eb5ad8e4.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/5679d32d0b8b4b34035d459fcb2a7b80.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/f21bcbfdb2adcf8614966cf76987457b.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/fbde1a3f949f8d8990624f85ecc6774e.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/218a15524fc5be8b6179620e81cb5630.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/12016a8614d70f1881ec43a9b74ad017.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/c7fb89a1517986682f9cb4ebc504aaa2.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/c3393d50b4fa27a1914d2552f66416a7.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/ec95270e3e7da2d4b3b0f97c8fe65486.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/0fcb057975ed80f76443b1fb9dd719f6.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/b673493b78a256bbaf4174276ed7d55d.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://cdn.adpushup.com/42753/L2EveW91LXlvdS1saWFuLW1pbmctcWlhLWppYW5nLWNhaS1qaS1taW5nLXpoaS15aS1zaGktYnUteW9uZy16YWktemktcmVuLWRhby1tZWkuaHRtbA==.json
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=156307&userIdMacro=PM_UID&us_privacy=1---&predirect=https%3A%2F%2Fsync.taboola.com%2Fsg%2Frtb-pubmatic-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26taboola_hm%3DPM_UID%26orig%3Dvideo%26us_privacy%3D1---
Message:
Mixed Content: The page at 'https://www.bg3.co/a/you-you-lian-ming-qia-jiang-cai-ji-ming-zhi-yi-shi-bu-yong-zai-zi-ren-dao-mei.html' was loaded over HTTPS, but requested an insecure frame 'http://image2.pubmatic.com/AdServer/Pug?piggybackCookie=OPU3e70f210a7f9448dba0de0b96d7d081b&vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA%3D'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

26a913cfa320d0f204fd1581ad0e5bf0.safeframe.googlesyndication.com
72c64af70e5eb37bb8d4e610b6a77eac.safeframe.googlesyndication.com
8a90b2bd4764c30f3c7245686ebb31fa.safeframe.googlesyndication.com
a.tribalfusion.com
aax-eu.amazon-adsystem.com
ab1d08d97462a9db334f967904413160.safeframe.googlesyndication.com
ad.mrtnsvr.com
ad.sitemaji.com
ad.turn.com
ads.aralego.com
ads.pubmatic.com
ads.yap.yahoo.com
adx.holmesmind.com
agent.aralego.com
am-match.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
amp.analytics-debugger.com
audiencedata.im-apps.net
bh.contextweb.com
c1.adform.net
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.taboola.com
cds.taboola.com
ce.lijit.com
cm-supply-web.gammaplatform.com
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
core.iprom.net
cr.frontend.weborama.fr
creativecdn.com
csync.loopme.me
d-40685177173055300122.ampproject.net
d5p.de17a.com
delivery.adrecover.com
dis.criteo.com
dmp.adform.net
dmp.im-apps.net
dsp.adfarm1.adition.com
e3.adpushup.com
eb2.3lift.com
eus.rubiconproject.com
fonts.googleapis.com
fundingchoicesmessages.google.com
geo.yahoo.com
googleads.g.doubleclick.net
gum.criteo.com
http-intake.logs.datadoghq.com
ib.adnxs.com
id5-sync.com
ih.adscale.de
il-trc-events.taboola.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
images.taboola.com
imprammp.taboola.com
ipac.ctnsnet.com
l.logly.co.jp
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
match.taboola.com
nt.compass-fit.jp
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pips.taboola.com
pixel-apac.rubiconproject.com
pixel-sync.sitescout.com
pixel.quantserve.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
rtb-csync.smartadserver.com
rtb.mfadsrvr.com
rules.quantcount.com
s.amazon-adsystem.com
s.yimg.com
secure-assets.rubiconproject.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
sonata-notifications.taptapnetworks.com
ssbsync.smartadserver.com
static.bg3.co
stats.g.doubleclick.net
sync-t1.taboola.com
sync-tm.everesttech.net
sync.1rx.io
sync.aralego.com
sync.crwdcntrl.net
sync.logly.co.jp
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
t.adx.opera.com
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
trace.mediago.io
trc.taboola.com
u.ipw.metadsp.co.uk
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
vidstat.taboola.com
vidstatb.taboola.com
wf.taboola.com
www.bg3.co
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
a.tribalfusion.com
ad.mrtnsvr.com
ads.aralego.com
agent.aralego.com
cm-supply-web.gammaplatform.com
core.iprom.net
cr.frontend.weborama.fr
csync.loopme.me
dmp.adform.net
ipac.ctnsnet.com
match.adsby.bidtheatre.com
match.prod.bidr.io
static.bg3.co
sync.crwdcntrl.net
t.adx.opera.com
trace.mediago.io
um.simpli.fi
103.231.174.251
104.26.5.103
108.138.7.39
124.146.215.52
13.107.42.14
13.113.50.131
141.226.224.32
141.226.228.48
142.250.181.226
142.250.184.194
142.250.185.163
142.250.185.168
142.250.185.174
142.250.185.65
142.250.186.130
142.250.186.132
142.250.186.138
142.250.186.65
142.250.186.66
15.197.193.217
151.101.129.44
151.101.193.44
151.101.2.49
151.101.65.44
162.19.138.120
162.210.196.208
172.217.16.130
172.217.18.2
172.217.23.110
172.64.103.25
178.250.1.11
178.250.1.9
18.66.97.52
185.106.33.48
185.184.8.90
185.64.190.81
185.64.191.210
185.86.138.150
185.86.139.93
188.125.72.139
192.96.203.13
193.0.160.131
198.47.127.19
198.47.127.205
2.16.202.65
2.16.238.159
2.16.241.77
208.93.169.131
213.155.156.168
216.52.2.86
216.58.206.33
216.58.212.161
23.212.211.47
23.36.224.187
23.97.225.52
3.122.46.227
3.233.145.252
3.65.77.190
3.75.62.37
34.120.96.193
35.156.62.67
35.186.215.140
35.210.239.72
35.244.159.8
37.157.6.254
37.252.173.215
46.228.164.11
46.228.174.117
52.198.195.5
52.46.128.147
52.57.87.82
54.166.70.66
54.217.214.211
63.215.202.137
64.233.167.157
67.220.228.200
69.16.175.10
69.173.144.138
69.173.144.165
69.173.158.64
72.251.245.179
76.223.111.18
82.145.213.8
85.114.159.118
87.248.100.137
87.248.119.252
88.221.169.246
91.228.74.166
98.98.134.241
99.86.91.74
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0
02bf991484254138d067721b5df53637469c8b5023d0ba8fc49097b51f847316
031277f080ed721fc6e52f0a1bbd9564bf809e727203e54b60add0f9b3335061
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
04a4da74868876d08873ac8dfa79b120cc7614ba36031cef19e655588ae6cbfe
054e46e8e697376f028a8bcbeb426d6569965da575478f81fbffa9cdfc3d4bed
06eda23d73af6a281c07f5f8da4665297a1d339e0ea7a79928ea0b2381e1e3b6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cdc1d09aac29df4b32648b075b088d83174193624fe3c219cfd777692c9ba81
0d52e28e2f00236047c1ae1e1b2b9cbf80687d8df9fa6c825bf4caaa526eabd4
0e3d8fefb06a49434922a615f2f6fc7693bf2d59c6cfca15aabb91a8f9aca7c1
0f82b62ca70834fa28f5e86b2ff59f8a4b7fc58beff1c711b0fa922c0afe484b
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4
12c891a24b58fed07f1273f81563003d72560e5373a75681759182c474517d0f
13b01783a067f21e1a92d8fa559aa25c7f7bb60b7911dfa994efba7cc9e9d1d4
13d5c0f2451f0a14104098f72c6f3334114a68927e50beb4779a0bf98966d9f5
16ca4436ccbc7b885da06df96924689c3992e5f46c34810546c061e9f638c3d0
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
19a95ba9c933d2d3798025717a189d2f87680fc882f2fb956b272b59fe97d706
1aaf025f639a470b07578e4d8ff25534d985e0a1b823e48adcd03d565461b76f
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1e1cfc9ea007507336a48da366da275f8e35e341e544267e6082a12417afe29c
1fa0616a1df4a0404c8640f675de1f19aefdb9be8fd52a889683cc9f7d888318
226047b6df5b3d94b3177a2d35e39b8814c03acfb95e61eccea40c5eb81328bc
22e086dfa5f95b6b57f03fe1510874b80bbf43952fa16e97c661ef65afd7cd39
2302f9f18f9519c66d0372bc2474ac255fad28b087c578ccf6d0f653b2149e61
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
2720161e5d2e0d31c75451adf76cf9c533c2db7e130dd9d2b0565feda0f96828
287077b1aeaca25ca5387fa4bccd16aa0f098f48ab4630152689426db2d97470
2aec7a278e6dcbc6fe1215aa393f819226b5ce4c8e0490f7ff1e263f29b07f89
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e1c308b644d5be0cb3ca8d1ed6ca9caf2f559a2db097ce23040bb7e6f352d6e
2f5cecd935167816a958b990c159685f19df5d42134d4edd46f15ba67b5a7f67
30440c593b86740ded122b76696292c5cdfc0cd98f9703bc15baf1e1bd191b53
354870399cd25b9a3e2d93b89ab95c7d37b034d9a813a3508eebeba38b09330b
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6
3890daf7d48a0e1db6064078f5fcac464194d2b8a84d386acdf93b4d84bb322b
391add0d2045e77baa1b849271fcdfafdda692ea202619fcba7aa38d96cac4a5
392c32f20b9f867852a946a6ed1c5e21476df9619083548b6585d80a3b5f9bd4
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3d546c4f84d9a0cb28607cab6c0113774500893658fd1b63b0cac9951296b046
3d82042ad290dcced0c94b6634da2d1e0c51fad71a2952e5e97accb3256ffb53
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4250cad4df87001d8741c81b205806e7e6d450e4570e56711af3c1feb20addd1
426464c2334334cbbabcfa4f07137c7aefa6264e2ae68528e9a1e346d5f14067
43a83648821763999517a452b242cd9dc3f25c9278aa8be1e242fd5c1b048e7e
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4bf2dc242cae49d2b3f8d24aebb7354d3304d257435af62ba6245481e765858a
4c08aed45b6d50840298de3ecde4f178161e5d27d3519ee9a074458db0d1f3ec
4c91faa70440659b95d1141959a87f0298fbd6239057f57b03910c7a395dd9eb
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fcde06d3963713e552d9d46936109ce6d3d389318c4c053217dd0a8b12e7b85
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54d276379c74a84f2a492dffd42961f41b243e4e938eef6d3125375cb91709de
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5770d0ab0f132c17e357c960ca4e6e0c48ea1cdb4136c2b032c84d99cffa40ef
5a42323e0b1c4e0d4d08124e092838d317dec3536cedfeb797380f02c1ebc132
5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de
5cadff2350fc773eb3b6a411312da427b6fb32db569f2ba7769f4aac55091dc0
6186e8ee89cd8af48bfa175c4c301e586b4683d8d24768162478dfbe00fab148
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6227e2f11efa93c7eb0ea38ed73a866426f7080d40f3a34a6670bff550656d0a
68cde69b89dc60568795e7009e5e712873a1ccd7a2883b11d0beab7261bb8f08
69fa4215009a4325ef2d8ed36a318853ec8597bfa8fc52197de529582b85a965
6a80566a14ad0c9ed05a4dca600dd0dcd7779caef2e98226cca37fbe89526d3a
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8
6b58feb38239b5401f1a51db3c0229ac8890f933ca12a2d3f5b7b6a1ba9a85a2
6b6ea3431c92182abf69cd7d5ae0fcc5463a22a48d89e39514eba875749dbdbc
6d1a486fb7bf4bf3652ed47683e0564b1d331a8972766b017eb442f6fc743a73
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
6ddbb71ac5e7ebafb5abfa20ebb2bfa3a987971835a10112cabd7d54f45c2c30
744d7fd2eff83541a5bb71b6a8a7d78898279e1e4ad18d066a0aaead5f451583
772d8483dc798469eea18fd2f54c65b20f1ea04be605c7a88deddf020abe47bb
795d055db93e8db11f35f8c20d60ffa7109e9c162c1eb4f7d5ced34d3aff4e11
7ba3673609431c0870316b3662d1d1c33e7cf76395d8403d7d3e10bfeb8c55d6
7d8a0b440d7068d5cb52547946da570da8238088d744ce73cbd6129b87200a12
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030
8065f98a0c313ee69495c3c529c6d093e08c980c4419bdf2c9c7318925056ead
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8376327e050ad327b8ff36744d9a35072aaaddcf6daff1b0dffa5c168cf8eb50
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec
86195014b2476ea609c147c86ffca7082fb59d5c2cd9d1d67f8706b93ec5164e
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a22964b2ebdc11d24988421a5d2f93bd9347282a837c664c4515e0b3611b3d6
90272552cc714c842df1bc17bf5b899eec2263a7eda39b1718460b49413adf93
91bf1a6cedc2b670e224abf867b580ebeee8076263c665b53d6c4aed3e37acfe
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8
964783a75f5a7ecc32d48da45cc6025af80e263d6ba6530dc62cc25865b2eb00
9861eb034ef45f9f5cab43f085a41b48d9914860983209d1146c9ef7f8ee9220
98e6148a24faebb929a0138d6d686d44d5eedc6a33d9415eb0a0f803485bc656
9ac13a3b749d313c0d9735b75c2f13090f88ad739e9cb6a5846cfe3355ce29ce
9bdf605dce5d98ec561eba36fab55657cd4b1946cfc975cc8b6a33ec42491ca9
9cdc95083c5dd815740afe83dea84a27d82d2d69a56dda26d1330bfc525f7086
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a17345f4abaec8554f4d73763a88c08376893754f5ec5feee5316affbc1152f6
a1e0104a48426dc0e5046b42b03fd47e86d9ba08e52cca42c730f0234420ec90
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
a865e2239835d63494c807cc398e08ec999b37548036c991412c99fbd4ee2562
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
aecbcd81ab4ba067ecfc856682cb5d34b2249db6564ae0e4f3f23422b734dc31
b031de3df41b8270548e7ef1e786892ff7d876ede2cd02e355b9cea2b9f63bf7
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b437d1ea8c9296a76a0a849a07df4506bf624c3e0f3c70a14f03aa88f5fec89b
b673b0fa1f8bc3b2b034f13fa12aafb26e144ac9dcf166968b105c2fddb15f99
b750900b775914263120999b2cc2b11394ea45f6d9ef5478329e3d1d69b17e60
b8a6b67b95245dbbe4fddb8aa4395636d755750b2affdf62f2256bc5cc3b2b93
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336
bc3dcb4607fcf860f3b04077f02155d90001cec4df1af09acab0fda30a0ebc39
bd110b4002f47a83a112825349eae1f0198cf7e339fd26b633fc8146ae479daf
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c36b2a6e516f95a7565daca995489c486f3af12e10cc2feb19c3b53b83cefff5
c3e5aa1b802f28e02cc30d7af3a93b0486acd6d760a0f37b9d6d8062d8fc78e2
c40f4202b123681dc33040e0be4ac0a4a2f1b00c830270756b5a5b837fee6cac
c9eb6c80b3ac7c6046303f445441f326bf1ffe2b86dc42816a092f110fe4fcf7
cf32a0b22742f77f0abb7f5700289413dcf6de02ce36f38c7f10a5f4110cdf48
cfb99c717c3b8c261e25756ba22ee4e89ef6892ab38f6755699749b4156de1a2
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d0f3d7754e1bf4449ded1ebfc66565b5f6a315ab23ab58b77d5a2e93f044217b
d4b6b3a570aaaee50d8c32037a81201e0743dd5784cb2210a5294bed22bf55ef
d4ee5589a97dff6c4f94d8ece14b927c3368f973c4904acd293cb3124fccb9ae
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1
e29d3608e200a6a41e61fe6456ddcb0244365f58b4ca23e5b42bb61b36f98f1c
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c2fd3338f40d87ff3958f3658ae46766a81eaf3f5831537868a7c8e8ca70e4
e72ddceb4ffc4294fc6b71ee771f423c143eb1ac9cc81dcd46c915c8c382f37d
e9d2e472df016fd88041e028c9013f1da9c88ae1b53e15662cbadaff27f1575f
eae438576c20d429574bb39337c98179423e0ec301675c2ba564e15fd2e0ae0c
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
eeeb1b748dff92e0111bdb9a7753df82f4895c0f794b05f38798fb1e59a68766
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f36301af8d50584ad99a661ebc5e8f0a713472f64051735f04972c32cb0c9b32
f4c557c95855835a07b591d52282cf17f1a94a1bf3f93e496dfce6994a14b01e
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f879746a70583d6f77d1b458fff9f6f31be647429f96f27d9c62642d453fc618
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fe397926b9153eef1ff4b993c12314dee516648b4b9eb17398b3e4252c0b61fe
fe5cd899825d3c11ef63d2c9e2ce6aa1d84b13370d14ebf28225492c62ed43b1
feff14ae38fc7613f73173ce4bf6b37b28aa8e50516acc0dbd03d09c8240ff72
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e