www.bg3.co Open in urlscan Pro
103.231.174.251 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.bg3.co/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html
Submission: On July 29 via manual (July 29th 2023, 5:30:52 pm UTC) from US — Scanned from PT

Summary HTTP 306 Redirects Links 23 Behaviour Indicators

Summary

This website contacted 55 IPs in 11 countries across 47 domains to perform 306 HTTP transactions. The main IP is 103.231.174.251, located in New York, United States and belongs to XLC-AS-AP XLC GLOBAL, HK. The main domain is www.bg3.co.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on May 22nd 2023. Valid for: a year.

This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	103.231.174.251 103.231.174.251	9744 (XLC-AS-AP...) (XLC-AS-AP XLC GLOBAL)
15	216.58.206.33 216.58.206.33	15169 (GOOGLE) (GOOGLE)
1 5	192.96.203.13 192.96.203.13	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
11	172.67.71.254 172.67.71.254	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2.19.126.212 2.19.126.212	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2.16.238.154 2.16.238.154	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
47	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
1	52.199.103.74 52.199.103.74	16509 (AMAZON-02) (AMAZON-02)
2	69.16.175.10 69.16.175.10	20446 (STACKPATH...) (STACKPATH-CDN)
29	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
3 24	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
2	23.97.225.52 23.97.225.52	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
7	142.250.185.174 142.250.185.174	15169 (GOOGLE) (GOOGLE)
2	91.228.74.208 91.228.74.208	16509 (AMAZON-02) (AMAZON-02)
1	142.250.185.195 142.250.185.195	15169 (GOOGLE) (GOOGLE)
4 9	162.210.196.208 162.210.196.208	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
1	172.64.102.25 172.64.102.25	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.186.136 142.250.186.136	15169 (GOOGLE) (GOOGLE)
1	18.66.97.81 18.66.97.81	16509 (AMAZON-02) (AMAZON-02)
1	108.177.15.156 108.177.15.156	15169 (GOOGLE) (GOOGLE)
2 4	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
3 3	23.201.255.110 23.201.255.110	16625 (AKAMAI-AS) (AKAMAI-AS)
8	95.101.149.233 95.101.149.233	16625 (AKAMAI-AS) (AKAMAI-AS)
1	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
16	185.106.33.48 185.106.33.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	142.250.186.138 142.250.186.138	15169 (GOOGLE) (GOOGLE)
2	2.23.209.46 2.23.209.46	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	108.138.7.64 108.138.7.64	16509 (AMAZON-02) (AMAZON-02)
2	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
2	99.86.91.21 99.86.91.21	16509 (AMAZON-02) (AMAZON-02)
4 6	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
18	142.250.186.129 142.250.186.129	15169 (GOOGLE) (GOOGLE)
2 21	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
6 9	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
7 7	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
4 4	52.212.161.120 52.212.161.120	16509 (AMAZON-02) (AMAZON-02)
4 4	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
1	34.120.96.193 34.120.96.193	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	52.198.195.5 52.198.195.5	16509 (AMAZON-02) (AMAZON-02)
2 3	52.46.143.56 52.46.143.56	16509 (AMAZON-02) (AMAZON-02)
2 3	52.95.125.22 52.95.125.22	16509 (AMAZON-02) (AMAZON-02)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6	142.250.186.164 142.250.186.164	15169 (GOOGLE) (GOOGLE)
1 1	69.173.158.64 69.173.158.64	26667 (RUBICONPR...) (RUBICONPROJECT)
5 6	3.124.175.54 3.124.175.54	16509 (AMAZON-02) (AMAZON-02)
4 4	3.122.169.238 3.122.169.238	16509 (AMAZON-02) (AMAZON-02)
3 4	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	124.146.215.52 124.146.215.52	2514 (INFOSPHER...) (INFOSPHERE NTT PC Communications)
2 2	18.195.209.186 18.195.209.186	16509 (AMAZON-02) (AMAZON-02)
1	185.86.138.155 185.86.138.155	201081 (SMARTADSE...) (SMARTADSERVER)
1 1	35.208.249.213 35.208.249.213	15169 (GOOGLE) (GOOGLE)
1	198.47.127.205 198.47.127.205	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1 2	216.52.2.86 216.52.2.86	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1	208.93.169.131 208.93.169.131	46244 (WEBMD-IDC...) (WEBMD-IDC1-AS)
1	185.86.138.151 185.86.138.151	201081 (SMARTADSE...) (SMARTADSERVER)
1 1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	141.95.33.111 141.95.33.111	16276 (OVH) (OVH)
2 2	37.157.5.132 37.157.5.132	198622 (ADFORM) (ADFORM)
1 2	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1 1	54.166.70.66 54.166.70.66	14618 (AMAZON-AES) (AMAZON-AES)
1	82.145.213.8 82.145.213.8	39832 (NO-OPERA) (NO-OPERA)
1	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
1 1	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
4	35.186.215.140 35.186.215.140	15169 (GOOGLE) (GOOGLE)
2	87.248.119.251 87.248.119.251	() ()
2	87.248.100.136 87.248.100.136	() ()
2	188.125.72.139 188.125.72.139	() ()
306	55

1 103.231.174.251 (New York, United States)

ASN9744 (XLC-AS-AP XLC GLOBAL, HK)

www.bg3.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 216.58.206.33 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f1.1e100.net

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
aea27087672024348e5c27a97646f1ec.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c860ad800c2e5b518eaa71d8b6181e7d.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
f51d3f49a8470571c5649f9a740b70bd.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
882512478141f5c80841a20b1c5d3b55.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 192.96.203.13 (Manassas, United States) 1 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

ads.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 172.67.71.254 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.aralego.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.19.126.212 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-19-126-212.deploy.static.akamaitechnologies.com

delivery.adrecover.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.16.238.154 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-238-154.deploy.static.akamaitechnologies.com

cdn.adpushup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

47 151.101.193.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imprammp.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstatb.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.199.103.74 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-199-103-74.ap-northeast-1.compute.amazonaws.com

nt.compass-fit.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.16.175.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: tlb.hwcdn.net

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 142.250.181.226 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.97.225.52 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

e3.adpushup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.185.174 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.228.74.208 (United Kingdom)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f3.1e100.net

d-35970974683141977892.ampproject.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 162.210.196.208 (Ashburn, United States) 4 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

sync.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
agent.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.102.25 (United States)

ASN13335 (CLOUDFLARENET, US)

amp.analytics-debugger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.136 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-81.fra56.r.cloudfront.net

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.177.15.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wr-in-f156.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.98 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.201.255.110 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-201-255-110.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 95.101.149.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-233.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 185.106.33.48 (Israel)

ASN200478 (TABOOLA-AS, IL)

il-trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.23.209.46 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-23-209-46.deploy.static.akamaitechnologies.com

dmp.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.7.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-64.fra56.r.cloudfront.net

l.logly.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.91.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-91-21.cdg50.r.cloudfront.net

adx.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 69.173.144.138 (Frankfurt am Main, Germany) 4 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 142.250.186.129 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 141.226.228.48 (Netherlands) 2 redirects

ASN200478 (TABOOLA-AS, IL)

am-match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-vid-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 69.173.144.139 (Frankfurt am Main, Germany) 6 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 3.33.220.150 (Seattle, United States) 7 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.212.161.120 (Dublin, Ireland) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-161-120.eu-west-1.compute.amazonaws.com

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.71.149.231 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.96.193 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 193.96.120.34.bc.googleusercontent.com

audiencedata.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.198.195.5 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-198-195-5.ap-northeast-1.compute.amazonaws.com

sync.logly.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.46.143.56 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.95.125.22 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.164 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.158.64 (Singapore) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel-apac.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.124.175.54 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-175-54.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.122.169.238 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-169-238.eu-central-1.compute.amazonaws.com

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.98.64.218 (Kansas City, United States) 3 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 124.146.215.52 (Japan) 1 redirects

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.195.209.186 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-209-186.eu-central-1.compute.amazonaws.com

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.155 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.208.249.213 (Council Bluffs, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 213.249.208.35.bc.googleusercontent.com

trace.mediago.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.205 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.86 (United States) 1 redirects

ASN32475 (SINGLEHOP-LLC, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.93.169.131 (United States)

ASN46244 (WEBMD-IDC1-AS, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.151 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.33.111 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.5.132 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.245.213 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.166.70.66 (United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-166-70-66.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.145.213.8 (South Africa)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology

t.adx.opera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.151.100 (United States) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel-us-east.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.186.215.140 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 140.215.186.35.bc.googleusercontent.com

ad.sitemaji.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 87.248.119.251 (None, )

ASN- ()

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 87.248.100.136 (None, )

ASN- ()

ads.yap.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.125.72.139 (None, )

ASN- ()

geo.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
85	taboola.com 2 redirects cdn.taboola.com — Cisco Umbrella Rank: 861 trc.taboola.com — Cisco Umbrella Rank: 616 vidstat.taboola.com — Cisco Umbrella Rank: 2544 il-trc-events.taboola.com — Cisco Umbrella Rank: 18940 images.taboola.com — Cisco Umbrella Rank: 1756 imprammp.taboola.com — Cisco Umbrella Rank: 13588 am-match.taboola.com — Cisco Umbrella Rank: 13614 wf.taboola.com — Cisco Umbrella Rank: 2645 am-vid-events.taboola.com — Cisco Umbrella Rank: 12767 sync.taboola.com — Cisco Umbrella Rank: 1093 vidstatb.taboola.com — Cisco Umbrella Rank: 4741 sync-t1.taboola.com — Cisco Umbrella Rank: 1328 match.taboola.com — Cisco Umbrella Rank: 5811 pips.taboola.com — Cisco Umbrella Rank: 1537 cds.taboola.com — Cisco Umbrella Rank: 1770 am-wf.taboola.com Failed	1 MB
51	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 130 aea27087672024348e5c27a97646f1ec.safeframe.googlesyndication.com c860ad800c2e5b518eaa71d8b6181e7d.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 155 f51d3f49a8470571c5649f9a740b70bd.safeframe.googlesyndication.com 882512478141f5c80841a20b1c5d3b55.safeframe.googlesyndication.com	571 KB
28	rubiconproject.com 15 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1155 eus.rubiconproject.com — Cisco Umbrella Rank: 618 token.rubiconproject.com — Cisco Umbrella Rank: 613 pixel.rubiconproject.com — Cisco Umbrella Rank: 380 pixel-apac.rubiconproject.com — Cisco Umbrella Rank: 30277 pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1195	55 KB
27	doubleclick.net 5 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 204 stats.g.doubleclick.net — Cisco Umbrella Rank: 114 googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 cm.g.doubleclick.net — Cisco Umbrella Rank: 239	780 KB
14	aralego.com 5 redirects ads.aralego.com — Cisco Umbrella Rank: 34825 sync.aralego.com — Cisco Umbrella Rank: 3157 agent.aralego.com — Cisco Umbrella Rank: 259927	7 KB
12	yahoo.com 8 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 466 ups.analytics.yahoo.com — Cisco Umbrella Rank: 321 ads.yap.yahoo.com geo.yahoo.com	5 KB
11	aralego.net cdn.aralego.net — Cisco Umbrella Rank: 13254	203 KB
11	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 427	219 KB
7	adsrvr.org 7 redirects match.adsrvr.org — Cisco Umbrella Rank: 379	3 KB
7	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1659 www.google.com — Cisco Umbrella Rank: 3	13 KB
7	adpushup.com cdn.adpushup.com — Cisco Umbrella Rank: 18007 e3.adpushup.com — Cisco Umbrella Rank: 18875	277 KB
6	bidswitch.net 5 redirects x.bidswitch.net — Cisco Umbrella Rank: 350	2 KB
6	amazon-adsystem.com 4 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 319 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1121	4 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 58	402 B
4	sitemaji.com ad.sitemaji.com — Cisco Umbrella Rank: 96246	39 KB
4	openx.net 3 redirects us-u.openx.net — Cisco Umbrella Rank: 482 u.openx.net — Cisco Umbrella Rank: 716	942 B
4	mfadsrvr.com 4 redirects rtb.mfadsrvr.com — Cisco Umbrella Rank: 1139	3 KB
4	logly.co.jp l.logly.co.jp — Cisco Umbrella Rank: 62021 sync.logly.co.jp — Cisco Umbrella Rank: 67250	2 KB
3	im-apps.net dmp.im-apps.net — Cisco Umbrella Rank: 26212 audiencedata.im-apps.net — Cisco Umbrella Rank: 28818	3 KB
2	yimg.com s.yimg.com	60 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 213	113 KB
2	3lift.com 1 redirects eb2.3lift.com — Cisco Umbrella Rank: 403	740 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 607	1 KB
2	lijit.com 1 redirects ce.lijit.com — Cisco Umbrella Rank: 1006	1 KB
2	smartadserver.com ssbsync.smartadserver.com — Cisco Umbrella Rank: 823 rtb-csync.smartadserver.com — Cisco Umbrella Rank: 689	772 B
2	adscale.de 2 redirects ih.adscale.de — Cisco Umbrella Rank: 2950	630 B
2	holmesmind.com adx.holmesmind.com — Cisco Umbrella Rank: 973736	2 KB
2	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1196	912 B
2	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 417 dis.criteo.com — Cisco Umbrella Rank: 623	826 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 73	83 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1273 pixel.quantserve.com — Cisco Umbrella Rank: 1017	10 KB
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 743	60 KB
2	adrecover.com delivery.adrecover.com — Cisco Umbrella Rank: 29387	12 KB
1	opera.com t.adx.opera.com — Cisco Umbrella Rank: 1818	467 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 764	1 KB
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 423	1 KB
1	contextweb.com bh.contextweb.com — Cisco Umbrella Rank: 554	882 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 763	245 B
1	mediago.io 1 redirects trace.mediago.io — Cisco Umbrella Rank: 898	188 B
1	socdm.com 1 redirects tg.socdm.com — Cisco Umbrella Rank: 1129	725 B
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 384	516 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 79	1 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1198	633 B
1	analytics-debugger.com amp.analytics-debugger.com — Cisco Umbrella Rank: 20002	3 KB
1	ampproject.net d-35970974683141977892.ampproject.net
1	compass-fit.jp nt.compass-fit.jp — Cisco Umbrella Rank: 88617	17 KB
1	bg3.co www.bg3.co static.bg3.co Failed	12 KB
306	47

	Domain	Requested by
29	pagead2.googlesyndication.com	cdn.ampproject.org ads.aralego.com pagead2.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com www.bg3.co
18	tpc.googlesyndication.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com www.bg3.co
16	il-trc-events.taboola.com	www.bg3.co
16	securepubads.g.doubleclick.net	cdn.adpushup.com securepubads.g.doubleclick.net cdn.aralego.net agent.aralego.com www.bg3.co www.googletagservices.com
16	cdn.taboola.com	www.bg3.co cdn.taboola.com
14	images.taboola.com	www.bg3.co
13	sync.taboola.com	2 redirects imprammp.taboola.com am-match.taboola.com www.bg3.co eus.rubiconproject.com
11	cdn.aralego.net	www.bg3.co ads.aralego.com adx.holmesmind.com agent.aralego.com
11	cdn.ampproject.org	www.bg3.co cdn.ampproject.org
9	pixel.rubiconproject.com	6 redirects eus.rubiconproject.com
8	eus.rubiconproject.com	ads.aralego.com eus.rubiconproject.com nt.compass-fit.jp am-match.taboola.com
7	match.adsrvr.org	7 redirects
6	x.bidswitch.net	5 redirects www.bg3.co
6	www.google.com	tpc.googlesyndication.com
6	cm.g.doubleclick.net	3 redirects eus.rubiconproject.com www.bg3.co
6	token.rubiconproject.com	4 redirects eus.rubiconproject.com
6	trc.taboola.com	cdn.taboola.com imprammp.taboola.com am-match.taboola.com www.bg3.co
6	www.google-analytics.com	cdn.ampproject.org www.bg3.co www.googletagmanager.com
5	vidstat.taboola.com	cdn.taboola.com vidstat.taboola.com
5	sync.aralego.com	ads.aralego.com www.bg3.co eus.rubiconproject.com
5	cdn.adpushup.com	www.bg3.co cdn.adpushup.com
5	ads.aralego.com	1 redirects ads.aralego.com agent.aralego.com
4	agent.aralego.com	4 redirects
4	ad.sitemaji.com	adx.holmesmind.com securepubads.g.doubleclick.net
4	sync-t1.taboola.com	am-match.taboola.com www.bg3.co
4	rtb.mfadsrvr.com	4 redirects
4	ups.analytics.yahoo.com	4 redirects
4	pr-bh.ybp.yahoo.com	4 redirects
4	googleads.g.doubleclick.net	2 redirects cdn.ampproject.org pagead2.googlesyndication.com
3	aax-eu.amazon-adsystem.com	2 redirects eus.rubiconproject.com
3	s.amazon-adsystem.com	2 redirects eus.rubiconproject.com
3	sync.logly.co.jp	nt.compass-fit.jp eus.rubiconproject.com sync.logly.co.jp
3	secure-assets.rubiconproject.com	3 redirects
2	geo.yahoo.com	adx.holmesmind.com
2	ads.yap.yahoo.com	s.yimg.com
2	s.yimg.com	ad.sitemaji.com
2	www.googletagservices.com	securepubads.g.doubleclick.net
2	eb2.3lift.com	1 redirects www.bg3.co
2	u.openx.net	1 redirects www.bg3.co
2	c1.adform.net	2 redirects
2	ce.lijit.com	1 redirects www.bg3.co
2	ih.adscale.de	2 redirects
2	us-u.openx.net	2 redirects
2	am-vid-events.taboola.com	www.bg3.co
2	wf.taboola.com	vidstat.taboola.com
2	am-match.taboola.com	vidstat.taboola.com
2	adx.holmesmind.com	pagead2.googlesyndication.com
2	partner.googleadservices.com	pagead2.googlesyndication.com
2	dmp.im-apps.net	nt.compass-fit.jp dmp.im-apps.net
2	www.googletagmanager.com	cdn.ampproject.org cdn.adpushup.com
2	e3.adpushup.com	www.bg3.co
2	code.jquery.com	delivery.adrecover.com cdn.adpushup.com
2	delivery.adrecover.com	www.bg3.co
1	882512478141f5c80841a20b1c5d3b55.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	f51d3f49a8470571c5649f9a740b70bd.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	pixel-us-east.rubiconproject.com	1 redirects
1	cds.taboola.com	cdn.taboola.com
1	pips.taboola.com	cdn.taboola.com
1	t.adx.opera.com	www.bg3.co
1	sync.srv.stackadapt.com	1 redirects
1	match.taboola.com	www.bg3.co
1	id5-sync.com	www.bg3.co
1	dis.criteo.com	1 redirects
1	rtb-csync.smartadserver.com	www.bg3.co
1	bh.contextweb.com	www.bg3.co
1	simage2.pubmatic.com	www.bg3.co
1	trace.mediago.io	1 redirects
1	ssbsync.smartadserver.com	www.bg3.co
1	tg.socdm.com	1 redirects
1	vidstatb.taboola.com	www.bg3.co
1	pixel-apac.rubiconproject.com	1 redirects
1	px.ads.linkedin.com	eus.rubiconproject.com
1	audiencedata.im-apps.net	dmp.im-apps.net
1	imprammp.taboola.com	vidstat.taboola.com
1	c860ad800c2e5b518eaa71d8b6181e7d.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	aea27087672024348e5c27a97646f1ec.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	l.logly.co.jp	nt.compass-fit.jp
1	fonts.googleapis.com	cdn.taboola.com
1	gum.criteo.com	cdn.taboola.com
1	pixel.quantserve.com	www.bg3.co
1	stats.g.doubleclick.net	cdn.ampproject.org
1	rules.quantcount.com	secure.quantserve.com
1	amp.analytics-debugger.com	cdn.ampproject.org
1	d-35970974683141977892.ampproject.net	cdn.ampproject.org
1	secure.quantserve.com	cdn.adpushup.com
1	fundingchoicesmessages.google.com	cdn.adpushup.com
1	nt.compass-fit.jp	www.bg3.co
1	www.bg3.co
0	am-wf.taboola.com Failed	vidstat.taboola.com
0	static.bg3.co Failed	www.bg3.co
306	90

This site contains links to these domains. Also see Links.

Domain
www.nivabupa.com
popup.taboola.com
trc.taboola.com
find-dubai-properties.fyi
fbe745.snzgdl.com
fat-removal.cyou
trck.tracking505.com
redirectmobile.com

Subject Issuer	Validity	Valid
*.bg3.co AlphaSSL CA - SHA256 - G4	`2023-05-22` - `2024-06-22`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
cdn.adpushup.com R3	`2023-06-14` - `2023-09-12`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
*.compass-fit.jp GlobalSign RSA OV SSL CA 2018	`2023-04-11` - `2024-05-12`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.adpushup.com Sectigo ECC Domain Validation Secure Server CA	`2022-08-02` - `2023-09-02`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-18` - `2024-04-17`	a year	crt.sh
*.aralego.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-19` - `2023-11-19`	a year	crt.sh
analytics-debugger.com GTS CA 1P5	`2023-07-18` - `2023-10-16`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
quantserve.com R3	`2023-06-13` - `2023-09-11`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.im-apps.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-13` - `2024-04-13`	a year	crt.sh
*.logly.co.jp Amazon RSA 2048 M02	`2023-04-05` - `2024-05-04`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.holmesmind.com Go Daddy Secure Certificate Authority - G2	`2023-05-19` - `2024-06-19`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
audiencedata.im-apps.net GTS CA 1D4	`2023-06-08` - `2023-09-06`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.contextweb.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-10` - `2024-05-09`	a year	crt.sh
*.id5-sync.com R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.adx.opera.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-22` - `2024-06-20`	a year	crt.sh
feebee.com.tw R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-07-03` - `2023-08-23`	2 months	crt.sh
*.pubgw.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-07-03` - `2023-08-23`	2 months	crt.sh
yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-05-02` - `2023-10-25`	6 months	crt.sh

This page contains 39 frames:

Primary Page: https://www.bg3.co/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html
Frame ID: 02D30255ED2BCFE8AC60DD83ECB4C345
Requests: 147 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-16145007231992178366&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3509&oid=2&is_amp=5&amp_v=2307150128000&d_imp=1&c=563003342&ga_cid=amp-5nlfWpJ6whHBerMzyL3wyA&ga_hid=3342&dt=1690651844604&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html&bdt=1234&dtd=6&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Frame ID: 691357CCB6D8CEFFC7C7A4AB37783789
Requests: 1 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: F8180360E537E9B4E7C1EBF2D5721DCA
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: FDF9B897954385CA39C707D9128B3296
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 6AE56DE1631CCD83CE8487BD047A861F
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: FD0CCF3F02BCC8C46D262E48D425614D
Requests: 7 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: F49F2D80309D0A75C29C2CB3AC618FFE
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: D22714BA3128A9E9415EDED06EDE1233
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20190131/zrt_lookup.html
Frame ID: 3EF42D965CF7DDA7D3CE1C8B2F6ED0FB
Requests: 1 HTTP requests in this frame

Frame: https://aea27087672024348e5c27a97646f1ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 3A643E0AD2B700EF0E9FEBD0E6B05319
Requests: 1 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Frame ID: 6041B13C2D6BB42C026F7DC234303F61
Requests: 5 HTTP requests in this frame

Frame: https://c860ad800c2e5b518eaa71d8b6181e7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: FAAD3462BA855AB94CA34ADB1A95CA39
Requests: 1 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Frame ID: 760F9A180BADDF3B4AF24917ACCF4BCA
Requests: 5 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8ABsCLAYUyNOHK86ifhMokKcPV5xF_S4AAABgYID-AAltTJPVyjRay3wjh1u0Go3cysHIuJYMVybDaOJcTAwLIyChjWmyWplGa5lv5HCLVqORWzkYGdeS4cpkGE2ci4lhYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZmaDodPte9Xvf73SU-z1zj9yv8Otdbc3S65S6nW-Owu6UPv1vi8LuVr7fi6bC7pU6HW-e3-9yap1vmcEtcb83D7pY63RKH360ZPu1uneutObrsbp3fdRea3mY7AAAAAHjw____DwEAAAAgAgAAAIAEAAAAAAoBFf4tCFwAAAAAwPD___-vAUBsg0ATyYEAXneXPwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAAA0ZMnGdkvGQ5aZSEFvEUYAAAAAtprNh49M0gkqFlX-___7rQBcAQAISBSdFffKojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD-aIEozszRCk6PXan4BAQDW_AICALBRNwAAbwLgBB2CVgwGqxMQswMAAABw5____18PSK4WM99u5LBYZpPRaDOymFwmm2PhcFgsLsNsOdme-ZguOP55f-I-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvsjgMsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMGRZ7ZYri8mt2pgsa9FsMVoLBxuXW7WbTWbG4caymxnWotfHdLG4TJbRaosEA9j2InlapBPlymJYzSwjl2Nm2ExmNuPEMVt5ljPjyjCabSa7iViiOVmkE9ll31wtZr7dyGGxzCaj0WZkMblMNsfC4bBYXIbZcrIvWVa75cpicqs2JstaNFuM1sLBxuVW7WaTmXG4sexmhrXo9TFdLC6TZbTaN2bLwWy1GI5W-8ZsOZitFsPRat-hM3xXn7NRWVZJPib1RH3tGm5Og8JlsHjX6tNZWBQerNFw0emSiI-dndHv9_v9fr_f7_f7DVrPwWxQ-J6Hv3D6WJ7L4Wz0IDYoFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4da635uh0y11Ot8Zhd0sffrfE4XcrX2_F02F3S50Ot85v97k1T7fM4Za43pqH3S11uiUOv1szfNrdOtdbc3TZ3Tq_6y40vc0WsURwukgnopfxdFH_kUMu5pLBai7ZDOaK5WqVAAAAAAAAAAAswSTTTQAAAACcDGq4GS5W63Qwk9lksFstF8BFUJYuYBAAAAAAAIBijT3WAA-z22F6uSU-z8ZvZQASzHnMNvuMINZqtawBAAAIYAMAAAjgphtvAk2kuP____9xAAAAZOTQAwAAoN8HNBW3XuiBK8WvICaT2WL_AFSItVqtbjfWarUA!&cmcv=&pix=undefined&cb=1690651846398&uv=3308&tms=1690651846398&abt=nonrv_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=4c425e44-f7da-454d-90d8-28ed04b91b0a&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: BCB3C7A1E83FC211067AD6A78B73B1D3
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8ABsCLAYUyNOHK86ifhMokKcPV5xF_S4AAABgYID-AAltTJPVyjRay3wjh1u0Go3cysHIuJYMVybDaOJcTAwLIyChjWmyWplGa5lv5HCLVqORWzkYGdeS4cpkGE2ci4lhYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZmaDodPte9Xvf73SU-z1zj9yv8Otdbc3S65S6nW-Owu6UPv1vi8LuVr7fi6bC7pU6HW-e3-9yap1vmcEtcb83D7pY63RKH360ZPu1uneutObrsbp3fdRea3mY7AAAAAHjw____DwEAAAAgAgAAAIAEAAAAAAoBFf4tCFwAAAAAwPD___-vAUBsg0ATyYEAXneXPwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAAA0ZMnGdkvGQ5aZSEFvEUYAAAAAtprNh49M0gkqFlX-___7rQBcAQAISBSdFffKojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD-aIEozszRCk6PXan4BAQDW_AICALBRNwAAbwLgBB2CVgwGqxMQswMAAABw5____18PSK4WM99u5LBYZpPRaDOymFwmm2PhcFgsLsNsOdme-ZguOP55f-I-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvsjgMsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMGRZ7ZYri8mt2pgsa9FsMVoLBxuXW7WbTWbG4caymxnWotfHdLG4TJbRaosEA9j2InlapBPlymJYzSwjl2Nm2ExmNuPEMVt5ljPjyjCabSa7iViiOVmkE9ll31wtZr7dyGGxzCaj0WZkMblMNsfC4bBYXIbZcrIvWVa75cpicqs2JstaNFuM1sLBxuVW7WaTmXG4sexmhrXo9TFdLC6TZbTaN2bLwWy1GI5W-8ZsOZitFsPRat-hM3xXn7NRWVZJPib1RH3tGm5Og8JlsHjX6tNZWBQerNFw0emSiI-dndHv9_v9fr_f7_f7DVrPwWxQ-J6Hv3D6WJ7L4Wz0IDYoFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4da635uh0y11Ot8Zhd0sffrfE4XcrX2_F02F3S50Ot85v97k1T7fM4Za43pqH3S11uiUOv1szfNrdOtdbc3TZ3Tq_6y40vc0WsURwukgnopfxdFH_kUMu5pLBai7ZDOaK5WqVAAAAAAAAAAAswSTTTQAAAACcDGq4GS5W63Qwk9lksFstF8BFUJYuYBAAAAAAAIBijT3WAA-z22F6uSU-z8ZvZQASzHnMNvuMINZqtawBAAAIYAMAAAjgphtvAk2kuP____9xAAAAZOTQAwAAoN8HNBW3XuiBK8WvICaT2WL_AFSItVqtbjfWarUA!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 245B0E5163022C172F356DDA7FE231ED
Requests: 4 HTTP requests in this frame

Frame: https://sync.logly.co.jp/sync/sync.html
Frame ID: 930D8B8FCC6251583A83EDBCB8846477
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
Frame ID: 437085FBE9A12F77C337A231ACCAD40C
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 89CCD54CACB9998BDB35A57BE97713ED
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B36ACDD12A69C33E26B0B3ED3970BDFB
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 796EB5480BDF5D489F89F87514188F88
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 25A1B97EC338A2C426C000560DB347C7
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 11D305835584D6FCC86BBDA69E949D0F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 906B56D8CE7D36B350091AB9388DBAFF
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1E3520CF18D27B7BD827E7BDE46DD185
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 65B804573E05CB90AE37275AA3598DD3
Requests: 2 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8ABsCLAYUyNOHK86ifhMokKcPV5xF_S4AAABgYID-AAltTJPVyjRay3wjh1u0Go3cysHIuJYMVybDaOJcTAwLIyChjWmyWplGa5lv5HCLVqORWzkYGdeS4cpkGE2ci4lhYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZmaDodPte9Xvf73SU-z1zj9yv8Otdbc3S65S6nW-Owu6UPv1vi8LuVr7fi6bC7pU6HW-e3-9yap1vmcEtcb83D7pY63RKH360ZPu1uneutObrsbp3fdRea3mY7AAAAAHjw____DwEAAAAgAgAAAIAEAAAAAAoBFf4tCFwAAAAAwPD___-vAUBsg0ATyYEAXneXPwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAAA0ZMnGdkvGQ5aZSEFvEUYAAAAAtprNh49M0gkqFlX-___7rQBcAQAISBSdFffKojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD-aIEozszRCk6PXan4BAQDW_AICALBRNwAAbwLgBB2CVgwGqxMQswMAAABw5____18PSK4WM99u5LBYZpPRaDOymFwmm2PhcFgsLsNsOdme-ZguOP55f-I-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvsjgMsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMGRZ7ZYri8mt2pgsa9FsMVoLBxuXW7WbTWbG4caymxnWotfHdLG4TJbRaosEA9j2InlapBPlymJYzSwjl2Nm2ExmNuPEMVt5ljPjyjCabSa7iViiOVmkE9ll31wtZr7dyGGxzCaj0WZkMblMNsfC4bBYXIbZcrIvWVa75cpicqs2JstaNFuM1sLBxuVW7WaTmXG4sexmhrXo9TFdLC6TZbTaN2bLwWy1GI5W-8ZsOZitFsPRat-hM3xXn7NRWVZJPib1RH3tGm5Og8JlsHjX6tNZWBQerNFw0emSiI-dndHv9_v9fr_f7_f7DVrPwWxQ-J6Hv3D6WJ7L4Wz0IDYoFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4da635uh0y11Ot8Zhd0sffrfE4XcrX2_F02F3S50Ot85v97k1T7fM4Za43pqH3S11uiUOv1szfNrdOtdbc3TZ3Tq_6y40vc0WsURwukgnopfxdFH_kUMu5pLBai7ZDOaK5WqVAAAAAAAAAAAswSTTTQAAAACcDGq4GS5W63Qwk9lksFstF8BFUJYuYBAAAAAAAIBijT3WAA-z22F6uSU-z8ZvZQASzHnMNvuMINZqtawBAAAIYAMAAAjgphtvAk2kuP____9xAAAAZOTQAwAAoN8HNBW3XuiBK8WvICaT2WL_AFSItVqtbjfWarUA!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: D023AE2B996AB7601863D2C5FE05B8A4
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Frame ID: 0E925BCAE54760B4CD5F0FECFC31B7F6
Requests: 3 HTTP requests in this frame

Frame: https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=f08e4ea7-829d-4566-9596-ee198fe418c0
Frame ID: 68BE8C8857F0101B8C6A5528A765847A
Requests: 1 HTTP requests in this frame

Frame: https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZMVMyMCo8XoAAC3iuYQAAAAA
Frame ID: E458CDED0C8C2DBE2773D5D48C90D964
Requests: 22 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 219CFD6C4F6E2962C0B4B27EDC9320EC
Requests: 6 HTTP requests in this frame

Frame: https://f51d3f49a8470571c5649f9a740b70bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Frame ID: F23E52F4765BCFCAB770781AEDCCD4D0
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvqXzcPZrasmtk_Q_angVnaDH5WlyBGrCvZo04s1WPt5nlfAjFCQrK9U2EC-BvclJwpkRnjFWdXSpsaH8DfVKO0vPLxtky3uZENrCNWeSGUB2y0rP6mit6wsg_OQIzOrek_wYk2xLPYwi-eB1u3aYlK9b8xxYhXDOCEmJeXuWn7rxNpHKFpoYAq-GYgldET-25GPMMce6YQ9XaXBB6-z-d3icJ0Wc3coWJEIDhT5oVc8sbdLnqpT5ISt7Ze0PnfjiNjrtcwUcFsdnuTETKLAahY5T93ZVy0fU5QUp771stKqz41kml9uL_GynNshh12dqwOjWd-AqesrMmN&sai=AMfl-YQx25QLiqT3R450f-PFYyR1xsZwCRRF8U7Z7m3dCZj0ikcbEDKzizu5p3l9RzWrRMgNjebKdi1j0dnUxB5n_CG3XSwnSxOMRkjIgg&sig=Cg0ArKJSzFa2wmcZwCCVEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: B80132A61A6A649EA91876A497D0CBCB
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 821A654756CE7931873C8AD73067F471
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 445D3E1092D112572A558D12A7D2134B
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: A6DA9FC827BD39EE566DF2433C832BF3
Requests: 5 HTTP requests in this frame

Frame: https://882512478141f5c80841a20b1c5d3b55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Frame ID: BD753C77B3FB8D63AB2A9BCE9CF9017B
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssGxAbrLCG4VfuMqMFz0wPiCNwPCSpkfUmjM_LQ1iLMso0STKknOpey4ydfV7sY5GDPqb1WJxgAwjcwCDBYE1YiAUo5YQNWmy7b0K-TRubg1ZAvenf4VuRX7fyi4TqvSGCRxjArSnf8lRBaEfXgpUUuv_MtB-V5ixyRsnbVbRescqd6l7hsTmWfY6S6Bn6BrTOVa-uWEkHqB2fW3Bh6RM8WoTTYBLiGK9QmAfXpfLKIBAio_UJ7WnBE7_rUAvFX3P2d-hYwrtbb-xIdqSyT3SaJ8A1gBosnAJ9fLnCv_mw9jRy7-mb5Jg7l3rTVZ0idtnCrhlZ7HyHI7LhS&sai=AMfl-YS3gzuKz0Nf4lQH46ARd6p5kYmtnREIbISTpawDCqIcclzEIabWm2IsqROZKA_IXZJMjYVWOPpGMnBeD0FakmAKJj--VxGIYvfifg&sig=Cg0ArKJSzBJdbsbiGeZqEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 6727C138AD0C32BBF45C8A34A4B64DB4
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3040BA364A4307AA95A5C4B957E25B58
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2A50CD3FC391859819DD108296475667
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

股市內參早報：逾千家公司發佈三季報 3新股申購 - 天天要聞

Detected technologies

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

306
Requests

76 %
HTTPS

0 %
IPv6

47
Domains

90
Subdomains

55
IPs

11
Countries

3726 kB
Transfer

11022 kB
Size

60
Cookies

23 Outgoing links

These are links going to different origins than the main page.

URL: https://www.nivabupa.com/health-insurance-plans/get-quote.html
Title: Niva Bupa

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%201:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Fgu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html&ri=9eb05f2de1f032ff8b16e39f8e046327&sd=v2_951f77dab262443dbdedf1aaabbe0692_d2579ebd-5cd2-4614-80ce-5762f88c27f0-tuctbbed245_1690651845_1690651845_CNawjgYQ2YJdGIzDz5WaMSABKAEwZziY0QpA548QSKDx1gNQ____________AVgAYABosa_ptcr9986tAXAB&ui=d2579ebd-5cd2-4614-80ce-5762f88c27f0-tuctbbed245&it=text&ii=~~V1~~7288997574164782029~~-rS5Fued0X8kqcvPUMJVnaujVKCFFJ_sLMnliboV36V9_9IWyVTZYEw3zPc60dwzHu_TYvngZ3fIkOCpr71_kAqE0_yL1hRu0U20mv8_l146VGrXJTnLkZ90Wf1nL25LYp23fQj64lUNo-UCIuO7L-IqxvM84vF1benwJDYswI2fKEa_P0LQyUtg6XAl9gYIvyQYfTefitx5XhVCEQBHkvWqNfk_pH4yPZ1iYFsBKMaRb_dedjYpQu418uFRKAt6&pt=text&li=rbox-t2v&sig=f15739e793243fb15161058364463983558a7482340a&redir=https%3A%2F%2Fwww.nivabupa.com%2Fhealth-insurance-plans%2Fget-quote.html%3Fcid%3Dpaid%26utm_source%3Dpaid%26utm_medium%3Dcpc%26utm_campaign%3DTaboola_HI_Desktop_June%26utm_content%3Dpalmate-bg3co%26tblci%3DGiB8EmgBrTOEZhopiaDWQ42Jnpvyfd6JOzJ0PlLh3kH9qSCQx18ova-s96mQ_5Fe%23tblciGiB8EmgBrTOEZhopiaDWQ42Jnpvyfd6JOzJ0PlLh3kH9qSCQx18ova-s96mQ_5Fe&vi=1690651845004&p=armworldwide-nivabupa-sc&r=79&tvi2=-2&lti=deflated&ppb=CLkB&cpb=EhIyMDIzMDcyNy05LVJFTEVBU0UYASCc__________8BKhZ0YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmMwMDI0NziAzLfeBUCY0QpI548QUKDx1gNY____________AWMI0DcQn08YMGRjCP5IELZgGAFkYwi_SBDlXxgyZGMI_v__________ARD-__________8BGAJkYwjaRBD4WhgTZGMI1xYQ1B8YI2RjCNIDEOAGGAhkYwjwSRDOYRg4ZGMIlhQQmhwYGGRjCO8DEIoHGAlkYwj0FBCeHRgfZGMIpCcQijUYL2R4AYABAogByYKMSZABHJgB9sPPlZox&cta=true
Title: Learn More

Search URL Search Domain Scan URL

URL: https://find-dubai-properties.fyi/
Title: Dubai Apartments | Search Ads

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-a-delta:Below%20Article%20Feed%20|%20Card%202:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Fgu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html&ri=f57104aec8e7d674f2695d2628866e56&sd=v2_951f77dab262443dbdedf1aaabbe0692_d2579ebd-5cd2-4614-80ce-5762f88c27f0-tuctbbed245_1690651845_1690651845_CNawjgYQ2YJdGIzDz5WaMSABKAEwZziY0QpA548QSKDx1gNQ____________AVgAYABosa_ptcr9986tAXAB&ui=d2579ebd-5cd2-4614-80ce-5762f88c27f0-tuctbbed245&it=text&ii=~~V1~~197918814276273199~~C7-Ve0fhq3z7OWQbu9mdzbX1094xBs68rrLk2sBWvTyy8-DslDPVOzDmYvQoTnRYJt2e4fghomDtwrE-lyey0LT_KGFdD1etn4hCdxpL3ZQQrddRmfuY6dnfmd6wuJYf7VkODyVu589y2027397e12ZeUDL-7XNFsqaSiGvSNZAZIca91dGU99vvzFshBfVJMO7Tswj5WH4cylUjQLFLHQ&pt=text&li=rbox-t2v&sig=71576fe9534974582a976ef13aeb18d929c8c683f276&redir=https%3A%2F%2Ffind-dubai-properties.fyi%3Fref%3Dtaboola-palmate-bg3co%26sub_id%3Dpalmate-bg3co%26sub_id2%3D1930-dubaiapartments-taboola-all-cp15%26tbid%3D1353010%26tbclick%3Dsysclick%26compkey%3DDamac%2BCavalli%2BDubai%26rskey%3DDamac%2BCavalli%2BDubai%26tblci%3DGiB8EmgBrTOEZhopiaDWQ42Jnpvyfd6JOzJ0PlLh3kH9qSCellQozui4ndbEu9GHAQ%23tblciGiB8EmgBrTOEZhopiaDWQ42Jnpvyfd6JOzJ0PlLh3kH9qSCellQozui4ndbEu9GHAQ&vi=1690651845004&p=southportintelligence-southport33-sc&r=70&tvi2=-2&lti=deflated&ppb=CO0D&cpb=EhIyMDIzMDcyNy05LVJFTEVBU0UYASCc__________8BKhZ0YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmMwMDI0NziAzLfeBUCY0QpI548QUKDx1gNY____________AWMI0DcQn08YMGRjCP5IELZgGAFkYwi_SBDlXxgyZGMI_v__________ARD-__________8BGAJkYwjaRBD4WhgTZGMI1xYQ1B8YI2RjCNIDEOAGGAhkYwjwSRDOYRg4ZGMIlhQQmhwYGGRjCO8DEIoHGAlkYwj0FBCeHRgfZGMIpCcQijUYL2R4AYABAogByYKMSZABHJgB9sPPlZox&cta=true
Title: Search Now

Search URL Search Domain Scan URL

URL: https://fbe745.snzgdl.com/
Title: SUV Deals | Search Ads

Search URL Search Domain Scan URL

URL: https://fat-removal.cyou/
Title: Affordable Liposuction

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%203:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Fgu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html&ri=d0b8485eda8dc19f2431671de195d213&sd=v2_951f77dab262443dbdedf1aaabbe0692_d2579ebd-5cd2-4614-80ce-5762f88c27f0-tuctbbed245_1690651845_1690651845_CNawjgYQ2YJdGIzDz5WaMSABKAEwZziY0QpA548QSKDx1gNQ____________AVgAYABosa_ptcr9986tAXAB&ui=d2579ebd-5cd2-4614-80ce-5762f88c27f0-tuctbbed245&it=text&ii=~~V1~~7782204487545993869~~p_Q9v3BBblEIDvcoG1abdRVOIIsZisu9M1cmudL-yX9w6cLzOYgYTH58zK8cIqqSUXWgfJkco-cUTANBFBMHVcDa526Yvrqwa4mfnJdUExbWBLBkRdpflL09Zgr9CrfuRdbgwlJdnqyroTPEQNNEn08khD7XSNI0_tTUXh7XlvLg2TGou6_0dkOzWPVaY4wbEoaieyh3s6ky3D8VukcSfA&pt=text&li=rbox-t2v&sig=780f01885a98cb16008d8816fe0873b89d37a1fd63ba&redir=https%3A%2F%2Ffat-removal.cyou%3Fnetwork%3Dtaboola%26site%3D_Below%20Article%20Feed%20%7C%20Card%203_%26adtitle%3Dliposuction%2520cost%2520near%2520me%26kw1%3Dliposuction%26kw2%3Dweight%2520loss%2520injections%26kw3%3Dlaser%2520fat%2520removal%2520near%2520me%26kw4%3Dlaser%2520fat%2520removal%2520cost%26kw5%3D%25E0%25A4%25B2%25E0%25A4%25BF%25E0%25A4%25AA%25E0%25A5%258B%25E0%25A4%25B8%25E0%25A4%2595%25E0%25A5%258D%25E0%25A4%25B6%25E0%25A4%25A8%2520%25E0%25A4%25B2%25E0%25A4%25BE%25E0%25A4%2597%25E0%25A4%25A4%26kw6%3Dliposuction%2520How%2520much%2520does%2520it%2520cost%26pxtb%5Bcid%5D%3DGiB8EmgBrTOEZhopiaDWQ42Jnpvyfd6JOzJ0PlLh3kH9qSD4lF4o-O64g-Gw2_ndAQ%26pxtb%5Bec%5D%3DClick%26sub1%3DTaboola%2520Fat%2520Removal%2520IN%26sub2%3D3683760379%26sub3%3DDesktop%26tblci%3DGiB8EmgBrTOEZhopiaDWQ42Jnpvyfd6JOzJ0PlLh3kH9qSD4lF4o-O64g-Gw2_ndAQ%23tblciGiB8EmgBrTOEZhopiaDWQ42Jnpvyfd6JOzJ0PlLh3kH9qSD4lF4o-O64g-Gw2_ndAQ&vi=1690651845004&p=korucomdigital-fatremoval-sc&r=18&tvi2=-2&lti=deflated&ppb=CJ8B&cpb=EhIyMDIzMDcyNy05LVJFTEVBU0UYASCc__________8BKhZ0YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmMwMDI0NziAzLfeBUCY0QpI548QUKDx1gNY____________AWMI0DcQn08YMGRjCP5IELZgGAFkYwi_SBDlXxgyZGMI_v__________ARD-__________8BGAJkYwjaRBD4WhgTZGMI1xYQ1B8YI2RjCNIDEOAGGAhkYwjwSRDOYRg4ZGMIlhQQmhwYGGRjCO8DEIoHGAlkYwj0FBCeHRgfZGMIpCcQijUYL2R4AYABAogByYKMSZABHJgB9sPPlZox&cta=true
Title: Learn More

Search URL Search Domain Scan URL

URL: https://trck.tracking505.com/f35bc685-ad1b-443a-a9ee-fc01087df945
Title: Villas In Dubai | Search Ads

Search URL Search Domain Scan URL

URL: https://redirectmobile.com/
Title: E-Bikes

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Fgu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html&ri=79061100fd5085459dd3a8584546656b&sd=v2_951f77dab262443dbdedf1aaabbe0692_d2579ebd-5cd2-4614-80ce-5762f88c27f0-tuctbbed245_1690651845_1690651845_CNawjgYQ2YJdGIzDz5WaMSABKAEwZziY0QpA548QSKDx1gNQ____________AVgAYABosa_ptcr9986tAXAB&ui=d2579ebd-5cd2-4614-80ce-5762f88c27f0-tuctbbed245&it=text&ii=~~V1~~-8713129547817781458~~ltg998LhVJcD9vgyiqCNpjFKfMj30G-Y-lXFnUyDFjV9_9IWyVTZYEw3zPc60dwzHu_TYvngZ3fIkOCpr71_kD7VbyU9qGbFCk3G1JTsLXxl1mVd4DmaUfz5E2bcg-knDS7lSMSbOdSOgXbWglkWWmQQg1RpdPFKoYohHjXZN5gaE3iK7ebMf8nQ4vZ9kk8x4nihmyDN13ihF0TfT4aHNg&pt=text&li=rbox-t2v&sig=b3045d0f8d10903a1337617a33459c45ece973f14824&redir=https%3A%2F%2Fredirectmobile.com%2F%3Fmk%3DqZCs9ivld2%26ci%3D25429427%26ad_id%3D3697408933%26ad_title%3DElectric%2BBike%2BPrices%2BIn%2B2023%2BMight%2BSurprise%2BYou%2521%26cust_id%3D1524057%26cust%3Dpalmate-bg3co%26de%3DDesktop%26timestamp%3D2023-07-29%2B17%253A30%253A45%26source%3D2%26ct%3DE-Bikes%26mp%3DIN%26ln%3DEN%26pxtb%5Bid%5D%3D1319041%26pxtb%5Bec%5D%3Dclick_event%26pxtb%5Bcid%5D%3DGiB8EmgBrTOEZhopiaDWQ42Jnpvyfd6JOzJ0PlLh3kH9qSCBwVAohczxx6vW8cMb%26pbd%3D0%0A%23tblciGiB8EmgBrTOEZhopiaDWQ42Jnpvyfd6JOzJ0PlLh3kH9qSCBwVAohczxx6vW8cMb&vi=1690651845004&p=medianet-homegarden6-pp&r=69&tvi2=-2&lti=deflated&ppb=COAD&cpb=EhIyMDIzMDcyNy05LVJFTEVBU0UYASCc__________8BKhZ0YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmMwMDI0NziAzLfeBUCY0QpI548QUKDx1gNY____________AWMI0DcQn08YMGRjCP5IELZgGAFkYwi_SBDlXxgyZGMI_v__________ARD-__________8BGAJkYwjaRBD4WhgTZGMI1xYQ1B8YI2RjCNIDEOAGGAhkYwjwSRDOYRg4ZGMIlhQQmhwYGGRjCO8DEIoHGAlkYwj0FBCeHRgfZGMIpCcQijUYL2R4AYABAogByYKMSZABHJgB9sPPlZox&cta=true
Title: Search Now

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-y-delta:Explore%20More%20|%20Card%202:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Fgu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html&ri=2e6cad85d3fcccf885dd9fbd98735fe2&sd=v2_951f77dab262443dbdedf1aaabbe0692_d2579ebd-5cd2-4614-80ce-5762f88c27f0-tuctbbed245_1690651845_1690651845_CNawjgYQ2YJdGIzDz5WaMSABKAEwZziY0QpA548QSKDx1gNQ____________AVgAYABosa_ptcr9986tAXAB&ui=d2579ebd-5cd2-4614-80ce-5762f88c27f0-tuctbbed245&it=text&ii=~~V1~~7288997574164782029~~I58SC-bAAgEGCiILs-2AFaujVKCFFJ_sLMnliboV36V9_9IWyVTZYEw3zPc60dwzHu_TYvngZ3fIkOCpr71_kAqE0_yL1hRu0U20mv8_l17ll8U7U8fxWpPkiBRjEp7GYp23fQj64lUNo-UCIuO7L-IqxvM84vF1benwJDYswI2fKEa_P0LQyUtg6XAl9gYIvyQYfTefitx5XhVCEQBHkvWqNfk_pH4yPZ1iYFsBKMaRb_dedjYpQu418uFRKAt6&pt=text&li=rbox-t2v&sig=c5d24de6d43c41a1d42be7d2334f5529f187a6683fb3&redir=https%3A%2F%2Fwww.nivabupa.com%2Fhealth-insurance-plans%2Fget-quote.html%3Fcid%3Dpaid%26utm_source%3Dpaid%26utm_medium%3Dcpc%26utm_campaign%3DTaboola_HI_Desktop_June%26utm_content%3Dpalmate-bg3co%26tblci%3DGiB8EmgBrTOEZhopiaDWQ42Jnpvyfd6JOzJ0PlLh3kH9qSCQx18okKCHz8Cn2viFAQ%23tblciGiB8EmgBrTOEZhopiaDWQ42Jnpvyfd6JOzJ0PlLh3kH9qSCQx18okKCHz8Cn2viFAQ&vi=1690651845004&p=armworldwide-nivabupa-sc&r=12&tvi2=-2&lti=deflated&ppb=CMQC&cpb=EhIyMDIzMDcyNy05LVJFTEVBU0UYASCc__________8BKhZ0YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmMwMDI0NziAzLfeBUCY0QpI548QUKDx1gNY____________AWMI0DcQn08YMGRjCP5IELZgGAFkYwi_SBDlXxgyZGMI_v__________ARD-__________8BGAJkYwjaRBD4WhgTZGMI1xYQ1B8YI2RjCNIDEOAGGAhkYwjwSRDOYRg4ZGMIlhQQmhwYGGRjCO8DEIoHGAlkYwj0FBCeHRgfZGMIpCcQijUYL2R4AYABAogByYKMSZABHJgB9sPPlZox&cta=true
Title: Learn More

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Fgu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html&ri=2e6cad85d3fcccf885dd9fbd98735fe2&sd=v2_951f77dab262443dbdedf1aaabbe0692_d2579ebd-5cd2-4614-80ce-5762f88c27f0-tuctbbed245_1690651845_1690651845_CNawjgYQ2YJdGIzDz5WaMSABKAEwZziY0QpA548QSKDx1gNQ____________AVgAYABosa_ptcr9986tAXAB&ui=d2579ebd-5cd2-4614-80ce-5762f88c27f0-tuctbbed245&it=text&ii=~~V1~~7782204487545993869~~j4WWw7yVmwR7QZdds6DvxhVOIIsZisu9M1cmudL-yX9yNpbgedRdYuhjTdtdbeHkMimiSNEhmdNXWfo7jHlSEcDa526Yvrqwa4mfnJdUExbWBLBkRdpflL09Zgr9CrfuRdbgwlJdnqyroTPEQNNEn08khD7XSNI0_tTUXh7XlvLg2TGou6_0dkOzWPVaY4wbEoaieyh3s6ky3D8VukcSfA&pt=text&li=rbox-t2v&sig=8705307d78d40fedf93f6a58ac1a69a3ef04fd437713&redir=https%3A%2F%2Ffat-removal.cyou%3Fnetwork%3Dtaboola%26site%3D_Explore%20More%20%7C%20Card%202_%26adtitle%3Dliposuction%2520cost%2520near%2520me%26kw1%3Dliposuction%26kw2%3Dweight%2520loss%2520injections%26kw3%3Dlaser%2520fat%2520removal%2520near%2520me%26kw4%3Dlaser%2520fat%2520removal%2520cost%26kw5%3D%25E0%25A4%25B2%25E0%25A4%25BF%25E0%25A4%25AA%25E0%25A5%258B%25E0%25A4%25B8%25E0%25A4%2595%25E0%25A5%258D%25E0%25A4%25B6%25E0%25A4%25A8%2520%25E0%25A4%25B2%25E0%25A4%25BE%25E0%25A4%2597%25E0%25A4%25A4%26kw6%3Dliposuction%2520How%2520much%2520does%2520it%2520cost%26pxtb%5Bcid%5D%3DGiB8EmgBrTOEZhopiaDWQ42Jnpvyfd6JOzJ0PlLh3kH9qSD4lF4omZi0sL6c09OGAQ%26pxtb%5Bec%5D%3DClick%26sub1%3DTaboola%2520Fat%2520Removal%2520IN%26sub2%3D3683760379%26sub3%3DDesktop%26tblci%3DGiB8EmgBrTOEZhopiaDWQ42Jnpvyfd6JOzJ0PlLh3kH9qSD4lF4omZi0sL6c09OGAQ%23tblciGiB8EmgBrTOEZhopiaDWQ42Jnpvyfd6JOzJ0PlLh3kH9qSD4lF4omZi0sL6c09OGAQ&vi=1690651845004&p=korucomdigital-fatremoval-sc&r=41&tvi2=-2&lti=deflated&ppb=CMQC&cpb=EhIyMDIzMDcyNy05LVJFTEVBU0UYASCc__________8BKhZ0YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmMwMDI0NziAzLfeBUCY0QpI548QUKDx1gNY____________AWMI0DcQn08YMGRjCP5IELZgGAFkYwi_SBDlXxgyZGMI_v__________ARD-__________8BGAJkYwjaRBD4WhgTZGMI1xYQ1B8YI2RjCNIDEOAGGAhkYwjwSRDOYRg4ZGMIlhQQmhwYGGRjCO8DEIoHGAlkYwj0FBCeHRgfZGMIpCcQijUYL2R4AYABAogByYKMSZABHJgB9sPPlZox&cta=true
Title: Learn More

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-y-delta:Explore%20More%20|%20Card%205:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Fgu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html&ri=15b94b4388d26ab7085e2392401686d5&sd=v2_951f77dab262443dbdedf1aaabbe0692_d2579ebd-5cd2-4614-80ce-5762f88c27f0-tuctbbed245_1690651845_1690651845_CNawjgYQ2YJdGIzDz5WaMSABKAEwZziY0QpA548QSKDx1gNQ____________AVgAYABosa_ptcr9986tAXAB&ui=d2579ebd-5cd2-4614-80ce-5762f88c27f0-tuctbbed245&it=text&ii=~~V1~~197918814276273199~~C7-Ve0fhq3z7OWQbu9mdzbX1094xBs68rrLk2sBWvTw4oLuNcxrjYM4Yy6NbmFF6Jt2e4fghomDtwrE-lyey0LT_KGFdD1etn4hCdxpL3ZQQrddRmfuY6dnfmd6wuJYf7VkODyVu589y2027397e12ZeUDL-7XNFsqaSiGvSNZAZIca91dGU99vvzFshBfVJMO7Tswj5WH4cylUjQLFLHQ&pt=text&li=rbox-t2v&sig=7fce13a3603b81fb91a0776a7cd0c38f9c946d71de4d&redir=https%3A%2F%2Ffind-dubai-properties.fyi%3Fref%3Dtaboola-palmate-bg3co%26sub_id%3Dpalmate-bg3co%26sub_id2%3D1930-dubaiapartments-taboola-all-cp15%26tbid%3D1353010%26tbclick%3Dsysclick%26compkey%3DDamac%2BCavalli%2BDubai%26rskey%3DDamac%2BCavalli%2BDubai%26tblci%3DGiB8EmgBrTOEZhopiaDWQ42Jnpvyfd6JOzJ0PlLh3kH9qSCellQo1ef36PzypsH5AQ%23tblciGiB8EmgBrTOEZhopiaDWQ42Jnpvyfd6JOzJ0PlLh3kH9qSCellQo1ef36PzypsH5AQ&vi=1690651845004&p=southportintelligence-southport33-sc&r=13&tvi2=-2&lti=deflated&ppb=CLwC&cpb=EhIyMDIzMDcyNy05LVJFTEVBU0UYASCc__________8BKhZ0YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmMwMDI0NziAzLfeBUCY0QpI548QUKDx1gNY____________AWMI0DcQn08YMGRjCP5IELZgGAFkYwi_SBDlXxgyZGMI_v__________ARD-__________8BGAJkYwjaRBD4WhgTZGMI1xYQ1B8YI2RjCNIDEOAGGAhkYwjwSRDOYRg4ZGMIlhQQmhwYGGRjCO8DEIoHGAlkYwj0FBCeHRgfZGMIpCcQijUYL2R4AYABAogByYKMSZABHJgB9sPPlZox&cta=true
Title: Search Now

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=next-up-a:Next%20Up:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Fgu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html&ri=0da341f80692c4b6d9b4be3dcba33cb6&sd=v2_951f77dab262443dbdedf1aaabbe0692_d2579ebd-5cd2-4614-80ce-5762f88c27f0-tuctbbed245_1690651845_1690651845_CNawjgYQ2YJdGIzDz5WaMSABKAEwZziY0QpA548QSKDx1gNQ____________AVgAYABosa_ptcr9986tAXAB&ui=d2579ebd-5cd2-4614-80ce-5762f88c27f0-tuctbbed245&it=text&ii=~~V1~~7288997574164782029~~qsUUugy9iLjp8P6vull37qujVKCFFJ_sLMnliboV36V9_9IWyVTZYEw3zPc60dwzHu_TYvngZ3fIkOCpr71_kAqE0_yL1hRu0U20mv8_l14mu8UT16evWWa_M6pScHrNYp23fQj64lUNo-UCIuO7L-IqxvM84vF1benwJDYswI2fKEa_P0LQyUtg6XAl9gYIB0WJ0PZJ3lU604htIAg0LfWqNfk_pH4yPZ1iYFsBKMaRb_dedjYpQu418uFRKAt6&pt=text&li=rbox-t2v&sig=d6d3e3e21cae49acaa4a49c3849c399fd13ec1f0c748&redir=https%3A%2F%2Fwww.nivabupa.com%2Fhealth-insurance-plans%2Fget-quote.html%3Fcid%3Dpaid%26utm_source%3Dpaid%26utm_medium%3Dcpc%26utm_campaign%3DTaboola_HI_Desktop_June%26utm_content%3Dpalmate-bg3co%26tblci%3DGiB8EmgBrTOEZhopiaDWQ42Jnpvyfd6JOzJ0PlLh3kH9qSCQx18oy_ms5br71tsR%23tblciGiB8EmgBrTOEZhopiaDWQ42Jnpvyfd6JOzJ0PlLh3kH9qSCQx18oy_ms5br71tsR&vi=1690651845004&p=armworldwide-nivabupa-sc&r=72&tvi2=-2&lti=deflated&ppb=COwE&cpb=EhIyMDIzMDcyNy05LVJFTEVBU0UYASCc__________8BKhZ0YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmMwMDI0NziAzLfeBUCY0QpI548QUKDx1gNY____________AWMI0DcQn08YMGRjCP5IELZgGAFkYwi_SBDlXxgyZGMI_v__________ARD-__________8BGAJkYwjaRBD4WhgTZGMI1xYQ1B8YI2RjCNIDEOAGGAhkYwjwSRDOYRg4ZGMIlhQQmhwYGGRjCO8DEIoHGAlkYwj0FBCeHRgfZGMIpCcQijUYL2R4AYABAogByYKMSZABHJgB9sPPlZox&cta=true
Title: Learn More

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Fgu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html&ri=0da341f80692c4b6d9b4be3dcba33cb6&sd=v2_951f77dab262443dbdedf1aaabbe0692_d2579ebd-5cd2-4614-80ce-5762f88c27f0-tuctbbed245_1690651845_1690651845_CNawjgYQ2YJdGIzDz5WaMSABKAEwZziY0QpA548QSKDx1gNQ____________AVgAYABosa_ptcr9986tAXAB&ui=d2579ebd-5cd2-4614-80ce-5762f88c27f0-tuctbbed245&it=text&ii=~~V1~~7782204487545993869~~sqkEWm433CICCQPw_GraWBVOIIsZisu9M1cmudL-yX9yNpbgedRdYuhjTdtdbeHkhaqEulzEROXrb10wD8rxOsDa526Yvrqwa4mfnJdUExbWBLBkRdpflL09Zgr9CrfuRdbgwlJdnqyroTPEQNNEn2KgI0JUO5pzomWLl5Gj01Lg2TGou6_0dkOzWPVaY4wbEoaieyh3s6ky3D8VukcSfA&pt=text&li=rbox-t2v&sig=9af65791eb522df086e7185a8eaa05f0899f093ccd30&redir=https%3A%2F%2Ffat-removal.cyou%3Fnetwork%3Dtaboola%26site%3D_Next%20Up_%26adtitle%3Dliposuction%2520cost%2520near%2520me%26kw1%3Dliposuction%26kw2%3Dweight%2520loss%2520injections%26kw3%3Dlaser%2520fat%2520removal%2520near%2520me%26kw4%3Dlaser%2520fat%2520removal%2520cost%26kw5%3D%25E0%25A4%25B2%25E0%25A4%25BF%25E0%25A4%25AA%25E0%25A5%258B%25E0%25A4%25B8%25E0%25A4%2595%25E0%25A5%258D%25E0%25A4%25B6%25E0%25A4%25A8%2520%25E0%25A4%25B2%25E0%25A4%25BE%25E0%25A4%2597%25E0%25A4%25A4%26kw6%3Dliposuction%2520How%2520much%2520does%2520it%2520cost%26pxtb%5Bcid%5D%3DGiB8EmgBrTOEZhopiaDWQ42Jnpvyfd6JOzJ0PlLh3kH9qSD4lF4o0s3S59CiyPMC%26pxtb%5Bec%5D%3DClick%26sub1%3DTaboola%2520Fat%2520Removal%2520IN%26sub2%3D3683760379%26sub3%3DDesktop%26tblci%3DGiB8EmgBrTOEZhopiaDWQ42Jnpvyfd6JOzJ0PlLh3kH9qSD4lF4o0s3S59CiyPMC%23tblciGiB8EmgBrTOEZhopiaDWQ42Jnpvyfd6JOzJ0PlLh3kH9qSD4lF4o0s3S59CiyPMC&vi=1690651845004&p=korucomdigital-fatremoval-sc&r=76&tvi2=-2&lti=deflated&ppb=COwE&cpb=EhIyMDIzMDcyNy05LVJFTEVBU0UYASCc__________8BKhZ0YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmMwMDI0NziAzLfeBUCY0QpI548QUKDx1gNY____________AWMI0DcQn08YMGRjCP5IELZgGAFkYwi_SBDlXxgyZGMI_v__________ARD-__________8BGAJkYwjaRBD4WhgTZGMI1xYQ1B8YI2RjCNIDEOAGGAhkYwjwSRDOYRg4ZGMIlhQQmhwYGGRjCO8DEIoHGAlkYwj0FBCeHRgfZGMIpCcQijUYL2R4AYABAogByYKMSZABHJgB9sPPlZox&cta=true
Title: Learn More

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Fgu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html&ri=0da341f80692c4b6d9b4be3dcba33cb6&sd=v2_951f77dab262443dbdedf1aaabbe0692_d2579ebd-5cd2-4614-80ce-5762f88c27f0-tuctbbed245_1690651845_1690651845_CNawjgYQ2YJdGIzDz5WaMSABKAEwZziY0QpA548QSKDx1gNQ____________AVgAYABosa_ptcr9986tAXAB&ui=d2579ebd-5cd2-4614-80ce-5762f88c27f0-tuctbbed245&it=text&ii=~~V1~~197918814276273199~~C7-Ve0fhq3z7OWQbu9mdzbX1094xBs68rrLk2sBWvTzOUMp5PUdJ_rKCVJb0xWc2Jt2e4fghomDtwrE-lyey0LT_KGFdD1etn4hCdxpL3ZQQrddRmfuY6dnfmd6wuJYf7VkODyVu589y2027397e1-w6pHcTsjvcTkMi_F-bA4wZIca91dGU99vvzFshBfVJMO7Tswj5WH4cylUjQLFLHQ&pt=text&li=rbox-t2v&sig=0d6669c4737d9da2d17657b736829242478e13b84a61&redir=https%3A%2F%2Ffind-dubai-properties.fyi%3Fref%3Dtaboola-palmate-bg3co%26sub_id%3Dpalmate-bg3co%26sub_id2%3D1930-dubaiapartments-taboola-all-cp15%26tbid%3D1353010%26tbclick%3Dsysclick%26compkey%3DDamac%2BCavalli%2BDubai%26rskey%3DDamac%2BCavalli%2BDubai%26tblci%3DGiB8EmgBrTOEZhopiaDWQ42Jnpvyfd6JOzJ0PlLh3kH9qSCellQo4uug-Oy88bsy%23tblciGiB8EmgBrTOEZhopiaDWQ42Jnpvyfd6JOzJ0PlLh3kH9qSCellQo4uug-Oy88bsy&vi=1690651845004&p=southportintelligence-southport33-sc&r=66&tvi2=-2&lti=deflated&ppb=COwE&cpb=EhIyMDIzMDcyNy05LVJFTEVBU0UYASCc__________8BKhZ0YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmMwMDI0NziAzLfeBUCY0QpI548QUKDx1gNY____________AWMI0DcQn08YMGRjCP5IELZgGAFkYwi_SBDlXxgyZGMI_v__________ARD-__________8BGAJkYwjaRBD4WhgTZGMI1xYQ1B8YI2RjCNIDEOAGGAhkYwjwSRDOYRg4ZGMIlhQQmhwYGGRjCO8DEIoHGAlkYwj0FBCeHRgfZGMIpCcQijUYL2R4AYABAogByYKMSZABHJgB9sPPlZox&cta=true
Title: Search Now

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://ads.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 75

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
https://eus.rubiconproject.com/usync.html?p=adiiix

Request Chain 80

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
https://eus.rubiconproject.com/usync.html?p=adiiix

Request Chain 140

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134177&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1690651846&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690651845401&bpp=40&bdt=1052&idt=504&shv=r20230726&mjsv=m202307250101&ptt=5&saldr=sa&correlator=8573082100465&frm=23&ife=1&pv=2&ga_vid=506565460.1690651846&ga_sid=1690651846&ga_hid=1553565561&ga_fc=0&ga_cid=amp-5nlfWpJ6whHBerMzyL3wyA&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=7539&biw=1600&bih=1200&isw=336&ish=280&ifk=3641017636&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076426%2C31076510%2C44788442%2C44796632&oid=2&pvsid=2069240141923540&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ip4qkc5zn7g9&btvi=1&fsb=1&dtd=698 HTTP 302
https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html

Request Chain 150

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1690651846&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690651845267&bpp=298&bdt=932&idt=888&shv=r20230726&mjsv=m202307200101&ptt=5&saldr=sd&correlator=8573082100465&frm=23&ife=1&pv=1&ga_vid=914993839.1690651846&ga_sid=1690651846&ga_hid=1803992903&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=972432448&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31076341%2C44788442%2C31076543%2C44796313&oid=2&pvsid=2586130924601369&tmod=1543297967&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.6hbh1ab7iqk3&fsb=1&dtd=1084 HTTP 302
https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html

Request Chain 163

https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LKOAGHL6-18-6OYI HTTP 302
https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LKOAGHL6-18-6OYI

Request Chain 164

https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LKOAGHLT-1V-7X9O HTTP 302
https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LKOAGHLT-1V-7X9O

Request Chain 166

https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP 302
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=e04058f0-3126-4147-a97d-dbb346b06cf4

Request Chain 167

https://pr-bh.ybp.yahoo.com/sync/taboola/d2579ebd-5cd2-4614-80ce-5762f88c27f0-tuctbbed245?gdpr=0&us_privacy=1--- HTTP 302
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-OMnXg9tE2oTONg_nh5N7Uz7gcEB8P6MjCaQaeg--~A

Request Chain 168

https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=0&us_privacy=1--- HTTP 302
https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=0&us_privacy=1---&verify=true HTTP 302
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-7KP0skFE2uEbjGSbjYoSceay.7A73Ppc~A&gdpr_in_effect=0

Request Chain 171

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=logly&endpoint=apac HTTP 301
https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac

Request Chain 172

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=V_CLZ2syTGiHO04xg_GKrg&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=V_CLZ2syTGiHO04xg_GKrg

Request Chain 173

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEtPQUdITFQtMVYtN1g5Tw== HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECf04xOGMCGoPv6uyirUpA8&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEtPQUdITFQtMVYtN1g5Tw==&google_push=

Request Chain 174

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECY8L-OzvGtU936XhlxwNpk&google_cver=1

Request Chain 175

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=jVUYS-xpRH2-fFTaYHNBQg&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=jVUYS-xpRH2-fFTaYHNBQg

Request Chain 176

https://match.adsrvr.org/track/cmf/rubicon HTTP 302
https://match.adsrvr.org/track/cmb/rubicon HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=e04058f0-3126-4147-a97d-dbb346b06cf4&gdpr=0&gdpr_consent=&expires=30

Request Chain 177

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LKOAGHLT-1V-7X9O

Request Chain 178

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YWFjODcwMGNjOGE3OGNhYmUzOGQ2ZmU0MWFmZWRiZTIwMjVhMmJiNw

Request Chain 179

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/ebqP92MzXsGWAT6u-Rk8Csn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-qZRbrNFE2oJUUTJOVggzRsw_N9WxLD6WDgVZJQ--~A

Request Chain 182

https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP 302
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=e04058f0-3126-4147-a97d-dbb346b06cf4

Request Chain 183

https://pr-bh.ybp.yahoo.com/sync/taboola/d2579ebd-5cd2-4614-80ce-5762f88c27f0-tuctbbed245?gdpr=0&us_privacy=1--- HTTP 302
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-w.yoOrFE2oRIwFvVBe3xpNcrIbyizLBm_eVHqA--~A

Request Chain 184

https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=0&us_privacy=1--- HTTP 302
https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=0&us_privacy=1---&verify=true HTTP 302
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-7KP0skFE2uEbjGSbjYoSceay.7A73Ppc~A&gdpr_in_effect=0

Request Chain 197

https://pixel-apac.rubiconproject.com/exchange/sync.php?p=logly&khaos=LKOAGHLT-1V-7X9O HTTP 302
https://sync.logly.co.jp/rtb/rubicon.gif?buyeruid=LKOAGHLT-1V-7X9O

Request Chain 215

https://x.bidswitch.net/sync?gdpr=0&us_privacy=1---&ssp=taboola HTTP 302
https://x.bidswitch.net/ul_cb/sync?gdpr=0&us_privacy=1---&ssp=taboola HTTP 302
https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=f2447b0e-3d2c-41d7-8404-e5f9944ce48b&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=f2447b0e-3d2c-41d7-8404-e5f9944ce48b&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=93aa9c63-763a-4f06-9f8f-26d2f37e4243&ssp=taboola&gdpr=0&us_privacy=1--- HTTP 302
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=c587b829-87b4-497c-a7d1-6bdaf41d6dbc&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1---

Request Chain 217

https://us-u.openx.net/w/1.0/cm?gdpr=0&us_privacy=1---&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26us_privacy%3D1---%26orig%3Dvideo%26taboola_hm%3D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&gdpr=0&us_privacy=1---&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26us_privacy%3D1---%26orig%3Dvideo%26taboola_hm%3D HTTP 302
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=f08e4ea7-829d-4566-9596-ee198fe418c0

Request Chain 218

https://tg.socdm.com/aux/idsync?proto=taboola HTTP 302
https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZMVMyMCo8XoAAC3iuYQAAAAA

Request Chain 219

https://ih.adscale.de/su?gdpr=0&gdpr_consent=&tpid=22688&cburl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstroerrtbeur-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__STROEER_USER_ID__ HTTP 302
https://ih.adscale.de/su?gdpr=0&gdpr_consent=&tpid=22688&cburl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstroerrtbeur-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__STROEER_USER_ID__&nut&uu=aec08a92eb8441489479e29a0cd04f62 HTTP 302
https://sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/?taboola_hm=aec08a92eb8441489479e29a0cd04f62

Request Chain 221

https://pixel.rubiconproject.com/exchange/sync.php?p=16698 HTTP 302
https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LKOAGHLT-1V-7X9O

Request Chain 222

https://pr-bh.ybp.yahoo.com/sync/taboola/d2579ebd-5cd2-4614-80ce-5762f88c27f0-tuctbbed245?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-nPdxhRdE2oQz5QldJoKoNIqdd85891F.Ndl8uQ--~A

Request Chain 223

https://trace.mediago.io/ju/cs/taboola HTTP 302
https://sync.taboola.com/sg/baidurtb-network/1/rtb-h/?taboola_hm=e3ab25231d19f5c4084761a3ec9b5214

Request Chain 224

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEL1d9iNrVjuj1RclaPrgci4&google_cver=1

Request Chain 226

https://sync.taboola.com/sg/google-network/1/rtb/?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=d2579ebd-5cd2-4614-80ce-5762f88c27f0-tuctbbed245

Request Chain 227

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=e04058f0-3126-4147-a97d-dbb346b06cf4

Request Chain 228

https://ce.lijit.com/merge?pid=42&3pid=d2579ebd-5cd2-4614-80ce-5762f88c27f0-tuctbbed245&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=42&3pid=d2579ebd-5cd2-4614-80ce-5762f88c27f0-tuctbbed245&us_privacy=&gdpr=0&gdpr_consent=&dnr=1

Request Chain 231

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=edf31e10-7f5a-466f-a143-8a89eab4e0e4

Request Chain 233

https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=taboola HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=taboola HTTP 302
https://x.bidswitch.net/sync?dsp_id=70&user_id=5289276431343242664&ssp=taboola

Request Chain 234

https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=487b5232-ab58-4131-a6f7-233161e2f0d9 HTTP 302
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=487b5232-ab58-4131-a6f7-233161e2f0d9&tbid=d2579ebd-5cd2-4614-80ce-5762f88c27f0-tuctbbed245&query=taboola_hm%3D487b5232-ab58-4131-a6f7-233161e2f0d9&isDirect=0

Request Chain 236

https://eb2.3lift.com/xuid?mid=7772&xuid=d2579ebd-5cd2-4614-80ce-5762f88c27f0-tuctbbed245&dongle=tbla&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=d2579ebd-5cd2-4614-80ce-5762f88c27f0-tuctbbed245&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=

Request Chain 237

https://sync.srv.stackadapt.com/sync?nid=140 HTTP 302
https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=ibJxpZ-JWxpKSH8HagjfhFvN5sM

Request Chain 239

https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&ph=295bf259-a378-4089-aae8-a2a995ba8627&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26us_privacy%3D1---%26orig%3Dvideo%26taboola_hm%3D HTTP 302
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=f08e4ea7-829d-4566-9596-ee198fe418c0

Request Chain 247

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=16698&gdpr=0&us_privacy=1---&gdpr=0&us_privacy=1---&khaos=LKOAGHLT-1V-7X9O HTTP 302
https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LKOAGHLT-1V-7X9O&gdpr=0&us_privacy=1---

Request Chain 253

https://agent.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 254

https://agent.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 299

https://agent.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 300

https://agent.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

306 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html Show response
www.bg3.co/a/ 49 KB
12 KB 1236ms
703ms Document
text/html 103.231.174.251
XLC-AS-AP XLC GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bg3.co/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.231.174.251 New York, United States, ASN9744 (XLC-AS-AP XLC GLOBAL, HK),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3399f420033012474878b71491e61a5d8c7bbf3a0c7303b4cb1559ad589c078a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

cache-control: max-age=900
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 29 Jul 2023 17:30:43 GMT
etag: "c2f8-18YMIpt+EF46XTEH0RO6mu9Ne80"
expires: Sat, 29 Jul 2023 17:45:43 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 277 KB
72 KB 260ms
87ms Script
text/javascript 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f1.1e100.net

Software

sffe /

Resource Hash

98e6148a24faebb929a0138d6d686d44d5eedc6a33d9415eb0a0f803485bc656

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Sat, 29 Jul 2023 17:30:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72978
x-xss-protection: 0
server: sffe
etag: "c0980513e2e94248"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 29 Jul 2023 17:30:43 GMT

GET
H2 200 amp-sidebar-0.1.js Show response
cdn.ampproject.org/v0/ 31 KB
10 KB 339ms
166ms Script
text/javascript 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-sidebar-0.1.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f1.1e100.net

Software

sffe /

Resource Hash

226047b6df5b3d94b3177a2d35e39b8814c03acfb95e61eccea40c5eb81328bc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Sat, 29 Jul 2023 17:30:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9690
x-xss-protection: 0
server: sffe
etag: "bf0e1f4c4e9c9147"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 29 Jul 2023 17:30:43 GMT

GET
H2 200 amp-auto-ads-0.1.js Show response
cdn.ampproject.org/v0/ 25 KB
8 KB 307ms
154ms Script
text/javascript 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f1.1e100.net

Software

sffe /

Resource Hash

cfb99c717c3b8c261e25756ba22ee4e89ef6892ab38f6755699749b4156de1a2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Sat, 29 Jul 2023 17:30:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7621
x-xss-protection: 0
server: sffe
etag: "87192053f7ea25a5"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 29 Jul 2023 17:30:43 GMT

GET
H2

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/
Redirect Chain

https://ads.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

173ms
69ms

Script
application/octet-stream

172.67.71.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html
Protocol: H2
Server: 172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:30:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4831
alt-svc: h3=":443"; ma=86400
content-length: 40181
last-modified: Tue, 20 Jun 2023 03:04:26 GMT
server: cloudflare
etag: "6491173a-9cf5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HpgO5m0tdFKdWHl9wc8rQN%2FmNVguayd5cppXbhKgyMrF%2BCZDtT3pHfSGkSQsmoh8wq5per0o9ijIbg029Vp16c7jMXfjiytd%2B0nIRYx1SLE6DZG5nik6muDhTfXgFeT2kg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7ee7176a3bdc48a9-LIS

Redirect headers

Location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection: close
Content-length: 0

GET
H2 200 adRecover.js Show response
delivery.adrecover.com/43519/ 41 KB
11 KB 303ms
95ms Script
application/javascript 2.19.126.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.adrecover.com/43519/adRecover.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.212 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-212.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 6a80566a14ad0c9ed05a4dca600dd0dcd7779caef2e98226cca37fbe89526d3a

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: PT
date: Sat, 29 Jul 2023 17:30:43 GMT
content-encoding: br
last-modified: Sat, 29 Jul 2023 07:00:27 GMT
server: nginx/1.18.0
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
x-cf-geodata: PT
content-length: 10988
expires: Sat, 29 Jul 2023 18:30:43 GMT

GET
H2 200 adpushup.js Show response
cdn.adpushup.com/42753/ 650 KB
137 KB 305ms
95ms Script
application/javascript 2.16.238.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/42753/adpushup.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.238.154 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-238-154.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: b8a6b67b95245dbbe4fddb8aa4395636d755750b2affdf62f2256bc5cc3b2b93

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: PT
date: Sat, 29 Jul 2023 17:30:43 GMT
content-encoding: br
last-modified: Sat, 29 Jul 2023 11:30:26 GMT
server: nginx/1.18.0
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
server-timing: cdn-cache; desc=HIT, edge; dur=7, origin; dur=0, ak_p; desc="469625_34663834_347955845_723_1025_42_0_146";dur=1
x-cf-geodata: PT
content-length: 139375
expires: Sat, 29 Jul 2023 18:30:43 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/palmate-bg3co/ 399 KB
49 KB 1274ms
1170ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1ed5dd7dd7b1a21a60412715733d5f31958b50ad92ba73cd7230ec7b027c6631

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: qW6d.Zg4BbVWBfaFJZoMUUWX9JUTZqmW
content-encoding: gzip
via: 1.1 varnish
date: Sat, 29 Jul 2023 17:30:44 GMT
x-amz-request-id: N6YZ6HY99PX68K8X
age: 1
x-amz-server-side-encryption: AES256
x-cache: MISS
x-from-cache: 1
x-envoy-upstream-service-time: 8
x-amz-replication-status: FAILED
content-length: 49407
x-amz-id-2: NgboudO9libEBP/PH31SLxthzdZJUPKWJZYuff9oV88RprjrI80b9nfjKvgKU5PmrfuFNObY89I=
x-served-by: cache-lis1490049-LIS
last-modified: Thu, 27 Jul 2023 22:58:17 UTC
server: nginx
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1690651844.525061,VS0,VE1125
etag: "d0bf87524adf09b3e00eb77c6f365bdfcc3b1aa3"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
abp: 32
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 lift_widget.js Show response
nt.compass-fit.jp/ 78 KB
17 KB 2428ms
548ms Script
text/javascript 52.199.103.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.199.103.74 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-199-103-74.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: f3631374462518355dc08a93da5b37992dd1b0537da5756ca5308c559ab562ec

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 17:30:45 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"
content-type: text/javascript
cache-control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate

GET
H2 200 jquery-2.2.2.min.js Show response
code.jquery.com/ 84 KB
29 KB 206ms
75ms Script
application/javascript 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.2.min.js
Requested by: Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: tlb.hwcdn.net
Software: nginx /
Resource Hash: dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:30:43 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-14e98"
surrogate-control: max-age=315360000;hw-h2proxy
vary: Accept-Encoding
x-hw: 1690651843.cdn4-pxy204-mad02.ma1.evs,1690651843.cds035.ma1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000,public
accept-ranges: bytes
content-length: 29880

GET 8102ff7498d694308650b8e32209bdee.jpg
static.bg3.co/imgs/202010/ 0
0

GET a37a1b86533f9cad01634528de17bca5.jpg
static.bg3.co/imgs/202009/ 0
0

GET 74af13d27cbc899737b150a3038366d6.jpg
static.bg3.co/imgs/202011/ 0
0

GET 5f147d754c2b8edc7a92e1759bab005a.jpg
static.bg3.co/imgs/202011/ 0
0

GET 237e701c00d190b3c7b57f2d8b879640.jpg
static.bg3.co/imgs/202012/ 0
0

GET ab590ddf5b66a5513fcc8123c2c1e975.jpg
static.bg3.co/imgs/202012/ 0
0

GET f838ba6a47edc3ea09c423b729a379a7.jpg
static.bg3.co/imgs/202012/ 0
0

GET 7bf4404b71ee7c0a81616de264d01f70.jpg
static.bg3.co/imgs/202012/ 0
0

GET c47b877cea0e049ae9d40b15b38b2001.jpg
static.bg3.co/imgs/202012/ 0
0

GET 03c0643260c6b2142a3d197f34dc2a77.jpg
static.bg3.co/imgs/202012/ 0
0

GET 2aa7e867fe57c85dacc04c209ea8dbf5.jpg
static.bg3.co/imgs/202011/ 0
0

GET 8541178c3ca937158e29d7745cc190ab.jpg
static.bg3.co/imgs/202012/ 0
0

GET c0bc1f8a57091cf87b2982c102433681.jpg
static.bg3.co/imgs/202012/ 0
0

GET 4942f61bf27bfd425e8ed9b016486b39.jpg
static.bg3.co/imgs/202012/ 0
0

GET edcbd95964e84c7e32ef373d01a6ad01.jpg
static.bg3.co/imgs/202010/ 0
0

GET bbe3a0498ff16ae4faa34bf6756ac0a2.jpg
static.bg3.co/imgs/202012/ 0
0

GET 2fffd95c071a5a1320a9111e1a877b8f.jpg
static.bg3.co/imgs/202012/ 0
0

GET b53f20cee87c757227fbd1b71316e65a.jpg
static.bg3.co/imgs/202012/ 0
0

GET 169022c8bdbee07d5fee6b97daa46b64.jpg
static.bg3.co/imgs/202011/ 0
0

GET aa80f7f127fa3fcf47984e3d121af44b.jpg
static.bg3.co/imgs/202012/ 0
0

GET b733f325ea8316cc35e67a5abbafec8e.jpg
static.bg3.co/imgs/202011/ 0
0

GET a8e428f0410e1993477ab3ce1cf11680.jpg
static.bg3.co/imgs/202012/ 0
0

GET 32b62c86076dc609e209de63878a3359.jpg
static.bg3.co/imgs/202011/ 0
0

GET 182452880dc6e982041875f1d8cc24f9.jpg
static.bg3.co/imgs/202012/ 0
0

GET 0145c546e8ee66a7daadc1151c82db23.jpg
static.bg3.co/imgs/202010/ 0
0

GET 0def4cbe4e0229295ce7a2d99ee0fefa.jpg
static.bg3.co/imgs/202012/ 0
0

GET feed5cd7b7c5fd3abf69d9f5bf540871.jpg
static.bg3.co/imgs/202012/ 0
0

GET 169022c8bdbee07d5fee6b97daa46b64.jpg
static.bg3.co/imgs/202012/ 0
0

GET 38efb55856cf88147b448869b3341365.jpg
static.bg3.co/imgs/202011/ 0
0

GET 5754ec3808c383604764932a35616e10.jpg
static.bg3.co/imgs/202011/ 0
0

GET
H3 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012307150128000/v0/ 8 KB
3 KB 272ms
112ms Script
text/javascript 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307150128000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f1.1e100.net

Software

sffe /

Resource Hash

b031de3df41b8270548e7ef1e786892ff7d876ede2cd02e355b9cea2b9f63bf7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 28 Jul 2023 04:17:43 GMT
age: 133981
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3031
x-xss-protection: 0
server: sffe
etag: "ab4976f290799864"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 27 Jul 2024 04:17:43 GMT

GET
H3 200 amp-ad-0.1.js Show response
cdn.ampproject.org/rtv/012307150128000/v0/ 82 KB
23 KB 240ms
82ms Script
text/javascript 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307150128000/v0/amp-ad-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f1.1e100.net

Software

sffe /

Resource Hash

c9eb6c80b3ac7c6046303f445441f326bf1ffe2b86dc42816a092f110fe4fcf7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 28 Jul 2023 19:22:22 GMT
age: 79702
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23158
x-xss-protection: 0
server: sffe
etag: "79cbf92139ba05f8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 27 Jul 2024 19:22:22 GMT

GET
H2 200 ama Show response
pagead2.googlesyndication.com/getconfig/ 3 KB
822 B 277ms
114ms Fetch
application/json 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/ama?client=ca-pub-3216231935713038&plah=www.bg3.co&ama_t=amp&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html&__amp_source_origin=https%3A%2F%2Fwww.bg3.co

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

354870399cd25b9a3e2d93b89ab95c7d37b034d9a813a3508eebeba38b09330b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:30:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 474
x-xss-protection: 0

GET
H3 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012307150128000/v0/ 13 KB
4 KB 229ms
78ms Script
text/javascript 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307150128000/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f1.1e100.net

Software

sffe /

Resource Hash

0f82b62ca70834fa28f5e86b2ff59f8a4b7fc58beff1c711b0fa922c0afe484b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 28 Jul 2023 09:03:00 GMT
age: 116864
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4005
x-xss-protection: 0
server: sffe
etag: "41886e59cfb0dca0"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 27 Jul 2024 09:03:00 GMT

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 103ms
103ms Script
application/javascript 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: tlb.hwcdn.net
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:30:43 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-15d9d"
surrogate-control: max-age=315360000;hw-h2proxy
vary: Accept-Encoding
x-hw: 1690651843.cdn4-pxy204-mad02.ma1.evs,1690651843.cds208.ma1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000,public
accept-ranges: bytes
content-length: 30875

GET
H2 200 block.jpg
delivery.adrecover.com/ 631 B
857 B 90ms
90ms Image
image/jpeg 2.19.126.212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://delivery.adrecover.com/block.jpg?ts=1690651843970
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.212 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-212.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: PT
date: Sat, 29 Jul 2023 17:30:44 GMT
last-modified: Wed, 23 Jun 2021 06:37:54 GMT
server: nginx/1.18.0
etag: "60d2d6c2-277"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
accept-ranges: bytes
content-length: 631
expires: Sat, 29 Jul 2023 18:30:44 GMT

GET
H2 200 pb.42753.1685716554093.js Show response
cdn.adpushup.com/prebid/ 409 KB
120 KB 319ms
134ms Script
application/javascript 2.16.238.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.238.154 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-238-154.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 2e1c308b644d5be0cb3ca8d1ed6ca9caf2f559a2db097ce23040bb7e6f352d6e

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: PT
date: Sat, 29 Jul 2023 17:30:44 GMT
content-encoding: br
last-modified: Wed, 19 Jul 2023 17:13:32 GMT
server: nginx/1.18.0
etag: W/"64b819bc-66521"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=6, origin; dur=0, ak_p; desc="469625_34663834_347957534_640_1176_41_0_146";dur=1
content-length: 122286
expires: Sun, 28 Jul 2024 17:30:44 GMT

GET
H2 200 quantcast.js Show response
cdn.adpushup.com/pbuseridscripts/ 450 B
556 B 213ms
88ms Script
application/javascript 2.16.238.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.238.154 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-238-154.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: PT
date: Sat, 29 Jul 2023 17:30:44 GMT
content-encoding: br
last-modified: Mon, 28 Jun 2021 04:15:23 GMT
server: nginx/1.18.0
etag: W/"60d94cdb-1c2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="469625_34663834_347957540_41_784_41_0_146";dur=1
content-length: 211
expires: Sun, 28 Jul 2024 17:30:44 GMT

GET
H2 200 linkPreview.js Show response
cdn.adpushup.com/42753/ 75 KB
18 KB 215ms
91ms Script
application/javascript 2.16.238.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/42753/linkPreview.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.238.154 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-238-154.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: PT
date: Sat, 29 Jul 2023 17:30:44 GMT
content-encoding: br
last-modified: Tue, 13 Dec 2022 07:20:55 GMT
server: nginx/1.18.0
etag: W/"639827d7-12dc3"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
server-timing: cdn-cache; desc=HIT, edge; dur=3, origin; dur=0, ak_p; desc="469625_34663834_347957535_387_1021_41_0_146";dur=1
content-length: 18371
expires: Sat, 29 Jul 2023 18:30:44 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
28 KB 298ms
125ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

bf11d82fbedf5fdab3b712e64c5f3a5e702cd72f2163601e7bf05b1eded0ea23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:30:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27970
x-xss-protection: 0
server: cafe
etag: 176 / 19567 / m202307250102 / config-hash: 5693953215715342715
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 29 Jul 2023 17:30:44 GMT

GET
H2 200 testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 70 B
309 B 337ms
95ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2OTA2NTE4NDQwNjIsInBhY2tldElkIjoiMDAwMEE3MDEtMmU5YWI0NGEtNjFkOS00OWMxLTg4ZGEtOWMzZGFlYzA5M2U3Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2d1LXNoaS1uZWktY2FuLXphby1iYW8teXUtcWlhbi1qaWEtZ29uZy1zaS1mYS1idS1zYW4tamktYmFvLTN4aW4tZ3Utc2hlbi1nb3UuaHRtbCIsIm1vZGUiOjQsImVycm9yQ29kZSI6MCwicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpudWxsLCJjb3VudHJ5IjoiUFQifQ%3D%3D&c_b=1932.7000007629395
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 17:30:44 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 70 B
308 B 338ms
96ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 17:30:44 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 AGSKWxWGtL7zuZ1y1IcNdDu97XV3A1nSFYlAxzUsMF11iBnZwCEpDsaZDLJvauA2_Cx3VImW-PkAxWSsA1Yld5y1tqA= Show response
fundingchoicesmessages.google.com/f/ 19 KB
8 KB 299ms
117ms Script
application/javascript 142.250.185.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWGtL7zuZ1y1IcNdDu97XV3A1nSFYlAxzUsMF11iBnZwCEpDsaZDLJvauA2_Cx3VImW-PkAxWSsA1Yld5y1tqA=

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f14.1e100.net

Software

ESF /

Resource Hash

19a95ba9c933d2d3798025717a189d2f87680fc882f2fb956b272b59fe97d706

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-ONtCPhXmZAK5u6kCB__UCA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:30:44 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-ONtCPhXmZAK5u6kCB__UCA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 amp-sticky-ad-1.0.js Show response
cdn.ampproject.org/rtv/012307150128000/v0/ 40 KB
10 KB 79ms
78ms Script
text/javascript 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307150128000/v0/amp-sticky-ad-1.0.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f1.1e100.net

Software

sffe /

Resource Hash

bc3dcb4607fcf860f3b04077f02155d90001cec4df1af09acab0fda30a0ebc39

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 28 Jul 2023 19:41:21 GMT
age: 78563
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10402
x-xss-protection: 0
server: sffe
etag: "c578ba47d9485b23"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 27 Jul 2024 19:41:21 GMT

GET
H3 200 amp-ad-network-adsense-impl-0.1.js Show response
cdn.ampproject.org/rtv/012307150128000/v0/ 213 KB
56 KB 80ms
79ms Script
text/javascript 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307150128000/v0/amp-ad-network-adsense-impl-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f1.1e100.net

Software

sffe /

Resource Hash

13b01783a067f21e1a92d8fa559aa25c7f7bb60b7911dfa994efba7cc9e9d1d4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 29 Jul 2023 13:19:18 GMT
age: 15086
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57626
x-xss-protection: 0
server: sffe
etag: "3e8e186b2ecc0e4f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 28 Jul 2024 13:19:18 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
9 KB 277ms
90ms Script
application/javascript 91.228.74.208
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.228.74.208 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:30:44 GMT
content-encoding: gzip
etag: "sLp6xTjO7svFVaOemhLWUQ=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Sat, 05 Aug 2023 17:30:44 GMT

GET
H3 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012307150128000/v0/ 110 KB
31 KB 79ms
78ms Script
text/javascript 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307150128000/v0/amp-analytics-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f1.1e100.net

Software

sffe /

Resource Hash

b750900b775914263120999b2cc2b11394ea45f6d9ef5478329e3d1d69b17e60

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 27 Jul 2023 12:51:26 GMT
age: 189558
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32157
x-xss-protection: 0
server: sffe
etag: "908a1aa3777c50a9"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 26 Jul 2024 12:51:26 GMT

GET
H2 200 nameframe.html
d-35970974683141977892.ampproject.net/2307150128000/ 0
0 266ms
85ms Other
text/html 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d-35970974683141977892.ampproject.net/2307150128000/nameframe.html
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s52-in-f3.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 ucfad-formats.css
cdn.aralego.net/css/dev/ 975 B
622 B 60ms
59ms Stylesheet
text/css 172.67.71.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:30:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4619
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=94IfUjB2up8iLgWE5ZWBzWnXzeQKkoVM88Uyn7%2Fwd%2FC6eG1XW3ILMQ%2FExErPR79BsUVHRpFuXLafIw6%2BPpcUUjtzLIIYpA8Uc9JSK7ov%2F6Tsv3nb0zCNd255ZzeJ%2BHU0LQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7ee7176b3e1448a9-LIS

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ 46 B
488 B 600ms
165ms XHR
text/html 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Ashburn, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 9ac13a3b749d313c0d9735b75c2f13090f88ad739e9cb6a5846cfe3355ce29ce

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:30:44 GMT
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.bg3.co
access-control-allow-credentials: true
connection: close
content-length: 46

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ 46 B
488 B 610ms
151ms XHR
text/html 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Ashburn, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 9ac13a3b749d313c0d9735b75c2f13090f88ad739e9cb6a5846cfe3355ce29ce

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:30:44 GMT
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.bg3.co
access-control-allow-credentials: true
connection: close
content-length: 46

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ 564 B
1 KB 592ms
308ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.6885592725285394&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 29 Jul 2023 17:30:44 GMT
X-Width: 336
X-Height: 280
X-AdStyle: banner
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.bg3.co
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-AdSource: PSA
X-Adtype: html
Connection: close
Content-Length: 564

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ 564 B
1 KB 586ms
288ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=1&cb=0.024639790680460294&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 29 Jul 2023 17:30:44 GMT
X-Width: 336
X-Height: 280
X-AdStyle: banner
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.bg3.co
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-AdSource: PSA
X-Adtype: html
Connection: close
Content-Length: 564

GET
H3 200 googleanalytics.json Show response
cdn.ampproject.org/rtv/012307150128000/v0/analytics-vendors/ 2 KB
812 B 80ms
79ms Fetch
application/json 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307150128000/v0/analytics-vendors/googleanalytics.json

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f1.1e100.net

Software

sffe /

Resource Hash

8065f98a0c313ee69495c3c529c6d093e08c980c4419bdf2c9c7318925056ead

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 28 Jul 2023 05:12:27 GMT
age: 130697
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 782
x-xss-protection: 0
server: sffe
etag: "c5b3128fd0184624"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 27 Jul 2024 05:12:27 GMT

GET
H2 200 ga4.json Show response
amp.analytics-debugger.com/ 7 KB
3 KB 210ms
75ms Fetch
application/json 172.64.102.25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://amp.analytics-debugger.com/ga4.json?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.102.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fcde06d3963713e552d9d46936109ce6d3d389318c4c053217dd0a8b12e7b85

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:30:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 78937
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 28 Jul 2023 19:35:07 GMT
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vc5Ko0E3OANuO879WD0w3pBgsnQRHaT4uHvSGtySdJk4vbT7XPFQJqPpDF3DTiJzG110PiOjn%2FfKrmrLFux5IM%2F%2BTW7X1aGetThns7GaU7C1g3ap88esWzKB1smjQzAUiwGDzAcAEI56CRKiRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: max-age=86400
access-control-allow-credentials: true
x-debug-em-all-ga4amp-version: 20230607
cf-ray: 7ee7176caf302f89-MAD

GET
H3 200 gtag.json Show response
cdn.ampproject.org/rtv/012307150128000/v0/analytics-vendors/ 3 KB
956 B 81ms
81ms Fetch
application/json 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307150128000/v0/analytics-vendors/gtag.json

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f1.1e100.net

Software

sffe /

Resource Hash

0cdc1d09aac29df4b32648b075b088d83174193624fe3c219cfd777692c9ba81

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 27 Jul 2023 21:10:33 GMT
age: 159611
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 926
x-xss-protection: 0
server: sffe
etag: "abaaf95b36ef21fc"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 26 Jul 2024 21:10:33 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/ 386 KB
123 KB 80ms
79ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

964783a75f5a7ecc32d48da45cc6025af80e263d6ba6530dc62cc25865b2eb00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 15:29:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7285
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125535
x-xss-protection: 0
server: cafe
etag: 10403599952857238940
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 28 Jul 2024 15:29:19 GMT

POST
H2 200 amp Show response
www.googletagmanager.com/gtag/ 684 B
762 B 251ms
86ms Fetch
application/json 142.250.186.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fwww.bg3.co

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

2aec7a278e6dcbc6fe1215aa393f819226b5ce4c8e0490f7ff1e263f29b07f89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=utf-8

Response headers

date: Sat, 29 Jul 2023 17:30:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="amp.json"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 305
x-xss-protection: 0
pragma: no-cache
amp-access-control-allow-source-origin: https://www.bg3.co
server: Google Tag Manager
vary: *
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.bg3.co
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rules-p-54Nt-1NAaEEe0.js Show response
rules.quantcount.com/ 160 B
633 B 272ms
87ms Script
application/javascript 18.66.97.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-81.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:17:16 GMT
via: 1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 809
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Thu, 13 Oct 2022 15:29:19 GMT
server: AmazonS3
etag: "05b131079c67d484167fd1b1f6c79577"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: qiiIzlMGuEmA7wF4ja0aX8SHiTG-NOmsui1e_kPASaH-X5hYqmoaZg==

POST
H2 204 collect
www.google-analytics.com/g/ 0
161 B 92ms
91ms Ping
text/plain 142.250.185.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?__read_this=https%3A%2F%2Fbit.ly%2Fofficial-ga4&v=2&tid=G-JLX4K2W8JS&ds=AMP&_p=3342&cid=amp-5nlfWpJ6whHBerMzyL3wyA&ul=en-us&sr=1600x1200&_s=1&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html&dr=&dt=%E8%82%A1%E5%B8%82%E5%85%A7%E5%8F%83%E6%97%A9%E5%A0%B1%EF%BC%9A%E9%80%BE%E5%8D%83%E5%AE%B6%E5%85%AC%E5%8F%B8%E7%99%BC%E4%BD%88%E4%B8%89%E5%AD%A3%E5%A0%B1%203%E6%96%B0%E8%82%A1%E7%94%B3%E8%B3%BC%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&_fv=1&_ss=1&__dbg=1&__nuid=&en=page_view&sid=1690651845&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307150128000/v0/amp-analytics-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 17:30:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
251 B 228ms
79ms Ping
text/plain 108.177.15.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-JLX4K2W8JS&cid=amp-5nlfWpJ6whHBerMzyL3wyA&aip=1&sid=1690651845&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307150128000/v0/amp-analytics-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.177.15.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: wr-in-f156.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 17:30:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 impl.20230727-9-RELEASE.js Show response
cdn.taboola.com/libtrc/ 790 KB
164 KB 46ms
45ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20230727-9-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 43a83648821763999517a452b242cd9dc3f25c9278aa8be1e242fd5c1b048e7e

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: P1Qu3yvrKOHpC36FNk8YMgJiSiUmC7do
content-encoding: br
via: 1.1 varnish
date: Sat, 29 Jul 2023 17:30:44 GMT
x-amz-request-id: X4B0JKW6XD1YSF26
age: 28637
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 167336
x-amz-id-2: Ii3mZxmi9aSA4aLZKcX/lz754Pb8COUr5Y9YE7Zy2x/HQBaPeRygA4CdMv3NXyU0eZXwDHCnOJY=
x-served-by: cache-lis1490049-LIS
last-modified: Thu, 27 Jul 2023 09:32:23 GMT
server: AmazonS3-br
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1690651845.796139,VS0,VE0
etag: "5315a99ad6ffedb46c02101d15c92185"
vary: Accept-Encoding
content-type: application/javascript
abp: 62
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 29434

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
135 B 88ms
87ms Image
image/gif 142.250.185.174
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=%E8%82%A1%E5%B8%82%E5%85%A7%E5%8F%83%E6%97%A9%E5%A0%B1%EF%BC%9A%E9%80%BE%E5%8D%83%E5%AE%B6%E5%85%AC%E5%8F%B8%E7%99%BC%E4%BD%88%E4%B8%89%E5%AD%A3%E5%A0%B1%203%E6%96%B0%E8%82%A1%E7%94%B3%E8%B3%BC%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-5nlfWpJ6whHBerMzyL3wyA&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.12855110786326662&gjid=0.26839687714095395&_r=1&a=3342&z=0.40584373647337135&gtm=45De1110

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 17:30:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel;r=935096680;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc5...
pixel.quantserve.com/ 35 B
371 B 115ms
95ms Image
image/gif 91.228.74.208
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=935096680;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-108744081-1690651844560;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;ref=;d=bg3.co;dst=0;et=1690651844836;tzo=0;ogl=;ses=3ea0f9e6-4d34-4e48-ad1c-2a4f22f6624d;mdl=

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.208 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 17:30:44 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6913 603 B
245 B 719ms
556ms Document
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-16145007231992178366&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3509&oid=2&is_amp=5&amp_v=2307150128000&d_imp=1&c=563003342&ga_cid=amp-5nlfWpJ6whHBerMzyL3wyA&ga_hid=3342&dt=1690651844604&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html&bdt=1234&dtd=6&__amp_source_origin=https%3A%2F%2Fwww.bg3.co

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307150128000/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 17:30:45 GMT
expires: Sat, 29 Jul 2023 17:30:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookieSyncIframe.html Show response
cdn.aralego.net/ucfad/cookie/ Frame F818 714 B
735 B 69ms
69ms Document
text/html 172.67.71.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

access-control-allow-credentials: true
age: 3895
alt-svc: h3=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 7ee7176fc99603ca-LIS
content-encoding: br
content-type: text/html
date: Sat, 29 Jul 2023 17:30:45 GMT
last-modified: Wed, 09 Feb 2022 05:59:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L6DaL22kqLTtWaIlsFrI9OSEK0dPLseb6SHX6bovMMMAFQHWbyjYy9M5MOwZzWylc6aAD0Y9cLCb5ALkxwlyxqDY02EuCpU1Vh1OVJBZp%2FtJ4AQ8Pr75oHJKRHE5JgNnlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame FDF9
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
https://eus.rubiconproject.com/usync.html?p=adiiix

281 B
554 B

317ms
96ms

Document
text/html

95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 29 Jul 2023 17:30:45 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Sat, 29 Jul 2023 17:30:45 GMT
location: https://eus.rubiconproject.com/usync.html?p=adiiix
server: AkamaiGHost

GET
H/1.1 200
OK idsync
sync.aralego.com/ 35 B
384 B 447ms
160ms Image
image/gif 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Ashburn, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:30:45 GMT
connection: close
content-length: 35
content-type: image/gif

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 6AE5 93 KB
32 KB 332ms
171ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: ads.aralego.com
URL: https://ads.aralego.com/sdk

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

702f62f45002af0aa9f18c52a8467098c0a4129318113771b8beb7a8ce2ea594

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:30:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32921
x-xss-protection: 0
server: cafe
etag: 15794675491182903011
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 29 Jul 2023 17:30:45 GMT

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame FD0C 18 KB
8 KB 278ms
119ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: ads.aralego.com
URL: https://ads.aralego.com/sdk

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

14998d6b3082e2e28f05d32c0f0c3b8c1900440fe8943f9a674e2943d76e619d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:30:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7911
x-xss-protection: 0
server: cafe
etag: 17758169389496419868
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 29 Jul 2023 17:30:45 GMT

GET
H3 200 cookieSyncIframe.html Show response
cdn.aralego.net/ucfad/cookie/ Frame F49F 714 B
778 B 64ms
64ms Document
text/html 172.67.71.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

access-control-allow-credentials: true
age: 3895
alt-svc: h3=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 7ee7176fc99e03ca-LIS
content-encoding: br
content-type: text/html
date: Sat, 29 Jul 2023 17:30:45 GMT
last-modified: Wed, 09 Feb 2022 05:59:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hZythRRuM8Vyje0AqLTkQXAwRduyUCXx%2BPr%2BP59lcC9uHOpzbAHuyjmukh8OP7Kg88BJZCYPzYZVSsboSk%2FMr2BpBr%2FrH5YThkJUQxrJaVDCwUpwT8%2FrFxggBGR0Sltj5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame D227
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
https://eus.rubiconproject.com/usync.html?p=adiiix

281 B
554 B

318ms
96ms

Document
text/html

95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 29 Jul 2023 17:30:45 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Sat, 29 Jul 2023 17:30:45 GMT
location: https://eus.rubiconproject.com/usync.html?p=adiiix
server: AkamaiGHost

GET
H2 200 sync Show response
gum.criteo.com/ 46 B
288 B 294ms
92ms Script
text/javascript 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230727-9-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:30:44 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 233127
expires: 60

GET
H2 200 json Show response
trc.taboola.com/palmate-bg3co/trc/3/ 73 KB
19 KB 475ms
456ms XHR
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-bg3co/trc/3/json?tim=17%3A30%3A45.007&lti=deflated&data=%7B%22id%22%3A842%2C%22ii%22%3A%22%2Fa%2Fgu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1690487230568%2C%22vi%22%3A1690651845004%2C%22cv%22%3A%2220230727-9-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fgu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fgu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html%22%2C%22vpi%22%3A%22%2Fa%2Fgu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A8213%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Feed%22%2C%22orig_uip%22%3A%22Below%20Article%20Feed%22%2C%22cd%22%3A7823.078125%2C%22mw%22%3A760%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fa%2Fgu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html%2CBelow%20Article%20Feed%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230727-9-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6ffcee19796223d59284ced661c18b62756a28ab869bc2cdb3d82ac583c7a2d2

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 410
date: Sat, 29 Jul 2023 17:30:45 GMT
content-encoding: gzip
via: 1.1 varnish
x-fastly-to-nlb-rtt: 115611
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-lis1490049-LIS
server: nginx
x-timer: S1690651845.050306,VS0,VE410
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://www.bg3.co
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame F49F 80 KB
27 KB 184ms
184ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

be6b618c74dfcfa339308889a40d80c33f5e893e871838f3e2fa071402371c3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:30:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27633
x-xss-protection: 0
server: cafe
etag: 662 / 19567 / m202307250102 / config-hash: 5693953215715342715
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 29 Jul 2023 17:30:45 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame F818 80 KB
27 KB 248ms
247ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

086eefc5c8c997cd6ad6fa4cef08d87d8e4479508b06f30930aa65d08ad2cee4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:30:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27632
x-xss-protection: 0
server: cafe
etag: 622 / 19567 / m202307250102 / config-hash: 5693953215715342715
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 29 Jul 2023 17:30:45 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame FD0C 145 KB
50 KB 168ms
167ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

4fa81ed537edbb96ee9bd8710e48e41ecce0cd6b93cda231e0f149922a06742f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:30:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50715
x-xss-protection: 0
server: cafe
etag: 3570363910541249324
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 29 Jul 2023 17:30:45 GMT

GET
H2 404 L2EvZ3Utc2hpLW5laS1jYW4temFvLWJhby15dS1xaWFuLWppYS1nb25nLXNpLWZhLWJ1LXNhbi1qaS1iYW8tM3hpbi1ndS1zaGVuLWdvdS5odG1s.json Show response
cdn.adpushup.com/42753/ 555 B
870 B 189ms
189ms XHR
text/html 2.16.238.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/42753/L2EvZ3Utc2hpLW5laS1jYW4temFvLWJhby15dS1xaWFuLWppYS1nb25nLXNpLWZhLWJ1LXNhbi1qaS1iYW8tM3hpbi1ndS1zaGVuLWdvdS5odG1s.json
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.238.154 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-238-154.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: PT
date: Sat, 29 Jul 2023 17:30:45 GMT
server: nginx/1.18.0
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
server-timing: cdn-cache; desc=MISS, edge; dur=3, origin; dur=90, ak_p; desc="469625_34663834_347960811_9336_1387_42_0_219";dur=1
content-length: 555
expires: Sat, 29 Jul 2023 18:30:45 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307250101/ Frame 6AE5 364 KB
125 KB 171ms
170ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307250101/show_ads_impl_fy2021.js?bust=31076426

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

ed3123055622b820d3f418f26f64826be362b3992b167dac9cdbf4bafc2b2589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:30:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127823
x-xss-protection: 0
server: cafe
etag: 13526813182204550422
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 29 Jul 2023 17:30:45 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/ Frame F49F 386 KB
123 KB 82ms
81ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

964783a75f5a7ecc32d48da45cc6025af80e263d6ba6530dc62cc25865b2eb00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 15:29:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7286
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125535
x-xss-protection: 0
server: cafe
etag: 10403599952857238940
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 28 Jul 2024 15:29:19 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/ Frame F818 386 KB
123 KB 94ms
86ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

964783a75f5a7ecc32d48da45cc6025af80e263d6ba6530dc62cc25865b2eb00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 15:29:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7286
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125535
x-xss-protection: 0
server: cafe
etag: 10403599952857238940
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 28 Jul 2024 15:29:19 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/ Frame FD0C 363 KB
124 KB 237ms
236ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

8d3d78bbb6c98e400d472a83afba12fdc2409166060f8d9be906bfd2faa7b9a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:30:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127279
x-xss-protection: 0
server: cafe
etag: 2041270205485160960
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 29 Jul 2023 17:30:45 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230726/r20190131/ Frame 3EF4 10 KB
5 KB 103ms
87ms Document
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230726/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

age: 31768
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 08:41:17 GMT
etag: 12368291122986407432
expires: Sat, 12 Aug 2023 08:41:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 floating-unit.20230727-9-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 8 KB
3 KB 46ms
45ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/floating-unit.20230727-9-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0d52e28e2f00236047c1ae1e1b2b9cbf80687d8df9fa6c825bf4caaa526eabd4

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 2WpsNJPH90OEarkKvUMMzuZQVO1eXe0c
content-encoding: gzip
via: 1.1 varnish
date: Sat, 29 Jul 2023 17:30:45 GMT
x-amz-request-id: 89348555ENNQ5BRJ
age: 119294
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 2473
x-amz-id-2: 1dv1MAO5+4eIED5nDTXSTjZLIZD/IPhV0l+lvkGy303InP8/E9yc13FBCt0zbdNelLDscTZZCEY=
x-served-by: cache-lis1490049-LIS
last-modified: Fri, 28 Jul 2023 08:22:32 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1690651846.665969,VS0,VE0
etag: "0ad8e98b8638363eab678bed577a126f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 62
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 13965

GET
H2 200 taboola-vignette-new-scanning.20230727-9-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 27 KB
8 KB 47ms
46ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/taboola-vignette-new-scanning.20230727-9-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7d8a0b440d7068d5cb52547946da570da8238088d744ce73cbd6129b87200a12

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: EsUuvtHarpCPXN.nV8SaiI8VppZ9XOJk
content-encoding: gzip
via: 1.1 varnish
date: Sat, 29 Jul 2023 17:30:45 GMT
x-amz-request-id: CMEPE7V7W0B50E6X
age: 119274
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 8011
x-amz-id-2: bp5+nywS1GOwWQX3uXlUPzmrxZ0CvSoYWyRElSyaHzVUDgJ8CGFsb4g+159bhw1mU/Q117ql++4=
x-served-by: cache-lis1490049-LIS
last-modified: Fri, 28 Jul 2023 08:22:51 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1690651846.667313,VS0,VE0
etag: "8295deef603701ecd7b23f274d2080a4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 76
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 10685

GET
H2 200 distance-from-article.20230727-9-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 63ms
61ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/distance-from-article.20230727-9-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 391add0d2045e77baa1b849271fcdfafdda692ea202619fcba7aa38d96cac4a5

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 1vvwwDTlPsd_L_mk.c.m0Gs4b.AYuRGy
content-encoding: gzip
via: 1.1 varnish
date: Sat, 29 Jul 2023 17:30:45 GMT
x-amz-request-id: K2HAD3T3QDDTMT1T
age: 119305
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1133
x-amz-id-2: N8fi51bS727oij14LR6YIinBTgoIGyOJcJurAiZ3jJHRam4lDR5zKMoegIvhTN5e3rvBNwgFg0c=
x-served-by: cache-lis1490049-LIS
last-modified: Fri, 28 Jul 2023 08:22:21 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1690651846.686125,VS0,VE0
etag: "8db15f3ca0ef2fc76b365691189d41f2"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 96
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 89839

GET
H2 200 article-detection.20230727-9-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 3 KB
2 KB 64ms
62ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/article-detection.20230727-9-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 54d276379c74a84f2a492dffd42961f41b243e4e938eef6d3125375cb91709de

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: N2PN0vAaorPUvvk19oD9RRrFc_2r5gn2
content-encoding: gzip
via: 1.1 varnish
date: Sat, 29 Jul 2023 17:30:45 GMT
x-amz-request-id: 9NPTPFWBTHQJ8GH5
age: 119312
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1271
x-amz-id-2: P6IBUah74BV9ysEiIEmVH56hVVgzvNU/zHlqK88eZZu+mMEuFXjnHOcD4hVfIq2mKrHRYB8UZbo=
x-served-by: cache-lis1490049-LIS
last-modified: Fri, 28 Jul 2023 08:22:14 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1690651846.686260,VS0,VE0
etag: "2ddb5ce84174e516dfa7d41f580c44f5"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 54
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 89825

GET
H2 200 UnitFeedManagerDesktop.min.js Show response
vidstat.taboola.com/lite-unit/4.1.6/ 123 KB
35 KB 65ms
59ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/4.1.6/UnitFeedManagerDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230727-9-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f4c557c95855835a07b591d52282cf17f1a94a1bf3f93e496dfce6994a14b01e

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:30:45 GMT
via: 1.1 9286764bc0c8327719870fa33a225c9a.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: LIS50-C1
age: 196030
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront, HIT
content-length: 35355
x-served-by: cache-lis1490049-LIS
last-modified: Thu, 27 Jul 2023 11:02:49 GMT
server: AmazonS3
x-timer: S1690651846.690747,VS0,VE0
etag: "23fd6bc627e1f80544a173529f6c0abc"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: 20IPOPP-LHgPz2jF0Ol30SqS7QgTJOXsGvlKAmpauBDpL4IOseRg_w==
x-cache-hits: 6088

GET
H2 200 feed-card-placeholder.20230727-9-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
2 KB 59ms
58ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/feed-card-placeholder.20230727-9-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bd110b4002f47a83a112825349eae1f0198cf7e339fd26b633fc8146ae479daf

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: a.CizdY4YDhEJzwYaj_09BYotzDpxcBZ
content-encoding: gzip
via: 1.1 varnish
date: Sat, 29 Jul 2023 17:30:45 GMT
x-amz-request-id: 6WQYS0JCZ4JTDEXT
age: 119299
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1262
x-amz-id-2: 5kd2HbuXukqocjxeh6Qj57dzAmwWh6lNXEBHFJKchq9PlBMcCtwvcXPFnzxrHf1YPTv2XYZpOtM=
x-served-by: cache-lis1490049-LIS
last-modified: Fri, 28 Jul 2023 08:22:26 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1690651846.690655,VS0,VE0
etag: "d72141d67c328c0ef8b577abb34b370d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 86
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 66224

GET
H2 200 userx.20230727-9-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 17 KB
6 KB 110ms
109ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20230727-9-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c36b2a6e516f95a7565daca995489c486f3af12e10cc2feb19c3b53b83cefff5

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: j22NuxXuWQwv5r2dKtahcQk41KlcTitX
content-encoding: gzip
via: 1.1 varnish
date: Sat, 29 Jul 2023 17:30:45 GMT
x-amz-request-id: M440Q6EGRHVC668Y
age: 119271
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5398
x-amz-id-2: a5vd7mGTnI98ugRbqnOPXwgVHjLxKkEASQyjzrgOjZzCRuW1Pshhg3+3K7GuHCLAcjIG3f9yGpg=
x-served-by: cache-lis1490049-LIS
last-modified: Fri, 28 Jul 2023 08:22:54 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1690651846.698047,VS0,VE0
etag: "fb1f0beee9fcbe2ba80b90fb585a8044"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 47
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 13243

GET
H2 200 explore-more.20230727-9-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 30 KB
9 KB 95ms
95ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/explore-more.20230727-9-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 91bf1a6cedc2b670e224abf867b580ebeee8076263c665b53d6c4aed3e37acfe

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 8HJGiqq64l.2Zd331zH.p3YHpekHKsFV
content-encoding: gzip
via: 1.1 varnish
date: Sat, 29 Jul 2023 17:30:45 GMT
x-amz-request-id: 9K63489TFVXACHFK
age: 119301
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 8777
x-amz-id-2: ijvduKOnT42RYKsZa3X/jMxegqbPurYzhrV7sgjcS0WAWzORq3I32eqYQOUmxbw9VHp+UqOcvXw=
x-served-by: cache-lis1490049-LIS
last-modified: Fri, 28 Jul 2023 08:22:25 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1690651846.712895,VS0,VE0
etag: "edf758b47d6a232675d6fc2d5521396c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 56
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 40095

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
362 B 439ms
134ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=HK:IL:V&tvi2=-2&lti=deflated&ri=0da341f80692c4b6d9b4be3dcba33cb6&sd=v2_951f77dab262443dbdedf1aaabbe0692_d2579ebd-5cd2-4614-80ce-5762f88c27f0-tuctbbed245_1690651845_1690651845_CNawjgYQ2YJdGIzDz5WaMSABKAEwZziY0QpA548QSKDx1gNQ____________AVgAYABosa_ptcr9986tAXAB&ui=d2579ebd-5cd2-4614-80ce-5762f88c27f0-tuctbbed245&pi=/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html&wi=-2228157552357029942&pt=text&vi=1690651845004&d=%7B%22event_type%22%3A%22next_up%22%2C%22event_state%22%3A%22RENDERED%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3Anull%7D&tim=17%3A30%3A45.641&id=1561&llvl=2&cv=20230727-9-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sat, 29 Jul 2023 17:30:46 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
362 B 438ms
132ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=HK:IL:V&tvi2=-2&lti=deflated&ri=0da341f80692c4b6d9b4be3dcba33cb6&sd=v2_951f77dab262443dbdedf1aaabbe0692_d2579ebd-5cd2-4614-80ce-5762f88c27f0-tuctbbed245_1690651845_1690651845_CNawjgYQ2YJdGIzDz5WaMSABKAEwZziY0QpA548QSKDx1gNQ____________AVgAYABosa_ptcr9986tAXAB&ui=d2579ebd-5cd2-4614-80ce-5762f88c27f0-tuctbbed245&pi=/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html&wi=-2228157552357029942&pt=text&vi=1690651845004&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-before-load%22%2C%22eventTime%22%3A1690651845642%7D&tim=17%3A30%3A45.643&id=2260&llvl=2&cv=20230727-9-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sat, 29 Jul 2023 17:30:46 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
362 B 438ms
133ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=HK:IL:V&tvi2=-2&lti=deflated&ri=0da341f80692c4b6d9b4be3dcba33cb6&sd=v2_951f77dab262443dbdedf1aaabbe0692_d2579ebd-5cd2-4614-80ce-5762f88c27f0-tuctbbed245_1690651845_1690651845_CNawjgYQ2YJdGIzDz5WaMSABKAEwZziY0QpA548QSKDx1gNQ____________AVgAYABosa_ptcr9986tAXAB&ui=d2579ebd-5cd2-4614-80ce-5762f88c27f0-tuctbbed245&pi=/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html&wi=-2228157552357029942&pt=text&vi=1690651845004&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1690651845651%7D&tim=17%3A30%3A45.651&id=5747&llvl=2&cv=20230727-9-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sat, 29 Jul 2023 17:30:46 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
362 B 438ms
133ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=HK:IL:V&tvi2=-2&lti=deflated&ri=0da341f80692c4b6d9b4be3dcba33cb6&sd=v2_951f77dab262443dbdedf1aaabbe0692_d2579ebd-5cd2-4614-80ce-5762f88c27f0-tuctbbed245_1690651845_1690651845_CNawjgYQ2YJdGIzDz5WaMSABKAEwZziY0QpA548QSKDx1gNQ____________AVgAYABosa_ptcr9986tAXAB&ui=d2579ebd-5cd2-4614-80ce-5762f88c27f0-tuctbbed245&pi=/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html&wi=-2228157552357029942&pt=text&vi=1690651845004&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=17%3A30%3A45.688&id=7003&llvl=2&cv=20230727-9-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sat, 29 Jul 2023 17:30:46 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 437ms
132ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=17%3A30%3A45.695&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-rec-reel-01-x-delta&llvl=2&id=5195&cv=20230727-9-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:30:46 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 83903

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
90 B 435ms
132ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=17%3A30%3A45.706&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-x-delta&llvl=2&id=306&cv=20230727-9-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:30:46 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 83903

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 138ms
137ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=17%3A30%3A45.729&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-b-em-delta&llvl=2&id=671&cv=20230727-9-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:30:46 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 83903

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 141ms
139ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=17%3A30%3A45.734&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=4735&cv=20230727-9-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:30:46 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 83903

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 159ms
157ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=17%3A30%3A45.739&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=6920&cv=20230727-9-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:30:46 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 83903

GET
H2 200 f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 4 KB
2 KB 62ms
60ms Image
image/svg+xml 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding: gzip
via: 1.1 varnish
date: Sat, 29 Jul 2023 17:30:45 GMT
x-amz-request-id: 059ZEMN3RJ2RVDH8
age: 83
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1758
x-amz-id-2: Uqp3/so7O5QYv3FWcpwAOgju02flQmqVEsjYqRmHIJMcvUuXH0zuWlPp4rIZfSi9EKtGo6/hebw=
x-served-by: cache-lis1490049-LIS
last-modified: Wed, 07 Feb 2018 11:15:52 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1690651846.781610,VS0,VE0
etag: "b8b410e4b18d45aa2f3d9bc09cd335fb"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
abp: 21
cache-control: private,max-age=31536000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 29

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 241 KB
83 KB 96ms
96ms Script
application/javascript 142.250.186.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

4c99948876232f9342173ab2cc8a570113d4433f91eb2a1a5325dcb43a9bf2aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:30:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84365
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 29 Jul 2023 17:30:45 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame FDF9 34 KB
10 KB 99ms
99ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c84430c2d70c668223e7ecf851361ce191f98c4647a84ef17fb1a15f38b933c0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 29 Jul 2023 17:30:45 GMT
Content-Encoding: gzip
Last-Modified: Fri, 28 Jul 2023 21:10:31 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=13190
Connection: keep-alive
Content-Length: 10114
Expires: Sat, 29 Jul 2023 21:10:35 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame D227 34 KB
10 KB 103ms
94ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c84430c2d70c668223e7ecf851361ce191f98c4647a84ef17fb1a15f38b933c0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 29 Jul 2023 17:30:45 GMT
Content-Encoding: gzip
Last-Modified: Fri, 28 Jul 2023 21:10:31 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=13190
Connection: keep-alive
Content-Length: 10114
Expires: Sat, 29 Jul 2023 21:10:35 GMT

GET
H2 200 72642b137e7e6168d450bfdd771a1c00.png
images.taboola.com/taboola/image/fetch/h_585,w_780,c_pad,b_auto/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 46 KB
46 KB 147ms
146ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/h_585,w_780,c_pad,b_auto/http%3A//cdn.taboola.com/libtrc/static/thumbnails/72642b137e7e6168d450bfdd771a1c00.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1b6b50ba1f243d0deba4fe069238c64a2749fae0cd155e52b6acefd727867f9d

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 90
date: Sat, 29 Jul 2023 17:30:45 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/h_585,w_780,c_pad,b_auto/http%3A//cdn.taboola.com/libtrc/static/thumbnails/72642b137e7e6168d450bfdd771a1c00.png
age: 1125967
edge-cache-tag: 435784023151221046442904686349571860291,312124334255070057460816042924901335795,29ecf9b93bbf306179626feeda1fab70
cache-tag: 435784023151221046442904686349571860291,312124334255070057460816042924901335795,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT, MISS
x-envoy-upstream-service-time: 273
expiration: expiry-date="Mon, 24 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.hirunews.lk/
content-length: 46740
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kjyo7100081-IAD, cache-iad-kiad7000082-IAD, cache-chi-kigq8000033-CHI, cache-iad-kiad7000044-IAD, cache-lis1490049-LIS
last-modified: Fri, 23 Jun 2023 10:28:31 GMT
server: nginx
x-timer: S1690651846.863533,VS0,VE90
etag: "5f32be9f17f6a58bd826c8f51d47c4af"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 12, 0

GET
H2 200 72642b137e7e6168d450bfdd771a1c00.png
images.taboola.com/taboola/image/fetch/h_460,w_920,c_pad,b_auto/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 45 KB
46 KB 158ms
157ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/h_460,w_920,c_pad,b_auto/http%3A//cdn.taboola.com/libtrc/static/thumbnails/72642b137e7e6168d450bfdd771a1c00.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: bc5b34533f5015268f5c11541c4406b4612c36a7c8ed576c92a2afb49e97dafc

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 93
date: Sat, 29 Jul 2023 17:30:45 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/h_460,w_920,c_pad,b_auto/http%3A//cdn.taboola.com/libtrc/static/thumbnails/72642b137e7e6168d450bfdd771a1c00.png
age: 3137293
edge-cache-tag: 435784023151221046442904686349571860291,321488700278465500204953967245530587329,29ecf9b93bbf306179626feeda1fab70
cache-tag: 435784023151221046442904686349571860291,321488700278465500204953967245530587329,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: HIT, HIT, HIT, HIT, MISS
x-envoy-upstream-service-time: 268
req-referer: https://mahabharti.in/
content-length: 46002
x-request-id: 22141cfe78a6cb104f873e596d2e5ce4
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kcgs7200083-IAD, cache-iad-kjyo7100116-IAD, cache-sna10749-LGB, cache-iad-kjyo7100093-IAD, cache-lis1490049-LIS
last-modified: Thu, 22 Jun 2023 10:31:53 GMT
server: nginx
x-timer: S1690651846.863655,VS0,VE93
etag: "e446fcf27dbfa9e8a4f13878cfd0741f"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1, 40, 0

GET
H2 200 f020aeb95474d22a30a8aa7bb4320f20.jpg
images.taboola.com/taboola/image/fetch/h_256,w_460,c_fill,g_xy_center,x_930,y_412/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 27 KB
28 KB 52ms
52ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/h_256,w_460,c_fill,g_xy_center,x_930,y_412/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f020aeb95474d22a30a8aa7bb4320f20.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 15f61004f23b5aa4062a153470d2f821fe32600184e308996dafa51d2c9a018a

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 29 Jul 2023 17:30:45 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/h_256,w_460,c_fill,g_xy_center,x_930,y_412/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f020aeb95474d22a30a8aa7bb4320f20.jpg
age: 2793720
edge-cache-tag: 461953597764467041444520499259236964687,402251848610803023947938757439808660730,29ecf9b93bbf306179626feeda1fab70
cache-tag: 461953597764467041444520499259236964687,402251848610803023947938757439808660730,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 403
req-referer: https://www.srnieuws.com/
content-length: 27328
x-request-id: 695d9d175537d9aa05be54c94182b00d
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kcgs7200030-IAD, cache-iad-kjyo7100141-IAD, cache-chi-klot8100087-CHI, cache-iad-kjyo7100044-IAD, cache-lis1490049-LIS
last-modified: Sat, 10 Jun 2023 00:57:48 GMT
server: nginx
x-timer: S1690651846.863651,VS0,VE1
etag: "0a629c1af04ed829acf3cc625e1ef478"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1464, 1

GET
H2 200 777b6e6d9fb3236f62a7c36f3952d564.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 28 KB
29 KB 55ms
54ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/777b6e6d9fb3236f62a7c36f3952d564.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 2effa9fe0c49492b8c8f9192ae68f285deb604d7cee78f8f988a07d906c14be5

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 29 Jul 2023 17:30:45 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/777b6e6d9fb3236f62a7c36f3952d564.jpg
age: 2330856
edge-cache-tag: 549262710109444999436487026904425005612,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag: 549262710109444999436487026904425005612,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 208
expiration: expiry-date="Wed, 26 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.krstarica.com/
content-length: 28858
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kiad7000146-IAD, cache-iad-kcgs7200072-IAD, cache-chi-kigq8000174-CHI, cache-iad-kjyo7100073-IAD, cache-lis1490049-LIS
last-modified: Sun, 25 Jun 2023 15:12:00 GMT
server: nginx
x-timer: S1690651846.869859,VS0,VE1
etag: "206ef48df056153bf7f13a4eebf84b29"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 171, 1

GET
H2 200 c0fc9354a743eab3b0dfb7e5f519fb3a.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 14 KB
15 KB 54ms
47ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c0fc9354a743eab3b0dfb7e5f519fb3a.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 79630e2cf497fcaebf344b9a92318751eb38fa19331fd95a0b8ac6ac5926cba1

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 29 Jul 2023 17:30:45 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c0fc9354a743eab3b0dfb7e5f519fb3a.png
age: 4018669
edge-cache-tag: 460729525505743605432168159117769200231,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 460729525505743605432168159117769200231,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 275
req-referer: https://www.benzinga.com/
content-length: 14696
x-request-id: 4fc802eb4d155da500dbcc2379d2276c
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kiad7000077-IAD, cache-iad-kcgs7200139-IAD, cache-sna10721-LGB, cache-iad-kjyo7100175-IAD, cache-lis1490049-LIS
last-modified: Thu, 01 Jun 2023 04:51:05 GMT
server: nginx
x-timer: S1690651846.922610,VS0,VE1
etag: "48af341864780dc99649c5743a7cd136"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 3, 1, 29, 1

GET
H2 200 7eGmX8f2Hr8aJjl.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//rgi.bar/platform/console/tools/cropper/images/prod/ 37 KB
38 KB 51ms
49ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//rgi.bar/platform/console/tools/cropper/images/prod/7eGmX8f2Hr8aJjl.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 81c269c9d8d026a098f58eeae9379b11f1af264f374a0685cba7ce06aa92900d

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 29 Jul 2023 17:30:45 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//rgi.bar/platform/console/tools/cropper/images/prod/7eGmX8f2Hr8aJjl.jpg
age: 1057080
edge-cache-tag: 550969103727956596525434714343053224065,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 550969103727956596525434714343053224065,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 461
expiration: expiry-date="Thu, 17 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://kannada.oneindia.com/
content-length: 38144
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kcgs7200142-IAD, cache-iad-kjyo7100020-IAD, cache-chi-kigq8000147-CHI, cache-iad-kcgs7200179-IAD, cache-lis1490049-LIS
last-modified: Mon, 17 Jul 2023 06:34:57 GMT
server: nginx
x-timer: S1690651846.923659,VS0,VE1
etag: "5e62e9fc9a9e304baf5d128d63030b7a"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 19, 1

GET
H2 200 2072879f730fb6a591106fa2f21b2590.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 28 KB
29 KB 50ms
48ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2072879f730fb6a591106fa2f21b2590.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f9d00ff1db8ca02bd10ea2ccb48cef106fb5f8bd2b23d276a8877ae87f36d6ac

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 29 Jul 2023 17:30:45 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2072879f730fb6a591106fa2f21b2590.jpg
age: 2185374
edge-cache-tag: 618126446526520827013715334155589805561,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag: 618126446526520827013715334155589805561,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 118
expiration: expiry-date="Tue, 01 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://nhlrumors.com/
content-length: 28534
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kjyo7100178-IAD, cache-iad-kcgs7200145-IAD, cache-sna10739-LGB, cache-iad-kcgs7200149-IAD, cache-lis1490049-LIS
last-modified: Sat, 01 Jul 2023 23:23:43 GMT
server: nginx
x-timer: S1690651846.974163,VS0,VE1
etag: "8d3123b443c6f1682220302c73042495"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 718, 1

GET
H2 200 72642b137e7e6168d450bfdd771a1c00.png
images.taboola.com/taboola/image/fetch/h_523,w_940,c_pad,b_auto/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 56 KB
57 KB 50ms
49ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/h_523,w_940,c_pad,b_auto/http%3A//cdn.taboola.com/libtrc/static/thumbnails/72642b137e7e6168d450bfdd771a1c00.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: acf8a82dfd083c657e5c87f7642ecff486f8520972d35bf2a0e42abe5712a827

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 29 Jul 2023 17:30:45 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/h_523,w_940,c_pad,b_auto/http%3A//cdn.taboola.com/libtrc/static/thumbnails/72642b137e7e6168d450bfdd771a1c00.png
age: 3137499
edge-cache-tag: 435784023151221046442904686349571860291,361339568627806578574169180252383295844,29ecf9b93bbf306179626feeda1fab70
cache-tag: 435784023151221046442904686349571860291,361339568627806578574169180252383295844,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 291
req-referer: https://www.oneindia.com/
content-length: 57562
x-request-id: 924975377c7c545c5f8e7d4b0db66a9a
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kiad7000106-IAD, cache-iad-kiad7000125-IAD, cache-sna10741-LGB, cache-iad-kcgs7200083-IAD, cache-lis1490049-LIS
last-modified: Thu, 22 Jun 2023 10:31:53 GMT
server: nginx
x-timer: S1690651846.982039,VS0,VE1
etag: "260bbf45b30a44f5d75dee20d1ca3297"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 5, 1, 57, 1

GET
H2 200 c0fc9354a743eab3b0dfb7e5f519fb3a.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 16 KB
17 KB 50ms
49ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c0fc9354a743eab3b0dfb7e5f519fb3a.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c79f9e40a1865d23a006f20b91589717498e85c11abbc3ed5b3bc5f1645075fc

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 29 Jul 2023 17:30:46 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c0fc9354a743eab3b0dfb7e5f519fb3a.png
age: 4011485
edge-cache-tag: 460729525505743605432168159117769200231,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 460729525505743605432168159117769200231,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 212
expiration: expiry-date="Fri, 14 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.contra.gr/
content-length: 16416
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kjyo7100034-IAD, cache-iad-kiad7000155-IAD, cache-sna10746-LGB, cache-iad-kcgs7200168-IAD, cache-lis1490049-LIS
last-modified: Tue, 13 Jun 2023 06:52:29 GMT
server: nginx
x-timer: S1690651846.010484,VS0,VE1
etag: "9199d15ddd7a5943995f620bf9e971f4"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 163, 1

GET
H2 200 f020aeb95474d22a30a8aa7bb4320f20.jpg
images.taboola.com/taboola/image/fetch/h_523,w_940,c_fill,g_xy_center,x_930,y_412/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 130 KB
131 KB 50ms
50ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/h_523,w_940,c_fill,g_xy_center,x_930,y_412/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f020aeb95474d22a30a8aa7bb4320f20.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1fa0616a1df4a0404c8640f675de1f19aefdb9be8fd52a889683cc9f7d888318

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 29 Jul 2023 17:30:46 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/h_523,w_940,c_fill,g_xy_center,x_930,y_412/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f020aeb95474d22a30a8aa7bb4320f20.jpg
age: 2355379
edge-cache-tag: 461953597764467041444520499259236964687,304054793718910432623321288043234533042,29ecf9b93bbf306179626feeda1fab70
cache-tag: 461953597764467041444520499259236964687,304054793718910432623321288043234533042,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 374
expiration: expiry-date="Mon, 17 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://flytant.com/
content-length: 132760
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kiad7000135-IAD, cache-iad-kiad7000062-IAD, cache-lax10639-LGB, cache-iad-kiad7000068-IAD, cache-lis1490049-LIS
last-modified: Fri, 16 Jun 2023 13:13:41 GMT
server: nginx
x-timer: S1690651846.018504,VS0,VE1
etag: "fd12b02fda1e3bbd941e2da7d9e2b920"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 1070, 1

GET
H2 200 777b6e6d9fb3236f62a7c36f3952d564.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 72 KB
72 KB 137ms
137ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/777b6e6d9fb3236f62a7c36f3952d564.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 4305f203273c193fd656b6e62ea1a75060666705e4402dc1bc155d9cfeca36f3

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 91
date: Sat, 29 Jul 2023 17:30:46 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/777b6e6d9fb3236f62a7c36f3952d564.jpg
age: 1456497
edge-cache-tag: 549262710109444999436487026904425005612,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 549262710109444999436487026904425005612,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, MISS
x-envoy-upstream-service-time: 300
expiration: expiry-date="Fri, 14 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.esakal.com/
content-length: 73418
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by: cache-iad-kjyo7100139-IAD, cache-iad-kjyo7100162-IAD, cache-chi-kigq8000032-CHI, cache-iad-kiad7000044-IAD, cache-lis1490049-LIS
last-modified: Tue, 13 Jun 2023 06:22:17 GMT
server: nginx
x-timer: S1690651846.026617,VS0,VE91
etag: "7e85e252dbdb30e56b1c6f30d34aa76a"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 4, 1, 20, 0

GET
H2 200 next-up-widget.20230727-9-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 16 KB
5 KB 54ms
49ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/next-up-widget.20230727-9-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0e3d8fefb06a49434922a615f2f6fc7693bf2d59c6cfca15aabb91a8f9aca7c1

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: tFoMTmjAQiY.AGgc7QD0X8.vm7LrdX6O
content-encoding: gzip
via: 1.1 varnish
date: Sat, 29 Jul 2023 17:30:45 GMT
x-amz-request-id: W9A7RD31QPEKMCZY
age: 119290
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 4623
x-amz-id-2: WeBBsHLfxNpDEcmUcmB7+mFWhQ5q8Z7zY9D25QPYBbeTuXzfka5+jh5ekZtbublaLDszpfSAXFk=
x-served-by: cache-lis1490049-LIS
last-modified: Fri, 28 Jul 2023 08:22:35 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1690651846.923442,VS0,VE0
etag: "0e2e4a56e106f372a41c750ae738705f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 37
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 13583

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 159ms
158ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=17%3A30%3A45.935&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=4803&cv=20230727-9-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:30:46 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 83903

GET
H2 200 css2
fonts.googleapis.com/ 20 KB
1 KB 266ms
95ms Stylesheet
text/css 142.250.186.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230727-9-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f10.1e100.net

Software

ESF /

Resource Hash

a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 29 Jul 2023 17:30:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 29 Jul 2023 16:01:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 29 Jul 2023 17:30:46 GMT

GET
H2 200 spa-detector.20230727-9-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 47ms
46ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/spa-detector.20230727-9-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 16ca4436ccbc7b885da06df96924689c3992e5f46c34810546c061e9f638c3d0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: X8QqOe1snJKPaIDOeaMSNYiMxJgtu0Qu
content-encoding: gzip
via: 1.1 varnish
date: Sat, 29 Jul 2023 17:30:45 GMT
x-amz-request-id: ZXM8KW3PRJZXQBSG
age: 119284
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 809
x-amz-id-2: oTB80Ftn1d0Vew8UrxnuqMhvPrCHAQcO+X7YnDC752qQlOSvFS10ck9HQeRpNg3FweQv57aN0hc=
x-served-by: cache-lis1490049-LIS
last-modified: Fri, 28 Jul 2023 08:22:42 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1690651846.979565,VS0,VE0
etag: "3e9c41a418b54e4c6ddf043af9a9362b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 6
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 40950

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
362 B 161ms
160ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=HK:IL:V&tvi2=-2&lti=deflated&ri=0da341f80692c4b6d9b4be3dcba33cb6&sd=v2_951f77dab262443dbdedf1aaabbe0692_d2579ebd-5cd2-4614-80ce-5762f88c27f0-tuctbbed245_1690651845_1690651845_CNawjgYQ2YJdGIzDz5WaMSABKAEwZziY0QpA548QSKDx1gNQ____________AVgAYABosa_ptcr9986tAXAB&ui=d2579ebd-5cd2-4614-80ce-5762f88c27f0-tuctbbed245&pi=/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html&wi=-2228157552357029942&pt=text&vi=1690651845004&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=17%3A30%3A45.948&id=3355&llvl=2&cv=20230727-9-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sat, 29 Jul 2023 17:30:46 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
362 B 198ms
197ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=HK:IL:V&tvi2=-2&lti=deflated&ri=0da341f80692c4b6d9b4be3dcba33cb6&sd=v2_951f77dab262443dbdedf1aaabbe0692_d2579ebd-5cd2-4614-80ce-5762f88c27f0-tuctbbed245_1690651845_1690651845_CNawjgYQ2YJdGIzDz5WaMSABKAEwZziY0QpA548QSKDx1gNQ____________AVgAYABosa_ptcr9986tAXAB&ui=d2579ebd-5cd2-4614-80ce-5762f88c27f0-tuctbbed245&pi=/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html&wi=-2228157552357029942&pt=text&vi=1690651845004&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22header%20found%22%2C%22eventTime%22%3A1690651845949%7D&tim=17%3A30%3A45.950&id=1855&llvl=2&cv=20230727-9-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sat, 29 Jul 2023 17:30:46 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
362 B 199ms
198ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=HK:IL:V&tvi2=-2&lti=deflated&ri=0da341f80692c4b6d9b4be3dcba33cb6&sd=v2_951f77dab262443dbdedf1aaabbe0692_d2579ebd-5cd2-4614-80ce-5762f88c27f0-tuctbbed245_1690651845_1690651845_CNawjgYQ2YJdGIzDz5WaMSABKAEwZziY0QpA548QSKDx1gNQ____________AVgAYABosa_ptcr9986tAXAB&ui=d2579ebd-5cd2-4614-80ce-5762f88c27f0-tuctbbed245&pi=/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html&wi=-2228157552357029942&pt=text&vi=1690651845004&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=17%3A30%3A45.952&id=2130&llvl=2&cv=20230727-9-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sat, 29 Jul 2023 17:30:46 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
362 B 200ms
199ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=HK:IL:V&tvi2=-2&lti=deflated&ri=0da341f80692c4b6d9b4be3dcba33cb6&sd=v2_951f77dab262443dbdedf1aaabbe0692_d2579ebd-5cd2-4614-80ce-5762f88c27f0-tuctbbed245_1690651845_1690651845_CNawjgYQ2YJdGIzDz5WaMSABKAEwZziY0QpA548QSKDx1gNQ____________AVgAYABosa_ptcr9986tAXAB&ui=d2579ebd-5cd2-4614-80ce-5762f88c27f0-tuctbbed245&pi=/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html&wi=-2228157552357029942&pt=text&vi=1690651845004&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1690651845955%7D&tim=17%3A30%3A45.955&id=2102&llvl=2&cv=20230727-9-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sat, 29 Jul 2023 17:30:46 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
362 B 199ms
198ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=HK:IL:V&tvi2=-2&lti=deflated&ri=0da341f80692c4b6d9b4be3dcba33cb6&sd=v2_951f77dab262443dbdedf1aaabbe0692_d2579ebd-5cd2-4614-80ce-5762f88c27f0-tuctbbed245_1690651845_1690651845_CNawjgYQ2YJdGIzDz5WaMSABKAEwZziY0QpA548QSKDx1gNQ____________AVgAYABosa_ptcr9986tAXAB&ui=d2579ebd-5cd2-4614-80ce-5762f88c27f0-tuctbbed245&pi=/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html&wi=-2228157552357029942&pt=text&vi=1690651845004&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-script-loaded%22%2C%22type%22%3A%22%7B%5C%22timeFromLoad%5C%22%3A2666%7D%22%2C%22eventTime%22%3A1690651846034%7D&tim=17%3A30%3A46.035&id=117&llvl=2&cv=20230727-9-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sat, 29 Jul 2023 17:30:46 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 im-uid-hook.js Show response
dmp.im-apps.net/scripts/ 633 B
568 B 297ms
91ms Script
text/javascript 2.23.209.46
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=6858
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.209.46 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-209-46.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 69fa4215009a4325ef2d8ed36a318853ec8597bfa8fc52197de529582b85a965

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/javascript
date: Sat, 29 Jul 2023 17:30:46 GMT
content-encoding: gzip
cache-control: private, no-store
content-length: 445
vary: Accept-Encoding
p3p: CP="NOI PSD OTR"

GET
H/1.1 200
OK lift.json Show response
l.logly.co.jp/ 0
603 B 490ms
307ms Script
text/plain 108.138.7.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.logly.co.jp/lift.json?adspot_id=4308934&widget_id=92995&auc_id=&callback=_lgy_lift_callback_4308934&render_id=MTY5MDY1MTg0NV8xXzJjY2FjZmIwNTI2NQ%3D%3D&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html&ref=
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-64.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 29 Jul 2023 17:30:46 GMT
Via: 1.1 002af2e4f72157b8b4bd2de012b5b57c.cloudfront.net (CloudFront)
Server: nginx
X-Amz-Cf-Pop: FRA56-P6
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
P3P: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
X-Amz-Cf-Id: u5IqM8n0QNqVBmT4vX63f24hvzZCyYpRLoiukhLzjiDeQylXkRiglA==

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/webp

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame F49F 492 B
266 B 123ms
122ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=520884143828878&correlator=3764866956238119&output=ldjh&gdfp_req=1&vrg=202307250102&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1690651846071&lmt=1644386353&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=7c9gaqcuq9g4&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1769683369.1690651846&ga_sid=1690651846&ga_hid=147039547&ga_fc=false&dlt=1690651845132&idt=750

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

f3bd5682d8b393cf8879ddb8bb022f5b8efc97ea4df6bb9d0d36e74b748789a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:30:46 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 235
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cdn.aralego.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame F49F 15 KB
12 KB 139ms
139ms XHR
application/json 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307250102&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

4c00b1f7c446fc317cd611aa4a378e6c94af7c33575b4479e6a675f55a0531c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:30:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11796
x-xss-protection: 0

GET
H2 200 container.html Show response
aea27087672024348e5c27a97646f1ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3A64 6 KB
3 KB 284ms
87ms Document
text/html 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://aea27087672024348e5c27a97646f1ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 17:30:46 GMT
expires: Sun, 28 Jul 2024 17:30:46 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 6AE5 379 B
599 B 282ms
88ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307250101/show_ads_impl_fy2021.js?bust=31076426

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

55b4da79f3aa123f125cf4d281721b97f6aeb2a559c8b0f8bc422270fe9de9c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:30:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 247
x-xss-protection: 0

GET
H2

200

GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html Show response
adx.holmesmind.com/adx-file/20230617/ Frame 6041
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134177&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=169065...
https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html

459 B
869 B

1101ms
910ms

Document
text/html

99.86.91.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307250101/show_ads_impl_fy2021.js?bust=31076426
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.91.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-91-21.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eae438576c20d429574bb39337c98179423e0ec301675c2ba564e15fd2e0ae0c

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
content-length: 459
content-type: text/html
date: Sat, 29 Jul 2023 17:30:48 GMT
etag: "b488597db51c4a25cc169c0690d8eea0"
last-modified: Sat, 17 Jun 2023 07:13:44 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 71f0499d67f94a76491d9f85d44030d8.cloudfront.net (CloudFront)
x-amz-cf-id: KStjBTZRLFH31u4qvb7A2IU_M7ZkN1hbAZ2Whns5PMiL7ugPf148lw==
x-amz-cf-pop: CDG50-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: YJSjBgr7qtGU8YTUZxdm49TPP59hJ0a5
x-cache: RefreshHit from cloudfront

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 17:30:46 GMT
location: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 6AE5 15 KB
12 KB 133ms
133ms XHR
application/json 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230726&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307250101/show_ads_impl_fy2021.js?bust=31076426

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

6b7b697c7c0a33c4c3f6dcef6d0274423f80f8199ea8ca9e81c2f946e6acb626

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:30:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11854
x-xss-protection: 0

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame FDF9 284 B
934 B 347ms
86ms Image
image/jpg 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 5b959e9b7aef6dd90a6fa539ca64ac62
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame F818 491 B
264 B 122ms
121ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3016439969754430&correlator=754329105585890&output=ldjh&gdfp_req=1&vrg=202307250102&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1690651846114&lmt=1644386353&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=cwo5yjtdhbu&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=340605027.1690651846&ga_sid=1690651846&ga_hid=2103072114&ga_fc=false&dlt=1690651845138&idt=784

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

9d591964c345f34292efaa1f04ba93f3dbaf7c0557e3fe66f98a820810098a0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:30:46 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 233
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cdn.aralego.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame F818 15 KB
12 KB 149ms
148ms XHR
application/json 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307250102&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

67ac0415a2ee5a9c2dbb0b606a0e514df6c9d2bc6c79f26684803f038105ec6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:30:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11845
x-xss-protection: 0

GET
H2 200 container.html Show response
c860ad800c2e5b518eaa71d8b6181e7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FAAD 6 KB
3 KB 271ms
84ms Document
text/html 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c860ad800c2e5b518eaa71d8b6181e7d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 17:30:46 GMT
expires: Sun, 28 Jul 2024 17:30:46 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame D227 284 B
934 B 352ms
85ms Image
image/jpg 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
362 B 130ms
130ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=HK:IL:V&tvi2=-2&lti=deflated&ri=0da341f80692c4b6d9b4be3dcba33cb6&sd=v2_951f77dab262443dbdedf1aaabbe0692_d2579ebd-5cd2-4614-80ce-5762f88c27f0-tuctbbed245_1690651845_1690651845_CNawjgYQ2YJdGIzDz5WaMSABKAEwZziY0QpA548QSKDx1gNQ____________AVgAYABosa_ptcr9986tAXAB&ui=d2579ebd-5cd2-4614-80ce-5762f88c27f0-tuctbbed245&pi=/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html&wi=-2228157552357029942&pt=text&vi=1690651845004&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%22303.078125%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=17%3A30%3A46.244&id=719&llvl=2&cv=20230727-9-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sat, 29 Jul 2023 17:30:46 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 88ms
87ms Ping
text/plain 142.250.185.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je37q0&_p=3342&cid=914993839.1690651846&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1690651846&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html&dt=%E8%82%A1%E5%B8%82%E5%85%A7%E5%8F%83%E6%97%A9%E5%A0%B1%EF%BC%9A%E9%80%BE%E5%8D%83%E5%AE%B6%E5%85%AC%E5%8F%B8%E7%99%BC%E4%BD%88%E4%B8%89%E5%AD%A3%E5%A0%B1%203%E6%96%B0%E8%82%A1%E7%94%B3%E8%B3%BC%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_nsi=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 17:30:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame FD0C 379 B
313 B 88ms
88ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

ab873a1935fe2a7306b43cae0eadfa589cd9f896887576d98ef1ca5a9c4e7e5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:30:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 244
x-xss-protection: 0

GET
H2

200

GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html Show response
adx.holmesmind.com/adx-file/20230617/ Frame 760F
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=16906...
https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html

459 B
864 B

832ms
832ms

Document
text/html

99.86.91.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/show_ads_impl_fy2021.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.91.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-91-21.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eae438576c20d429574bb39337c98179423e0ec301675c2ba564e15fd2e0ae0c

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
content-length: 459
content-type: text/html
date: Sat, 29 Jul 2023 17:30:48 GMT
etag: "b488597db51c4a25cc169c0690d8eea0"
last-modified: Sat, 17 Jun 2023 07:13:44 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 71f0499d67f94a76491d9f85d44030d8.cloudfront.net (CloudFront)
x-amz-cf-id: MLnX_QGee5URUccZ2q4TSSj_SZqCDIUS8pdIP9xTXP4frubf1qm-Ng==
x-amz-cf-pop: CDG50-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: YJSjBgr7qtGU8YTUZxdm49TPP59hJ0a5
x-cache: Hit from cloudfront

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 17:30:46 GMT
location: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame FD0C 15 KB
11 KB 130ms
129ms XHR
application/json 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230726&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

63d1ecb3c8e8c575f590350095044e93dd12be127db55252f1b99ca061667b2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:30:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11741
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame F49F 17 KB
7 KB 264ms
91ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:30:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 29 Jul 2023 17:30:46 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 6AE5 17 KB
6 KB 281ms
113ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307250101/show_ads_impl_fy2021.js?bust=31076426

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:30:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 29 Jul 2023 17:30:46 GMT

GET
H2 200 72642b137e7e6168d450bfdd771a1c00.png
images.taboola.com/taboola/image/fetch/h_160,w_160,c_pad,b_auto/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 3 KB
4 KB 46ms
46ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/h_160,w_160,c_pad,b_auto/http%3A//cdn.taboola.com/libtrc/static/thumbnails/72642b137e7e6168d450bfdd771a1c00.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d9409221c7a9c028fd08ad871c80319f44d59cb703c1dfc28e2f11deb89029cd

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 29 Jul 2023 17:30:46 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/h_160,w_160,c_pad,b_auto/http%3A//cdn.taboola.com/libtrc/static/thumbnails/72642b137e7e6168d450bfdd771a1c00.png
age: 3136477
edge-cache-tag: 435784023151221046442904686349571860291,597033167553413280471816482234445481128,29ecf9b93bbf306179626feeda1fab70
cache-tag: 435784023151221046442904686349571860291,597033167553413280471816482234445481128,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 375
req-referer: https://www.ndtv.com/
content-length: 3152
x-request-id: f13a5442f3a8c32a93da6664f7c8215c
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by: cache-iad-kcgs7200040-IAD, cache-iad-kcgs7200126-IAD, cache-chi-kigq8000057-CHI, cache-iad-kjyo7100098-IAD, cache-lis1490049-LIS
last-modified: Thu, 22 Jun 2023 10:31:53 GMT
server: nginx
x-timer: S1690651846.401474,VS0,VE1
etag: "1b2ca169c2034ba1d250b718a70daf92"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 241, 1

GET
H2 200 c0fc9354a743eab3b0dfb7e5f519fb3a.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 4 KB
4 KB 49ms
49ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c0fc9354a743eab3b0dfb7e5f519fb3a.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 61ca2b9408c3837e5386581f99ab60add56e670c4e760a95f5133d4222cfae3e

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 29 Jul 2023 17:30:46 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c0fc9354a743eab3b0dfb7e5f519fb3a.png
age: 1689084
edge-cache-tag: 460729525505743605432168159117769200231,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 460729525505743605432168159117769200231,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 704
req-referer: https://www.sakshi.com/
content-length: 3600
x-request-id: 9f64d1d939efcdca4d39adf56fb225f7
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kcgs7200151-IAD, cache-iad-kcgs7200142-IAD, cache-lga21958-LGA, cache-iad-kcgs7200176-IAD, cache-lis1490049-LIS
last-modified: Sun, 02 Jul 2023 19:46:21 GMT
server: nginx
x-timer: S1690651846.402223,VS0,VE1
etag: "3ab333ec6a92fba99d672807ffa026ab"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 192, 1

GET
H2 200 f020aeb95474d22a30a8aa7bb4320f20.jpg
images.taboola.com/taboola/image/fetch/h_160,w_160,c_fill,g_xy_center,x_930,y_412/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 7 KB
8 KB 50ms
50ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/h_160,w_160,c_fill,g_xy_center,x_930,y_412/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f020aeb95474d22a30a8aa7bb4320f20.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c3e5aa1b802f28e02cc30d7af3a93b0486acd6d760a0f37b9d6d8062d8fc78e2

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sat, 29 Jul 2023 17:30:46 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/h_160,w_160,c_fill,g_xy_center,x_930,y_412/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f020aeb95474d22a30a8aa7bb4320f20.jpg
age: 2392116
edge-cache-tag: 461953597764467041444520499259236964687,581390042539224802985120490848274723897,29ecf9b93bbf306179626feeda1fab70
cache-tag: 461953597764467041444520499259236964687,581390042539224802985120490848274723897,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 122
expiration: expiry-date="Sat, 22 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.douban.com/note/698211938/?_i=8434717MZwQOQ5
content-length: 7108
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kiad7000088-IAD, cache-iad-kcgs7200091-IAD, cache-chi-klot8100157-CHI, cache-iad-kiad7000121-IAD, cache-lis1490049-LIS
last-modified: Wed, 21 Jun 2023 15:07:12 GMT
server: nginx
x-timer: S1690651846.402764,VS0,VE1
etag: "40b48c634dc33005d159eef6575c5bb5"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 0, 502, 1

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame F818 17 KB
6 KB 291ms
136ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:30:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 29 Jul 2023 17:30:46 GMT

GET
H2 200 st Show response
imprammp.taboola.com/ Frame BCB3 439 B
417 B 89ms
86ms Document
text/html 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8ABsCLAYUyNOHK86ifhMokKcPV5xF_S4AAABgYID-AAltTJPVyjRay3wjh1u0Go3cysHIuJYMVybDaOJcTAwLIyChjWmyWplGa5lv5HCLVqORWzkYGdeS4cpkGE2ci4lhYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZmaDodPte9Xvf73SU-z1zj9yv8Otdbc3S65S6nW-Owu6UPv1vi8LuVr7fi6bC7pU6HW-e3-9yap1vmcEtcb83D7pY63RKH360ZPu1uneutObrsbp3fdRea3mY7AAAAAHjw____DwEAAAAgAgAAAIAEAAAAAAoBFf4tCFwAAAAAwPD___-vAUBsg0ATyYEAXneXPwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAAA0ZMnGdkvGQ5aZSEFvEUYAAAAAtprNh49M0gkqFlX-___7rQBcAQAISBSdFffKojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD-aIEozszRCk6PXan4BAQDW_AICALBRNwAAbwLgBB2CVgwGqxMQswMAAABw5____18PSK4WM99u5LBYZpPRaDOymFwmm2PhcFgsLsNsOdme-ZguOP55f-I-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvsjgMsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMGRZ7ZYri8mt2pgsa9FsMVoLBxuXW7WbTWbG4caymxnWotfHdLG4TJbRaosEA9j2InlapBPlymJYzSwjl2Nm2ExmNuPEMVt5ljPjyjCabSa7iViiOVmkE9ll31wtZr7dyGGxzCaj0WZkMblMNsfC4bBYXIbZcrIvWVa75cpicqs2JstaNFuM1sLBxuVW7WaTmXG4sexmhrXo9TFdLC6TZbTaN2bLwWy1GI5W-8ZsOZitFsPRat-hM3xXn7NRWVZJPib1RH3tGm5Og8JlsHjX6tNZWBQerNFw0emSiI-dndHv9_v9fr_f7_f7DVrPwWxQ-J6Hv3D6WJ7L4Wz0IDYoFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4da635uh0y11Ot8Zhd0sffrfE4XcrX2_F02F3S50Ot85v97k1T7fM4Za43pqH3S11uiUOv1szfNrdOtdbc3TZ3Tq_6y40vc0WsURwukgnopfxdFH_kUMu5pLBai7ZDOaK5WqVAAAAAAAAAAAswSTTTQAAAACcDGq4GS5W63Qwk9lksFstF8BFUJYuYBAAAAAAAIBijT3WAA-z22F6uSU-z8ZvZQASzHnMNvuMINZqtawBAAAIYAMAAAjgphtvAk2kuP____9xAAAAZOTQAwAAoN8HNBW3XuiBK8WvICaT2WL_AFSItVqtbjfWarUA!&cmcv=&pix=undefined&cb=1690651846398&uv=3308&tms=1690651846398&abt=nonrv_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=4c425e44-f7da-454d-90d8-28ed04b91b0a&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.6/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6147a8eee698b1a1124a8b4b1c97610b761e5480667f18829a6267cfbc568efb

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-type: text/html;charset=ISO-8859-1
date: Sat, 29 Jul 2023 17:30:46 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-lis1490049-LIS
x-timer: S1690651846.427089,VS0,VE41

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 245B 439 B
525 B 257ms
86ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V8ABsCLAYUyNOHK86ifhMokKcPV5xF_S4AAABgYID-AAltTJPVyjRay3wjh1u0Go3cysHIuJYMVybDaOJcTAwLIyChjWmyWplGa5lv5HCLVqORWzkYGdeS4cpkGE2ci4lhYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZmaDodPte9Xvf73SU-z1zj9yv8Otdbc3S65S6nW-Owu6UPv1vi8LuVr7fi6bC7pU6HW-e3-9yap1vmcEtcb83D7pY63RKH360ZPu1uneutObrsbp3fdRea3mY7AAAAAHjw____DwEAAAAgAgAAAIAEAAAAAAoBFf4tCFwAAAAAwPD___-vAUBsg0ATyYEAXneXPwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAAA0ZMnGdkvGQ5aZSEFvEUYAAAAAtprNh49M0gkqFlX-___7rQBcAQAISBSdFffKojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD-aIEozszRCk6PXan4BAQDW_AICALBRNwAAbwLgBB2CVgwGqxMQswMAAABw5____18PSK4WM99u5LBYZpPRaDOymFwmm2PhcFgsLsNsOdme-ZguOP55f-I-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvsjgMsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMGRZ7ZYri8mt2pgsa9FsMVoLBxuXW7WbTWbG4caymxnWotfHdLG4TJbRaosEA9j2InlapBPlymJYzSwjl2Nm2ExmNuPEMVt5ljPjyjCabSa7iViiOVmkE9ll31wtZr7dyGGxzCaj0WZkMblMNsfC4bBYXIbZcrIvWVa75cpicqs2JstaNFuM1sLBxuVW7WaTmXG4sexmhrXo9TFdLC6TZbTaN2bLwWy1GI5W-8ZsOZitFsPRat-hM3xXn7NRWVZJPib1RH3tGm5Og8JlsHjX6tNZWBQerNFw0emSiI-dndHv9_v9fr_f7_f7DVrPwWxQ-J6Hv3D6WJ7L4Wz0IDYoFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4da635uh0y11Ot8Zhd0sffrfE4XcrX2_F02F3S50Ot85v97k1T7fM4Za43pqH3S11uiUOv1szfNrdOtdbc3TZ3Tq_6y40vc0WsURwukgnopfxdFH_kUMu5pLBai7ZDOaK5WqVAAAAAAAAAAAswSTTTQAAAACcDGq4GS5W63Qwk9lksFstF8BFUJYuYBAAAAAAAIBijT3WAA-z22F6uSU-z8ZvZQASzHnMNvuMINZqtawBAAAIYAMAAAjgphtvAk2kuP____9xAAAAZOTQAwAAoN8HNBW3XuiBK8WvICaT2WL_AFSItVqtbjfWarUA!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.6/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 6147a8eee698b1a1124a8b4b1c97610b761e5480667f18829a6267cfbc568efb

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Sat, 29 Jul 2023 17:30:46 GMT
machineid: 3406
server: nginx

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 1 KB
668 B 635ms
634ms XHR
application/json 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=165757&tagid=946347&crid=-1&noaop=3&sortOrderType=0&cb=1690651846407&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1536&pt=614113391&tz=0&viewable=true&ddast=V8ABsCLAYUyNOHK86ifhMokKcPV5xF_S4AAABgYID-AAltTJPVyjRay3wjh1u0Go3cysHIuJYMVybDaOJcTAwLIyChjWmyWplGa5lv5HCLVqORWzkYGdeS4cpkGE2ci4lhYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZmaDodPte9Xvf73SU-z1zj9yv8Otdbc3S65S6nW-Owu6UPv1vi8LuVr7fi6bC7pU6HW-e3-9yap1vmcEtcb83D7pY63RKH360ZPu1uneutObrsbp3fdRea3mY7AAAAAHjw____DwEAAAAgAgAAAIAEAAAAAAoBFf4tCFwAAAAAwPD___-vAUBsg0ATyYEAXneXPwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAAA0ZMnGdkvGQ5aZSEFvEUYAAAAAtprNh49M0gkqFlX-___7rQBcAQAISBSdFffKojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD-aIEozszRCk6PXan4BAQDW_AICALBRNwAAbwLgBB2CVgwGqxMQswMAAABw5____18PSK4WM99u5LBYZpPRaDOymFwmm2PhcFgsLsNsOdme-ZguOP55f-I-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvsjgMsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMGRZ7ZYri8mt2pgsa9FsMVoLBxuXW7WbTWbG4caymxnWotfHdLG4TJbRaosEA9j2InlapBPlymJYzSwjl2Nm2ExmNuPEMVt5ljPjyjCabSa7iViiOVmkE9ll31wtZr7dyGGxzCaj0WZkMblMNsfC4bBYXIbZcrIvWVa75cpicqs2JstaNFuM1sLBxuVW7WaTmXG4sexmhrXo9TFdLC6TZbTaN2bLwWy1GI5W-8ZsOZitFsPRat-hM3xXn7NRWVZJPib1RH3tGm5Og8JlsHjX6tNZWBQerNFw0emSiI-dndHv9_v9fr_f7_f7DVrPwWxQ-J6Hv3D6WJ7L4Wz0IDYoFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4da635uh0y11Ot8Zhd0sffrfE4XcrX2_F02F3S50Ot85v97k1T7fM4Za43pqH3S11uiUOv1szfNrdOtdbc3TZ3Tq_6y40vc0WsURwukgnopfxdFH_kUMu5pLBai7ZDOaK5WqVAAAAAAAAAAAswSTTTQAAAACcDGq4GS5W63Qwk9lksFstF8BFUJYuYBAAAAAAAIBijT3WAA-z22F6uSU-z8ZvZQASzHnMNvuMINZqtawBAAAIYAMAAAjgphtvAk2kuP____9xAAAAZOTQAwAAoN8HNBW3XuiBK8WvICaT2WL_AFSItVqtbjfWarUA!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=3262075&dpubid=583815&abtst=nonrv_vA!ufm_vD&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.6/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5770d0ab0f132c17e357c960ca4e6e0c48ea1cdb4136c2b032c84d99cffa40ef

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Sat, 29 Jul 2023 17:30:47 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1319
x-cache: MISS
x-served-by: cache-lis1490049-LIS
pragma: no-cache
server: nginx
x-timer: S1690651846.432584,VS0,VE590
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 st
am-vid-events.taboola.com/ 0
44 B 292ms
84ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8ABsCLAYUyNOHK86ifhMokKcPV5xF_S4AAABgYID-AAltTJPVyjRay3wjh1u0Go3cysHIuJYMVybDaOJcTAwLIyChjWmyWplGa5lv5HCLVqORWzkYGdeS4cpkGE2ci4lhYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZmaDodPte9Xvf73SU-z1zj9yv8Otdbc3S65S6nW-Owu6UPv1vi8LuVr7fi6bC7pU6HW-e3-9yap1vmcEtcb83D7pY63RKH360ZPu1uneutObrsbp3fdRea3mY7AAAAAHjw____DwEAAAAgAgAAAIAEAAAAAAoBFf4tCFwAAAAAwPD___-vAUBsg0ATyYEAXneXPwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAAA0ZMnGdkvGQ5aZSEFvEUYAAAAAtprNh49M0gkqFlX-___7rQBcAQAISBSdFffKojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD-aIEozszRCk6PXan4BAQDW_AICALBRNwAAbwLgBB2CVgwGqxMQswMAAABw5____18PSK4WM99u5LBYZpPRaDOymFwmm2PhcFgsLsNsOdme-ZguOP55f-I-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvsjgMsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMGRZ7ZYri8mt2pgsa9FsMVoLBxuXW7WbTWbG4caymxnWotfHdLG4TJbRaosEA9j2InlapBPlymJYzSwjl2Nm2ExmNuPEMVt5ljPjyjCabSa7iViiOVmkE9ll31wtZr7dyGGxzCaj0WZkMblMNsfC4bBYXIbZcrIvWVa75cpicqs2JstaNFuM1sLBxuVW7WaTmXG4sexmhrXo9TFdLC6TZbTaN2bLwWy1GI5W-8ZsOZitFsPRat-hM3xXn7NRWVZJPib1RH3tGm5Og8JlsHjX6tNZWBQerNFw0emSiI-dndHv9_v9fr_f7_f7DVrPwWxQ-J6Hv3D6WJ7L4Wz0IDYoFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4da635uh0y11Ot8Zhd0sffrfE4XcrX2_F02F3S50Ot85v97k1T7fM4Za43pqH3S11uiUOv1szfNrdOtdbc3TZ3Tq_6y40vc0WsURwukgnopfxdFH_kUMu5pLBai7ZDOaK5WqVAAAAAAAAAAAswSTTTQAAAACcDGq4GS5W63Qwk9lksFstF8BFUJYuYBAAAAAAAIBijT3WAA-z22F6uSU-z8ZvZQASzHnMNvuMINZqtawBAAAIYAMAAAjgphtvAk2kuP____9xAAAAZOTQAwAAoN8HNBW3XuiBK8WvICaT2WL_AFSItVqtbjfWarUA!&cmcv=&pix=31589837&cb=1690651846398&uv=3308&tms=1690651846398&abt=nonrv_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1690651842130.3!ts:1690651846398&mntl=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:30:46 GMT
content-length: 0
server: nginx

GET
H2 200 im-uid.js Show response
dmp.im-apps.net/sdk/ 6 KB
3 KB 88ms
88ms Script
application/javascript 2.23.209.46
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/sdk/im-uid.js
Requested by: Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=6858
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.209.46 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-209-46.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Ewv0cV5pGNUFzf4cpCFpusOmzbO5pqOY
content-encoding: gzip
date: Sat, 29 Jul 2023 17:30:46 GMT
last-modified: Fri, 21 Apr 2023 06:05:08 GMT
etag: "14ccaf76e8933bdcf899015e943cd2df"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI PSD OTR"
cache-control: max-age=10800
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 2434

GET
H/1.1

200
OK

idsync
sync.aralego.com/ Frame FDF9
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LKOAGHL6-18-6OYI
https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LKOAGHL6-18-6OYI

35 B
266 B

455ms
156ms

Image
image/gif

162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LKOAGHL6-18-6OYI
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Server: 162.210.196.208 Ashburn, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:30:47 GMT
connection: close
content-length: 35
content-type: image/gif

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LKOAGHL6-18-6OYI
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Expires: 0

GET
H/1.1

200
OK

idsync
sync.aralego.com/ Frame D227
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LKOAGHLT-1V-7X9O
https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LKOAGHLT-1V-7X9O

35 B
266 B

3467ms
151ms

Image
image/gif

162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LKOAGHLT-1V-7X9O
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Server: 162.210.196.208 Ashburn, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:30:50 GMT
connection: close
content-length: 35
content-type: image/gif

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LKOAGHLT-1V-7X9O
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Expires: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame FD0C 17 KB
6 KB 189ms
146ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:30:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 29 Jul 2023 17:30:46 GMT

GET
H2

200

/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame BCB3
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=e04058f0-3126-4147-a97d-dbb346b06cf4

0
66 B

156ms
156ms

Image
text/plain

151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=e04058f0-3126-4147-a97d-dbb346b06cf4
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8ABsCLAYUyNOHK86ifhMokKcPV5xF_S4AAABgYID-AAltTJPVyjRay3wjh1u0Go3cysHIuJYMVybDaOJcTAwLIyChjWmyWplGa5lv5HCLVqORWzkYGdeS4cpkGE2ci4lhYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZmaDodPte9Xvf73SU-z1zj9yv8Otdbc3S65S6nW-Owu6UPv1vi8LuVr7fi6bC7pU6HW-e3-9yap1vmcEtcb83D7pY63RKH360ZPu1uneutObrsbp3fdRea3mY7AAAAAHjw____DwEAAAAgAgAAAIAEAAAAAAoBFf4tCFwAAAAAwPD___-vAUBsg0ATyYEAXneXPwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAAA0ZMnGdkvGQ5aZSEFvEUYAAAAAtprNh49M0gkqFlX-___7rQBcAQAISBSdFffKojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD-aIEozszRCk6PXan4BAQDW_AICALBRNwAAbwLgBB2CVgwGqxMQswMAAABw5____18PSK4WM99u5LBYZpPRaDOymFwmm2PhcFgsLsNsOdme-ZguOP55f-I-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvsjgMsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMGRZ7ZYri8mt2pgsa9FsMVoLBxuXW7WbTWbG4caymxnWotfHdLG4TJbRaosEA9j2InlapBPlymJYzSwjl2Nm2ExmNuPEMVt5ljPjyjCabSa7iViiOVmkE9ll31wtZr7dyGGxzCaj0WZkMblMNsfC4bBYXIbZcrIvWVa75cpicqs2JstaNFuM1sLBxuVW7WaTmXG4sexmhrXo9TFdLC6TZbTaN2bLwWy1GI5W-8ZsOZitFsPRat-hM3xXn7NRWVZJPib1RH3tGm5Og8JlsHjX6tNZWBQerNFw0emSiI-dndHv9_v9fr_f7_f7DVrPwWxQ-J6Hv3D6WJ7L4Wz0IDYoFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4da635uh0y11Ot8Zhd0sffrfE4XcrX2_F02F3S50Ot85v97k1T7fM4Za43pqH3S11uiUOv1szfNrdOtdbc3TZ3Tq_6y40vc0WsURwukgnopfxdFH_kUMu5pLBai7ZDOaK5WqVAAAAAAAAAAAswSTTTQAAAACcDGq4GS5W63Qwk9lksFstF8BFUJYuYBAAAAAAAIBijT3WAA-z22F6uSU-z8ZvZQASzHnMNvuMINZqtawBAAAIYAMAAAjgphtvAk2kuP____9xAAAAZOTQAwAAoN8HNBW3XuiBK8WvICaT2WL_AFSItVqtbjfWarUA!&cmcv=&pix=undefined&cb=1690651846398&uv=3308&tms=1690651846398&abt=nonrv_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=4c425e44-f7da-454d-90d8-28ed04b91b0a&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 110
date: Sat, 29 Jul 2023 17:30:47 GMT
via: 1.1 varnish
x-served-by: cache-lis1490049-LIS
server: nginx
x-timer: S1690651847.083839,VS0,VE110
x-fastly-to-nlb-rtt: 108163
x-cache: MISS
accept-ranges: bytes
content-length: 0
x-service-version: v1
x-cache-hits: 0

Redirect headers

pragma: no-cache
date: Sat, 29 Jul 2023 17:30:46 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=e04058f0-3126-4147-a97d-dbb346b06cf4
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 239

GET
H2

200

/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame BCB3
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/taboola/d2579ebd-5cd2-4614-80ce-5762f88c27f0-tuctbbed245?gdpr=0&us_privacy=1---
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-OMnXg9tE2oTONg_nh5N7Uz7gcEB8P6MjCaQaeg--~A

0
230 B

97ms
86ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-OMnXg9tE2oTONg_nh5N7Uz7gcEB8P6MjCaQaeg--~A
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8ABsCLAYUyNOHK86ifhMokKcPV5xF_S4AAABgYID-AAltTJPVyjRay3wjh1u0Go3cysHIuJYMVybDaOJcTAwLIyChjWmyWplGa5lv5HCLVqORWzkYGdeS4cpkGE2ci4lhYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZmaDodPte9Xvf73SU-z1zj9yv8Otdbc3S65S6nW-Owu6UPv1vi8LuVr7fi6bC7pU6HW-e3-9yap1vmcEtcb83D7pY63RKH360ZPu1uneutObrsbp3fdRea3mY7AAAAAHjw____DwEAAAAgAgAAAIAEAAAAAAoBFf4tCFwAAAAAwPD___-vAUBsg0ATyYEAXneXPwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAAA0ZMnGdkvGQ5aZSEFvEUYAAAAAtprNh49M0gkqFlX-___7rQBcAQAISBSdFffKojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD-aIEozszRCk6PXan4BAQDW_AICALBRNwAAbwLgBB2CVgwGqxMQswMAAABw5____18PSK4WM99u5LBYZpPRaDOymFwmm2PhcFgsLsNsOdme-ZguOP55f-I-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvsjgMsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMGRZ7ZYri8mt2pgsa9FsMVoLBxuXW7WbTWbG4caymxnWotfHdLG4TJbRaosEA9j2InlapBPlymJYzSwjl2Nm2ExmNuPEMVt5ljPjyjCabSa7iViiOVmkE9ll31wtZr7dyGGxzCaj0WZkMblMNsfC4bBYXIbZcrIvWVa75cpicqs2JstaNFuM1sLBxuVW7WaTmXG4sexmhrXo9TFdLC6TZbTaN2bLwWy1GI5W-8ZsOZitFsPRat-hM3xXn7NRWVZJPib1RH3tGm5Og8JlsHjX6tNZWBQerNFw0emSiI-dndHv9_v9fr_f7_f7DVrPwWxQ-J6Hv3D6WJ7L4Wz0IDYoFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4da635uh0y11Ot8Zhd0sffrfE4XcrX2_F02F3S50Ot85v97k1T7fM4Za43pqH3S11uiUOv1szfNrdOtdbc3TZ3Tq_6y40vc0WsURwukgnopfxdFH_kUMu5pLBai7ZDOaK5WqVAAAAAAAAAAAswSTTTQAAAACcDGq4GS5W63Qwk9lksFstF8BFUJYuYBAAAAAAAIBijT3WAA-z22F6uSU-z8ZvZQASzHnMNvuMINZqtawBAAAIYAMAAAjgphtvAk2kuP____9xAAAAZOTQAwAAoN8HNBW3XuiBK8WvICaT2WL_AFSItVqtbjfWarUA!&cmcv=&pix=undefined&cb=1690651846398&uv=3308&tms=1690651846398&abt=nonrv_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=4c425e44-f7da-454d-90d8-28ed04b91b0a&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:30:46 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 38392

Redirect headers

date: Sat, 29 Jul 2023 17:30:46 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-OMnXg9tE2oTONg_nh5N7Uz7gcEB8P6MjCaQaeg--~A
content-length: 0

GET
H2

200

/
sync.taboola.com/sg/yahoosspus-network/1/rtb-h/ Frame BCB3
Redirect Chain

https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=0&us_privacy=1---
https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=0&us_privacy=1---&verify=true
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-7KP0skFE2uEbjGSbjYoSceay.7A73Ppc~A&gdpr_in_effect=0

0
230 B

84ms
84ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-7KP0skFE2uEbjGSbjYoSceay.7A73Ppc~A&gdpr_in_effect=0
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8ABsCLAYUyNOHK86ifhMokKcPV5xF_S4AAABgYID-AAltTJPVyjRay3wjh1u0Go3cysHIuJYMVybDaOJcTAwLIyChjWmyWplGa5lv5HCLVqORWzkYGdeS4cpkGE2ci4lhYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZmaDodPte9Xvf73SU-z1zj9yv8Otdbc3S65S6nW-Owu6UPv1vi8LuVr7fi6bC7pU6HW-e3-9yap1vmcEtcb83D7pY63RKH360ZPu1uneutObrsbp3fdRea3mY7AAAAAHjw____DwEAAAAgAgAAAIAEAAAAAAoBFf4tCFwAAAAAwPD___-vAUBsg0ATyYEAXneXPwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAAA0ZMnGdkvGQ5aZSEFvEUYAAAAAtprNh49M0gkqFlX-___7rQBcAQAISBSdFffKojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD-aIEozszRCk6PXan4BAQDW_AICALBRNwAAbwLgBB2CVgwGqxMQswMAAABw5____18PSK4WM99u5LBYZpPRaDOymFwmm2PhcFgsLsNsOdme-ZguOP55f-I-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvsjgMsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMGRZ7ZYri8mt2pgsa9FsMVoLBxuXW7WbTWbG4caymxnWotfHdLG4TJbRaosEA9j2InlapBPlymJYzSwjl2Nm2ExmNuPEMVt5ljPjyjCabSa7iViiOVmkE9ll31wtZr7dyGGxzCaj0WZkMblMNsfC4bBYXIbZcrIvWVa75cpicqs2JstaNFuM1sLBxuVW7WaTmXG4sexmhrXo9TFdLC6TZbTaN2bLwWy1GI5W-8ZsOZitFsPRat-hM3xXn7NRWVZJPib1RH3tGm5Og8JlsHjX6tNZWBQerNFw0emSiI-dndHv9_v9fr_f7_f7DVrPwWxQ-J6Hv3D6WJ7L4Wz0IDYoFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4da635uh0y11Ot8Zhd0sffrfE4XcrX2_F02F3S50Ot85v97k1T7fM4Za43pqH3S11uiUOv1szfNrdOtdbc3TZ3Tq_6y40vc0WsURwukgnopfxdFH_kUMu5pLBai7ZDOaK5WqVAAAAAAAAAAAswSTTTQAAAACcDGq4GS5W63Qwk9lksFstF8BFUJYuYBAAAAAAAIBijT3WAA-z22F6uSU-z8ZvZQASzHnMNvuMINZqtawBAAAIYAMAAAjgphtvAk2kuP____9xAAAAZOTQAwAAoN8HNBW3XuiBK8WvICaT2WL_AFSItVqtbjfWarUA!&cmcv=&pix=undefined&cb=1690651846398&uv=3308&tms=1690651846398&abt=nonrv_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=4c425e44-f7da-454d-90d8-28ed04b91b0a&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:30:46 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 38387

Redirect headers

location: https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-7KP0skFE2uEbjGSbjYoSceay.7A73Ppc~A&gdpr_in_effect=0
date: Sat, 29 Jul 2023 17:30:46 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.64
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 get Show response
audiencedata.im-apps.net/imuid/ 10 B
180 B 425ms
301ms XHR
application/json 34.120.96.193
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://audiencedata.im-apps.net/imuid/get?cid=6858&vid=01H6HB7SW6859CBKVR7SNR817V
Requested by: Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/sdk/im-uid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.96.193 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 193.96.120.34.bc.googleusercontent.com
Software: /
Resource Hash: bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://www.bg3.co
date: Sat, 29 Jul 2023 17:30:46 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10
content-type: application/json

GET
H2 200 sync.html Show response
sync.logly.co.jp/sync/ Frame 930D 495 B
664 B 877ms
284ms Document
text/html 52.198.195.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.logly.co.jp/sync/sync.html
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.198.195.5 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-198-195-5.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 13d5c0f2451f0a14104098f72c6f3334114a68927e50beb4779a0bf98966d9f5

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=2592000
content-length: 495
content-type: text/html
date: Sat, 29 Jul 2023 17:30:47 GMT
etag: "64c296fa-1ef"
last-modified: Thu, 27 Jul 2023 16:10:34 GMT
server: nginx

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 4370
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=logly&endpoint=apac
https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac

281 B
554 B

92ms
92ms

Document
text/html

95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 29 Jul 2023 17:30:46 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Sat, 29 Jul 2023 17:30:46 GMT
location: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
server: AkamaiGHost

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame FDF9
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=V_CLZ2syTGiHO04xg_GKrg&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=V_CLZ2syTGiHO04xg_GKrg

43 B
479 B

150ms
150ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=V_CLZ2syTGiHO04xg_GKrg

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 29 Jul 2023 17:30:47 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 020G26FZK26S9XHTXZAN
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=V_CLZ2syTGiHO04xg_GKrg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FDF9
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEtPQUdITFQtMVYtN1g5Tw==
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECf04xOGMCGoPv6uyirUpA8&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEtPQUdITFQtMVYtN1g5Tw==&google_push=

170 B
188 B

91ms
91ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEtPQUdITFQtMVYtN1g5Tw==&google_push=

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 17:30:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEtPQUdITFQtMVYtN1g5Tw==&google_push=
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Expires: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame FDF9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECY8L-OzvGtU936XhlxwNpk&google_cver=1

42 B
691 B

243ms
85ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECY8L-OzvGtU936XhlxwNpk&google_cver=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Sat, 29 Jul 2023 17:30:46 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECY8L-OzvGtU936XhlxwNpk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame FDF9
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=jVUYS-xpRH2-fFTaYHNBQg&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=jVUYS-xpRH2-fFTaYHNBQg

43 B
479 B

176ms
176ms

Image
image/gif

52.95.125.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=jVUYS-xpRH2-fFTaYHNBQg

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix

Protocol

HTTP/1.1

Server

52.95.125.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 29 Jul 2023 17:30:47 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 70XJ6WJ1JT442TG1ECB1
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=jVUYS-xpRH2-fFTaYHNBQg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame FDF9
Redirect Chain

https://match.adsrvr.org/track/cmf/rubicon
https://match.adsrvr.org/track/cmb/rubicon?
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=e04058f0-3126-4147-a97d-dbb346b06cf4&gdpr=0&gdpr_consent=&expires=30

42 B
691 B

85ms
85ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=e04058f0-3126-4147-a97d-dbb346b06cf4&gdpr=0&gdpr_consent=&expires=30
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Sat, 29 Jul 2023 17:30:46 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=e04058f0-3126-4147-a97d-dbb346b06cf4&gdpr=0&gdpr_consent=&expires=30
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 289

GET
H2

200

setuid
px.ads.linkedin.com/ Frame FDF9
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LKOAGHLT-1V-7X9O

0
516 B

681ms
273ms

Image
text/plain

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LKOAGHLT-1V-7X9O
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:30:46 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 66B3F05B6F4B4F9D896D1680349698EC Ref B: LIS01EDGE0614 Ref C: 2023-07-29T17:30:47Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYBo47KOwjb7PB1Wl2RMA==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LKOAGHLT-1V-7X9O
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 5b959e9b7aef6dd90a6fa539ca64ac62
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FDF9
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YWFjODcwMGNjOGE3OGNhYmUzOGQ2ZmU0MWFmZWRiZTIwMjVhMmJiNw

170 B
188 B

91ms
90ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YWFjODcwMGNjOGE3OGNhYmUzOGQ2ZmU0MWFmZWRiZTIwMjVhMmJiNw

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 17:30:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YWFjODcwMGNjOGE3OGNhYmUzOGQ2ZmU0MWFmZWRiZTIwMjVhMmJiNw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame FDF9
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/ebqP92MzXsGWAT6u-Rk8Csn5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-qZRbrNFE2oJUUTJOVggzRsw_N9WxLD6WDgVZJQ--~A

42 B
691 B

126ms
86ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-qZRbrNFE2oJUUTJOVggzRsw_N9WxLD6WDgVZJQ--~A
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Sat, 29 Jul 2023 17:30:46 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-qZRbrNFE2oJUUTJOVggzRsw_N9WxLD6WDgVZJQ--~A
content-length: 0

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 89CC 13 KB
5 KB 79ms
77ms Document
text/html 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 30983
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 08:54:23 GMT
expires: Sun, 28 Jul 2024 08:54:23 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B36A 783 B
737 B 261ms
90ms Document
text/html 142.250.186.164
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f4.1e100.net

Software

GSE /

Resource Hash

eb9ef422344eb7e94e5a7976065ed4b76f187809db60c0523aad70903f761020

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Yyn_Oodl1-OH7ODcwniubw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 510
content-security-policy: script-src 'report-sample' 'nonce-Yyn_Oodl1-OH7ODcwniubw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 17:30:46 GMT
expires: Sat, 29 Jul 2023 17:30:46 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2

200

/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 245B
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?gdpr=0&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=e04058f0-3126-4147-a97d-dbb346b06cf4

0
314 B

155ms
155ms

Image
text/plain

151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=e04058f0-3126-4147-a97d-dbb346b06cf4
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8ABsCLAYUyNOHK86ifhMokKcPV5xF_S4AAABgYID-AAltTJPVyjRay3wjh1u0Go3cysHIuJYMVybDaOJcTAwLIyChjWmyWplGa5lv5HCLVqORWzkYGdeS4cpkGE2ci4lhYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZmaDodPte9Xvf73SU-z1zj9yv8Otdbc3S65S6nW-Owu6UPv1vi8LuVr7fi6bC7pU6HW-e3-9yap1vmcEtcb83D7pY63RKH360ZPu1uneutObrsbp3fdRea3mY7AAAAAHjw____DwEAAAAgAgAAAIAEAAAAAAoBFf4tCFwAAAAAwPD___-vAUBsg0ATyYEAXneXPwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAAA0ZMnGdkvGQ5aZSEFvEUYAAAAAtprNh49M0gkqFlX-___7rQBcAQAISBSdFffKojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD-aIEozszRCk6PXan4BAQDW_AICALBRNwAAbwLgBB2CVgwGqxMQswMAAABw5____18PSK4WM99u5LBYZpPRaDOymFwmm2PhcFgsLsNsOdme-ZguOP55f-I-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvsjgMsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMGRZ7ZYri8mt2pgsa9FsMVoLBxuXW7WbTWbG4caymxnWotfHdLG4TJbRaosEA9j2InlapBPlymJYzSwjl2Nm2ExmNuPEMVt5ljPjyjCabSa7iViiOVmkE9ll31wtZr7dyGGxzCaj0WZkMblMNsfC4bBYXIbZcrIvWVa75cpicqs2JstaNFuM1sLBxuVW7WaTmXG4sexmhrXo9TFdLC6TZbTaN2bLwWy1GI5W-8ZsOZitFsPRat-hM3xXn7NRWVZJPib1RH3tGm5Og8JlsHjX6tNZWBQerNFw0emSiI-dndHv9_v9fr_f7_f7DVrPwWxQ-J6Hv3D6WJ7L4Wz0IDYoFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4da635uh0y11Ot8Zhd0sffrfE4XcrX2_F02F3S50Ot85v97k1T7fM4Za43pqH3S11uiUOv1szfNrdOtdbc3TZ3Tq_6y40vc0WsURwukgnopfxdFH_kUMu5pLBai7ZDOaK5WqVAAAAAAAAAAAswSTTTQAAAACcDGq4GS5W63Qwk9lksFstF8BFUJYuYBAAAAAAAIBijT3WAA-z22F6uSU-z8ZvZQASzHnMNvuMINZqtawBAAAIYAMAAAjgphtvAk2kuP____9xAAAAZOTQAwAAoN8HNBW3XuiBK8WvICaT2WL_AFSItVqtbjfWarUA!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 110
date: Sat, 29 Jul 2023 17:30:47 GMT
via: 1.1 varnish
x-served-by: cache-lis1490049-LIS
server: nginx
x-timer: S1690651847.083911,VS0,VE110
x-fastly-to-nlb-rtt: 108819
x-cache: MISS
accept-ranges: bytes
content-length: 0
x-service-version: v1
x-cache-hits: 0

Redirect headers

pragma: no-cache
date: Sat, 29 Jul 2023 17:30:46 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=e04058f0-3126-4147-a97d-dbb346b06cf4
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 239

GET
H2

200

/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame 245B
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/taboola/d2579ebd-5cd2-4614-80ce-5762f88c27f0-tuctbbed245?gdpr=0&us_privacy=1---
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-w.yoOrFE2oRIwFvVBe3xpNcrIbyizLBm_eVHqA--~A

0
230 B

97ms
85ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-w.yoOrFE2oRIwFvVBe3xpNcrIbyizLBm_eVHqA--~A
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8ABsCLAYUyNOHK86ifhMokKcPV5xF_S4AAABgYID-AAltTJPVyjRay3wjh1u0Go3cysHIuJYMVybDaOJcTAwLIyChjWmyWplGa5lv5HCLVqORWzkYGdeS4cpkGE2ci4lhYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZmaDodPte9Xvf73SU-z1zj9yv8Otdbc3S65S6nW-Owu6UPv1vi8LuVr7fi6bC7pU6HW-e3-9yap1vmcEtcb83D7pY63RKH360ZPu1uneutObrsbp3fdRea3mY7AAAAAHjw____DwEAAAAgAgAAAIAEAAAAAAoBFf4tCFwAAAAAwPD___-vAUBsg0ATyYEAXneXPwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAAA0ZMnGdkvGQ5aZSEFvEUYAAAAAtprNh49M0gkqFlX-___7rQBcAQAISBSdFffKojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD-aIEozszRCk6PXan4BAQDW_AICALBRNwAAbwLgBB2CVgwGqxMQswMAAABw5____18PSK4WM99u5LBYZpPRaDOymFwmm2PhcFgsLsNsOdme-ZguOP55f-I-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvsjgMsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMGRZ7ZYri8mt2pgsa9FsMVoLBxuXW7WbTWbG4caymxnWotfHdLG4TJbRaosEA9j2InlapBPlymJYzSwjl2Nm2ExmNuPEMVt5ljPjyjCabSa7iViiOVmkE9ll31wtZr7dyGGxzCaj0WZkMblMNsfC4bBYXIbZcrIvWVa75cpicqs2JstaNFuM1sLBxuVW7WaTmXG4sexmhrXo9TFdLC6TZbTaN2bLwWy1GI5W-8ZsOZitFsPRat-hM3xXn7NRWVZJPib1RH3tGm5Og8JlsHjX6tNZWBQerNFw0emSiI-dndHv9_v9fr_f7_f7DVrPwWxQ-J6Hv3D6WJ7L4Wz0IDYoFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4da635uh0y11Ot8Zhd0sffrfE4XcrX2_F02F3S50Ot85v97k1T7fM4Za43pqH3S11uiUOv1szfNrdOtdbc3TZ3Tq_6y40vc0WsURwukgnopfxdFH_kUMu5pLBai7ZDOaK5WqVAAAAAAAAAAAswSTTTQAAAACcDGq4GS5W63Qwk9lksFstF8BFUJYuYBAAAAAAAIBijT3WAA-z22F6uSU-z8ZvZQASzHnMNvuMINZqtawBAAAIYAMAAAjgphtvAk2kuP____9xAAAAZOTQAwAAoN8HNBW3XuiBK8WvICaT2WL_AFSItVqtbjfWarUA!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:30:46 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 38392

Redirect headers

date: Sat, 29 Jul 2023 17:30:46 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-w.yoOrFE2oRIwFvVBe3xpNcrIbyizLBm_eVHqA--~A
content-length: 0

GET
H2

200

/
sync.taboola.com/sg/yahoosspus-network/1/rtb-h/ Frame 245B
Redirect Chain

https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=0&us_privacy=1---
https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=0&us_privacy=1---&verify=true
https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-7KP0skFE2uEbjGSbjYoSceay.7A73Ppc~A&gdpr_in_effect=0

0
230 B

84ms
83ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-7KP0skFE2uEbjGSbjYoSceay.7A73Ppc~A&gdpr_in_effect=0
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8ABsCLAYUyNOHK86ifhMokKcPV5xF_S4AAABgYID-AAltTJPVyjRay3wjh1u0Go3cysHIuJYMVybDaOJcTAwLIyChjWmyWplGa5lv5HCLVqORWzkYGdeS4cpkGE2ci4lhYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZmaDodPte9Xvf73SU-z1zj9yv8Otdbc3S65S6nW-Owu6UPv1vi8LuVr7fi6bC7pU6HW-e3-9yap1vmcEtcb83D7pY63RKH360ZPu1uneutObrsbp3fdRea3mY7AAAAAHjw____DwEAAAAgAgAAAIAEAAAAAAoBFf4tCFwAAAAAwPD___-vAUBsg0ATyYEAXneXPwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAAA0ZMnGdkvGQ5aZSEFvEUYAAAAAtprNh49M0gkqFlX-___7rQBcAQAISBSdFffKojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD-aIEozszRCk6PXan4BAQDW_AICALBRNwAAbwLgBB2CVgwGqxMQswMAAABw5____18PSK4WM99u5LBYZpPRaDOymFwmm2PhcFgsLsNsOdme-ZguOP55f-I-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvsjgMsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMGRZ7ZYri8mt2pgsa9FsMVoLBxuXW7WbTWbG4caymxnWotfHdLG4TJbRaosEA9j2InlapBPlymJYzSwjl2Nm2ExmNuPEMVt5ljPjyjCabSa7iViiOVmkE9ll31wtZr7dyGGxzCaj0WZkMblMNsfC4bBYXIbZcrIvWVa75cpicqs2JstaNFuM1sLBxuVW7WaTmXG4sexmhrXo9TFdLC6TZbTaN2bLwWy1GI5W-8ZsOZitFsPRat-hM3xXn7NRWVZJPib1RH3tGm5Og8JlsHjX6tNZWBQerNFw0emSiI-dndHv9_v9fr_f7_f7DVrPwWxQ-J6Hv3D6WJ7L4Wz0IDYoFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4da635uh0y11Ot8Zhd0sffrfE4XcrX2_F02F3S50Ot85v97k1T7fM4Za43pqH3S11uiUOv1szfNrdOtdbc3TZ3Tq_6y40vc0WsURwukgnopfxdFH_kUMu5pLBai7ZDOaK5WqVAAAAAAAAAAAswSTTTQAAAACcDGq4GS5W63Qwk9lksFstF8BFUJYuYBAAAAAAAIBijT3WAA-z22F6uSU-z8ZvZQASzHnMNvuMINZqtawBAAAIYAMAAAjgphtvAk2kuP____9xAAAAZOTQAwAAoN8HNBW3XuiBK8WvICaT2WL_AFSItVqtbjfWarUA!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:30:46 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 38387

Redirect headers

location: https://sync.taboola.com/sg/yahoosspus-network/1/rtb-h/?taboola_hm=y-7KP0skFE2uEbjGSbjYoSceay.7A73Ppc~A&gdpr_in_effect=0
date: Sat, 29 Jul 2023 17:30:46 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.64
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 796E 13 KB
5 KB 82ms
79ms Document
text/html 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 30983
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 08:54:23 GMT
expires: Sun, 28 Jul 2024 08:54:23 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 25A1 783 B
742 B 234ms
95ms Document
text/html 142.250.186.164
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f4.1e100.net

Software

GSE /

Resource Hash

25819806306e004466ba636da8f882fe765109db694fee412567de2be14cb7d1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-rerwWiWz2VncZAN9f6juOQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-rerwWiWz2VncZAN9f6juOQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 17:30:46 GMT
expires: Sat, 29 Jul 2023 17:30:46 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 11D3 13 KB
5 KB 88ms
82ms Document
text/html 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 30983
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 08:54:23 GMT
expires: Sun, 28 Jul 2024 08:54:23 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 906B 783 B
1 KB 215ms
89ms Document
text/html 142.250.186.164
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f4.1e100.net

Software

GSE /

Resource Hash

87dd32da153bed0ca923e497d4f97a42a3804fa279836f7bce61347c8cce0476

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-UNBX9GWne7RuVCnlB3hLDg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-UNBX9GWne7RuVCnlB3hLDg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 17:30:46 GMT
expires: Sat, 29 Jul 2023 17:30:46 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1E35 13 KB
5 KB 97ms
94ms Document
text/html 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 30983
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 08:54:23 GMT
expires: Sun, 28 Jul 2024 08:54:23 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 65B8 783 B
739 B 215ms
94ms Document
text/html 142.250.186.164
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f4.1e100.net

Software

GSE /

Resource Hash

1c115e258474a046366a658e6c9276df7aff2e66bc62128507ff10cebdc240d3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-d7oC_3EgowEzrPhsyQ937A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-d7oC_3EgowEzrPhsyQ937A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 17:30:46 GMT
expires: Sat, 29 Jul 2023 17:30:46 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 g3YyfgUK0ye4_zZ0TZo1Byqq3c9tr_Gw3_pcFoz461A.js Show response
pagead2.googlesyndication.com/bg/ Frame 89CC 37 KB
14 KB 79ms
79ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/g3YyfgUK0ye4_zZ0TZo1Byqq3c9tr_Gw3_pcFoz461A.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

8376327e050ad327b8ff36744d9a35072aaaddcf6daff1b0dffa5c168cf8eb50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 15:29:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7286
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14577
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 28 Jul 2024 15:29:20 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 4370 34 KB
10 KB 97ms
96ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c84430c2d70c668223e7ecf851361ce191f98c4647a84ef17fb1a15f38b933c0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 29 Jul 2023 17:30:46 GMT
Content-Encoding: gzip
Last-Modified: Fri, 28 Jul 2023 21:10:31 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=13189
Connection: keep-alive
Content-Length: 10114
Expires: Sat, 29 Jul 2023 21:10:35 GMT

POST
H2 204 bulk Show response
trc.taboola.com/palmate-bg3co/log/3/ 0
491 B 220ms
211ms XHR
image/gif 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-bg3co/log/3/bulk?tvi2=-2&route=HK%3AIL%3AV&lti=deflated&bulkSize=12
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230727-9-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 124
date: Sat, 29 Jul 2023 17:30:47 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 108072
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-lis1490049-LIS
pragma: no-cache
server: nginx
x-timer: S1690651847.884011,VS0,VE124
content-type: image/gif
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H3 200 g3YyfgUK0ye4_zZ0TZo1Byqq3c9tr_Gw3_pcFoz461A.js Show response
pagead2.googlesyndication.com/bg/ Frame 796E 37 KB
14 KB 90ms
84ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/g3YyfgUK0ye4_zZ0TZo1Byqq3c9tr_Gw3_pcFoz461A.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

8376327e050ad327b8ff36744d9a35072aaaddcf6daff1b0dffa5c168cf8eb50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 15:29:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7286
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14577
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 28 Jul 2024 15:29:20 GMT

GET
H3 200 g3YyfgUK0ye4_zZ0TZo1Byqq3c9tr_Gw3_pcFoz461A.js Show response
pagead2.googlesyndication.com/bg/ Frame 11D3 37 KB
14 KB 87ms
80ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/g3YyfgUK0ye4_zZ0TZo1Byqq3c9tr_Gw3_pcFoz461A.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

8376327e050ad327b8ff36744d9a35072aaaddcf6daff1b0dffa5c168cf8eb50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 15:29:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7286
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14577
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 28 Jul 2024 15:29:20 GMT

GET
H3 200 g3YyfgUK0ye4_zZ0TZo1Byqq3c9tr_Gw3_pcFoz461A.js Show response
pagead2.googlesyndication.com/bg/ Frame 1E35 37 KB
14 KB 82ms
81ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/g3YyfgUK0ye4_zZ0TZo1Byqq3c9tr_Gw3_pcFoz461A.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

8376327e050ad327b8ff36744d9a35072aaaddcf6daff1b0dffa5c168cf8eb50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 15:29:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7286
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14577
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 28 Jul 2024 15:29:20 GMT

GET
H2

200

rubicon.gif
sync.logly.co.jp/rtb/ Frame 4370
Redirect Chain

https://pixel-apac.rubiconproject.com/exchange/sync.php?p=logly&khaos=LKOAGHLT-1V-7X9O
https://sync.logly.co.jp/rtb/rubicon.gif?buyeruid=LKOAGHLT-1V-7X9O

0
268 B

285ms
284ms

Image
text/plain

52.198.195.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.logly.co.jp/rtb/rubicon.gif?buyeruid=LKOAGHLT-1V-7X9O
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
Protocol: H2
Server: 52.198.195.5 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-198-195-5.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sat, 29 Jul 2023 17:30:48 GMT
cache-control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
server: nginx
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
p3p: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://sync.logly.co.jp/rtb/rubicon.gif?buyeruid=LKOAGHLT-1V-7X9O
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: f60a7260b0ebb7a40a81234af4a9e826
Expires: 0

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
712 B 45ms
44ms Image
image/png 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date: Sat, 29 Jul 2023 17:30:46 GMT
via: 1.1 varnish
x-amz-request-id: 4T9HD5F03CQKWW5F
age: 18458
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: lSoEvzXhqJLoKpvfWFl7Ah/8uMlGPX5JSuu1fj0iX8SuZTcXX+ikn4ChNiw6KH21t9pdaNS54d4=
x-served-by: cache-lis1490049-LIS
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1690651847.989301,VS0,VE0
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
content-type: image/png
abp: 93
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 1491

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 906B 0
0 113ms
113ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307250102&jk=3016439969754430&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 cmTagFEED_MANAGER.js Show response
vidstat.taboola.com/vpaid/units/33_0_8/infra/ 889 KB
148 KB 139ms
46ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/33_0_8/infra/cmTagFEED_MANAGER.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.6/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 30440c593b86740ded122b76696292c5cdfc0cd98f9703bc15baf1e1bd191b53

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime: 1690189710
date: Sat, 29 Jul 2023 17:30:47 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: 1EGY211EJA3NCCST
age: 461994
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1690189711
x-amz-meta-mode: 33188
content-length: 150941
x-amz-id-2: SjAIXHO1D0oUntY2GbB7vyWiwzvUPCfIg3FSa4eZtpuPwnpbopplW16Rgw9n0Fnknx8J1oTrAfk=
x-served-by: cache-lis1490025-LIS
last-modified: Mon, 24 Jul 2023 09:08:32 GMT
server: AmazonS3-br
x-timer: S1690651847.194360,VS0,VE0
etag: "2653a0c8d7fe85b3a9f7075f29ed0624"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 107448

GET
H2 200 cmOsUnit.css
vidstat.taboola.com/vpaid/units/33_0_8/assets/css/ 60 KB
8 KB 46ms
46ms Stylesheet
text/css 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/33_0_8/assets/css/cmOsUnit.css
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.6/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime: 1690189728
date: Sat, 29 Jul 2023 17:30:47 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: 1EGXBHVBRZP6GW94
age: 461994
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1690189728
x-amz-meta-mode: 33188
content-length: 7924
x-amz-id-2: KAWgGmTqU8XyRkDoqr1ZPXfsNiW5KRoJ1paTShJAcRNNrUT7taT3DKrwJlKLNjO2R0BvBP/gXco=
x-served-by: cache-lis1490049-LIS
last-modified: Mon, 24 Jul 2023 09:08:49 GMT
server: AmazonS3-br
x-timer: S1690651847.102958,VS0,VE0
etag: "a6067988de416f653559cce5285c7c1b"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 126539

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B36A 0
0 112ms
111ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307250102&jk=520884143828878&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 65B8 0
0 113ms
112ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230726&jk=2586130924601369&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 25A1 0
0 113ms
112ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230726&jk=2069240141923540&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 89CC 0
10 B 76ms
76ms Image
text/plain 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?vbZA4A
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:30:47 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 11D3 0
10 B 78ms
76ms Image
text/plain 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?lm95Dg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:30:47 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 796E 0
10 B 76ms
76ms Image
text/plain 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?3NJZ4A
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:30:47 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1E35 0
10 B 76ms
76ms Image
text/plain 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?KpkIhg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:30:47 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 content_v3.js Show response
vidstat.taboola.com/ 16 KB
5 KB 45ms
45ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/content_v3.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_0_8/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:30:47 GMT
via: 1.1 cb4f40303e252a22c4df5918669814ac.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: LIS50-C1
age: 1491370
x-cache: Hit from cloudfront, HIT
content-length: 4839
x-served-by: cache-lis1490049-LIS
last-modified: Wed, 20 Jul 2022 13:23:50 GMT
server: AmazonS3
x-timer: S1690651847.463167,VS0,VE0
etag: "f7533e747bb02a8eb527ada4f2749620"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: OmMK25KHDtLgJBdHJS5nTmzdwO3Z6tWEggH3i8sti68ZYnuzVlmfQw==
x-cache-hits: 203350

GET
H2 200 OvaMediaPlayer.js Show response
vidstat.taboola.com/vpaid/vPlayer/player/v15.3.6/ 446 KB
84 KB 45ms
45ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.3.6/OvaMediaPlayer.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_0_8/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: e72ddceb4ffc4294fc6b71ee771f423c143eb1ac9cc81dcd46c915c8c382f37d

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime: 1690439347
date: Sat, 29 Jul 2023 17:30:47 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: A3N10TATEMVHA5QR
age: 212419
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1690439362
x-amz-meta-mode: 33188
content-length: 85839
x-amz-id-2: YpLsidS2POsIKt23Ufq53o+kIa+03QWIhvzNyWX5RqYAx9tb3V1X7ZUuAJ8mMhdUUbsPS9EPyeA=
x-served-by: cache-lis1490049-LIS
last-modified: Thu, 27 Jul 2023 06:29:23 GMT
server: AmazonS3-br
x-timer: S1690651847.485594,VS0,VE0
etag: "b33cf048d4d632bd93b30c09e2201e4c"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 69561

GET
H2 200 sync Show response
am-match.taboola.com/ Frame D023 674 B
768 B 84ms
84ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V8ABsCLAYUyNOHK86ifhMokKcPV5xF_S4AAABgYID-AAltTJPVyjRay3wjh1u0Go3cysHIuJYMVybDaOJcTAwLIyChjWmyWplGa5lv5HCLVqORWzkYGdeS4cpkGE2ci4lhYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZmaDodPte9Xvf73SU-z1zj9yv8Otdbc3S65S6nW-Owu6UPv1vi8LuVr7fi6bC7pU6HW-e3-9yap1vmcEtcb83D7pY63RKH360ZPu1uneutObrsbp3fdRea3mY7AAAAAHjw____DwEAAAAgAgAAAIAEAAAAAAoBFf4tCFwAAAAAwPD___-vAUBsg0ATyYEAXneXPwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAAA0ZMnGdkvGQ5aZSEFvEUYAAAAAtprNh49M0gkqFlX-___7rQBcAQAISBSdFffKojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD-aIEozszRCk6PXan4BAQDW_AICALBRNwAAbwLgBB2CVgwGqxMQswMAAABw5____18PSK4WM99u5LBYZpPRaDOymFwmm2PhcFgsLsNsOdme-ZguOP55f-I-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvsjgMsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMGRZ7ZYri8mt2pgsa9FsMVoLBxuXW7WbTWbG4caymxnWotfHdLG4TJbRaosEA9j2InlapBPlymJYzSwjl2Nm2ExmNuPEMVt5ljPjyjCabSa7iViiOVmkE9ll31wtZr7dyGGxzCaj0WZkMblMNsfC4bBYXIbZcrIvWVa75cpicqs2JstaNFuM1sLBxuVW7WaTmXG4sexmhrXo9TFdLC6TZbTaN2bLwWy1GI5W-8ZsOZitFsPRat-hM3xXn7NRWVZJPib1RH3tGm5Og8JlsHjX6tNZWBQerNFw0emSiI-dndHv9_v9fr_f7_f7DVrPwWxQ-J6Hv3D6WJ7L4Wz0IDYoFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4da635uh0y11Ot8Zhd0sffrfE4XcrX2_F02F3S50Ot85v97k1T7fM4Za43pqH3S11uiUOv1szfNrdOtdbc3TZ3Tq_6y40vc0WsURwukgnopfxdFH_kUMu5pLBai7ZDOaK5WqVAAAAAAAAAAAswSTTTQAAAACcDGq4GS5W63Qwk9lksFstF8BFUJYuYBAAAAAAAIBijT3WAA-z22F6uSU-z8ZvZQASzHnMNvuMINZqtawBAAAIYAMAAAjgphtvAk2kuP____9xAAAAZOTQAwAAoN8HNBW3XuiBK8WvICaT2WL_AFSItVqtbjfWarUA!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_0_8/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: c489134cd8282e379ab7e6aa10e0292038bd696b17554fd03251b59d1a840bdd

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Sat, 29 Jul 2023 17:30:47 GMT
machineid: 3408
server: nginx

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 84ms
83ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=66361655&crid=-1&dast=V8ABsCLAYUyNOHK86ifhMokKcPV5xF_S4AAABgYID-AAltTJPVyjRay3wjh1u0Go3cysHIuJYMVybDaOJcTAwLIyChjWmyWplGa5lv5HCLVqORWzkYGdeS4cpkGE2ci4lhYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZmaDodPte9Xvf73SU-z1zj9yv8Otdbc3S65S6nW-Owu6UPv1vi8LuVr7fi6bC7pU6HW-e3-9yap1vmcEtcb83D7pY63RKH360ZPu1uneutObrsbp3fdRea3mY7AAAAAHjw____DwEAAAAgAgAAAIAEAAAAAAoBFf4tCFwAAAAAwPD___-vAUBsg0ATyYEAXneXPwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAAA0ZMnGdkvGQ5aZSEFvEUYAAAAAtprNh49M0gkqFlX-___7rQBcAQAISBSdFffKojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD-aIEozszRCk6PXan4BAQDW_AICALBRNwAAbwLgBB2CVgwGqxMQswMAAABw5____18PSK4WM99u5LBYZpPRaDOymFwmm2PhcFgsLsNsOdme-ZguOP55f-I-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvsjgMsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMGRZ7ZYri8mt2pgsa9FsMVoLBxuXW7WbTWbG4caymxnWotfHdLG4TJbRaosEA9j2InlapBPlymJYzSwjl2Nm2ExmNuPEMVt5ljPjyjCabSa7iViiOVmkE9ll31wtZr7dyGGxzCaj0WZkMblMNsfC4bBYXIbZcrIvWVa75cpicqs2JstaNFuM1sLBxuVW7WaTmXG4sexmhrXo9TFdLC6TZbTaN2bLwWy1GI5W-8ZsOZitFsPRat-hM3xXn7NRWVZJPib1RH3tGm5Og8JlsHjX6tNZWBQerNFw0emSiI-dndHv9_v9fr_f7_f7DVrPwWxQ-J6Hv3D6WJ7L4Wz0IDYoFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4da635uh0y11Ot8Zhd0sffrfE4XcrX2_F02F3S50Ot85v97k1T7fM4Za43pqH3S11uiUOv1szfNrdOtdbc3TZ3Tq_6y40vc0WsURwukgnopfxdFH_kUMu5pLBai7ZDOaK5WqVAAAAAAAAAAAswSTTTQAAAACcDGq4GS5W63Qwk9lksFstF8BFUJYuYBAAAAAAAIBijT3WAA-z22F6uSU-z8ZvZQASzHnMNvuMINZqtawBAAAIYAMAAAjgphtvAk2kuP____9xAAAAZOTQAwAAoN8HNBW3XuiBK8WvICaT2WL_AFSItVqtbjfWarUA!&cmcv=&pix=31579697&cb=1690651847466&uv=3308&tms=1690651847466&su=3&abt=nonrv_vA!ufm_vG&ft=0&unm=FEED_MANAGER&su=3&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:30:47 GMT
content-length: 0
server: nginx

GET
H2 206 blackScreen5.mp4
vidstatb.taboola.com/vid/ 89 KB
89 KB 46ms
45ms Media
video/mp4 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer: https://www.bg3.co/
Accept-Encoding: identity;q=1, *;q=0
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

x-amz-meta-mtime: 1497790207
date: Sat, 29 Jul 2023 17:30:47 GMT
via: 1.1 65fac79c4b1023a8d83e5e5bfb978ce0.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: LIS50-C1
age: 1086008
x-cache: Miss from cloudfront, HIT
Content-Range: bytes 0-90783/90784
x-amz-meta-mode: 33188
Content-Length: 90784
x-served-by: cache-lis1490049-LIS
last-modified: Sun, 02 Jul 2017 20:40:57 GMT
server: AmazonS3
x-timer: S1690651848.527313,VS0,VE0
etag: "b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid: 0
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: eL06zMABtpJic7IknWTjIcZ5BL2bh74ZaMAl4Dcqky23Vc0714d_9w==
x-cache-hits: 345988

GET
H2 200 sync.js Show response
sync.logly.co.jp/sync/ Frame 930D 0
268 B 286ms
286ms Script
text/plain 52.198.195.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.logly.co.jp/sync/sync.js
Requested by: Host: sync.logly.co.jp
URL: https://sync.logly.co.jp/sync/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.198.195.5 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-198-195-5.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://sync.logly.co.jp/sync/sync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sat, 29 Jul 2023 17:30:47 GMT
cache-control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
server: nginx
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
p3p: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"

GET
H2

200

rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame D023
Redirect Chain

https://x.bidswitch.net/sync?gdpr=0&us_privacy=1---&ssp=taboola
https://x.bidswitch.net/ul_cb/sync?gdpr=0&us_privacy=1---&ssp=taboola
https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=f2447b0e-3d2c-41d7-8404-e5f9944ce48b&gdpr=0&gdpr_consent=&us_privacy=1---
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=f2447b0e-3d2c-41d7-8404-e5f9944ce48b&gdpr=0&gdpr_consent=&us_privacy=1---
https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=93aa9c63-763a-4f06-9f8f-26d2f37e4243&ssp=taboola&gdpr=0&us_privacy=1---
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=c587b829-87b4-497c-a7d1-6bdaf41d6dbc&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1---

0
230 B

84ms
83ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=c587b829-87b4-497c-a7d1-6bdaf41d6dbc&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1---
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8ABsCLAYUyNOHK86ifhMokKcPV5xF_S4AAABgYID-AAltTJPVyjRay3wjh1u0Go3cysHIuJYMVybDaOJcTAwLIyChjWmyWplGa5lv5HCLVqORWzkYGdeS4cpkGE2ci4lhYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZmaDodPte9Xvf73SU-z1zj9yv8Otdbc3S65S6nW-Owu6UPv1vi8LuVr7fi6bC7pU6HW-e3-9yap1vmcEtcb83D7pY63RKH360ZPu1uneutObrsbp3fdRea3mY7AAAAAHjw____DwEAAAAgAgAAAIAEAAAAAAoBFf4tCFwAAAAAwPD___-vAUBsg0ATyYEAXneXPwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAAA0ZMnGdkvGQ5aZSEFvEUYAAAAAtprNh49M0gkqFlX-___7rQBcAQAISBSdFffKojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD-aIEozszRCk6PXan4BAQDW_AICALBRNwAAbwLgBB2CVgwGqxMQswMAAABw5____18PSK4WM99u5LBYZpPRaDOymFwmm2PhcFgsLsNsOdme-ZguOP55f-I-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvsjgMsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMGRZ7ZYri8mt2pgsa9FsMVoLBxuXW7WbTWbG4caymxnWotfHdLG4TJbRaosEA9j2InlapBPlymJYzSwjl2Nm2ExmNuPEMVt5ljPjyjCabSa7iViiOVmkE9ll31wtZr7dyGGxzCaj0WZkMblMNsfC4bBYXIbZcrIvWVa75cpicqs2JstaNFuM1sLBxuVW7WaTmXG4sexmhrXo9TFdLC6TZbTaN2bLwWy1GI5W-8ZsOZitFsPRat-hM3xXn7NRWVZJPib1RH3tGm5Og8JlsHjX6tNZWBQerNFw0emSiI-dndHv9_v9fr_f7_f7DVrPwWxQ-J6Hv3D6WJ7L4Wz0IDYoFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4da635uh0y11Ot8Zhd0sffrfE4XcrX2_F02F3S50Ot85v97k1T7fM4Za43pqH3S11uiUOv1szfNrdOtdbc3TZ3Tq_6y40vc0WsURwukgnopfxdFH_kUMu5pLBai7ZDOaK5WqVAAAAAAAAAAAswSTTTQAAAACcDGq4GS5W63Qwk9lksFstF8BFUJYuYBAAAAAAAIBijT3WAA-z22F6uSU-z8ZvZQASzHnMNvuMINZqtawBAAAIYAMAAAjgphtvAk2kuP____9xAAAAZOTQAwAAoN8HNBW3XuiBK8WvICaT2WL_AFSItVqtbjfWarUA!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:30:48 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 43703

Redirect headers

location: //sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=c587b829-87b4-497c-a7d1-6bdaf41d6dbc&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1---
date: Sat, 29 Jul 2023 17:30:48 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 0E92 281 B
554 B 86ms
86ms Document
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8ABsCLAYUyNOHK86ifhMokKcPV5xF_S4AAABgYID-AAltTJPVyjRay3wjh1u0Go3cysHIuJYMVybDaOJcTAwLIyChjWmyWplGa5lv5HCLVqORWzkYGdeS4cpkGE2ci4lhYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZmaDodPte9Xvf73SU-z1zj9yv8Otdbc3S65S6nW-Owu6UPv1vi8LuVr7fi6bC7pU6HW-e3-9yap1vmcEtcb83D7pY63RKH360ZPu1uneutObrsbp3fdRea3mY7AAAAAHjw____DwEAAAAgAgAAAIAEAAAAAAoBFf4tCFwAAAAAwPD___-vAUBsg0ATyYEAXneXPwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAAA0ZMnGdkvGQ5aZSEFvEUYAAAAAtprNh49M0gkqFlX-___7rQBcAQAISBSdFffKojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD-aIEozszRCk6PXan4BAQDW_AICALBRNwAAbwLgBB2CVgwGqxMQswMAAABw5____18PSK4WM99u5LBYZpPRaDOymFwmm2PhcFgsLsNsOdme-ZguOP55f-I-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvsjgMsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMGRZ7ZYri8mt2pgsa9FsMVoLBxuXW7WbTWbG4caymxnWotfHdLG4TJbRaosEA9j2InlapBPlymJYzSwjl2Nm2ExmNuPEMVt5ljPjyjCabSa7iViiOVmkE9ll31wtZr7dyGGxzCaj0WZkMblMNsfC4bBYXIbZcrIvWVa75cpicqs2JstaNFuM1sLBxuVW7WaTmXG4sexmhrXo9TFdLC6TZbTaN2bLwWy1GI5W-8ZsOZitFsPRat-hM3xXn7NRWVZJPib1RH3tGm5Og8JlsHjX6tNZWBQerNFw0emSiI-dndHv9_v9fr_f7_f7DVrPwWxQ-J6Hv3D6WJ7L4Wz0IDYoFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4da635uh0y11Ot8Zhd0sffrfE4XcrX2_F02F3S50Ot85v97k1T7fM4Za43pqH3S11uiUOv1szfNrdOtdbc3TZ3Tq_6y40vc0WsURwukgnopfxdFH_kUMu5pLBai7ZDOaK5WqVAAAAAAAAAAAswSTTTQAAAACcDGq4GS5W63Qwk9lksFstF8BFUJYuYBAAAAAAAIBijT3WAA-z22F6uSU-z8ZvZQASzHnMNvuMINZqtawBAAAIYAMAAAjgphtvAk2kuP____9xAAAAZOTQAwAAoN8HNBW3XuiBK8WvICaT2WL_AFSItVqtbjfWarUA!&excid=22&docw=0&cijs=1&nlb=false
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://am-match.taboola.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 29 Jul 2023 17:30:47 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2

200

/ Show response
sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/ Frame 68BE
Redirect Chain

https://us-u.openx.net/w/1.0/cm?gdpr=0&us_privacy=1---&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26us_privacy%3D1...
https://us-u.openx.net/w/1.0/cm?cc=1&gdpr=0&us_privacy=1---&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26us_privac...
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=f08e4ea7-829d-4566-9596-ee198fe418c0

0
230 B

85ms
83ms

Document
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=f08e4ea7-829d-4566-9596-ee198fe418c0
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8ABsCLAYUyNOHK86ifhMokKcPV5xF_S4AAABgYID-AAltTJPVyjRay3wjh1u0Go3cysHIuJYMVybDaOJcTAwLIyChjWmyWplGa5lv5HCLVqORWzkYGdeS4cpkGE2ci4lhYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZmaDodPte9Xvf73SU-z1zj9yv8Otdbc3S65S6nW-Owu6UPv1vi8LuVr7fi6bC7pU6HW-e3-9yap1vmcEtcb83D7pY63RKH360ZPu1uneutObrsbp3fdRea3mY7AAAAAHjw____DwEAAAAgAgAAAIAEAAAAAAoBFf4tCFwAAAAAwPD___-vAUBsg0ATyYEAXneXPwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAAA0ZMnGdkvGQ5aZSEFvEUYAAAAAtprNh49M0gkqFlX-___7rQBcAQAISBSdFffKojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD-aIEozszRCk6PXan4BAQDW_AICALBRNwAAbwLgBB2CVgwGqxMQswMAAABw5____18PSK4WM99u5LBYZpPRaDOymFwmm2PhcFgsLsNsOdme-ZguOP55f-I-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvsjgMsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMGRZ7ZYri8mt2pgsa9FsMVoLBxuXW7WbTWbG4caymxnWotfHdLG4TJbRaosEA9j2InlapBPlymJYzSwjl2Nm2ExmNuPEMVt5ljPjyjCabSa7iViiOVmkE9ll31wtZr7dyGGxzCaj0WZkMblMNsfC4bBYXIbZcrIvWVa75cpicqs2JstaNFuM1sLBxuVW7WaTmXG4sexmhrXo9TFdLC6TZbTaN2bLwWy1GI5W-8ZsOZitFsPRat-hM3xXn7NRWVZJPib1RH3tGm5Og8JlsHjX6tNZWBQerNFw0emSiI-dndHv9_v9fr_f7_f7DVrPwWxQ-J6Hv3D6WJ7L4Wz0IDYoFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4da635uh0y11Ot8Zhd0sffrfE4XcrX2_F02F3S50Ot85v97k1T7fM4Za43pqH3S11uiUOv1szfNrdOtdbc3TZ3Tq_6y40vc0WsURwukgnopfxdFH_kUMu5pLBai7ZDOaK5WqVAAAAAAAAAAAswSTTTQAAAACcDGq4GS5W63Qwk9lksFstF8BFUJYuYBAAAAAAAIBijT3WAA-z22F6uSU-z8ZvZQASzHnMNvuMINZqtawBAAAIYAMAAAjgphtvAk2kuP____9xAAAAZOTQAwAAoN8HNBW3XuiBK8WvICaT2WL_AFSItVqtbjfWarUA!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://am-match.taboola.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

access-control-allow-credentials: true
date: Sat, 29 Jul 2023 17:30:47 GMT
server: nginx
x-fastly-to-nlb-rtt: 38377

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 0
content-type: text/html
date: Sat, 29 Jul 2023 17:30:47 GMT
location: https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=f08e4ea7-829d-4566-9596-ee198fe418c0
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2

200

rtb-h
sync.taboola.com/sg/supershiprtb-display-network/1/ Frame E458
Redirect Chain

https://tg.socdm.com/aux/idsync?proto=taboola
https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZMVMyMCo8XoAAC3iuYQAAAAA

0
230 B

84ms
83ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZMVMyMCo8XoAAC3iuYQAAAAA
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:30:48 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 46304

Redirect headers

X-SO-Cluster-ID: 0
Date: Sat, 29 Jul 2023 17:30:48 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=taboola","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZMVMyMCo8XoAAC3iuYQAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad394"}
X-SO-Key: ZMVMyMCo8XoAAC3iuYQAAAAA
Server: nginx
X-SO-Upstream-ID: m-ad394
P3P: CP="See also http://www.scaleout.jp/privacy/"
Location: https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZMVMyMCo8XoAAC3iuYQAAAAA
Cache-Control: private
X-SO-HostName: m-ad394.dc4p.scaleout.jp
Connection: keep-alive
X-SO-Ads-Time: 1
Content-Length: 0
X-SO-LB-Hostname: m-tgng22.dc4p.scaleout.jp
X-SO-IP: 91.205.230.195

GET
H2

204

/
sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/ Frame E458
Redirect Chain

https://ih.adscale.de/su?gdpr=0&gdpr_consent=&tpid=22688&cburl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstroerrtbeur-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__STROEER_USER_ID__
https://ih.adscale.de/su?gdpr=0&gdpr_consent=&tpid=22688&cburl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstroerrtbeur-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__STROEER_USER_ID__&nut&uu=aec08a92eb84414894...
https://sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/?taboola_hm=aec08a92eb8441489479e29a0cd04f62

0
221 B

84ms
83ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/?taboola_hm=aec08a92eb8441489479e29a0cd04f62
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:30:48 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 38375

Redirect headers

location: https://sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/?taboola_hm=aec08a92eb8441489479e29a0cd04f62
date: Sat, 29 Jul 2023 17:30:47 GMT
content-length: 0

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame E458 0
75 B 479ms
76ms Image
text/plain 185.86.138.155
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=4
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.155 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:30:47 GMT
content-length: 0

GET
H2

200

/
sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/ Frame E458
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=16698
https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LKOAGHLT-1V-7X9O

0
230 B

84ms
84ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LKOAGHLT-1V-7X9O
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:30:47 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 38369

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LKOAGHLT-1V-7X9O
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
Expires: 0

GET
H2

200

/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame E458
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/taboola/d2579ebd-5cd2-4614-80ce-5762f88c27f0-tuctbbed245?gdpr=0&gdpr_consent=&us_privacy=
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-nPdxhRdE2oQz5QldJoKoNIqdd85891F.Ndl8uQ--~A

0
230 B

84ms
83ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-nPdxhRdE2oQz5QldJoKoNIqdd85891F.Ndl8uQ--~A
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:30:47 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 38369

Redirect headers

date: Sat, 29 Jul 2023 17:30:47 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-nPdxhRdE2oQz5QldJoKoNIqdd85891F.Ndl8uQ--~A
content-length: 0

GET
H2

200

/
sync.taboola.com/sg/baidurtb-network/1/rtb-h/ Frame E458
Redirect Chain

https://trace.mediago.io/ju/cs/taboola
https://sync.taboola.com/sg/baidurtb-network/1/rtb-h/?taboola_hm=e3ab25231d19f5c4084761a3ec9b5214

0
230 B

84ms
84ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/baidurtb-network/1/rtb-h/?taboola_hm=e3ab25231d19f5c4084761a3ec9b5214
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:30:48 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 42631

Redirect headers

location: https://sync.taboola.com/sg/baidurtb-network/1/rtb-h/?taboola_hm=e3ab25231d19f5c4084761a3ec9b5214
date: Sat, 29 Jul 2023 17:30:48 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8
content-type: text/plain; charset=utf-8

GET
H2

200

/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame E458
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEL1d9iNrVjuj1RclaPrgci4&google_cver=1

0
252 B

155ms
155ms

Image
text/plain

151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEL1d9iNrVjuj1RclaPrgci4&google_cver=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html
Protocol: H2
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 110
date: Sat, 29 Jul 2023 17:30:47 GMT
via: 1.1 varnish
x-served-by: cache-lis1490049-LIS
server: nginx
x-timer: S1690651848.763349,VS0,VE110
x-fastly-to-nlb-rtt: 107755
x-cache: MISS
accept-ranges: bytes
content-length: 0
x-service-version: v1
x-cache-hits: 0

Redirect headers

pragma: no-cache
date: Sat, 29 Jul 2023 17:30:47 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEL1d9iNrVjuj1RclaPrgci4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 304
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame E458 42 B
245 B 260ms
84ms Image
image/gif 198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=d2579ebd-5cd2-4614-80ce-5762f88c27f0-tuctbbed245:$UID
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sat, 29 Jul 2023 17:30:46 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E458
Redirect Chain

https://sync.taboola.com/sg/google-network/1/rtb/?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=d2579ebd-5cd2-4614-80ce-5762f88c27f0-tuctbbed245

170 B
188 B

89ms
89ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=d2579ebd-5cd2-4614-80ce-5762f88c27f0-tuctbbed245

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 17:30:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=d2579ebd-5cd2-4614-80ce-5762f88c27f0-tuctbbed245
date: Sat, 29 Jul 2023 17:30:47 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 38368

GET
H2

200

/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame E458
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=e04058f0-3126-4147-a97d-dbb346b06cf4

0
70 B

154ms
154ms

Image
text/plain

151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=e04058f0-3126-4147-a97d-dbb346b06cf4
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html
Protocol: H2
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 109
date: Sat, 29 Jul 2023 17:30:47 GMT
via: 1.1 varnish
x-served-by: cache-lis1490049-LIS
server: nginx
x-timer: S1690651848.793095,VS0,VE109
x-fastly-to-nlb-rtt: 107855
x-cache: MISS
accept-ranges: bytes
content-length: 0
x-service-version: v1
x-cache-hits: 0

Redirect headers

pragma: no-cache
date: Sat, 29 Jul 2023 17:30:47 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=e04058f0-3126-4147-a97d-dbb346b06cf4
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 239

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame E458
Redirect Chain

https://ce.lijit.com/merge?pid=42&3pid=d2579ebd-5cd2-4614-80ce-5762f88c27f0-tuctbbed245&us_privacy=&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=42&3pid=d2579ebd-5cd2-4614-80ce-5762f88c27f0-tuctbbed245&us_privacy=&gdpr=0&gdpr_consent=&dnr=1

43 B
696 B

85ms
84ms

Image
image/gif

216.52.2.86
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=42&3pid=d2579ebd-5cd2-4614-80ce-5762f88c27f0-tuctbbed245&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html
Protocol: HTTP/1.1
Server: 216.52.2.86 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 29 Jul 2023 17:30:47 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap4ams1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 29 Jul 2023 17:30:47 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ce.lijit.com/merge?pid=42&3pid=d2579ebd-5cd2-4614-80ce-5762f88c27f0-tuctbbed245&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap4ams1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2 200 rtset
bh.contextweb.com/bh/ Frame E458 49 B
882 B 314ms
89ms Image
image/gif 208.93.169.131
WEBMD-IDC1-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=d2579ebd-5cd2-4614-80ce-5762f88c27f0-tuctbbed245

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

208.93.169.131 , United States, ASN46244 (WEBMD-IDC1-AS, US),

Reverse DNS

Software

Jetty(10.0.14) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server: Jetty(10.0.14)
content-language: pt-PT
content-type: image/gif;charset=iso-8859-1
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-848647674d-xxzv4
expires: -1

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame E458 43 B
697 B 236ms
77ms Image
image/gif 185.86.138.151
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=d2579ebd-5cd2-4614-80ce-5762f88c27f0-tuctbbed245&gdpr=0&gdpr_consent=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.151 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 29 Jul 2023 17:30:47 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2

200

/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame E458
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=edf31e10-7f5a-466f-a143-8a89eab4e0e4

0
230 B

84ms
83ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=edf31e10-7f5a-466f-a143-8a89eab4e0e4
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:30:48 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 47438

Redirect headers

pragma: no-cache
date: Sat, 29 Jul 2023 17:30:48 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=edf31e10-7f5a-466f-a143-8a89eab4e0e4
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 880113
content-length: 0
expires: Sat, 29 Jul 2023 00:00:00 GMT

GET
H/1.1 200 9.gif
id5-sync.com/s/464/ Frame E458 43 B
1 KB 1285ms
85ms Image
image/gif 141.95.33.111
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/464/9.gif?puid=d2579ebd-5cd2-4614-80ce-5762f88c27f0-tuctbbed245&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.111 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203177.ip-141-95-33.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Sat, 29 Jul 2023 17:30:48 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

GET
H2

200

sync
x.bidswitch.net/ Frame E458
Redirect Chain

https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy=
https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy=
https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=taboola
https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=taboola
https://x.bidswitch.net/sync?dsp_id=70&user_id=5289276431343242664&ssp=taboola

43 B
145 B

87ms
87ms

Image
image/gif

3.124.175.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=70&user_id=5289276431343242664&ssp=taboola
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html
Protocol: H2
Server: 3.124.175.54 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-175-54.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:30:48 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 29 Jul 2023 17:30:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://x.bidswitch.net/sync?dsp_id=70&user_id=5289276431343242664&ssp=taboola
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame E458
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=taboola
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=487b5232-ab58-4131-a6f7-233161e2f0d9
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=487b5232-ab58-4131-a6f7-233161e2f0d9&tbid=d2579ebd-5cd2-4614-80ce-5762f88c27f0-tuctbbed245&query=taboola_hm%3D487b5232-ab58-...

0
78 B

545ms
544ms

Image
text/plain

151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=487b5232-ab58-4131-a6f7-233161e2f0d9&tbid=d2579ebd-5cd2-4614-80ce-5762f88c27f0-tuctbbed245&query=taboola_hm%3D487b5232-ab58-4131-a6f7-233161e2f0d9&isDirect=0
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html
Protocol: H2
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cache-hits: 0
date: Sat, 29 Jul 2023 17:30:49 GMT
via: 1.1 varnish
server: nginx
x-timer: S1690651849.787700,VS0,VE499
x-cache: MISS
accept-ranges: bytes
content-length: 0
x-served-by: cache-lis1490049-LIS

Redirect headers

location: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=487b5232-ab58-4131-a6f7-233161e2f0d9&tbid=d2579ebd-5cd2-4614-80ce-5762f88c27f0-tuctbbed245&query=taboola_hm%3D487b5232-ab58-4131-a6f7-233161e2f0d9&isDirect=0
date: Sat, 29 Jul 2023 17:30:48 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 44458

GET
H2 200 sd
u.openx.net/w/1.0/ Frame E458 43 B
180 B 94ms
73ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.openx.net/w/1.0/sd?id=543998486&val=d2579ebd-5cd2-4614-80ce-5762f88c27f0-tuctbbed245&gdpr=0&gdpr_consent=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 17:30:47 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame E458
Redirect Chain

https://eb2.3lift.com/xuid?mid=7772&xuid=d2579ebd-5cd2-4614-80ce-5762f88c27f0-tuctbbed245&dongle=tbla&gdpr=0&gdpr_consent=&us_privacy=
https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=d2579ebd-5cd2-4614-80ce-5762f88c27f0-tuctbbed245&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=

37 B
354 B

113ms
112ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=d2579ebd-5cd2-4614-80ce-5762f88c27f0-tuctbbed245&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
date: Sat, 29 Jul 2023 17:30:48 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=7772&xuid=d2579ebd-5cd2-4614-80ce-5762f88c27f0-tuctbbed245&dongle=tbla&gdpr=0&cmp_cs=&us_privacy=
date: Sat, 29 Jul 2023 17:30:48 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

204

rtb-h
sync.taboola.com/sg/stackadaptrtb-network/1/ Frame E458
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=140
https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=ibJxpZ-JWxpKSH8HagjfhFvN5sM

0
221 B

84ms
83ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=ibJxpZ-JWxpKSH8HagjfhFvN5sM
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:30:48 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 46304

Redirect headers

Location: https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=ibJxpZ-JWxpKSH8HagjfhFvN5sM
Date: Sat, 29 Jul 2023 17:30:48 GMT
Connection: keep-alive
Content-Length: 119
Content-Type: text/html; charset=utf-8

GET
H2 200 sync
t.adx.opera.com/ Frame E458 35 B
467 B 495ms
82ms Image
image/gif 82.145.213.8
NO-OPERA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.adx.opera.com/sync?vendor=60151&uid=d2579ebd-5cd2-4614-80ce-5762f88c27f0-tuctbbed245
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.145.213.8 , South Africa, ASN39832 (NO-OPERA, NO),
Reverse DNS: n-sysadmin-jumpbox-03.feednews.opera.technology
Software: Tengine /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 17:30:48 GMT
server: Tengine
access-control-allow-methods: POST, GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/ Frame E458
Redirect Chain

https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&ph=295bf259-a378-4089-aae8-a2a995ba8627&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Fr...
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=f08e4ea7-829d-4566-9596-ee198fe418c0

0
230 B

84ms
84ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=f08e4ea7-829d-4566-9596-ee198fe418c0
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:30:48 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 38373

Redirect headers

date: Sat, 29 Jul 2023 17:30:48 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=f08e4ea7-829d-4566-9596-ee198fe418c0
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 3 KB
2 KB 49ms
47ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230727-9-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding: gzip
via: 1.1 varnish
date: Sat, 29 Jul 2023 17:30:47 GMT
x-amz-request-id: 2QTT4DE5AQFM88XF
age: 2497
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1340
x-amz-id-2: dMpQEqvpkPUA1yI5WlgLWI6aQfPUJsjmB2fSziQmvtojBztCAzUgZKiq9ChhsF8Gs3NDPvc2z0Y=
x-served-by: cache-lis1490049-LIS
last-modified: Wed, 12 Oct 2022 13:57:57 GMT
server: AmazonS3
x-timer: S1690651848.674611,VS0,VE0
etag: "383fa66d2a0a09f4a6e64a9593ad43bb"
vary: Accept-Encoding
content-type: application/javascript
abp: 76
access-control-allow-origin: *
cache-control: private, max-age=3600
accept-ranges: bytes
x-cache-hits: 4086

GET
H2 200 fraud-detect.js Show response
cdn.taboola.com/scripts/ 121 B
480 B 50ms
48ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/fraud-detect.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230727-9-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 392c32f20b9f867852a946a6ed1c5e21476df9619083548b6585d80a3b5f9bd4

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: vOXBAr_FxKHpU348.XTQhP6DWnVyKple
content-encoding: gzip
via: 1.1 varnish
date: Sat, 29 Jul 2023 17:30:47 GMT
x-amz-request-id: G0B8B06BNHR34ZN2
age: 10398
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 125
x-amz-id-2: hmZamERHDmM7HPGheDgTxfCBlpKmrNgKchCV6gu3wwlGqanZsZGHuPiLEz/LgMvPa3DA8G+4Cxo=
x-served-by: cache-lis1490049-LIS
last-modified: Thu, 15 Dec 2022 16:50:08 GMT
server: AmazonS3
x-timer: S1690651848.674811,VS0,VE0
etag: "f7a185d92ac2162dc0bc36c5d7ef7dfe"
vary: Accept-Encoding
content-type: application/javascript
abp: 24
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 9588

GET
H2 200 eidf.es5.js Show response
cdn.taboola.com/scripts/ 17 KB
7 KB 50ms
48ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/eidf.es5.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230727-9-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 3979WkHCSLO5cQCJAWoE4w7tW4Dv40AW
content-encoding: gzip
via: 1.1 varnish
date: Sat, 29 Jul 2023 17:30:47 GMT
x-amz-request-id: J5K710VF90255GNC
age: 13067
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 6467
x-amz-id-2: DH/pchBgnxSXENNBa2oaAs0ZM/x/Bpa5vBCgyzpf4YXE9oXnMromC9TPSgWfIZ6toSs0ZNd4M8Y=
x-served-by: cache-lis1490049-LIS
last-modified: Sun, 02 Apr 2023 13:49:08 GMT
server: AmazonS3
x-timer: S1690651848.674787,VS0,VE0
etag: "2fdf3e79d5e851201a0d52a886453d8b"
vary: Accept-Encoding
content-type: application/javascript
abp: 55
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 8490

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 0E92 34 KB
10 KB 96ms
96ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c84430c2d70c668223e7ecf851361ce191f98c4647a84ef17fb1a15f38b933c0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 29 Jul 2023 17:30:47 GMT
Content-Encoding: gzip
Last-Modified: Fri, 28 Jul 2023 21:10:31 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=13188
Connection: keep-alive
Content-Length: 10114
Expires: Sat, 29 Jul 2023 21:10:35 GMT

GET
H2 200 / Show response
pips.taboola.com/ 4 B
96 B 52ms
45ms XHR
text/plain 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by: cache-lis1490025-LIS
date: Sat, 29 Jul 2023 17:30:47 GMT
via: 1.1 varnish
server: Varnish
access-control-allow-methods: GET
x-cache: HIT
access-control-allow-origin: https://www.bg3.co
cache-control: no-store
accept-ranges: bytes
content-length: 4
retry-after: 0
x-cache-hits: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F49F 0
0 118ms
118ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307250102&jk=520884143828878&bg=!rq2lrfnNAAZGOVy5Zjk7ADkAdvg8WpgkxNflfOcswR9Cfxar7y8A1hwcjSBg5MB5E5lbgzAfGJAPf8J_bKJJ3pZRtTijT2zItPYCAAABW1IAAAAIaAEHCgDKMbstpEpt9VHRpQviZieXSPQcbRwUVQm9czSU16bEi4rkzwLmn6rermlS6SRTeaPJIFoVIJoj8eVQcUtm7NNfFOiyPj1IQBK3HCNIYw33ZyDuoGaBeHnTONzxPWa1tvVaP1ml5mrQ88usRDdDWpnAnydewO55uXYF2EzyNsaI-HP70IeN3ybEpD8t0cS1k6pUCzhYk4Gy-GOK91PgpCFN-XnVLVmuYKWO2SSMjK_XRHG1lRShQ0unVroPt6rfb5Lh5DLHKDrIGqQ5OpkCtFf8S2D5_-QzNkUxmHSljt79MlhSQms-IB2nzjTC1RzHL9-p4KggtXV1mdhYucKEPwcu67361feHd0y6dYpAyg41opcOLKxs5omRCTUK8xegLSL1e8at_2iuKUPOdB4BEYBPtH3usX95mb_qLrAVC4ocq79JGNRm7KkvzE0PYNekcu7GUwnS_vQwFmqUF1Lm7oaAyLWR004oaFqUgndwpskt1zJdavZi6yCEWnD-KirUeH3uaParhMT_RqgEox714B5PGG3eyPgSlembSPyhMR7BdglTdu8cDMIUtJkjjYMLTKLC2ERU0jrWBEvejlzvUWmjBptXeE_dC8qDoJ_BTT3Z8LWs-qd_kLx9vzETVS6lbwEOJmqYyihmA7EzaqKUu_eTsmgg8-Eeqm6nM--Q_fvF1rvYiYOKjdj_WghMP1k30GNUsYZbWGoEdEd8ZwB_rP1dXtt0QG5nIHdTZX3TZQGUn5jS7Cyuvj0yKbSqyqG2nQzUMHTrn-c4l9540_yqO_vvldR8WJcfH0181V0jIcFU9bAxIAhGCHXVlicGGfGPDy1A4876hbW3NzifP2eRnsVQmFm-UeQ1jEk8dTC3QksBCMwlj39AJ2RlppQp2oLSlv8OA2JJyy8mD2Q2orzFY8Dp0ZzBnjOMXNSmTmXJciYPeBxY-ewifliAyXk4sczp3bLRjIxbsH1n7xobZtYTPTXLeYwKCNv1GrwCyvLGeJCvaQg3hOmV0rLlKdxLiV6Ayc60r1MTJB_zbRzJTcuIvOHqh4GotDdb9BuwyTY2EtO4sAC3Ih7IYvQiPxcGh-BroQeUTRZ0G-WNWQXKyia-iUcTnV8NGlEVh7SO8QG3m3AYUIx-E6wxtOqLRgMOj7a_22iI_RuhTuIk0Zfh5ezPUlfDIpnXP_dljHSBsfQvy9oI41ff
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 204 / Show response
cds.taboola.com/ 0
82 B 444ms
139ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=d2579ebd-5cd2-4614-80ce-5762f88c27f0-tuctbbed245&mbl=ZmFsc2U=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 29 Jul 2023 17:30:48 GMT
cache-control: no-store
server: nginx

GET
H2

200

/
sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/ Frame 0E92
Redirect Chain

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=16698&gdpr=0&us_privacy=1---&gdpr=0&us_privacy=1---&khaos=LKOAGHLT-1V-7X9O
https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LKOAGHLT-1V-7X9O&gdpr=0&us_privacy=1---

0
230 B

85ms
84ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LKOAGHLT-1V-7X9O&gdpr=0&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=0&us_privacy=1---
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:30:49 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 43034

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LKOAGHLT-1V-7X9O&gdpr=0&us_privacy=1---
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 0228ab361cece0438ff9eb16e4e5890e
Expires: 0

GET
H2 200 ysm_bg3.js Show response
ad.sitemaji.com/ Frame 6041 31 KB
10 KB 1192ms
56ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/ysm_bg3.js
Requested by: Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 287077b1aeaca25ca5387fa4bccd16aa0f098f48ab4630152689426db2d97470

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 18:02:37 GMT
content-encoding: br
via: 1.1 google
last-modified: Mon, 26 Jun 2023 06:28:30 GMT
server: nginx/1.12.1 (Ubuntu)
age: 84491
etag: W/"6499300e-7b8f"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9956
expires: Sat, 29 Jul 2023 18:02:37 GMT

GET
H2 200 ysm_bg3.js Show response
ad.sitemaji.com/ Frame 760F 31 KB
10 KB 1199ms
64ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/ysm_bg3.js
Requested by: Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 287077b1aeaca25ca5387fa4bccd16aa0f098f48ab4630152689426db2d97470

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 18:02:37 GMT
content-encoding: br
via: 1.1 google
last-modified: Mon, 26 Jun 2023 06:28:30 GMT
server: nginx/1.12.1 (Ubuntu)
age: 84491
etag: W/"6499300e-7b8f"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9956
expires: Sat, 29 Jul 2023 18:02:37 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F818 0
0 115ms
115ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307250102&jk=3016439969754430&bg=!y8ilyJzNAAZGOVy5Zjk7ADkAdvg8WqnnF319Ag2w2RaoMqTmckzqE7EPqr9IW_QK_RFu5ys-mvELNN_mT1QyQX7oM7N_As47MiMCAAABSlIAAAAIaAEHCgA046qA1uQsF2Fnesjpcwfn2u_TvmGvWMJAMxgWJ-J_iUuBoyBJSTtmeU0jgESwPZB3gkerA5kCv3CH8-GrFPhuvBcVZ2B0kbNqv7q_Y84i92Q1IRRpMubM9wciryRWYuzh8fn2CIHEDo8Gf4FMnJHXEcQed-t4JI7bjH3yfQ6yIqF3uiDT5IVSaRU4yK9CzoGq84KDAR_2lEw2lO9pUTlhLA9-wcAQMMLew6PE6Bx19LU6q-YYGi51rGlYYY26dCmJ31z9rwbbiHqJAD10cncI4GlLYjQltLdo0d7a6cBP-220EXfliuROv4vqe2lo0mjrt_3vCG1ewACQSO1s-qZ36iisNgWmm20maR7PhJHD-I3EIfDj-cgV8a8HfQfb8Sa-w-roSaZiZH7-Ol7h2fBD3FeK4LdIGnl_g9WzYKdFI-5uMC3CB2f8TydlZKd9o3YcrtGTMDvBTRVcf-6FfEsvha9KBH5FEZVUDFFhEmacNG47h991x9BSRE03er67y1zylLIQ14haL5whxNHURnw6bK-voSbCvYe6g0QfR5LC8QCe7nHalW2EmNkeq6V81828JEIAvNndnRY-PI_D6gbfNXsRvGWrfVA65aTLRGC0L0fH5nYR2hRYRuoTs04eu9OfPSjAVSP2ClhPe8xvUIaC82Va91f-7Iru0s2fXQSVb4JwrixMghUdpyMfOpiF27IRzc2-ybK-cN0EejSmlibFR-vjCh66m6ywOnmo4mHdTJl6M6NYaVy1zAoxeJENpaDhM9K1gYL-tz6jwo47cBYXnibHYK7GXfq-UV7SxKSwpS8L-ml4g--Yr0PfFePXtSC9emnan0-OToPsBKnxy-CBjZ2p3bmWCVF4d3Z_Td8PsUK9Eb1OrQ94Ha_ac1_TeA3IDObbtbsZ7OMMXIWE2bJuygUx_m5dU26szy9IGE8f0jH4nu0JchdgE0KrAfemvcBAWuG-It2TmUu0hEpQEBTZxqDPj_GUxo7-Ko-WUxCRNnb0OfU0DI0
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6AE5 0
0 114ms
114ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230726&jk=2069240141923540&bg=!eXqlei7NAAZGOVy5Zjk7ADkAdvg8WssRi4Vcvo4jNTKtjSF8pigUVZnieq0qmOZ1u-kXcxe2f1EmZbTdCr4rxTeMoPpvfr2sDVMCAAABVlIAAAAIaAEHCgADGTFcmQK2_BWugJc7x1IS6fSHkL_nQiUQbB4SdmG0uILAXui0Ujfb65nrvPKNMMO0PpzYV6q7bTHuOSxMUwmixvvvnzN3HWOKf5R-Q2aDBvtVBN1kaOXQU1pvz3sBL65L_yMKNcoD_ua-hsUihIVW2DfWaSp0TexlHWxutlzN20aRtldHpfSAZsmCCNdDVJ5qDlbmzeSGfSwmQLh5_1g_Lt67Lhcdx4pRUpdQI6SKhKmPvf_DpAX25aRNM1XG15PItBbol4IVvstRtd2RrBteBtlM0YUDojIEijqWPbDP1Ulp17SKgENeOglt4rmnTklkLWT0fKeTAJ2QA6hOPs4XRXoddPEZYKYSNqFS9rl5e8ybj9eFvg5IeBvuc4Qu3gH_iYkRBixPtQX-ocgxe1Mwum7p3x958HwiyiBm6GPE-SSmf07idwwLDCKzkgIDqb2B4ByPzPFWKfKQhDCEq04xxKokoiu6FQpRxUzzgf8bgTc4QXVzOUKKCx3nrgj0PfnQ1gbJ_b5WetquSj9F-aFmhndHSeeVh-rXEEELMhVGfF8hqyyPW5Ac9FYC2NX7c3O0hNtUxXnisp_sbaludhsblz9TEpeeAHgbtsPqAtU-DaCkbdr-DcoosQRD_oLmT5JgIqgBXeQyiG705fTalbQsbYGEmlvK5RCC9a9IGd3MG4guC2zE2G0b4bNEWmfKeUu0w4KivvMy9C_NaZR0CU4QEc-pzSny-dX8yJhlS0Ho_cd2VMh2_yQoVQw0g4DP2Raaf-8I4biz_Ina0FoFzusGHyW_USQLGksb8RoVIaHSgD0CCef2mlOYcq_fDvA44hW7QPJP41nsD-OX2Hu-se-tTAjxPWbtWes7NC1boSY9l-gnZGPIiWpcVHTSCqp3kCnrnUZj68lid6qAny0I6_tL0KWvMwK7pUOs7sVC-A
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame FD0C 0
0 116ms
115ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230726&jk=2586130924601369&bg=!hYalhtLNAAZGOVy5Zjk7ADkAdvg8WmYkriaKilFw2xdvc98KX5qNrm3wyh_z68w0ygb_I4G62BoD4xlW4yIb4WJZI3TpF6WvLJkCAAABDVIAAAAHaAEHCgB6GD_o11ySuZ72InSGkcHo9GHG5qK7tKn22eQKXd8bEnZ7T3DSaKoKnBQCEC8eGOaoz7IV5ULrE1pC_lnJx_Og0LIxgoSRonUD9WKyWn2T7jzthsJ_8Qv4BLHurCpEnpUSLpH9RD_4SUmqsfOh-UTHRE827ioLghO2b0iZAsgXaq9J5Y-U3VJlBwKZ-M_AbCO2DZ8A7IFVPHuTlOHM-QIFLsyZDjs8u3rP1UnCGGhvIGqlNtJEu1LZeIOYJ-kl4wl22_q21lPRaXoI7Eotv5aHJzPW1PHu6uhOqeZu7qU5FvzIXImLzkptOfvodCzydVBwlPgl9SPi2irqjAYkqXPIAOUWIYokM4q7dFfex0frlDNnNwExOMvfD1ofqq_mxhRR8aKdBYYLmebBt02sujbs4n-u2yUaglkchVP8VpeShq72Hh-5xPM20J58Gp3IzJ5lewgdJ36pSsHC-ulih6qj1KDw6mIc52heF-0nR6mnJaM9qBwoaWX6fwj3E93E2YxoaYaqoZOjZSlMzuxg4BjrPyCwswpZdYkKe3v_NmcTeSjb-f26C04uHNq_LeXgg3WAkqB3aLlhRcWiBA6G7BRZd2h_8eB-OtB95fsgqb5U_BaHode3jW0RUrzkLHyp4Y-nb_pN8pHW5gQP-P21O9biXcaP6Lg4Js8rTCwapVg4PTAz0G6t710dDekGqAzGnW3ND7cH8as4Lpj5_53DnSX7v2VQgMDdY-jUkKtvElemTcbAXHEg9F7Yq3UX5CclU22_PgqvqAYjP9DFft_ILBR8g8bPMozZZZlAzuDArwhkudqsR8shJjrr0-2r5986ng8aNpMwqWkH-QHd07_Rc7cVqznYAP_bK5k5k5Bf3OtL2TGwmchw_BtgzeYh-HYdW0xYxsi9_6bMI6fHG0TE11oAJ3TnkpMH8gzntEZhb7Q6Jfol9WLJukLfDWFmsLH1mToRzpVxCufYew9NHDPBDiuEBvp-JfDFLoQnsp1OALfVz-XhgbDo80eIkKj4wFlZoOidg3edUIMAWpigNiTd5rhVLTq8TU353-ESWrEQ3uAV8kb1GapTFjlvPY6dlmoEHc5RrK8FqNhOen42tig6hN9Tn-IA8ulX
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/ Frame 6041
Redirect Chain

https://agent.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

61ms
61ms

Script
application/octet-stream

172.67.71.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol: H3
Server: 172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:30:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4836
alt-svc: h3=":443"; ma=86400
content-length: 40181
last-modified: Tue, 20 Jun 2023 03:04:26 GMT
server: cloudflare
etag: "6491173a-9cf5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BWVPz7saD7N6bqdnr85m4%2Bo%2B9PP7JjpfJV22cvxVuA%2Fy7eO%2F%2FZTIKunofXlAxFgVQxcsw3%2FwRP88QHJ%2B1B6bJ8hOIdoAy%2F6raKNI7pwLPfQ6j9VbBIqBTVTYLwcDi33Vfw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7ee7178c1a0503ca-LIS

Redirect headers

location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
connection: close
content-length: 0

GET
H3

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/ Frame 760F
Redirect Chain

https://agent.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

61ms
61ms

Script
application/octet-stream

172.67.71.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol: H3
Server: 172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:30:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4837
alt-svc: h3=":443"; ma=86400
content-length: 40181
last-modified: Tue, 20 Jun 2023 03:04:26 GMT
server: cloudflare
etag: "6491173a-9cf5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=knjbe4%2F81c3fLJxlF8tvemwJtHaudLcaQepzVmBGjsZO8kTy7KoMhBZ6L8kUdGBbQm5qOtsbD%2Bdvz%2BoUO%2FGEeCl%2F2gALXFwrtWFn3F%2FaCvMcQod%2FiLTr%2FT%2BvUk%2FlxUecsA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7ee717919ae803ca-LIS

Redirect headers

location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
connection: close
content-length: 0

GET
H3 200 ucfad-formats.css
cdn.aralego.net/css/dev/ Frame 6041 975 B
748 B 55ms
54ms Stylesheet
text/css 172.67.71.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:30:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4624
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CtL%2FaO%2FJo3MHEAHiRlZKx8kxyrEXTMACfQro5G7zejLwldZ3lW%2Fg81xVjF5BMvXir98gNa3KuvWjIPsgX8aVNt63jsbTMA9MzPIrktaY3qEFR4yFXdujBMkoadEG5WoMBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7ee7178d1b6e03ca-LIS

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ Frame 6041 661 B
1 KB 541ms
257ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=adx.holmesmind.com&u=https%3A%2F%2Fwww.bg3.co%2F&adid=ad-D23E94E4EBE8E97E1A2434368A94EA6&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=undefined&cb=0.8726174519745546&ao=https%3A%2F%2Fwww.bg3.co&uaMobile=%3F0
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 5a42323e0b1c4e0d4d08124e092838d317dec3536cedfeb797380f02c1ebc132

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 29 Jul 2023 17:30:50 GMT
X-Width: 300
X-Height: 250
X-AdStyle: banner
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://adx.holmesmind.com
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-AdSource: PSA
X-SspId: f7625b99-7ca4-3c1a-b239-e2d79e12e9bd
X-Adtype: html
Connection: close
Content-Length: 661

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 1 KB
813 B 615ms
615ms XHR
application/json 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=165757&tagid=946347&crid=-1&noaop=3&sortOrderType=0&cb=1690651849762&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1536&pt=-1114377771&tz=0&viewable=true&ddast=V8ABsCLAYUyNOHK86ifhMokKcPV5xF_S4AAABgYID-AAltTJPVyjRay3wjh1u0Go3cysHIuJYMVybDaOJcTAwLIyChjWmyWplGa5lv5HCLVqORWzkYGdeS4cpkGE2ci4lhYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZmaDodPte9Xvf73SU-z1zj9yv8Otdbc3S65S6nW-Owu6UPv1vi8LuVr7fi6bC7pU6HW-e3-9yap1vmcEtcb83D7pY63RKH360ZPu1uneutObrsbp3fdRea3mY7AAAAAHjw____DwEAAAAgAgAAAIAEAAAAAAoBFf4tCFwAAAAAwPD___-vAUBsg0ATyYEAXneXPwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAAA0ZMnGdkvGQ5aZSEFvEUYAAAAAtprNh49M0gkqFlX-___7rQBcAQAISBSdFffKojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD-aIEozszRCk6PXan4BAQDW_AICALBRNwAAbwLgBB2CVgwGqxMQswMAAABw5____18PSK4WM99u5LBYZpPRaDOymFwmm2PhcFgsLsNsOdme-ZguOP55f-I-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvsjgMsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMGRZ7ZYri8mt2pgsa9FsMVoLBxuXW7WbTWbG4caymxnWotfHdLG4TJbRaosEA9j2InlapBPlymJYzSwjl2Nm2ExmNuPEMVt5ljPjyjCabSa7iViiOVmkE9ll31wtZr7dyGGxzCaj0WZkMblMNsfC4bBYXIbZcrIvWVa75cpicqs2JstaNFuM1sLBxuVW7WaTmXG4sexmhrXo9TFdLC6TZbTaN2bLwWy1GI5W-8ZsOZitFsPRat-hM3xXn7NRWVZJPib1RH3tGm5Og8JlsHjX6tNZWBQerNFw0emSiI-dndHv9_v9fr_f7_f7DVrPwWxQ-J6Hv3D6WJ7L4Wz0IDYoFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4da635uh0y11Ot8Zhd0sffrfE4XcrX2_F02F3S50Ot85v97k1T7fM4Za43pqH3S11uiUOv1szfNrdOtdbc3TZ3Tq_6y40vc0WsURwukgnopfxdFH_kUMu5pLBai7ZDOaK5WqVAAAAAAAAAAAswSTTTQAAAACcDGq4GS5W63Qwk9lksFstF8BFUJYuYBAAAAAAAIBijT3WAA-z22F6uSU-z8ZvZQASzHnMNvuMINZqtawBAAAIYAMAAAjgphtvAk2kuP____9xAAAAZOTQAwAAoN8HNBW3XuiBK8WvICaT2WL_AFSItVqtbjfWarUA!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=nonrv_vA!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.6/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8e40016fb5beadff3aeb102520f40031e3c64e274c40c679e41f597e6a4e5bbd

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Sat, 29 Jul 2023 17:30:50 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1305
x-cache: MISS
x-served-by: cache-lis1490049-LIS
pragma: no-cache
server: nginx
x-timer: S1690651850.786465,VS0,VE570
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 219C 80 KB
27 KB 157ms
156ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: agent.aralego.com
URL: https://agent.aralego.com/sdk

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

8503a0e8edb7b4ca26b986e850157b9445f023c194f025972ba3e9a78bbee77f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:30:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27639
x-xss-protection: 0
server: cafe
etag: 338 / 19567 / 31076565 / config-hash: 5693953215715342715
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 29 Jul 2023 17:30:50 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/ Frame 219C 386 KB
123 KB 82ms
81ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js?cb=31076565

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

964783a75f5a7ecc32d48da45cc6025af80e263d6ba6530dc62cc25865b2eb00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 19:16:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80068
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125535
x-xss-protection: 0
server: cafe
etag: 10403599952857238940
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 27 Jul 2024 19:16:22 GMT

GET
H3 200 ucfad-formats.css
cdn.aralego.net/css/dev/ Frame 760F 975 B
747 B 59ms
58ms Stylesheet
text/css 172.67.71.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:30:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4625
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fPnQllRODOazGzSp3oKy1ebuGRUvJbVv0ZjsiMUsPU5kuBIqSlxWrT1YbDVWCsJfrnalh6u3yx3YX2LgPLguLd3k%2BQjqeGk2H5q7qCDei%2BbyjAg5nnq5AD7j%2FpGOjxcVhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7ee717924bef03ca-LIS

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ Frame 760F 661 B
1 KB 483ms
195ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=adx.holmesmind.com&u=https%3A%2F%2Fwww.bg3.co%2F&adid=ad-D23E94E4EBE8E97E1A2434368A94EA6&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=undefined&cb=0.8608519601303664&ao=https%3A%2F%2Fwww.bg3.co&uaMobile=%3F0
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 5a42323e0b1c4e0d4d08124e092838d317dec3536cedfeb797380f02c1ebc132

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 29 Jul 2023 17:30:51 GMT
X-Width: 300
X-Height: 250
X-AdStyle: banner
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://adx.holmesmind.com
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-AdSource: PSA
X-SspId: f7625b99-7ca4-3c1a-b239-e2d79e12e9bd
X-Adtype: html
Connection: close
Content-Length: 661

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 112ms
112ms Ping
text/plain 142.250.185.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?__read_this=https%3A%2F%2Fbit.ly%2Fofficial-ga4&v=2&tid=G-JLX4K2W8JS&ds=AMP&_p=3342&cid=amp-5nlfWpJ6whHBerMzyL3wyA&ul=en-us&sr=1600x1200&_s=3&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html&dr=&dt=%E8%82%A1%E5%B8%82%E5%85%A7%E5%8F%83%E6%97%A9%E5%A0%B1%EF%BC%9A%E9%80%BE%E5%8D%83%E5%AE%B6%E5%85%AC%E5%8F%B8%E7%99%BC%E4%BD%88%E4%B8%89%E5%AD%A3%E5%A0%B1%203%E6%96%B0%E8%82%A1%E7%94%B3%E8%B3%BC%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&_fv=1&_ss=1&__dbg=1&__nuid=&en=performance_timing&sid=1690651845&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co&epn.page_load_time=8518&epn.domain_lookup_time=11&epn.tcp_connect_time=522&epn.redirect_time=0&epn.server_response_time=703&epn.page_download_time=1&epn.content_download_time=1270&epn.dom_interactive_time=1270
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307150128000/v0/amp-analytics-0.1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 17:30:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 110ms
110ms Image
image/gif 142.250.185.174
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=a1&ds=AMP&aip&_s=2&dt=%E8%82%A1%E5%B8%82%E5%85%A7%E5%8F%83%E6%97%A9%E5%A0%B1%EF%BC%9A%E9%80%BE%E5%8D%83%E5%AE%B6%E5%85%AC%E5%8F%B8%E7%99%BC%E4%BD%88%E4%B8%89%E5%AD%A3%E5%A0%B1%203%E6%96%B0%E8%82%A1%E7%94%B3%E8%B3%BC%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-5nlfWpJ6whHBerMzyL3wyA&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html&dr=&sd=24&ul=en-us&de=UTF-8&jid=&plt=8518&dns=11&tcp=522&rrt=0&srt=703&pdt=1&clt=1270&dit=1270&a=3342&z=0.3762567355343358&gtm=45De1110&t=timing

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jul 2023 21:43:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 71212
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 219C 27 KB
12 KB 142ms
141ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1325701986535597&correlator=890203463537970&eid=31072020%2C31076565&output=ldjh&gdfp_req=1&vrg=202307250102&ptt=17&impl=fif&iu_parts=22670248360%2Cbg3_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=1911528252&sfv=1-0-40&sc=1&abxe=1&dt=1690651850751&lmt=1690651850&adxs=0&adys=125&biw=-12245933&bih=-12245933&isw=300&ish=250&scr_x=-12245933&scr_y=-12245933&ucis=kdq6fyhujjf9&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=3&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ref=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&top=https%3A%2F%2Fwww.bg3.co%2F&frm=8&vis=1&psz=300x250&msz=300x0&fws=260&ohw=300&ea=0&ga_vid=1453141174.1690651851&ga_sid=1690651851&ga_hid=617267911&ga_fc=false&dlt=1690651849751&idt=959

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js?cb=31076565

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

c0ecc94075ed6d2baca1bb3a58ebe645a0ad2bfc371f4736e0c132860f45eae2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:30:50 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11994
x-xss-protection: 0
google-lineitem-id: 6336189971
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138437415221
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://adx.holmesmind.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 219C 15 KB
12 KB 131ms
131ms XHR
application/json 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307250102&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js?cb=31076565

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

224a09c4f1f300f6bcfc02fa210bda58bc776ed8d78f981b9bd6c92df6d0e906

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:30:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11826
x-xss-protection: 0

GET
H2 200 container.html Show response
f51d3f49a8470571c5649f9a740b70bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F23E 6 KB
3 KB 119ms
87ms Document
text/html 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f51d3f49a8470571c5649f9a740b70bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js?cb=31076565

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 17:30:50 GMT
expires: Sun, 28 Jul 2024 17:30:50 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 219C 17 KB
6 KB 124ms
124ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js?cb=31076565

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:30:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 29 Jul 2023 17:30:50 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B801 0
0 123ms
122ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvqXzcPZrasmtk_Q_angVnaDH5WlyBGrCvZo04s1WPt5nlfAjFCQrK9U2EC-BvclJwpkRnjFWdXSpsaH8DfVKO0vPLxtky3uZENrCNWeSGUB2y0rP6mit6wsg_OQIzOrek_wYk2xLPYwi-eB1u3aYlK9b8xxYhXDOCEmJeXuWn7rxNpHKFpoYAq-GYgldET-25GPMMce6YQ9XaXBB6-z-d3icJ0Wc3coWJEIDhT5oVc8sbdLnqpT5ISt7Ze0PnfjiNjrtcwUcFsdnuTETKLAahY5T93ZVy0fU5QUp771stKqz41kml9uL_GynNshh12dqwOjWd-AqesrMmN&sai=AMfl-YQx25QLiqT3R450f-PFYyR1xsZwCRRF8U7Z7m3dCZj0ikcbEDKzizu5p3l9RzWrRMgNjebKdi1j0dnUxB5n_CG3XSwnSxOMRkjIgg&sig=Cg0ArKJSzFa2wmcZwCCVEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:30:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 ysm_bg3.js Show response
ad.sitemaji.com/ Frame B801 31 KB
10 KB 60ms
58ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/ysm_bg3.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js?cb=31076565
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 287077b1aeaca25ca5387fa4bccd16aa0f098f48ab4630152689426db2d97470

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 18:02:37 GMT
content-encoding: br
via: 1.1 google
last-modified: Mon, 26 Jun 2023 06:28:30 GMT
server: nginx/1.12.1 (Ubuntu)
age: 84493
etag: W/"6499300e-7b8f"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9956
expires: Sat, 29 Jul 2023 18:02:37 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B801 179 KB
56 KB 101ms
100ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl.js?cb=31076565

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:30:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57355
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690371356542162"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 29 Jul 2023 17:30:51 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 821A 13 KB
5 KB 78ms
76ms Document
text/html 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 30988
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 08:54:23 GMT
expires: Sun, 28 Jul 2024 08:54:23 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 445D 783 B
760 B 94ms
92ms Document
text/html 142.250.186.164
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f4.1e100.net

Software

GSE /

Resource Hash

7e59e41601467b178f901f5f6340af75e70151d692c5b83d6e526c5ba71fb25f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2gMLJYDdgp6CIqSfxd-r5Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-2gMLJYDdgp6CIqSfxd-r5Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 17:30:51 GMT
expires: Sat, 29 Jul 2023 17:30:51 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 native.js Show response
s.yimg.com/dy/ads/ Frame B801 80 KB
30 KB 304ms
85ms Script
application/javascript 87.248.119.251

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/dy/ads/native.js

Requested by

Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_bg3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.251 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

fe397926b9153eef1ff4b993c12314dee516648b4b9eb17398b3e4252c0b61fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:26:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: DHAY7H7M13SSVSYP
age: 255
x-amz-server-side-encryption: AES256
x-amz-id-2: 3mrxih0Vo8rbkP3FJy8kQYkbLIdXQaIkJ+3fjdiRHAZDV3YJBaZFXx1060L7oHpOCB5s52+HmYQ=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 09 Feb 2023 17:58:02 GMT
server: ATS
etag: "1ec4e10d0dddd5bd001bd7317afd4f4c-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
accept-ranges: bytes

GET
DATA 200
OK truncated
/ Frame B801 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e933afe53fef8bd8079a2e85906937e6834b0d4443e479bc3e6f087f715a76b2

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame A6DA 80 KB
27 KB 200ms
199ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: agent.aralego.com
URL: https://agent.aralego.com/sdk

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

0d73124f158869d172bfac3cf5ad17a36f06adddceb741d5fde7de96c6a14559

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:30:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27652
x-xss-protection: 0
server: cafe
etag: 454 / 19567 / 31076566 / config-hash: 5693953215715342715
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 29 Jul 2023 17:30:51 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 445D 0
0 114ms
113ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307250102&jk=1325701986535597&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 g3YyfgUK0ye4_zZ0TZo1Byqq3c9tr_Gw3_pcFoz461A.js Show response
pagead2.googlesyndication.com/bg/ Frame 821A 37 KB
14 KB 79ms
79ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/g3YyfgUK0ye4_zZ0TZo1Byqq3c9tr_Gw3_pcFoz461A.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

8376327e050ad327b8ff36744d9a35072aaaddcf6daff1b0dffa5c168cf8eb50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 15:29:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7291
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14577
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 28 Jul 2024 15:29:20 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 88ms
88ms Ping
text/plain 142.250.185.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je37q0&_p=3342&cid=914993839.1690651846&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=2&sid=1690651846&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fgu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html&dt=%E8%82%A1%E5%B8%82%E5%85%A7%E5%8F%83%E6%97%A9%E5%A0%B1%EF%BC%9A%E9%80%BE%E5%8D%83%E5%AE%B6%E5%85%AC%E5%8F%B8%E7%99%BC%E4%BD%88%E4%B8%89%E5%AD%A3%E5%A0%B1%203%E6%96%B0%E8%82%A1%E7%94%B3%E8%B3%BC%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_failed&_et=4
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 17:30:51 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 821A 0
10 B 77ms
76ms Image
text/plain 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?C1SQhQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:30:51 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307260102/ Frame A6DA 387 KB
123 KB 80ms
80ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307260102/pubads_impl.js?cb=31076566

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

aecbcd81ab4ba067ecfc856682cb5d34b2249db6564ae0e4f3f23422b734dc31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 13:44:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13602
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125612
x-xss-protection: 0
server: cafe
etag: 13662757064411976442
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 28 Jul 2024 13:44:09 GMT

GET
H2 200 getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ Frame B801 290 B
614 B 669ms
102ms Script
application/javascript 87.248.100.136

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?agentVersion=205&adTrackingEnabled=true&locale=en&adUnitCode=bcca64ee-253d-4aef-a886-21cefca8d05d&apiKey=SXG6B5X3FQVQPXFZFMVG&gpp=&gppSid=&usp=&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Frisu.io%2F&caps=16&cb=jsonpCallback0

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.100.136 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

6227e2f11efa93c7eb0ea38ed73a866426f7080d40f3a34a6670bff550656d0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
date: Sat, 29 Jul 2023 17:30:51 GMT
server: ATS
age: 1
x-content-type-options: nosniff
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
x-envoy-upstream-service-time: 13
x-xss-protection: 1; mode=block
x-request-id: e67466dc-8b2f-4e41-8171-f32ba68ad004

GET
H2 200 b
geo.yahoo.com/ Frame B801 43 B
832 B 285ms
91ms Image
image/gif 188.125.72.139

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://geo.yahoo.com/b?t=xhkd7&9sdk8454

Requested by

Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.125.72.139 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 17:30:51 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 1
content-length: 43

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame A6DA 27 KB
12 KB 143ms
142ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1900208687526416&correlator=3697704765071850&eid=31076566%2C44797800&output=ldjh&gdfp_req=1&vrg=202307260102&ptt=17&impl=fif&iu_parts=22670248360%2Cbg3_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=1911528252&sfv=1-0-40&sc=1&abxe=1&dt=1690651851656&lmt=1690651851&adxs=0&adys=125&biw=-12245933&bih=-12245933&isw=300&ish=250&scr_x=-12245933&scr_y=-12245933&ucis=x8bn3qo3zfox&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=3&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ref=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&top=https%3A%2F%2Fwww.bg3.co%2F&frm=8&vis=1&psz=300x250&msz=300x0&fws=260&ohw=300&ea=0&ga_vid=1220000986.1690651852&ga_sid=1690651852&ga_hid=1798756680&ga_fc=false&dlt=1690651850587&idt=957

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307260102/pubads_impl.js?cb=31076566

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

119b295aceca02a157a525231ed5d62e8a32a1869c297c01a65db52c276e6f40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:30:51 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11992
x-xss-protection: 0
google-lineitem-id: 6336189971
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138437415221
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://adx.holmesmind.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame A6DA 15 KB
11 KB 128ms
127ms XHR
application/json 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307260102&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307260102/pubads_impl.js?cb=31076566

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

f4243fe40a7e865634b99021089593d9497748635292ea716c07e725fe2708b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:30:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11674
x-xss-protection: 0

GET
H2 200 container.html
882512478141f5c80841a20b1c5d3b55.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BD75 6 KB
0 132ms
86ms Document
text/html 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://882512478141f5c80841a20b1c5d3b55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307260102/pubads_impl.js?cb=31076566

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f1.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 17:30:51 GMT
expires: Sun, 28 Jul 2024 17:30:51 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame A6DA 17 KB
6 KB 91ms
91ms Script
text/javascript 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307260102/pubads_impl.js?cb=31076566

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:30:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 29 Jul 2023 17:30:51 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6727 0
0 118ms
117ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssGxAbrLCG4VfuMqMFz0wPiCNwPCSpkfUmjM_LQ1iLMso0STKknOpey4ydfV7sY5GDPqb1WJxgAwjcwCDBYE1YiAUo5YQNWmy7b0K-TRubg1ZAvenf4VuRX7fyi4TqvSGCRxjArSnf8lRBaEfXgpUUuv_MtB-V5ixyRsnbVbRescqd6l7hsTmWfY6S6Bn6BrTOVa-uWEkHqB2fW3Bh6RM8WoTTYBLiGK9QmAfXpfLKIBAio_UJ7WnBE7_rUAvFX3P2d-hYwrtbb-xIdqSyT3SaJ8A1gBosnAJ9fLnCv_mw9jRy7-mb5Jg7l3rTVZ0idtnCrhlZ7HyHI7LhS&sai=AMfl-YS3gzuKz0Nf4lQH46ARd6p5kYmtnREIbISTpawDCqIcclzEIabWm2IsqROZKA_IXZJMjYVWOPpGMnBeD0FakmAKJj--VxGIYvfifg&sig=Cg0ArKJSzBJdbsbiGeZqEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/gu-shi-nei-can-zao-bao-yu-qian-jia-gong-si-fa-bu-san-ji-bao-3xin-gu-shen-gou.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:30:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 ysm_bg3.js Show response
ad.sitemaji.com/ Frame 6727 31 KB
10 KB 56ms
55ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/ysm_bg3.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307260102/pubads_impl.js?cb=31076566
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 287077b1aeaca25ca5387fa4bccd16aa0f098f48ab4630152689426db2d97470

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 16:52:31 GMT
content-encoding: br
via: 1.1 google
last-modified: Mon, 26 Jun 2023 06:28:33 GMT
server: nginx/1.12.1 (Ubuntu)
age: 2300
etag: W/"64993011-7b8f"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9956
expires: Sun, 30 Jul 2023 16:52:31 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6727 179 KB
56 KB 95ms
94ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307260102/pubads_impl.js?cb=31076566

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:30:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57355
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690371356542162"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 29 Jul 2023 17:30:51 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3040 13 KB
5 KB 80ms
77ms Document
text/html 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 30988
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 08:54:23 GMT
expires: Sun, 28 Jul 2024 08:54:23 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2A50 783 B
535 B 90ms
88ms Document
text/html 142.250.186.164
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f4.1e100.net

Software

GSE /

Resource Hash

dd6c1fb39ed4d50b2c4820b795f3a6413c39fdd012ad8348d9b8c3eb1d4e8868

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-TcaPC04R4wkrcDzsnBZKQA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-TcaPC04R4wkrcDzsnBZKQA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 17:30:51 GMT
expires: Sat, 29 Jul 2023 17:30:51 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 219C 0
0 118ms
117ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307250102&jk=1325701986535597&bg=!4OOl47fNAAZGOVy5Zjk7ADkAdvg8WtN7D-zS4kCh_mVKA28Mpui85mk2YKs83ERy0zC9p0gwCj9ttapnWRDrQZCfp5SY5HgNRRQCAAAAclIAAAAaaAEHCgCVE5hHIwtZlnwGr7J2VsO9K3b5veQhTUCOysoZwj7f58JGXU0i1qHgLeWPkxg_3S_iTrRT1X0X0DwArjgC8acWk0H-YjxNr_ZwLCJxLiAEZDmp4IkkF5MP6En5r-qW6udUk8z5t99Nqp8Mzj9TLpW13JbeIPqKk0UFvUtv_lFs-oavL6RNOHSFVdWKa-BXsKXWuXMCmZ2ZAu3xOXacve0mVC9zlUS0fXdWmcVQeVLmGybhzTY6jDU7iVZaJOv2hzzBNd39_LO8h77Y_W54IdZDVGrnpP_0Ii_9YLU83UUx0mgrfqOM08XmqoOxkUU1TcvQxscNC-NLSSPJ2NoHRSTVcnK5LZyzdkLVivt229AXTyDYLrwvkV1kUh47b0DuTZ6F9DrfhLmPbclSaagUk0Br-760lY1AuDU-bo8HVRrKGBVpV0Un-hh9hf5TCLpp37WADGOrrmGEd0v1_LDbY62rhaNiieXOhRbgYE2lJbU6rHtS0OKTRXxc0M6i5PsnEMLzXLQdcS28P6ccAf6hJazZdOReISoHg6RfWyCn5OT_wN9LHqtCUMN78A9jBL4noVZayWO3OnWQtfs_tsLC9ZrJxHBZ1rvWpluh21eeT1pI9WVW1UVqKlzhKc4hNyO48Hbh8mVBORMeI8ESI01Q1C3nPNBk6iqwpIzxBaFy3HEMvknQr7wgwlkSjjxCLwt6os34wiDygZvGOFxrwiPKrgQB-P5I6XJf2l88CaTGroKbIjC6Zr8LycjWnjlNpUdIU7vcEirVPMoEUPFrCuOtl_hZHPwuAKU6dd21Xf7mAJTSjfB42lJcKLNp0omGEZYpj1MAg7u3rRofRm0aOTNVCSr_yLv1KX_Uy7jiVOVuMUWhUbfl1v6PynUpH6GewsMbyTW9b9v-qg8iBflcl1hwT3R1KUDF0ltV5Y3k9Fr1L8_kzcibmOU6E8Sn7ng3ofusajoNHRMmUiekx9UhABQqU0WfvQx3dZYZqGDK_uXg2-HfETCauWIzOIAXYq7xDEAGL4E9H6kPqGmk9h44R00ELGgLvurviKgHGN9-UD1YTSHCTDkm2Bcelzj5CL1VlhGbZhh-MOOy12Hzn4MlIcsBE74-L186G1_km2ADOfoYktFwu-3CucPPFWHnoVr2nA0qxfr2tsg8qIQaagdtdoWWpvQ6NHz0K_8mOvWYTS0XgopsPojA96lvQA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 native.js Show response
s.yimg.com/dy/ads/ Frame 6727 80 KB
30 KB 85ms
85ms Script
application/javascript 87.248.119.251

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/dy/ads/native.js

Requested by

Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_bg3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.251 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

fe397926b9153eef1ff4b993c12314dee516648b4b9eb17398b3e4252c0b61fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:26:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: DHAY7H7M13SSVSYP
age: 256
x-amz-server-side-encryption: AES256
x-amz-id-2: 3mrxih0Vo8rbkP3FJy8kQYkbLIdXQaIkJ+3fjdiRHAZDV3YJBaZFXx1060L7oHpOCB5s52+HmYQ=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 09 Feb 2023 17:58:02 GMT
server: ATS
etag: "1ec4e10d0dddd5bd001bd7317afd4f4c-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
accept-ranges: bytes

GET
DATA 200
OK truncated
/ Frame 6727 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c146d8cb7b94a6117aa81c3d50510eab66b1d5bde3803d69db0f0ef0f08618cc

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 g3YyfgUK0ye4_zZ0TZo1Byqq3c9tr_Gw3_pcFoz461A.js Show response
pagead2.googlesyndication.com/bg/ Frame 3040 37 KB
14 KB 81ms
80ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/g3YyfgUK0ye4_zZ0TZo1Byqq3c9tr_Gw3_pcFoz461A.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

8376327e050ad327b8ff36744d9a35072aaaddcf6daff1b0dffa5c168cf8eb50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 15:29:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7292
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14577
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 28 Jul 2024 15:29:20 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2A50 0
0 112ms
111ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307260102&jk=1900208687526416&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ Frame 6727 290 B
382 B 104ms
100ms Script
application/javascript 87.248.100.136

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.100.136 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

6227e2f11efa93c7eb0ea38ed73a866426f7080d40f3a34a6670bff550656d0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
date: Sat, 29 Jul 2023 17:30:52 GMT
server: ATS
age: 0
x-content-type-options: nosniff
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
x-envoy-upstream-service-time: 12
x-xss-protection: 1; mode=block
x-request-id: 431e98c3-5e9d-4ea3-bf4b-04109edd3ad3

GET
H2 200 b
geo.yahoo.com/ Frame 6727 43 B
460 B 92ms
89ms Image
image/gif 188.125.72.139

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://geo.yahoo.com/b?t=xhkd7&9sdk8454

Requested by

Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.125.72.139 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 17:30:52 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 0
content-length: 43

GET
H3

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/ Frame B801
Redirect Chain

https://agent.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

65ms
64ms

Script
application/octet-stream

172.67.71.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol: H3
Server: 172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:30:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4839
alt-svc: h3=":443"; ma=86400
content-length: 40181
last-modified: Tue, 20 Jun 2023 03:04:26 GMT
server: cloudflare
etag: "6491173a-9cf5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MbLR29RtwSARWXL4O3aAjbl7OyptIrp7NM1Bco86ufp%2B2n%2BljM1w8pSc1%2Bm72BAAjjDeWI1dzR%2FWpdiLa7Lr%2B1OzDe32nPaNWjscQ6F2yVF4vwjOfrVZanLbmWGZtuH4ew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7ee7179f29ae03ca-LIS

Redirect headers

location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
connection: close
content-length: 0

GET
H3

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/ Frame 6727
Redirect Chain

https://agent.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

65ms
64ms

Script
application/octet-stream

172.67.71.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol: H3
Server: 172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:30:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4839
alt-svc: h3=":443"; ma=86400
content-length: 40181
last-modified: Tue, 20 Jun 2023 03:04:26 GMT
server: cloudflare
etag: "6491173a-9cf5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gDyo3LpKRErWgZAhynYC5rQDEvtN519sSuJ%2FWQtufRnc%2B4TttPnlCWN%2Fh0PZadHmi0KM%2FMqrMfGZ6%2Bt1AxtHhJ6xrPI4RzluKKc0OcEp1xx4A7Nw%2Fp%2FclUcKrAscBtotEA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7ee7179f7a5903ca-LIS

Redirect headers

location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
connection: close
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3040 0
10 B 77ms
76ms Image
text/plain 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?uJm9sw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:30:52 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 ucfad-formats.css
cdn.aralego.net/css/dev/ Frame B801 975 B
755 B 60ms
59ms Stylesheet
text/css 172.67.71.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 17:30:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4627
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TlSbtYuTBLXuc8p%2Fv4PhZLHyYDvFVBtJBJkcH%2Fn7Ax26oDvX8SjMatnn%2BGPtjxKYtNAjjf6YpDw1%2BmPryMNKF6xFvgc0pfe%2BxIJqqoiq%2BdPLD2SicjNMlC5Fgd%2Bp3%2BQYaw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7ee7179f9a9603ca-LIS

GET ad_request
ads.aralego.com/ Frame B801 0
0

GET ucfad-formats.css
cdn.aralego.net/css/dev/ Frame 6727 0
0

GET ad_request
ads.aralego.com/ Frame 6727 0
0

POST VideoBidRequestHandlerServlet
am-wf.taboola.com/ 0
0

GET view
securepubads.g.doubleclick.net/pcs/ Frame B801 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202010/8102ff7498d694308650b8e32209bdee.jpg

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202009/a37a1b86533f9cad01634528de17bca5.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202011/74af13d27cbc899737b150a3038366d6.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202011/5f147d754c2b8edc7a92e1759bab005a.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202012/237e701c00d190b3c7b57f2d8b879640.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202012/ab590ddf5b66a5513fcc8123c2c1e975.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202012/f838ba6a47edc3ea09c423b729a379a7.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202012/7bf4404b71ee7c0a81616de264d01f70.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202012/c47b877cea0e049ae9d40b15b38b2001.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202012/03c0643260c6b2142a3d197f34dc2a77.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202011/2aa7e867fe57c85dacc04c209ea8dbf5.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202012/8541178c3ca937158e29d7745cc190ab.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202012/c0bc1f8a57091cf87b2982c102433681.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202012/4942f61bf27bfd425e8ed9b016486b39.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202010/edcbd95964e84c7e32ef373d01a6ad01.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202012/bbe3a0498ff16ae4faa34bf6756ac0a2.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202012/2fffd95c071a5a1320a9111e1a877b8f.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202012/b53f20cee87c757227fbd1b71316e65a.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202011/169022c8bdbee07d5fee6b97daa46b64.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202012/aa80f7f127fa3fcf47984e3d121af44b.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202011/b733f325ea8316cc35e67a5abbafec8e.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202012/a8e428f0410e1993477ab3ce1cf11680.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202011/32b62c86076dc609e209de63878a3359.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202012/182452880dc6e982041875f1d8cc24f9.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202010/0145c546e8ee66a7daadc1151c82db23.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202012/0def4cbe4e0229295ce7a2d99ee0fefa.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202012/feed5cd7b7c5fd3abf69d9f5bf540871.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202012/169022c8bdbee07d5fee6b97daa46b64.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202011/38efb55856cf88147b448869b3341365.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202011/5754ec3808c383604764932a35616e10.jpg?w=150&h=100&q=100

Domain: ads.aralego.com
URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=adx.holmesmind.com&u=https%3A%2F%2Fwww.bg3.co%2F&adid=ad-47BD2AED499228741372878ADE27B2E&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=undefined&cb=0.22398953173867153&ao=https%3A%2F%2Fwww.bg3.co&uaMobile=%3F0

Domain: cdn.aralego.net
URL: https://cdn.aralego.net/css/dev/ucfad-formats.css

Domain: ads.aralego.com
URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=adx.holmesmind.com&u=https%3A%2F%2Fwww.bg3.co%2F&adid=ad-47BD2AED499228741372878ADE27B2E&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=undefined&cb=0.2327645084165051&ao=https%3A%2F%2Fwww.bg3.co&uaMobile=%3F0

Domain: am-wf.taboola.com
URL: https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=165757&tagid=946347&crid=-1&noaop=3&sortOrderType=0&cb=1690651852768&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1536&pt=-1114377771&tz=0&viewable=true&ddast=V8ABsCLAYUyNOHK86ifhMokKcPV5xF_S4AAABgYID-AAltTJPVyjRay3wjh1u0Go3cysHIuJYMVybDaOJcTAwLIyChjWmyWplGa5lv5HCLVqORWzkYGdeS4cpkGE2ci4lhYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZmaDodPte9Xvf73SU-z1zj9yv8Otdbc3S65S6nW-Owu6UPv1vi8LuVr7fi6bC7pU6HW-e3-9yap1vmcEtcb83D7pY63RKH360ZPu1uneutObrsbp3fdRea3mY7AAAAAHjw____DwEAAAAgAgAAAIAEAAAAAAoBFf4tCFwAAAAAwPD___-vAUBsg0ATyYEAXneXPwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAAA0ZMnGdkvGQ5aZSEFvEUYAAAAAtprNh49M0gkqFlX-___7rQBcAQAISBSdFffKojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD-aIEozszRCk6PXan4BAQDW_AICALBRNwAAbwLgBB2CVgwGqxMQswMAAABw5____18PSK4WM99u5LBYZpPRaDOymFwmm2PhcFgsLsNsOdme-ZguOP55f-I-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvsjgMsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMGRZ7ZYri8mt2pgsa9FsMVoLBxuXW7WbTWbG4caymxnWotfHdLG4TJbRaosEA9j2InlapBPlymJYzSwjl2Nm2ExmNuPEMVt5ljPjyjCabSa7iViiOVmkE9ll31wtZr7dyGGxzCaj0WZkMblMNsfC4bBYXIbZcrIvWVa75cpicqs2JstaNFuM1sLBxuVW7WaTmXG4sexmhrXo9TFdLC6TZbTaN2bLwWy1GI5W-8ZsOZitFsPRat-hM3xXn7NRWVZJPib1RH3tGm5Og8JlsHjX6tNZWBQerNFw0emSiI-dndHv9_v9fr_f7_f7DVrPwWxQ-J6Hv3D6WJ7L4Wz0IDYoFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4da635uh0y11Ot8Zhd0sffrfE4XcrX2_F02F3S50Ot85v97k1T7fM4Za43pqH3S11uiUOv1szfNrdOtdbc3TZ3Tq_6y40vc0WsURwukgnopfxdFH_kUMu5pLBai7ZDOaK5WqVAAAAAAAAAAAswSTTTQAAAACcDGq4GS5W63Qwk9lksFstF8BFUJYuYBAAAAAAAIBijT3WAA-z22F6uSU-z8ZvZQASzHnMNvuMINZqtawBAAAIYAMAAAjgphtvAk2kuP____9xAAAAZOTQAwAAoN8HNBW3XuiBK8WvICaT2WL_AFSItVqtbjfWarUA!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=nonrv_vA!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstMFWI5juVjQgvzufA5d_tEHGokWRs85H7fXACUslQK_bgRCSSFXQmRbkhD2uLTlA5xgswpWiulvlsY8QT-n4KeMc8fXzvcPH5KqiF0nJ9jg5nKxUqhKJr7E3CNwltzwEyHReeVy58uBrURzhegsUoYAGl-59kVrNVrTLipaeLXYXHEXeCRY8FVcFwTyN9DoOPx7fjCB6D4YrLflRJ4xM_SuleptGKZhwN4uOP-IZKn5ZVjSc6EQnrl6PU0unvb2gPhnSTwQLfB4m1p9lK0jbP-J7AQF7K7ZXxIe2WY-h7B9d-poQHwA8aelq1fOjisTcl_Dn1T8FdS57QfVuA&sai=AMfl-YQydqq2pnyfTmCqhNMRzYhs0_M5l3xdMcTdh7c970UTqq3MOQEGILPSMir9iD3na33PDWk7oy82DDc-usnz6iq5WisQDA13wWdvHA&sig=Cg0ArKJSzBh8k6Oow7kPEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Verdicts & Comments Add Verdict or Comment

140 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

60 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.taboola.com/palmate-bg3co/	1969-12-31 23:59:59	Name: taboola_session_id Value: v2_951f77dab262443dbdedf1aaabbe0692_d2579ebd-5cd2-4614-80ce-5762f88c27f0-tuctbbed245_1690651845_1690651845_CNawjgYQ2YJdGIzDz5WaMSABKAEwZziY0QpA548QSKDx1gNQ____________AVgAYABosa_ptcr9986tAXAB
cdn.taboola.com/	1970-01-20 13:37:42	Name: abLdr Value: 32
.aralego.com/	1970-01-20 22:23:07	Name: sspid Value: f7625b99-7ca4-3c1a-b239-e2d79e12e9bd
.quantserve.com/	1970-01-20 23:07:46	Name: mc Value: 64c54cc4-dbced-531a4-eb94e
.bg3.co/	1970-01-20 23:02:00	Name: __qca Value: P0-108744081-1690651844560
.aralego.com/	1970-01-20 22:23:07	Name: euconsent-v2 Value:
.aralego.com/	1970-01-20 22:23:07	Name: gdpr Value: 1
.taboola.com/	1970-01-20 22:23:07	Name: t_gid Value: d2579ebd-5cd2-4614-80ce-5762f88c27f0-tuctbbed245
www.bg3.co/	1970-01-20 22:23:07	Name: trc_cookie_storage Value: taboola%2520global%253Auser-id%3Dd2579ebd-5cd2-4614-80ce-5762f88c27f0-tuctbbed245
.bg3.co/	1970-01-20 23:13:31	Name: _ga Value: GA1.1.914993839.1690651846
.bg3.co/	1970-01-20 23:13:31	Name: _ga_Z0TZ7TDHS1 Value: GS1.1.1690651846.1.0.1690651846.0.0.0
.bg3.co/	1970-01-20 22:59:07	Name: __gads Value: ID=cef818d2386f062f-226bbf5010e300dd:T=1690651846:RT=1690651846:S=ALNI_MbK6bAdRSgdMM1SSNa_AciaLdfP5A
.bg3.co/	1970-01-20 22:59:07	Name: __gpi Value: UID=00000d2a53a7a912:T=1690651846:RT=1690651846:S=ALNI_MZ6-0XUfmNx2-ARldZAlvyW72oScw
.www.bg3.co/	1970-01-20 14:20:43	Name: _im_vid Value: 01H6HB7SW6859CBKVR7SNR817V
.doubleclick.net/	1970-01-20 23:13:31	Name: IDE Value: AHWqTUnl3NgKtzw4LQ5ZEK4jMEmHeNqo3EC2qCgEOakIwKu45Aq4V2bNFjXnMwlSayA
.rubiconproject.com/	1970-01-20 22:23:07	Name: khaos Value: LKOAGHLT-1V-7X9O
.adsrvr.org/	1970-01-20 22:24:34	Name: TDID Value: e04058f0-3126-4147-a97d-dbb346b06cf4
.analytics.yahoo.com/	1970-01-20 22:23:07	Name: IDSYNC Value: 19cx~2d1t
.yahoo.com/	1970-01-20 22:23:29	Name: A3 Value: d=AQABBMZMxWQCEIG_EVnz27NjzhwVq8OFv3EFEgEBAQGexmTPZFkWyyMA_eMAAA&S=AQAAAi9USoL31_0FG91U8DU5BE4
.amazon-adsystem.com/	1970-01-20 23:13:31	Name: ad-privacy Value: 0
.linkedin.com/	1970-01-20 22:23:07	Name: bcookie Value: "v=2&9b645351-d36c-493e-8f89-8963b1394ae0"
.linkedin.com/	1970-01-20 13:38:58	Name: lidc Value: "b=OGST02:s=O:r=O:a=O:p=O:g=2970:u=1:x=1:i=1690651847:t=1690738247:v=2:sig=AQFWSAfoLpY1HdW7zqPJ0O5rHG2uar7m"
.amazon-adsystem.com/	1970-01-20 19:33:12	Name: ad-id Value: AzYfX2bek0oHqvtxxvqlNS8
.openx.net/	1970-01-20 22:23:07	Name: i Value: a41892dd-c11b-4bc6-bdee-27774abe8f89\|1690651847
.adsrvr.org/	1970-01-20 22:24:34	Name: TDCPM Value: CAEYASABKAIyCwi816HwiJmIPBAFOAFaBzA1NGYzMm9gAg..
.bidswitch.net/	1970-01-20 22:23:07	Name: c Value: 1690651847
.bidswitch.net/	1970-01-20 22:23:07	Name: tuuid_lu Value: 1690651847
.smartadserver.com/	1970-01-20 23:09:12	Name: pid Value: 1859822935316937370
.smartadserver.com/	1970-01-20 23:09:12	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 22:24:34	Name: csync Value: 107:d2579ebd-5cd2-4614-80ce-5762f88c27f0-tuctbbed245
.lijit.com/	1970-01-20 22:23:07	Name: ljt_reader Value: HEA6sQZHHbGvXq8jRoKtEK9g
.adscale.de/	1970-01-20 22:19:47	Name: uu Value: aec08a92eb8441489479e29a0cd04f62
.contextweb.com/	1970-01-20 22:15:55	Name: V Value: LsZHBLAIcoff
.contextweb.com/	1970-01-20 22:23:07	Name: pb_rtb_ev Value: 3-1lzo\|5Ql.0.d2579ebd-5cd2-4614-80ce-5762f88c27f0-tuctbbed245
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 832908bf9837115b
.lijit.com/	1970-01-20 22:23:07	Name: _ljtrtb_42 Value: d2579ebd-5cd2-4614-80ce-5762f88c27f0-tuctbbed245
.bidswitch.net/	1970-01-20 22:23:07	Name: tuuid Value: c587b829-87b4-497c-a7d1-6bdaf41d6dbc
.adscale.de/	1970-01-20 22:19:47	Name: cct Value: 1690651847967
.3lift.com/	1970-01-20 15:47:07	Name: tluid Value: 1824599669949979100874
.criteo.com/	1970-01-20 22:59:07	Name: uid Value: edf31e10-7f5a-466f-a143-8a89eab4e0e4
.adx.opera.com/	1970-01-20 22:23:07	Name: UID Value: OPUb809458b93a0401191fc6eae629e7b5c
.mfadsrvr.com/	1970-01-20 23:13:31	Name: c Value: 1690651848
.mfadsrvr.com/	1970-01-20 23:13:31	Name: tuuid_lu Value: 1690651848
sync.srv.stackadapt.com/	1970-01-20 22:23:07	Name: sa-user-id Value: s%3A0-89b271a5-9f89-5b1a-4a48-7f076a08df84.lOx5k9dsDD86jWWvqZR%2BvZPsHJ2vfSa8uIGy2HpXe24
.srv.stackadapt.com/	1970-01-20 22:23:07	Name: sa-user-id Value: s%3A0-89b271a5-9f89-5b1a-4a48-7f076a08df84.lOx5k9dsDD86jWWvqZR%2BvZPsHJ2vfSa8uIGy2HpXe24
sync.srv.stackadapt.com/	1970-01-20 22:23:07	Name: sa-user-id-v2 Value: s%3AibJxpZ-JWxpKSH8HagjfhFvN5sM.pggWv8CKOwbxR4GD5%2F46aqA09MahTaDrXQij12R5MA8
.srv.stackadapt.com/	1970-01-20 22:23:07	Name: sa-user-id-v2 Value: s%3AibJxpZ-JWxpKSH8HagjfhFvN5sM.pggWv8CKOwbxR4GD5%2F46aqA09MahTaDrXQij12R5MA8
sync.srv.stackadapt.com/	1970-01-20 22:23:07	Name: sa-user-id-v3 Value: s%3AAQAKIMUxcEjstsY0pNEFcvgXe-dyHuxbYAlo1XESRibKtWraEHwYBCDImZWmBjABOgTwi70wQgQ7zIzB.%2F0t38GPai08DlGoT7Is7Jr9cgCOPBWvZczFw6AkTU%2Fk
.srv.stackadapt.com/	1970-01-20 22:23:07	Name: sa-user-id-v3 Value: s%3AAQAKIMUxcEjstsY0pNEFcvgXe-dyHuxbYAlo1XESRibKtWraEHwYBCDImZWmBjABOgTwi70wQgQ7zIzB.%2F0t38GPai08DlGoT7Is7Jr9cgCOPBWvZczFw6AkTU%2Fk
.adform.net/	1970-01-20 14:22:10	Name: C Value: 1
.adform.net/	1970-01-20 15:03:55	Name: uid Value: 5289276431343242664
.mfadsrvr.com/	1970-01-20 23:13:31	Name: tuuid Value: 93aa9c63-763a-4f06-9f8f-26d2f37e4243
.mfadsrvr.com/	1970-01-20 23:13:31	Name: ssh Value: !bidswitch,1690651848
.id5-sync.com/	1970-01-20 13:37:32	Name: cf Value:
.id5-sync.com/	1970-01-20 13:37:32	Name: cip Value:
.id5-sync.com/	1970-01-20 13:37:32	Name: cnac Value:
.id5-sync.com/	1970-01-20 13:37:32	Name: car Value:
.id5-sync.com/	1970-01-20 13:37:32	Name: gdpr Value:
.id5-sync.com/	1970-01-20 13:37:32	Name: callback Value:
.rubiconproject.com/	1970-01-20 22:23:07	Name: audit Value: 1\|RF9wucTPkYnXjeRMn7nr3frF00VWqQqzeDoidax2TzBgQ4KuYdtRFpsuVZ9n25CglwQLRgcIlV/qFTrNE4+z9kqVaHlG5Slg/Vtt7hKIOSQ=

31 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://static.bg3.co/imgs/202009/a37a1b86533f9cad01634528de17bca5.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202012/03c0643260c6b2142a3d197f34dc2a77.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202012/237e701c00d190b3c7b57f2d8b879640.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202012/ab590ddf5b66a5513fcc8123c2c1e975.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202011/2aa7e867fe57c85dacc04c209ea8dbf5.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202012/f838ba6a47edc3ea09c423b729a379a7.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202012/7bf4404b71ee7c0a81616de264d01f70.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202012/c47b877cea0e049ae9d40b15b38b2001.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202010/8102ff7498d694308650b8e32209bdee.jpg Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202011/74af13d27cbc899737b150a3038366d6.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202011/5f147d754c2b8edc7a92e1759bab005a.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202011/b733f325ea8316cc35e67a5abbafec8e.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202012/4942f61bf27bfd425e8ed9b016486b39.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202012/182452880dc6e982041875f1d8cc24f9.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202012/2fffd95c071a5a1320a9111e1a877b8f.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202010/edcbd95964e84c7e32ef373d01a6ad01.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202012/bbe3a0498ff16ae4faa34bf6756ac0a2.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202012/8541178c3ca937158e29d7745cc190ab.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202012/c0bc1f8a57091cf87b2982c102433681.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202011/169022c8bdbee07d5fee6b97daa46b64.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202012/0def4cbe4e0229295ce7a2d99ee0fefa.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202012/aa80f7f127fa3fcf47984e3d121af44b.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202010/0145c546e8ee66a7daadc1151c82db23.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202012/a8e428f0410e1993477ab3ce1cf11680.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202012/169022c8bdbee07d5fee6b97daa46b64.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202012/feed5cd7b7c5fd3abf69d9f5bf540871.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202012/b53f20cee87c757227fbd1b71316e65a.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202011/32b62c86076dc609e209de63878a3359.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202011/5754ec3808c383604764932a35616e10.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202011/38efb55856cf88147b448869b3341365.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://cdn.adpushup.com/42753/L2EvZ3Utc2hpLW5laS1jYW4temFvLWJhby15dS1xaWFuLWppYS1nb25nLXNpLWZhLWJ1LXNhbi1qaS1iYW8tM3hpbi1ndS1zaGVuLWdvdS5odG1s.json Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

882512478141f5c80841a20b1c5d3b55.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
ad.sitemaji.com
ads.aralego.com
ads.yap.yahoo.com
adx.holmesmind.com
aea27087672024348e5c27a97646f1ec.safeframe.googlesyndication.com
agent.aralego.com
am-match.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
amp.analytics-debugger.com
audiencedata.im-apps.net
bh.contextweb.com
c1.adform.net
c860ad800c2e5b518eaa71d8b6181e7d.safeframe.googlesyndication.com
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.taboola.com
cds.taboola.com
ce.lijit.com
cm.g.doubleclick.net
code.jquery.com
d-35970974683141977892.ampproject.net
delivery.adrecover.com
dis.criteo.com
dmp.im-apps.net
e3.adpushup.com
eb2.3lift.com
eus.rubiconproject.com
f51d3f49a8470571c5649f9a740b70bd.safeframe.googlesyndication.com
fonts.googleapis.com
fundingchoicesmessages.google.com
geo.yahoo.com
googleads.g.doubleclick.net
gum.criteo.com
id5-sync.com
ih.adscale.de
il-trc-events.taboola.com
images.taboola.com
imprammp.taboola.com
l.logly.co.jp
match.adsrvr.org
match.taboola.com
nt.compass-fit.jp
pagead2.googlesyndication.com
partner.googleadservices.com
pips.taboola.com
pixel-apac.rubiconproject.com
pixel-us-east.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
px.ads.linkedin.com
rtb-csync.smartadserver.com
rtb.mfadsrvr.com
rules.quantcount.com
s.amazon-adsystem.com
s.yimg.com
secure-assets.rubiconproject.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
ssbsync.smartadserver.com
static.bg3.co
stats.g.doubleclick.net
sync-t1.taboola.com
sync.aralego.com
sync.logly.co.jp
sync.srv.stackadapt.com
sync.taboola.com
t.adx.opera.com
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
trace.mediago.io
trc.taboola.com
u.openx.net
ups.analytics.yahoo.com
us-u.openx.net
vidstat.taboola.com
vidstatb.taboola.com
wf.taboola.com
www.bg3.co
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
ads.aralego.com
am-wf.taboola.com
cdn.aralego.net
securepubads.g.doubleclick.net
static.bg3.co
103.231.174.251
108.138.7.64
108.177.15.156
124.146.215.52
13.107.42.14
13.248.245.213
141.226.224.32
141.226.228.48
141.95.33.111
142.250.181.226
142.250.185.174
142.250.185.195
142.250.186.129
142.250.186.136
142.250.186.138
142.250.186.164
142.250.186.34
142.250.186.98
142.250.74.194
151.101.193.44
162.210.196.208
172.64.102.25
172.67.71.254
178.250.1.11
178.250.1.9
18.195.209.186
18.66.97.81
185.106.33.48
185.86.138.151
185.86.138.155
188.125.72.139
192.96.203.13
198.47.127.205
2.16.238.154
2.19.126.212
2.23.209.46
208.93.169.131
216.52.2.86
216.58.206.33
23.201.255.110
23.97.225.52
3.122.169.238
3.124.175.54
3.33.220.150
3.71.149.231
34.120.96.193
34.98.64.218
35.186.215.140
35.208.249.213
37.157.5.132
52.198.195.5
52.199.103.74
52.212.161.120
52.46.143.56
52.95.125.22
54.166.70.66
69.16.175.10
69.173.144.138
69.173.144.139
69.173.151.100
69.173.158.64
82.145.213.8
87.248.100.136
87.248.119.251
91.228.74.208
95.101.149.233
99.86.91.21
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
086eefc5c8c997cd6ad6fa4cef08d87d8e4479508b06f30930aa65d08ad2cee4
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cdc1d09aac29df4b32648b075b088d83174193624fe3c219cfd777692c9ba81
0d52e28e2f00236047c1ae1e1b2b9cbf80687d8df9fa6c825bf4caaa526eabd4
0d73124f158869d172bfac3cf5ad17a36f06adddceb741d5fde7de96c6a14559
0e3d8fefb06a49434922a615f2f6fc7693bf2d59c6cfca15aabb91a8f9aca7c1
0f82b62ca70834fa28f5e86b2ff59f8a4b7fc58beff1c711b0fa922c0afe484b
119b295aceca02a157a525231ed5d62e8a32a1869c297c01a65db52c276e6f40
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4
13b01783a067f21e1a92d8fa559aa25c7f7bb60b7911dfa994efba7cc9e9d1d4
13d5c0f2451f0a14104098f72c6f3334114a68927e50beb4779a0bf98966d9f5
14998d6b3082e2e28f05d32c0f0c3b8c1900440fe8943f9a674e2943d76e619d
15f61004f23b5aa4062a153470d2f821fe32600184e308996dafa51d2c9a018a
16ca4436ccbc7b885da06df96924689c3992e5f46c34810546c061e9f638c3d0
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
19a95ba9c933d2d3798025717a189d2f87680fc882f2fb956b272b59fe97d706
1b6b50ba1f243d0deba4fe069238c64a2749fae0cd155e52b6acefd727867f9d
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1c115e258474a046366a658e6c9276df7aff2e66bc62128507ff10cebdc240d3
1ed5dd7dd7b1a21a60412715733d5f31958b50ad92ba73cd7230ec7b027c6631
1fa0616a1df4a0404c8640f675de1f19aefdb9be8fd52a889683cc9f7d888318
224a09c4f1f300f6bcfc02fa210bda58bc776ed8d78f981b9bd6c92df6d0e906
226047b6df5b3d94b3177a2d35e39b8814c03acfb95e61eccea40c5eb81328bc
25819806306e004466ba636da8f882fe765109db694fee412567de2be14cb7d1
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
287077b1aeaca25ca5387fa4bccd16aa0f098f48ab4630152689426db2d97470
2aec7a278e6dcbc6fe1215aa393f819226b5ce4c8e0490f7ff1e263f29b07f89
2e1c308b644d5be0cb3ca8d1ed6ca9caf2f559a2db097ce23040bb7e6f352d6e
2effa9fe0c49492b8c8f9192ae68f285deb604d7cee78f8f988a07d906c14be5
30440c593b86740ded122b76696292c5cdfc0cd98f9703bc15baf1e1bd191b53
3399f420033012474878b71491e61a5d8c7bbf3a0c7303b4cb1559ad589c078a
354870399cd25b9a3e2d93b89ab95c7d37b034d9a813a3508eebeba38b09330b
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6
391add0d2045e77baa1b849271fcdfafdda692ea202619fcba7aa38d96cac4a5
392c32f20b9f867852a946a6ed1c5e21476df9619083548b6585d80a3b5f9bd4
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4305f203273c193fd656b6e62ea1a75060666705e4402dc1bc155d9cfeca36f3
43a83648821763999517a452b242cd9dc3f25c9278aa8be1e242fd5c1b048e7e
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4c00b1f7c446fc317cd611aa4a378e6c94af7c33575b4479e6a675f55a0531c8
4c99948876232f9342173ab2cc8a570113d4433f91eb2a1a5325dcb43a9bf2aa
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fa81ed537edbb96ee9bd8710e48e41ecce0cd6b93cda231e0f149922a06742f
4fcde06d3963713e552d9d46936109ce6d3d389318c4c053217dd0a8b12e7b85
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54d276379c74a84f2a492dffd42961f41b243e4e938eef6d3125375cb91709de
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55b4da79f3aa123f125cf4d281721b97f6aeb2a559c8b0f8bc422270fe9de9c7
5770d0ab0f132c17e357c960ca4e6e0c48ea1cdb4136c2b032c84d99cffa40ef
5a42323e0b1c4e0d4d08124e092838d317dec3536cedfeb797380f02c1ebc132
5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de
6147a8eee698b1a1124a8b4b1c97610b761e5480667f18829a6267cfbc568efb
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61ca2b9408c3837e5386581f99ab60add56e670c4e760a95f5133d4222cfae3e
6227e2f11efa93c7eb0ea38ed73a866426f7080d40f3a34a6670bff550656d0a
63d1ecb3c8e8c575f590350095044e93dd12be127db55252f1b99ca061667b2e
67ac0415a2ee5a9c2dbb0b606a0e514df6c9d2bc6c79f26684803f038105ec6d
69fa4215009a4325ef2d8ed36a318853ec8597bfa8fc52197de529582b85a965
6a80566a14ad0c9ed05a4dca600dd0dcd7779caef2e98226cca37fbe89526d3a
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8
6b7b697c7c0a33c4c3f6dcef6d0274423f80f8199ea8ca9e81c2f946e6acb626
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
6ffcee19796223d59284ced661c18b62756a28ab869bc2cdb3d82ac583c7a2d2
702f62f45002af0aa9f18c52a8467098c0a4129318113771b8beb7a8ce2ea594
79630e2cf497fcaebf344b9a92318751eb38fa19331fd95a0b8ac6ac5926cba1
7d8a0b440d7068d5cb52547946da570da8238088d744ce73cbd6129b87200a12
7e59e41601467b178f901f5f6340af75e70151d692c5b83d6e526c5ba71fb25f
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030
8065f98a0c313ee69495c3c529c6d093e08c980c4419bdf2c9c7318925056ead
81c269c9d8d026a098f58eeae9379b11f1af264f374a0685cba7ce06aa92900d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8376327e050ad327b8ff36744d9a35072aaaddcf6daff1b0dffa5c168cf8eb50
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec
8503a0e8edb7b4ca26b986e850157b9445f023c194f025972ba3e9a78bbee77f
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
87dd32da153bed0ca923e497d4f97a42a3804fa279836f7bce61347c8cce0476
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d3d78bbb6c98e400d472a83afba12fdc2409166060f8d9be906bfd2faa7b9a7
8e40016fb5beadff3aeb102520f40031e3c64e274c40c679e41f597e6a4e5bbd
91bf1a6cedc2b670e224abf867b580ebeee8076263c665b53d6c4aed3e37acfe
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8
964783a75f5a7ecc32d48da45cc6025af80e263d6ba6530dc62cc25865b2eb00
98e6148a24faebb929a0138d6d686d44d5eedc6a33d9415eb0a0f803485bc656
9ac13a3b749d313c0d9735b75c2f13090f88ad739e9cb6a5846cfe3355ce29ce
9d591964c345f34292efaa1f04ba93f3dbaf7c0557e3fe66f98a820810098a0b
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
ab873a1935fe2a7306b43cae0eadfa589cd9f896887576d98ef1ca5a9c4e7e5f
acf8a82dfd083c657e5c87f7642ecff486f8520972d35bf2a0e42abe5712a827
aecbcd81ab4ba067ecfc856682cb5d34b2249db6564ae0e4f3f23422b734dc31
b031de3df41b8270548e7ef1e786892ff7d876ede2cd02e355b9cea2b9f63bf7
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b750900b775914263120999b2cc2b11394ea45f6d9ef5478329e3d1d69b17e60
b8a6b67b95245dbbe4fddb8aa4395636d755750b2affdf62f2256bc5cc3b2b93
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336
bc3dcb4607fcf860f3b04077f02155d90001cec4df1af09acab0fda30a0ebc39
bc5b34533f5015268f5c11541c4406b4612c36a7c8ed576c92a2afb49e97dafc
bd110b4002f47a83a112825349eae1f0198cf7e339fd26b633fc8146ae479daf
be6b618c74dfcfa339308889a40d80c33f5e893e871838f3e2fa071402371c3f
bf11d82fbedf5fdab3b712e64c5f3a5e702cd72f2163601e7bf05b1eded0ea23
c0ecc94075ed6d2baca1bb3a58ebe645a0ad2bfc371f4736e0c132860f45eae2
c146d8cb7b94a6117aa81c3d50510eab66b1d5bde3803d69db0f0ef0f08618cc
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c36b2a6e516f95a7565daca995489c486f3af12e10cc2feb19c3b53b83cefff5
c3e5aa1b802f28e02cc30d7af3a93b0486acd6d760a0f37b9d6d8062d8fc78e2
c489134cd8282e379ab7e6aa10e0292038bd696b17554fd03251b59d1a840bdd
c79f9e40a1865d23a006f20b91589717498e85c11abbc3ed5b3bc5f1645075fc
c84430c2d70c668223e7ecf851361ce191f98c4647a84ef17fb1a15f38b933c0
c9eb6c80b3ac7c6046303f445441f326bf1ffe2b86dc42816a092f110fe4fcf7
cfb99c717c3b8c261e25756ba22ee4e89ef6892ab38f6755699749b4156de1a2
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d9409221c7a9c028fd08ad871c80319f44d59cb703c1dfc28e2f11deb89029cd
dd6c1fb39ed4d50b2c4820b795f3a6413c39fdd012ad8348d9b8c3eb1d4e8868
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e72ddceb4ffc4294fc6b71ee771f423c143eb1ac9cc81dcd46c915c8c382f37d
e933afe53fef8bd8079a2e85906937e6834b0d4443e479bc3e6f087f715a76b2
eae438576c20d429574bb39337c98179423e0ec301675c2ba564e15fd2e0ae0c
eb9ef422344eb7e94e5a7976065ed4b76f187809db60c0523aad70903f761020
ed3123055622b820d3f418f26f64826be362b3992b167dac9cdbf4bafc2b2589
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3631374462518355dc08a93da5b37992dd1b0537da5756ca5308c559ab562ec
f3bd5682d8b393cf8879ddb8bb022f5b8efc97ea4df6bb9d0d36e74b748789a3
f4243fe40a7e865634b99021089593d9497748635292ea716c07e725fe2708b2
f4c557c95855835a07b591d52282cf17f1a94a1bf3f93e496dfce6994a14b01e
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f9d00ff1db8ca02bd10ea2ccb48cef106fb5f8bd2b23d276a8877ae87f36d6ac
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fe397926b9153eef1ff4b993c12314dee516648b4b9eb17398b3e4252c0b61fe
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

www.bg3.co Open in urlscan Pro 103.231.174.251 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

306 Requests

76 %HTTPS

0 %IPv6

47 Domains

90 Subdomains

55 IPs

11 Countries

3726 kBTransfer

11022 kBSize

60 Cookies

23 Outgoing links

Redirected requests

306 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.bg3.co Open in urlscan Pro
103.231.174.251 Public Scan

Screenshot
Live screenshot

Full Image

306
Requests

76 %
HTTPS

0 %
IPv6

47
Domains

90
Subdomains

55
IPs

11
Countries

3726 kB
Transfer

11022 kB
Size

60
Cookies

306 HTTP transactions
3 data transactions