www.bg3.co Open in urlscan Pro
103.231.174.251 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.bg3.co/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html
Submission: On August 03 via manual (August 3rd 2023, 1:02:55 pm UTC) from US — Scanned from PT

Summary HTTP 291 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 53 IPs in 10 countries across 35 domains to perform 291 HTTP transactions. The main IP is 103.231.174.251, located in New York, United States and belongs to XLC-AS-AP XLC GLOBAL, HK. The main domain is www.bg3.co.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on May 22nd 2023. Valid for: a year.

This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	103.231.174.251 103.231.174.251	9744 (XLC-AS-AP...) (XLC-AS-AP XLC GLOBAL)
11	142.250.185.65 142.250.185.65	15169 (GOOGLE) (GOOGLE)
4 11	192.96.203.13 192.96.203.13	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
10	104.26.4.103 104.26.4.103	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	193.108.153.16 193.108.153.16	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	193.108.153.18 193.108.153.18	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
39	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
1	52.68.208.5 52.68.208.5	16509 (AMAZON-02) (AMAZON-02)
2	69.16.175.10 69.16.175.10	20446 (STACKPATH...) (STACKPATH-CDN)
27	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
1	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
16	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
2	23.97.225.52 23.97.225.52	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	142.250.184.206 142.250.184.206	15169 (GOOGLE) (GOOGLE)
1	216.58.212.131 216.58.212.131	15169 (GOOGLE) (GOOGLE)
33	185.106.33.48 185.106.33.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1 3	91.228.74.168 91.228.74.168	16509 (AMAZON-02) (AMAZON-02)
1	142.250.186.42 142.250.186.42	15169 (GOOGLE) (GOOGLE)
1	172.64.164.28 172.64.164.28	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	23.36.163.132 23.36.163.132	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	108.138.7.64 108.138.7.64	16509 (AMAZON-02) (AMAZON-02)
2	142.250.186.168 142.250.186.168	15169 (GOOGLE) (GOOGLE)
6	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
2	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
3 3	23.218.164.71 23.218.164.71	16625 (AKAMAI-AS) (AKAMAI-AS)
8	23.35.229.251 23.35.229.251	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.66.97.52 18.66.97.52	16509 (AMAZON-02) (AMAZON-02)
1	74.125.133.155 74.125.133.155	15169 (GOOGLE) (GOOGLE)
4	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
3	54.73.141.177 54.73.141.177	16509 (AMAZON-02) (AMAZON-02)
1	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
2 4	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1	34.120.96.193 34.120.96.193	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	35.74.222.51 35.74.222.51	16509 (AMAZON-02) (AMAZON-02)
2	54.84.85.230 54.84.85.230	14618 (AMAZON-AES) (AMAZON-AES)
4	142.250.185.129 142.250.185.129	15169 (GOOGLE) (GOOGLE)
18	172.217.16.129 172.217.16.129	15169 (GOOGLE) (GOOGLE)
2	216.239.34.36 216.239.34.36	15169 (GOOGLE) (GOOGLE)
2	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
2	18.66.97.113 18.66.97.113	16509 (AMAZON-02) (AMAZON-02)
1 6	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
6	216.58.206.36 216.58.206.36	15169 (GOOGLE) (GOOGLE)
1	18.196.122.173 18.196.122.173	16509 (AMAZON-02) (AMAZON-02)
1	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
4	35.186.215.140 35.186.215.140	15169 (GOOGLE) (GOOGLE)
1	69.173.158.64 69.173.158.64	26667 (RUBICONPR...) (RUBICONPROJECT)
3	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1 1	34.96.71.22 34.96.71.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
2	87.248.119.252 87.248.119.252	203220 (YAHOO-DEB) (YAHOO-DEB)
2	87.248.100.136 87.248.100.136	() ()
2	188.125.72.139 188.125.72.139	() ()
291	53

1 103.231.174.251 (New York, United States)

ASN9744 (XLC-AS-AP XLC GLOBAL, HK)

www.bg3.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.185.65 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f1.1e100.net

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 192.96.203.13 (Manassas, United States) 4 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

ads.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
agent.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.26.4.103 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.aralego.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.108.153.16 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a193-108-153-16.deploy.static.akamaitechnologies.com

delivery.adrecover.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 193.108.153.18 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a193-108-153-18.deploy.static.akamaitechnologies.com

cdn.adpushup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 151.101.193.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imprammp.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstatb.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.68.208.5 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-68-208-5.ap-northeast-1.compute.amazonaws.com

nt.compass-fit.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.16.175.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: hwcdn.net

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.97.225.52 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

e3.adpushup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.131 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f131.1e100.net

d-3990198761571930581.ampproject.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 185.106.33.48 (Israel)

ASN200478 (TABOOLA-AS, IL)

il-trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 91.228.74.168 (United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.42 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.164.28 (United States)

ASN13335 (CLOUDFLARENET, US)

amp.analytics-debugger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.36.163.132 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-163-132.deploy.static.akamaitechnologies.com

dmp.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.7.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-64.fra56.r.cloudfront.net

l.logly.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.168 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

am-match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-vid-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.1.44 (United States)

ASN54113 (FASTLY, US)

vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.218.164.71 (Munich, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-164-71.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 23.35.229.251 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-229-251.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-52.fra56.r.cloudfront.net

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.133.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wo-in-f155.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.73.141.177 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-73-141-177.eu-west-1.compute.amazonaws.com

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.226 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.96.193 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 193.96.120.34.bc.googleusercontent.com

audiencedata.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.74.222.51 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-74-222-51.ap-northeast-1.compute.amazonaws.com

sync.logly.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.84.85.230 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-85-230.compute-1.amazonaws.com

ioms.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.129 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f1.1e100.net

bb6ad35fab43e09d032d512ce4e9a92d.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
8c205996eb486360c550377b1304b471.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
9a872fb22e3fb1e24f0e55f1f7c5439e.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
06d0fc9c781a51dc51076a2163e623f9.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 172.217.16.129 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f129.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.239.34.36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.97.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-113.fra56.r.cloudfront.net

adx.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 216.58.206.36 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.196.122.173 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-122-173.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.186.215.140 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 140.215.186.35.bc.googleusercontent.com

ad.sitemaji.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.158.64 (Singapore)

ASN26667 (RUBICONPROJECT, US)

pixel-apac.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.71.22 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com

s.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 87.248.119.252 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
PTR: e2-bmr.ycpi.vip.deb.yahoo.com

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 87.248.100.136 (None, )

ASN- ()

ads.yap.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.125.72.139 (None, )

ASN- ()

geo.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
81	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 861 trc.taboola.com — Cisco Umbrella Rank: 616 vidstat.taboola.com — Cisco Umbrella Rank: 2544 il-trc-events.taboola.com — Cisco Umbrella Rank: 18940 images.taboola.com — Cisco Umbrella Rank: 1756 imprammp.taboola.com — Cisco Umbrella Rank: 13588 am-match.taboola.com — Cisco Umbrella Rank: 13614 am-vid-events.taboola.com — Cisco Umbrella Rank: 12767 vidstatb.taboola.com — Cisco Umbrella Rank: 4741 wf.taboola.com — Cisco Umbrella Rank: 2645 pips.taboola.com — Cisco Umbrella Rank: 1537 cds.taboola.com — Cisco Umbrella Rank: 1770 am-wf.taboola.com — Cisco Umbrella Rank: 15060	1 MB
49	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 130 bb6ad35fab43e09d032d512ce4e9a92d.safeframe.googlesyndication.com 8c205996eb486360c550377b1304b471.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 155 9a872fb22e3fb1e24f0e55f1f7c5439e.safeframe.googlesyndication.com 06d0fc9c781a51dc51076a2163e623f9.safeframe.googlesyndication.com	548 KB
22	doubleclick.net 2 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 204 stats.g.doubleclick.net — Cisco Umbrella Rank: 114 googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 cm.g.doubleclick.net — Cisco Umbrella Rank: 239	793 KB
21	rubiconproject.com 4 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1155 eus.rubiconproject.com — Cisco Umbrella Rank: 618 token.rubiconproject.com — Cisco Umbrella Rank: 613 pixel-apac.rubiconproject.com — Cisco Umbrella Rank: 30277 pixel.rubiconproject.com — Cisco Umbrella Rank: 380	47 KB
11	aralego.com 4 redirects ads.aralego.com — Cisco Umbrella Rank: 34825 sync.aralego.com — Cisco Umbrella Rank: 3157 agent.aralego.com — Cisco Umbrella Rank: 259927	7 KB
11	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 427	219 KB
10	aralego.net cdn.aralego.net — Cisco Umbrella Rank: 13254	163 KB
8	yahoo.com pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 466 ups.analytics.yahoo.com — Cisco Umbrella Rank: 321 ads.yap.yahoo.com geo.yahoo.com	3 KB
7	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1659 www.google.com — Cisco Umbrella Rank: 3	13 KB
7	adpushup.com cdn.adpushup.com — Cisco Umbrella Rank: 18007 e3.adpushup.com — Cisco Umbrella Rank: 18875	277 KB
4	sitemaji.com ad.sitemaji.com — Cisco Umbrella Rank: 96246	39 KB
4	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 379	1 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 58 region1.google-analytics.com — Cisco Umbrella Rank: 1914	592 B
3	logly.co.jp l.logly.co.jp — Cisco Umbrella Rank: 62021 sync.logly.co.jp — Cisco Umbrella Rank: 67250	1 KB
3	im-apps.net dmp.im-apps.net — Cisco Umbrella Rank: 26212 audiencedata.im-apps.net — Cisco Umbrella Rank: 28818	3 KB
3	quantserve.com 1 redirects secure.quantserve.com — Cisco Umbrella Rank: 1273 pixel.quantserve.com — Cisco Umbrella Rank: 1017 cms.quantserve.com — Cisco Umbrella Rank: 802	10 KB
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 561	60 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 213	113 KB
2	holmesmind.com adx.holmesmind.com — Cisco Umbrella Rank: 973736	2 KB
2	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1196	906 B
2	bfmio.com ioms.bfmio.com — Cisco Umbrella Rank: 9430	970 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 73	84 KB
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 743	60 KB
2	adrecover.com delivery.adrecover.com — Cisco Umbrella Rank: 29387	11 KB
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 2157	173 B
1	company-target.com 1 redirects s.company-target.com — Cisco Umbrella Rank: 1823	407 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 350	146 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1198	633 B
1	analytics-debugger.com amp.analytics-debugger.com — Cisco Umbrella Rank: 20002	3 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 79	1 KB
1	ampproject.net d-3990198761571930581.ampproject.net
1	criteo.com gum.criteo.com — Cisco Umbrella Rank: 417	288 B
1	compass-fit.jp nt.compass-fit.jp — Cisco Umbrella Rank: 88617	17 KB
1	bg3.co www.bg3.co static.bg3.co Failed	16 KB
0	adotmob.com Failed sync.adotmob.com Failed
291	35

	Domain	Requested by
33	il-trc-events.taboola.com	www.bg3.co
27	pagead2.googlesyndication.com	cdn.ampproject.org ads.aralego.com pagead2.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com www.bg3.co
18	tpc.googlesyndication.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com www.bg3.co
16	securepubads.g.doubleclick.net	cdn.adpushup.com securepubads.g.doubleclick.net cdn.aralego.net agent.aralego.com www.bg3.co www.googletagservices.com
15	cdn.taboola.com	www.bg3.co cdn.taboola.com
14	images.taboola.com	www.bg3.co
11	cdn.ampproject.org	www.bg3.co cdn.ampproject.org
10	cdn.aralego.net	www.bg3.co ads.aralego.com adx.holmesmind.com agent.aralego.com
8	eus.rubiconproject.com	ads.aralego.com nt.compass-fit.jp eus.rubiconproject.com am-match.taboola.com
6	www.google.com	tpc.googlesyndication.com
6	token.rubiconproject.com	1 redirects eus.rubiconproject.com
5	vidstat.taboola.com	cdn.taboola.com vidstat.taboola.com
5	cdn.adpushup.com	www.bg3.co cdn.adpushup.com
5	ads.aralego.com	1 redirects ads.aralego.com agent.aralego.com
4	ad.sitemaji.com	adx.holmesmind.com securepubads.g.doubleclick.net
4	googleads.g.doubleclick.net	2 redirects cdn.ampproject.org
4	match.adsrvr.org	imprammp.taboola.com am-match.taboola.com eus.rubiconproject.com
3	pixel.rubiconproject.com	eus.rubiconproject.com
3	agent.aralego.com	3 redirects
3	pr-bh.ybp.yahoo.com	imprammp.taboola.com am-match.taboola.com
3	secure-assets.rubiconproject.com	3 redirects
3	am-vid-events.taboola.com	www.bg3.co vidstat.taboola.com
3	sync.aralego.com	ads.aralego.com www.bg3.co
2	geo.yahoo.com	adx.holmesmind.com s.yimg.com
2	ads.yap.yahoo.com	s.yimg.com
2	s.yimg.com	ad.sitemaji.com
2	www.googletagservices.com	securepubads.g.doubleclick.net
2	adx.holmesmind.com	pagead2.googlesyndication.com
2	partner.googleadservices.com	pagead2.googlesyndication.com
2	region1.google-analytics.com	www.googletagmanager.com
2	ioms.bfmio.com	vidstat.taboola.com
2	wf.taboola.com	vidstat.taboola.com
2	sync.logly.co.jp	nt.compass-fit.jp sync.logly.co.jp
2	www.google-analytics.com	cdn.ampproject.org www.bg3.co
2	am-match.taboola.com	vidstat.taboola.com
2	www.googletagmanager.com	cdn.ampproject.org cdn.adpushup.com
2	dmp.im-apps.net	nt.compass-fit.jp dmp.im-apps.net
2	e3.adpushup.com	www.bg3.co
2	trc.taboola.com	cdn.taboola.com
2	code.jquery.com	delivery.adrecover.com cdn.adpushup.com
2	delivery.adrecover.com	www.bg3.co
1	am-wf.taboola.com	vidstat.taboola.com
1	06d0fc9c781a51dc51076a2163e623f9.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	9a872fb22e3fb1e24f0e55f1f7c5439e.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	tr.blismedia.com	eus.rubiconproject.com
1	cms.quantserve.com	1 redirects
1	s.company-target.com	1 redirects
1	cm.g.doubleclick.net	eus.rubiconproject.com
1	pixel-apac.rubiconproject.com	eus.rubiconproject.com
1	cds.taboola.com	cdn.taboola.com
1	pips.taboola.com	cdn.taboola.com
1	x.bidswitch.net	am-match.taboola.com
1	8c205996eb486360c550377b1304b471.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	bb6ad35fab43e09d032d512ce4e9a92d.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	pixel.quantserve.com	www.bg3.co
1	vidstatb.taboola.com	www.bg3.co
1	audiencedata.im-apps.net	dmp.im-apps.net
1	ups.analytics.yahoo.com	imprammp.taboola.com
1	stats.g.doubleclick.net	cdn.ampproject.org
1	rules.quantcount.com	secure.quantserve.com
1	imprammp.taboola.com	vidstat.taboola.com
1	l.logly.co.jp	nt.compass-fit.jp
1	amp.analytics-debugger.com	cdn.ampproject.org
1	fonts.googleapis.com	cdn.taboola.com
1	secure.quantserve.com	cdn.adpushup.com
1	d-3990198761571930581.ampproject.net	cdn.ampproject.org
1	fundingchoicesmessages.google.com	cdn.adpushup.com
1	gum.criteo.com	cdn.taboola.com
1	nt.compass-fit.jp	www.bg3.co
1	www.bg3.co
0	sync.adotmob.com Failed	eus.rubiconproject.com
0	static.bg3.co Failed	www.bg3.co
291	72

This site contains links to these domains. Also see Links.

Domain
rxh511.llsdzktnxwnnr.com
popup.taboola.com
trc.taboola.com
storytohear.com
perfectadd.art
pjbmu.com
4d3868.llsdzktnxwnnr.com
track.tradith.com

Subject Issuer	Validity	Valid
*.bg3.co AlphaSSL CA - SHA256 - G4	`2023-05-22` - `2024-06-22`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
cdn.adpushup.com R3	`2023-06-14` - `2023-09-12`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
*.compass-fit.jp GlobalSign RSA OV SSL CA 2018	`2023-04-11` - `2024-05-12`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
*.adpushup.com Sectigo ECC Domain Validation Secure Server CA	`2022-08-02` - `2023-09-02`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-18` - `2024-04-17`	a year	crt.sh
*.aralego.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-19` - `2023-11-19`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
analytics-debugger.com GTS CA 1P5	`2023-07-18` - `2023-10-16`	3 months	crt.sh
*.im-apps.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-13` - `2024-04-13`	a year	crt.sh
*.logly.co.jp Amazon RSA 2048 M02	`2023-04-05` - `2024-05-04`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
quantserve.com R3	`2023-06-13` - `2023-09-11`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-04-04` - `2023-09-27`	6 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-07-18` - `2024-01-10`	6 months	crt.sh
audiencedata.im-apps.net GTS CA 1D4	`2023-06-08` - `2023-09-06`	3 months	crt.sh
*.bfmio.com Amazon RSA 2048 M02	`2023-03-17` - `2024-04-14`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.holmesmind.com Go Daddy Secure Certificate Authority - G2	`2023-05-19` - `2024-06-19`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
feebee.com.tw R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-06-09` - `2023-09-07`	3 months	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-07-03` - `2023-08-23`	2 months	crt.sh
*.pubgw.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-07-03` - `2023-08-23`	2 months	crt.sh
yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-05-02` - `2023-10-25`	6 months	crt.sh

This page contains 37 frames:

Primary Page: https://www.bg3.co/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html
Frame ID: 9824632F81C2C1062589220E5FE68337
Requests: 159 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8YaYCLAYUGAJ6Q7CJbBMoMAT0hmAT2S4AAABgYID-AAktZh6PzTJcK3aj4Vo0cazcwpFjuFYMh5vBYLdbuFYzIyChxczjsVmGa8VuNFyLJo6VWzhyDNeK4XAzGOx2C9dqZgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZraDodPte9Xvf73SU-z1zj9yv8arPFLXza3ZKX3a05-l1v5evlVjwdfrdoND063Qq7W-RwC15v5dOtc7k1R6dbc3TYfW6R0y2ZOu1ujdOtfL1FTrfa4VY8HX670PQ22wEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AqxwM2Om5-O3-AAAAAAACAAAAgAQAAvphCYAY470T__________8xBugzb2T8____3zDoAfDgA-BBCAAAANCQOc7gDVM7CngiBdJFGAEAAADIBUzoOTJJJ6hYVPn__--3AnAFACAgcdcvqyaL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iENNYL0wRL9MSp-QUEAFjzCwgAwEbdAAC8EYATdAhaMRisTkDMDgAAAMCd____fz0gNLPZVpPlauNbTWwui8nm8e0WC9fM5FytBhvnYHs-FfWW3HmuuPpsCMvs9x0UlNPTY3YZZCyXySA-aBiWk0EwPxO2GK0mk81yOFsuJoPhaDga7Y8ALgdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDB3GIyMm52M7dquFiuRcvZxC0xWWZumc1mmbhmxsVk43GLXh_TxeOaLGy2LRIMmNuL5GmRTlSjjW8x2phMg8FwYVrObKOFbbkceUwL58piW00mYonmZJFOZJd9aWazrSbL1ca3mthcFpPN49stFq6ZyblaDTbOwb63mIyMm93MrRoulmvRcjZxS0yWmVtms1kmrplxMdl43KLXx3TxuCYLm23fmC0Xg9luN5vtG7PlYjDb7WazfYfO8F19zkZlWSX5mFziW-S6uDkNCpfB4n1-L9LQzmgz-jRfiUX1FOc8E6vQ7_f7_X6_3-_3ezdmg8dgMMw82m1i7PJrNj_lUeM9GBSxRHCRTgQPs9therklPs_GbxFLlKaLdKJX-NVmi1v4tLslL7tbc_S73srXy614Ovxu0Wh6dLoVdrfI4Ra83sqnW-dya45Ot-bosPvcIqdbMnXa3RqnW_l6i5xutcOteDr8dqHpbbaIJYLTRToRvYyni_qPGGK4mismw7lyLlusEgAAAAAAAACAJZhmugkAAACAk0ENN8PFap0OZjKbDHar5QK4CMrSBQwCAAAAAABQrLHHGuBhdjtML7fE59n4rQxAgjmP2WafEcRarZY1AAAAAWwAAAAB3HTjTSAWE_f___8_DgAAgIwcegAAAPT7gLIAAAAAAAD4FcRkshnuH4AKsVar1e3GWq1WwIJYLHarCfz___8H!&cmcv=&pix=undefined&cb=1691067767860&uv=3313&tms=1691067767860&abt=nonrv_vA!ufm_vD!ufwfrtb_vA&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=41fccf28-1748-4b1e-8d18-18830077a55f&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: E7A1C6D128A7184CCC1D0DA2980679AA
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8YaYCLAYUGAJ6Q7CJbBMoMAT0hmAT2S4AAABgYID-AAktZh6PzTJcK3aj4Vo0cazcwpFjuFYMh5vBYLdbuFYzIyChxczjsVmGa8VuNFyLJo6VWzhyDNeK4XAzGOx2C9dqZgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZraDodPte9Xvf73SU-z1zj9yv8arPFLXza3ZKX3a05-l1v5evlVjwdfrdoND063Qq7W-RwC15v5dOtc7k1R6dbc3TYfW6R0y2ZOu1ujdOtfL1FTrfa4VY8HX670PQ22wEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AqxwM2Om5-O3-AAAAAAACAAAAgAQAAvphCYAY470T__________8xBugzb2T8____3zDoAfDgA-BBCAAAANCQOc7gDVM7CngiBdJFGAEAAADIBUzoOTJJJ6hYVPn__--3AnAFACAgcdcvqyaL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iENNYL0wRL9MSp-QUEAFjzCwgAwEbdAAC8EYATdAhaMRisTkDMDgAAAMCd____fz0gNLPZVpPlauNbTWwui8nm8e0WC9fM5FytBhvnYHs-FfWW3HmuuPpsCMvs9x0UlNPTY3YZZCyXySA-aBiWk0EwPxO2GK0mk81yOFsuJoPhaDga7Y8ALgdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDB3GIyMm52M7dquFiuRcvZxC0xWWZumc1mmbhmxsVk43GLXh_TxeOaLGy2LRIMmNuL5GmRTlSjjW8x2phMg8FwYVrObKOFbbkceUwL58piW00mYonmZJFOZJd9aWazrSbL1ca3mthcFpPN49stFq6ZyblaDTbOwb63mIyMm93MrRoulmvRcjZxS0yWmVtms1kmrplxMdl43KLXx3TxuCYLm23fmC0Xg9luN5vtG7PlYjDb7WazfYfO8F19zkZlWSX5mFziW-S6uDkNCpfB4n1-L9LQzmgz-jRfiUX1FOc8E6vQ7_f7_X6_3-_3ezdmg8dgMMw82m1i7PJrNj_lUeM9GBSxRHCRTgQPs9therklPs_GbxFLlKaLdKJX-NVmi1v4tLslL7tbc_S73srXy614Ovxu0Wh6dLoVdrfI4Ra83sqnW-dya45Ot-bosPvcIqdbMnXa3RqnW_l6i5xutcOteDr8dqHpbbaIJYLTRToRvYyni_qPGGK4mismw7lyLlusEgAAAAAAAACAJZhmugkAAACAk0ENN8PFap0OZjKbDHar5QK4CMrSBQwCAAAAAABQrLHHGuBhdjtML7fE59n4rQxAgjmP2WafEcRarZY1AAAAAWwAAAAB3HTjTSAWE_f___8_DgAAgIwcegAAAPT7gLIAAAAAAAD4FcRkshnuH4AKsVar1e3GWq1WwIJYLHarCfz___8H!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: BC0922B80CEC478C99B6A5D5FE00E778
Requests: 4 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: ACCB58F76C1C33718BE5837D5224A50B
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: 4C832AF39B04532556039E7963DEE4FE
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 8D54560566D2D61F63F54FEB69489565
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 72665CF191C9B8BA8B76ED5E6957995E
Requests: 6 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: A3AFE5CE6B76F5D195AFE11F8CF17CB0
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: FB2F8E8BA91E64E612AC224BDD99846E
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-5414914353236715917&dff=sans-serif&prev_fmts=1600x96%2C1600x250&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=3&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3344&oid=2&is_amp=5&amp_v=2307212240000&d_imp=1&c=442488000496&ga_cid=amp-F0oS4YOX4KBl2Q4wUab88g&ga_hid=496&dt=1691067767971&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html&bdt=1622&dtd=17&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Frame ID: 9A23E903F1C80C817990F8EBF65BF937
Requests: 1 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8YaYCLAYUGAJ6Q7CJbBMoMAT0hmAT2S4AAABgYID-AAktZh6PzTJcK3aj4Vo0cazcwpFjuFYMh5vBYLdbuFYzIyChxczjsVmGa8VuNFyLJo6VWzhyDNeK4XAzGOx2C9dqZgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZraDodPte9Xvf73SU-z1zj9yv8arPFLXza3ZKX3a05-l1v5evlVjwdfrdoND063Qq7W-RwC15v5dOtc7k1R6dbc3TYfW6R0y2ZOu1ujdOtfL1FTrfa4VY8HX670PQ22wEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AqxwM2Om5-O3-AAAAAAACAAAAgAQAAvphCYAY470T__________8xBugzb2T8____3zDoAfDgA-BBCAAAANCQOc7gDVM7CngiBdJFGAEAAADIBUzoOTJJJ6hYVPn__--3AnAFACAgcdcvqyaL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iENNYL0wRL9MSp-QUEAFjzCwgAwEbdAAC8EYATdAhaMRisTkDMDgAAAMCd____fz0gNLPZVpPlauNbTWwui8nm8e0WC9fM5FytBhvnYHs-FfWW3HmuuPpsCMvs9x0UlNPTY3YZZCyXySA-aBiWk0EwPxO2GK0mk81yOFsuJoPhaDga7Y8ALgdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDB3GIyMm52M7dquFiuRcvZxC0xWWZumc1mmbhmxsVk43GLXh_TxeOaLGy2LRIMmNuL5GmRTlSjjW8x2phMg8FwYVrObKOFbbkceUwL58piW00mYonmZJFOZJd9aWazrSbL1ca3mthcFpPN49stFq6ZyblaDTbOwb63mIyMm93MrRoulmvRcjZxS0yWmVtms1kmrplxMdl43KLXx3TxuCYLm23fmC0Xg9luN5vtG7PlYjDb7WazfYfO8F19zkZlWSX5mFziW-S6uDkNCpfB4n1-L9LQzmgz-jRfiUX1FOc8E6vQ7_f7_X6_3-_3ezdmg8dgMMw82m1i7PJrNj_lUeM9GBSxRHCRTgQPs9therklPs_GbxFLlKaLdKJX-NVmi1v4tLslL7tbc_S73srXy614Ovxu0Wh6dLoVdrfI4Ra83sqnW-dya45Ot-bosPvcIqdbMnXa3RqnW_l6i5xutcOteDr8dqHpbbaIJYLTRToRvYyni_qPGGK4mismw7lyLlusEgAAAAAAAACAJZhmugkAAACAk0ENN8PFap0OZjKbDHar5QK4CMrSBQwCAAAAAABQrLHHGuBhdjtML7fE59n4rQxAgjmP2WafEcRarZY1AAAAAWwAAAAB3HTjTSAWE_f___8_DgAAgIwcegAAAPT7gLIAAAAAAAD4FcRkshnuH4AKsVar1e3GWq1WwIJYLHarCfz___8H!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 942412C08F60862609F5978546EEFA01
Requests: 3 HTTP requests in this frame

Frame: https://sync.logly.co.jp/sync/sync.html
Frame ID: E4B930C469A8661E622F2AAA8A3544BE
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
Frame ID: E998DB5CD4F5585FAD71F59541F35418
Requests: 12 HTTP requests in this frame

Frame: https://bb6ad35fab43e09d032d512ce4e9a92d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 611CCD2C01484186F11C2219FCA681ED
Requests: 1 HTTP requests in this frame

Frame: https://8c205996eb486360c550377b1304b471.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 4164B17528A1F0D00AA3AAED682DBA3D
Requests: 1 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Frame ID: 132C41A9583EEFBF9F800EE1A43F80F0
Requests: 5 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Frame ID: D1B52461B3056D35C04807E6ACC262FB
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 93E488F91DDAC176E38BDDAB8A01B236
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C46285E81D2951312E0C1DE93CA228DF
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E5E2F96060C6B23C290A19980C393223
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FA5294C125F5CA848CA670FF97874903
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5502F65F85DA9AFE6EBA55DF5FC15654
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 44E001471BFCBA3C0B0F3001F9D2EEA2
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8A7861EC4FB37590A3ADD253AF5669E2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9FB6C60AFBAD1E99DB6950DA8C81B2B2
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: FB74EF4EF0633BAE53E679016EBB77A1
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 859B1F392EF7CD637F3F2B994F567E2A
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 3C6637D5B5F9D6171DDAF1FF44E720C5
Requests: 5 HTTP requests in this frame

Frame: https://9a872fb22e3fb1e24f0e55f1f7c5439e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Frame ID: 64536DE41F5BA9E9ACD4B8C67ACCDABC
Requests: 1 HTTP requests in this frame

Frame: https://06d0fc9c781a51dc51076a2163e623f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Frame ID: 6CD897D748B6B5737ABC74419C8415C7
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv2CrxdcR3BbxG1T0tTSSX7GLWLAjodqcKepGj-AXotGa1VlkS5AWx6QNCkBAXKsy6MM0G0p7FuqzLu9AcPKsq0tGJ-OGxHJt4sZmjQFTGBqXi6sVJsm4v8PXK_NYgWopl90jzlz6nX2fXjK-dxqeycJ60vLxfjUjsUcOSrHw2ywtZTls48QYYgqrntQ0NhHDckWdMFKhG-Z2KN63gPcXzMcewNrNev-yz6GiYqp3ZPCO3r_x4pYQqaY33QKrqKmxCXF6bmltNzyUIXz_eaj_yX9-PaTGwRtW4rbxnuMtsb8Kw4dnYukBxTXObOiryTNNJFJsNW2PqI1a1hRJE&sai=AMfl-YQtd4dnDv2K-6zEJdxYc0oQS56-7sI_UPevSHeAVc8gwqxRBKzdV4Ax4MCHx7V-rWUxICqvkAFSn_hHpb_wdJ3AiCtBDmUHGyzVug&sig=Cg0ArKJSzJI5vSqr4X_dEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: BCD95F09086AB1876BFEE1DB0C84BC1A
Requests: 11 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstV0S1JePpcpf4jETWCsx1GYq-UdXF7XzTyvolOz2-sdEDorYzVLXUcuzk0GdS3-fjJVK32AguDEXONm0Q08i6eqfw4JWrP3KlfoWzY6Hpf1KYxMWbhJE_1j2h7p-9IG94A4wf-MDrGbM9VRBRmbBio_KRpOGa5-DfwJZyubjUMfERPLZqAFsqDSk5Q6T-_45yq0xkYc3TmnlxhQx1uKgEXs32d-iXi22Vu-Iwg5Wslorak6vOdEG0EoNSgH_0S6i8zXu1kRV_BHHHY1gJyeTqSU-L6VIqhwKzB2ILmsOhEOTgMPbL3l78X-5h7Vyof6T8ZMtPOG_12vcNJyxk&sai=AMfl-YRQlz_FhcxEnKPk2tm0uQ4113-KU7894KehRbdhtj3uCE-wzpbIcNc412IlyRtuIa8U83Ile4Wgd8F0VELjfmk6ToIhTAFXc4udBA&sig=Cg0ArKJSzM6FBFtM3IwAEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 516F351D7D91732F51827B559C918AC0
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-26481388713844605500&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=3628&oid=2&is_amp=5&amp_v=2307212240000&d_imp=1&c=442488000496&ga_cid=amp-F0oS4YOX4KBl2Q4wUab88g&ga_hid=496&dt=1691067767737&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html&bdt=1388&dtd=50&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Frame ID: 4449B69B4ABCD58C936F1156B25C9150
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F32CA86B15BF2E79CD6F3EA01D72A8A1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B902A3D10C477B6FCA27A13F33931B76
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EEE3A084398A86005177BEF48CEB3EA3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0EDA7DFD9D5B4CE20193CEF4729D183F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

MLB／新人首月敲44支安打　普伊格史上第2僅次於狄馬喬 - 天天要聞

Detected technologies

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

291
Requests

88 %
HTTPS

0 %
IPv6

35
Domains

72
Subdomains

53
IPs

10
Countries

3615 kB
Transfer

10937 kB
Size

16
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: https://rxh511.llsdzktnxwnnr.com/
Title: Piscinas | Links Patrocinados

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%201:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Fmlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html&ri=54c714cd4008a49f64a699dc4a9eb652&sd=v2_4ff65295c75bfebdfc771a5fd9550c90_712d837f-5819-496b-bd2f-fff2b5f812cc-tuctbc52af6_1691067766_1691067766_CNawjgYQ2YJdGIKx-dubMSABKAEwswE4hNQMQOfWDEjS8NgDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=712d837f-5819-496b-bd2f-fff2b5f812cc-tuctbc52af6&it=text&ii=~~V1~~8592879470642657307~~aO2tGC3PDYAtxnFwVfAyORaObfDo6Eg_O_QyqJzddGp9_9IWyVTZYEw3zPc60dwzHu_TYvngZ3fIkOCpr71_kAqE0_yL1hRu0U20mv8_l146VGrXJTnLkZ90Wf1nL25LxqAMvqBQ8eqSP66YjP_A2Qg41dgAZMtE3ficY8PD7d0xLoHeXOFqQsuvibucL6JNME3FIWDZNlT7mtVeMfctYZpInogMnLXIzf74SLDck6Q&pt=text&li=rbox-t2v&sig=663721dd0d7cc6cc0256e4b06260db560b60d1773c38&redir=https%3A%2F%2Frxh511.llsdzktnxwnnr.com%3Fnetwork%3Dtaboola%26subid1%3Dpalmate-bg3co%26adtitle%3DA%2Bnova%2Bgera%25C3%25A7%25C3%25A3o%2Bde%2Bpiscinas%253A%2BOs%2Bpre%25C3%25A7os%2Bem%2B2023%2Bpodem%2Bsurpreend%25C3%25AA-lo%26subid3%3D1524057%26site%3Dpalmate-bg3co%26click_id%3DGiB_pK5nFauuAdK560ygRJbBRpz4pnQ95jvzPhr3qU5xeSCxnFwooayV-ZrOhfejAQ%26subid4%3Deb-pt-a-pool1pt-568055-c3107-tb%26kw1%3DJardim%2BBarato%2BPiscina%2BCom%2BCobertura%2BPre%C3%A7o%26kw2%3DJardim%2BBanheira%2Bde%2Bhidromassagem%2Bexterior%2BPre%C3%A7o%26kw3%3DComparar%2BBanheira%2BHidro%2BExterna%26kw4%3DComparar%2BPiscinas%2BAcima%2Bdo%2BSolo%2BLista%2Bde%2BPre%C3%A7os%26kw5%3D2023%2BPiscinas%2BAcima%2Bdo%2BSolo%2BLista%2Bde%2BPre%C3%A7os%26kw6%3D%7BCity%7D%3A%2BPiscinas%2BAcima%2Bdo%2BSolo%2BLista%2Bde%2BPre%C3%A7os%26kw7%3DComparar%2BPiscina%2Binstalada%26kw8%3DPiscina%2Binstalada%2BPre%C3%A7o%26kw9%3Dlista%2Bde%2BPiscina%2Binstalada%26kw10%3DJardim%2BBanheira%2Bde%2Bhidromassagem%2Bexterior%2BPre%C3%A7os%23tblciGiB_pK5nFauuAdK560ygRJbBRpz4pnQ95jvzPhr3qU5xeSCxnFwooayV-ZrOhfejAQ&vi=1691067766914&p=mmosworld-camping-sc&r=9&lti=split-bugfix-v1_var&ppb=COkF&cpb=EjwyMDIzMDgwMS02X2IyLVBSLTU5NzUxLURFVi0xNDA5NzctLWludGVyc2VjdGlvbnMtNDBmOTk2MGMzNTMYASCc__________8BKhZ0YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmMwMDI1NjiAkoDMC0CE1AxI59YMUNLw2ANY____________AWMI_kgQtmAYAWRjCNcWENUfGCNkYwjSAxDgBhgIZGMI9___________ARD3__________8BGAlkYwiXShD-YRgKZGMIu0oQpGIYC2RjCKQnEIo1GC9kYwi1ShCdYhgwZGMIs0YQzl8YMmRjCLNKEKhiGDVkYwjcChD7GhgWZGMIlhQQmRwYGGRjCORJELphGDhkYwjh__________8BEOH__________wEYH2R4AYABAogByYKMSZABHJgB2rH525sx&cta=true
Title: Clique aqui

Search URL Search Domain Scan URL

URL: https://storytohear.com/pt/ho-to-clean-a-burner/
Title: Story To Hear

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-a-delta:Below%20Article%20Feed%20|%20Card%202:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://perfectadd.art/click_taboola.php
Title: Geladeiras | Links Patrocinados

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Fmlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html&ri=661bdc2138e3c4ddba2e49e2c83b82bc&sd=v2_4ff65295c75bfebdfc771a5fd9550c90_712d837f-5819-496b-bd2f-fff2b5f812cc-tuctbc52af6_1691067766_1691067766_CNawjgYQ2YJdGIKx-dubMSABKAEwswE4hNQMQOfWDEjS8NgDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=712d837f-5819-496b-bd2f-fff2b5f812cc-tuctbc52af6&it=text&ii=~~V1~~-7374836295806209063~~52kRjW8bcSumjdPbvj4BNz9tmr9Evzo-H1FAE3wg-1lyNpbgedRdYuhjTdtdbeHkkVNSC6iaJPmSgK6YU1G_noPYvDs_vkv-HL_CdGiLMrWT5GCZMQfrbesy3iNGtgUPRdbgwlJdnqyroTPEQNNEn-ZjJ_akNztDyaOSNr7hF5Y&pt=text&li=rbox-t2v&sig=674eaa081e8e2067491e46a96bcea83b6d0af9c97044&redir=https%3A%2F%2Fperfectadd.art%2Fclick_taboola.php%3Fkey%3Di2xdo34jrg1bcrx7c58r%26click_id%3DGiB_pK5nFauuAdK560ygRJbBRpz4pnQ95jvzPhr3qU5xeSDC3FYohfXOh9m-zqU_%26utm_cpc%3DFnt_7bo_vBuejBOZScpwfs88o8pyqv76SCUOZmxLVCs%3D%26site%3Dpalmate-bg3co%26site_id%3D1524057%26title%3DLisbon%253A%2BGeladeiras%2B%25C3%25A0%2Bvenda%252C%2Bquase%2Bde%2Bgra%25C3%25A7a%2521%2BVer%2BPre%25C3%25A7os%26platform%3DDesktop%26campaign_id%3D26459430%26campaign_item_id%3D3716617049%26thumbnail%3Dhttp%253A%252F%252Fcdn.taboola.com%252Flibtrc%252Fstatic%252Fthumbnails%252Fb2ab8a59333fa006900599a1b3e912ad.jpg%26tblci%3DGiB_pK5nFauuAdK560ygRJbBRpz4pnQ95jvzPhr3qU5xeSDC3FYohfXOh9m-zqU_%23tblciGiB_pK5nFauuAdK560ygRJbBRpz4pnQ95jvzPhr3qU5xeSDC3FYohfXOh9m-zqU_&vi=1691067766914&p=adders-other-sc&r=84&lti=split-bugfix-v1_var&ppb=CMQB&cpb=EjwyMDIzMDgwMS02X2IyLVBSLTU5NzUxLURFVi0xNDA5NzctLWludGVyc2VjdGlvbnMtNDBmOTk2MGMzNTMYASCc__________8BKhZ0YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmMwMDI1NjiAkoDMC0CE1AxI59YMUNLw2ANY____________AWMI_kgQtmAYAWRjCNcWENUfGCNkYwjSAxDgBhgIZGMI9___________ARD3__________8BGAlkYwiXShD-YRgKZGMIu0oQpGIYC2RjCKQnEIo1GC9kYwi1ShCdYhgwZGMIs0YQzl8YMmRjCLNKEKhiGDVkYwjcChD7GhgWZGMIlhQQmRwYGGRjCORJELphGDhkYwjh__________8BEOH__________wEYH2R4AYABAogByYKMSZABHJgB2rH525sx&cta=true
Title: Clique aqui

Search URL Search Domain Scan URL

URL: https://pjbmu.com/go/5d2cc1e9-c27e-4eb4-bd6c-345831b3435e
Title: Carro elétrico para idosos | Links Patrocinados

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%203:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Fmlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html&ri=5f0f965da63f14ac46ecbcb17d1e8f70&sd=v2_4ff65295c75bfebdfc771a5fd9550c90_712d837f-5819-496b-bd2f-fff2b5f812cc-tuctbc52af6_1691067766_1691067766_CNawjgYQ2YJdGIKx-dubMSABKAEwswE4hNQMQOfWDEjS8NgDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=712d837f-5819-496b-bd2f-fff2b5f812cc-tuctbc52af6&it=text&ii=~~V1~~-4467127564505210298~~MSiBSKx9omoQjEv29LRl-FJkJfryULfgiOBETheZTgxw6cLzOYgYTH58zK8cIqqSUXWgfJkco-cUTANBFBMHVWuHRcdZ7W2U5z46CTP14tV5b7MvFB3l9dnkci_UZtrGds6CuiXMzmM2XQa7kNG2qU2Znx5m5ka9e6OQHfibk8hjY_vJujClyqWEf7KKKAEb&pt=text&li=rbox-t2v&sig=596da080e81f503e66334e2e6d38de246951e832d08b&redir=https%3A%2F%2Fpjbmu.com%2Fgo%2F5d2cc1e9-c27e-4eb4-bd6c-345831b3435e%3Fcampaign_name%3DElectric%2BCars%2BSeniors-pt-PT-D%2BKW31%2B%25282.5%2529%26campaign_id%3D26571715%26adgroup_name%3Dpalmate-bg3co%26adgroup_id%3D1524057%26creative_name%3DNovo%2Bcarro%2Bel%25C3%25A9trico%2Bpequeno%2Bpara%2Bidosos%253A%2Bo%2Bpre%25C3%25A7o%2Bpode%2Bsurpreend%25C3%25AA-lo%26creative_id%3D3718386046%26network%3Dtaboola%26site%3Dpalmate-bg3co%26adtitle%3DNovo%2Bcarro%2Bel%25C3%25A9trico%2Bpequeno%2Bpara%2Bidosos%253A%2Bo%2Bpre%25C3%25A7o%2Bpode%2Bsurpreend%25C3%25AA-lo%26click_id%3DGiB_pK5nFauuAdK560ygRJbBRpz4pnQ95jvzPhr3qU5xeSDQxl4o0ZeFn8u5_NekAQ%26tblci%3DGiB_pK5nFauuAdK560ygRJbBRpz4pnQ95jvzPhr3qU5xeSDQxl4o0ZeFn8u5_NekAQ%23tblciGiB_pK5nFauuAdK560ygRJbBRpz4pnQ95jvzPhr3qU5xeSDQxl4o0ZeFn8u5_NekAQ&vi=1691067766914&p=hi-electric-cars-seniors&r=15&lti=split-bugfix-v1_var&ppb=COYB&cpb=EjwyMDIzMDgwMS02X2IyLVBSLTU5NzUxLURFVi0xNDA5NzctLWludGVyc2VjdGlvbnMtNDBmOTk2MGMzNTMYASCc__________8BKhZ0YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmMwMDI1NjiAkoDMC0CE1AxI59YMUNLw2ANY____________AWMI_kgQtmAYAWRjCNcWENUfGCNkYwjSAxDgBhgIZGMI9___________ARD3__________8BGAlkYwiXShD-YRgKZGMIu0oQpGIYC2RjCKQnEIo1GC9kYwi1ShCdYhgwZGMIs0YQzl8YMmRjCLNKEKhiGDVkYwjcChD7GhgWZGMIlhQQmRwYGGRjCORJELphGDhkYwjh__________8BEOH__________wEYH2R4AYABAogByYKMSZABHJgB2rH525sx&cta=true
Title: Leia mais

Search URL Search Domain Scan URL

URL: https://4d3868.llsdzktnxwnnr.com/
Title: Elevador de escada | Links Patrocinados

Search URL Search Domain Scan URL

URL: https://track.tradith.com/adv/5a996649-d3c4e3b9-ed8a76f6-3ad2-5f04/4c2c468f-96bd18e3-b4266062-7afe-937a
Title: Desentupimentos | Links patrocinados

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-y-delta:Explore%20More%20|%20Card%202:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Fmlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html&ri=b9ccf863ca3055bbf134d271c63664fd&sd=v2_4ff65295c75bfebdfc771a5fd9550c90_712d837f-5819-496b-bd2f-fff2b5f812cc-tuctbc52af6_1691067766_1691067766_CNawjgYQ2YJdGIKx-dubMSABKAEwswE4hNQMQOfWDEjS8NgDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=712d837f-5819-496b-bd2f-fff2b5f812cc-tuctbc52af6&it=text&ii=~~V1~~8592879470642657307~~uw66p8cfef9_SldjgNBtAhaObfDo6Eg_O_QyqJzddGp9_9IWyVTZYEw3zPc60dwzHu_TYvngZ3fIkOCpr71_kAqE0_yL1hRu0U20mv8_l17ll8U7U8fxWpPkiBRjEp7GxqAMvqBQ8eqSP66YjP_A2Qg41dgAZMtE3ficY8PD7d0xLoHeXOFqQsuvibucL6JNME3FIWDZNlT7mtVeMfctYZpInogMnLXIzf74SLDck6Q&pt=text&li=rbox-t2v&sig=530318d879b9f0dc56e1cc81479158795abab1f0d3ba&redir=https%3A%2F%2Frxh511.llsdzktnxwnnr.com%3Fnetwork%3Dtaboola%26subid1%3Dpalmate-bg3co%26adtitle%3DA%2Bnova%2Bgera%25C3%25A7%25C3%25A3o%2Bde%2Bpiscinas%253A%2BOs%2Bpre%25C3%25A7os%2Bem%2B2023%2Bpodem%2Bsurpreend%25C3%25AA-lo%26subid3%3D1524057%26site%3Dpalmate-bg3co%26click_id%3DGiB_pK5nFauuAdK560ygRJbBRpz4pnQ95jvzPhr3qU5xeSCxnFwoyYuBnO69jLMx%26subid4%3Deb-pt-a-pool1pt-568055-c3107-tb%26kw1%3DJardim%2BBarato%2BPiscina%2BCom%2BCobertura%2BPre%C3%A7o%26kw2%3DJardim%2BBanheira%2Bde%2Bhidromassagem%2Bexterior%2BPre%C3%A7o%26kw3%3DComparar%2BBanheira%2BHidro%2BExterna%26kw4%3DComparar%2BPiscinas%2BAcima%2Bdo%2BSolo%2BLista%2Bde%2BPre%C3%A7os%26kw5%3D2023%2BPiscinas%2BAcima%2Bdo%2BSolo%2BLista%2Bde%2BPre%C3%A7os%26kw6%3D%7BCity%7D%3A%2BPiscinas%2BAcima%2Bdo%2BSolo%2BLista%2Bde%2BPre%C3%A7os%26kw7%3DComparar%2BPiscina%2Binstalada%26kw8%3DPiscina%2Binstalada%2BPre%C3%A7o%26kw9%3Dlista%2Bde%2BPiscina%2Binstalada%26kw10%3DJardim%2BBanheira%2Bde%2Bhidromassagem%2Bexterior%2BPre%C3%A7os%23tblciGiB_pK5nFauuAdK560ygRJbBRpz4pnQ95jvzPhr3qU5xeSCxnFwoyYuBnO69jLMx&vi=1691067766914&p=mmosworld-camping-sc&r=16&lti=split-bugfix-v1_var&ppb=CKkH&cpb=EjwyMDIzMDgwMS02X2IyLVBSLTU5NzUxLURFVi0xNDA5NzctLWludGVyc2VjdGlvbnMtNDBmOTk2MGMzNTMYASCc__________8BKhZ0YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmMwMDI1NjiAkoDMC0CE1AxI59YMUNLw2ANY____________AWMI_kgQtmAYAWRjCNcWENUfGCNkYwjSAxDgBhgIZGMI9___________ARD3__________8BGAlkYwiXShD-YRgKZGMIu0oQpGIYC2RjCKQnEIo1GC9kYwi1ShCdYhgwZGMIs0YQzl8YMmRjCLNKEKhiGDVkYwjcChD7GhgWZGMIlhQQmRwYGGRjCORJELphGDhkYwjh__________8BEOH__________wEYH2R4AYABAogByYKMSZABHJgB2rH525sx&cta=true
Title: Clique aqui

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Fmlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html&ri=b9ccf863ca3055bbf134d271c63664fd&sd=v2_4ff65295c75bfebdfc771a5fd9550c90_712d837f-5819-496b-bd2f-fff2b5f812cc-tuctbc52af6_1691067766_1691067766_CNawjgYQ2YJdGIKx-dubMSABKAEwswE4hNQMQOfWDEjS8NgDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=712d837f-5819-496b-bd2f-fff2b5f812cc-tuctbc52af6&it=text&ii=~~V1~~-4467127564505210298~~WZ74qXbV8aaQnQf0TA4ScFJkJfryULfgiOBETheZTgxyNpbgedRdYuhjTdtdbeHkMimiSNEhmdNXWfo7jHlSEWuHRcdZ7W2U5z46CTP14tV5b7MvFB3l9dnkci_UZtrGds6CuiXMzmM2XQa7kNG2qU2Znx5m5ka9e6OQHfibk8hjY_vJujClyqWEf7KKKAEb&pt=text&li=rbox-t2v&sig=b8fb6b264d639a98af8b1dbdbfcd42e8517dcb12ee67&redir=https%3A%2F%2Fpjbmu.com%2Fgo%2F5d2cc1e9-c27e-4eb4-bd6c-345831b3435e%3Fcampaign_name%3DElectric%2BCars%2BSeniors-pt-PT-D%2BKW31%2B%25282.5%2529%26campaign_id%3D26571715%26adgroup_name%3Dpalmate-bg3co%26adgroup_id%3D1524057%26creative_name%3DNovo%2Bcarro%2Bel%25C3%25A9trico%2Bpequeno%2Bpara%2Bidosos%253A%2Bo%2Bpre%25C3%25A7o%2Bpode%2Bsurpreend%25C3%25AA-lo%26creative_id%3D3718386046%26network%3Dtaboola%26site%3Dpalmate-bg3co%26adtitle%3DNovo%2Bcarro%2Bel%25C3%25A9trico%2Bpequeno%2Bpara%2Bidosos%253A%2Bo%2Bpre%25C3%25A7o%2Bpode%2Bsurpreend%25C3%25AA-lo%26click_id%3DGiB_pK5nFauuAdK560ygRJbBRpz4pnQ95jvzPhr3qU5xeSDQxl4op_a6q8WUi4yZAQ%26tblci%3DGiB_pK5nFauuAdK560ygRJbBRpz4pnQ95jvzPhr3qU5xeSDQxl4op_a6q8WUi4yZAQ%23tblciGiB_pK5nFauuAdK560ygRJbBRpz4pnQ95jvzPhr3qU5xeSDQxl4op_a6q8WUi4yZAQ&vi=1691067766914&p=hi-electric-cars-seniors&r=35&lti=split-bugfix-v1_var&ppb=CKkH&cpb=EjwyMDIzMDgwMS02X2IyLVBSLTU5NzUxLURFVi0xNDA5NzctLWludGVyc2VjdGlvbnMtNDBmOTk2MGMzNTMYASCc__________8BKhZ0YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmMwMDI1NjiAkoDMC0CE1AxI59YMUNLw2ANY____________AWMI_kgQtmAYAWRjCNcWENUfGCNkYwjSAxDgBhgIZGMI9___________ARD3__________8BGAlkYwiXShD-YRgKZGMIu0oQpGIYC2RjCKQnEIo1GC9kYwi1ShCdYhgwZGMIs0YQzl8YMmRjCLNKEKhiGDVkYwjcChD7GhgWZGMIlhQQmRwYGGRjCORJELphGDhkYwjh__________8BEOH__________wEYH2R4AYABAogByYKMSZABHJgB2rH525sx&cta=true
Title: Leia mais

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-y-delta:Explore%20More%20|%20Card%205:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Fmlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html&ri=521b4c47efed42f359626ff4c27bdd21&sd=v2_4ff65295c75bfebdfc771a5fd9550c90_712d837f-5819-496b-bd2f-fff2b5f812cc-tuctbc52af6_1691067766_1691067766_CNawjgYQ2YJdGIKx-dubMSABKAEwswE4hNQMQOfWDEjS8NgDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=712d837f-5819-496b-bd2f-fff2b5f812cc-tuctbc52af6&it=text&ii=~~V1~~-7374836295806209063~~v1nrziPhHpjBjGfCPxoj6T9tmr9Evzo-H1FAE3wg-1lyNpbgedRdYuhjTdtdbeHkn1OV0paklJAyh655pQ0hZ4PYvDs_vkv-HL_CdGiLMrWT5GCZMQfrbesy3iNGtgUPRdbgwlJdnqyroTPEQNNEn-ZjJ_akNztDyaOSNr7hF5Y&pt=text&li=rbox-t2v&sig=2189ae051f037234b143226153a749629b200a011f6e&redir=https%3A%2F%2Fperfectadd.art%2Fclick_taboola.php%3Fkey%3Di2xdo34jrg1bcrx7c58r%26click_id%3DGiB_pK5nFauuAdK560ygRJbBRpz4pnQ95jvzPhr3qU5xeSDC3FYokfbayYmRiJ-LAQ%26utm_cpc%3DFnt_7bo_vBuejBOZScpwfuAV180-YPSX1lsZQLoFhtk%3D%26site%3Dpalmate-bg3co%26site_id%3D1524057%26title%3DLisbon%253A%2BGeladeiras%2B%25C3%25A0%2Bvenda%252C%2Bquase%2Bde%2Bgra%25C3%25A7a%2521%2BVer%2BPre%25C3%25A7os%26platform%3DDesktop%26campaign_id%3D26459430%26campaign_item_id%3D3716617049%26thumbnail%3Dhttp%253A%252F%252Fcdn.taboola.com%252Flibtrc%252Fstatic%252Fthumbnails%252Fb2ab8a59333fa006900599a1b3e912ad.jpg%26tblci%3DGiB_pK5nFauuAdK560ygRJbBRpz4pnQ95jvzPhr3qU5xeSDC3FYokfbayYmRiJ-LAQ%23tblciGiB_pK5nFauuAdK560ygRJbBRpz4pnQ95jvzPhr3qU5xeSDC3FYokfbayYmRiJ-LAQ&vi=1691067766914&p=adders-other-sc&r=52&lti=split-bugfix-v1_var&ppb=CLgE&cpb=EjwyMDIzMDgwMS02X2IyLVBSLTU5NzUxLURFVi0xNDA5NzctLWludGVyc2VjdGlvbnMtNDBmOTk2MGMzNTMYASCc__________8BKhZ0YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmMwMDI1NjiAkoDMC0CE1AxI59YMUNLw2ANY____________AWMI_kgQtmAYAWRjCNcWENUfGCNkYwjSAxDgBhgIZGMI9___________ARD3__________8BGAlkYwiXShD-YRgKZGMIu0oQpGIYC2RjCKQnEIo1GC9kYwi1ShCdYhgwZGMIs0YQzl8YMmRjCLNKEKhiGDVkYwjcChD7GhgWZGMIlhQQmRwYGGRjCORJELphGDhkYwjh__________8BEOH__________wEYH2R4AYABAogByYKMSZABHJgB2rH525sx&cta=true
Title: Clique aqui

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=next-up-a:Next%20Up:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Fmlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html&ri=998d6f99efbe644b67533287ffd3f1f3&sd=v2_4ff65295c75bfebdfc771a5fd9550c90_712d837f-5819-496b-bd2f-fff2b5f812cc-tuctbc52af6_1691067766_1691067766_CNawjgYQ2YJdGIKx-dubMSABKAEwswE4hNQMQOfWDEjS8NgDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=712d837f-5819-496b-bd2f-fff2b5f812cc-tuctbc52af6&it=text&ii=~~V1~~8592879470642657307~~Tmvju2IL_McAIZAu4RHP3xaObfDo6Eg_O_QyqJzddGp9_9IWyVTZYEw3zPc60dwzHu_TYvngZ3fIkOCpr71_kAqE0_yL1hRu0U20mv8_l14mu8UT16evWWa_M6pScHrNxqAMvqBQ8eqSP66YjP_A2Qg41dgAZMtE3ficY8PD7d0xLoHeXOFqQsuvibucL6JN8FVvB3EAALxt-faU4cAhPZpInogMnLXIzf74SLDck6Q&pt=text&li=rbox-t2v&sig=d00898df9dc1624db04d9e9657e8370bbe9950e8cf05&redir=https%3A%2F%2Frxh511.llsdzktnxwnnr.com%3Fnetwork%3Dtaboola%26subid1%3Dpalmate-bg3co%26adtitle%3DA%2Bnova%2Bgera%25C3%25A7%25C3%25A3o%2Bde%2Bpiscinas%253A%2BOs%2Bpre%25C3%25A7os%2Bem%2B2023%2Bpodem%2Bsurpreend%25C3%25AA-lo%26subid3%3D1524057%26site%3Dpalmate-bg3co%26click_id%3DGiB_pK5nFauuAdK560ygRJbBRpz4pnQ95jvzPhr3qU5xeSCxnFwo8Of698Gd2NOmAQ%26subid4%3Deb-pt-a-pool1pt-568055-c3107-tb%26kw1%3DJardim%2BBarato%2BPiscina%2BCom%2BCobertura%2BPre%C3%A7o%26kw2%3DJardim%2BBanheira%2Bde%2Bhidromassagem%2Bexterior%2BPre%C3%A7o%26kw3%3DComparar%2BBanheira%2BHidro%2BExterna%26kw4%3DComparar%2BPiscinas%2BAcima%2Bdo%2BSolo%2BLista%2Bde%2BPre%C3%A7os%26kw5%3D2023%2BPiscinas%2BAcima%2Bdo%2BSolo%2BLista%2Bde%2BPre%C3%A7os%26kw6%3D%7BCity%7D%3A%2BPiscinas%2BAcima%2Bdo%2BSolo%2BLista%2Bde%2BPre%C3%A7os%26kw7%3DComparar%2BPiscina%2Binstalada%26kw8%3DPiscina%2Binstalada%2BPre%C3%A7o%26kw9%3Dlista%2Bde%2BPiscina%2Binstalada%26kw10%3DJardim%2BBanheira%2Bde%2Bhidromassagem%2Bexterior%2BPre%C3%A7os%23tblciGiB_pK5nFauuAdK560ygRJbBRpz4pnQ95jvzPhr3qU5xeSCxnFwo8Of698Gd2NOmAQ&vi=1691067766914&p=mmosworld-camping-sc&r=79&lti=split-bugfix-v1_var&ppb=CPYG&cpb=EjwyMDIzMDgwMS02X2IyLVBSLTU5NzUxLURFVi0xNDA5NzctLWludGVyc2VjdGlvbnMtNDBmOTk2MGMzNTMYASCc__________8BKhZ0YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmMwMDI1NjiAkoDMC0CE1AxI59YMUNLw2ANY____________AWMI_kgQtmAYAWRjCNcWENUfGCNkYwjSAxDgBhgIZGMI9___________ARD3__________8BGAlkYwiXShD-YRgKZGMIu0oQpGIYC2RjCKQnEIo1GC9kYwi1ShCdYhgwZGMIs0YQzl8YMmRjCLNKEKhiGDVkYwjcChD7GhgWZGMIlhQQmRwYGGRjCORJELphGDhkYwjh__________8BEOH__________wEYH2R4AYABAogByYKMSZABHJgB2rH525sx&cta=true
Title: Clique aqui

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Fmlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html&ri=998d6f99efbe644b67533287ffd3f1f3&sd=v2_4ff65295c75bfebdfc771a5fd9550c90_712d837f-5819-496b-bd2f-fff2b5f812cc-tuctbc52af6_1691067766_1691067766_CNawjgYQ2YJdGIKx-dubMSABKAEwswE4hNQMQOfWDEjS8NgDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=712d837f-5819-496b-bd2f-fff2b5f812cc-tuctbc52af6&it=text&ii=~~V1~~-4467127564505210298~~G0IY6h4Ir8LPGTMdCyS_AlJkJfryULfgiOBETheZTgxyNpbgedRdYuhjTdtdbeHkhaqEulzEROXrb10wD8rxOmuHRcdZ7W2U5z46CTP14tV5b7MvFB3l9dnkci_UZtrGds6CuiXMzmM2XQa7kNG2qU2Znx5m5ka9e6OQHfibk8giZROCQzkpRz5Pv8mwtNlN&pt=text&li=rbox-t2v&sig=1763f47b88f10c377320786f293a2c4743da1cda3345&redir=https%3A%2F%2Fpjbmu.com%2Fgo%2F5d2cc1e9-c27e-4eb4-bd6c-345831b3435e%3Fcampaign_name%3DElectric%2BCars%2BSeniors-pt-PT-D%2BKW31%2B%25282.5%2529%26campaign_id%3D26571715%26adgroup_name%3Dpalmate-bg3co%26adgroup_id%3D1524057%26creative_name%3DNovo%2Bcarro%2Bel%25C3%25A9trico%2Bpequeno%2Bpara%2Bidosos%253A%2Bo%2Bpre%25C3%25A7o%2Bpode%2Bsurpreend%25C3%25AA-lo%26creative_id%3D3718386046%26network%3Dtaboola%26site%3Dpalmate-bg3co%26adtitle%3DNovo%2Bcarro%2Bel%25C3%25A9trico%2Bpequeno%2Bpara%2Bidosos%253A%2Bo%2Bpre%25C3%25A7o%2Bpode%2Bsurpreend%25C3%25AA-lo%26click_id%3DGiB_pK5nFauuAdK560ygRJbBRpz4pnQ95jvzPhr3qU5xeSDQxl4otJ63z-XX8tvdAQ%26tblci%3DGiB_pK5nFauuAdK560ygRJbBRpz4pnQ95jvzPhr3qU5xeSDQxl4otJ63z-XX8tvdAQ%23tblciGiB_pK5nFauuAdK560ygRJbBRpz4pnQ95jvzPhr3qU5xeSDQxl4otJ63z-XX8tvdAQ&vi=1691067766914&p=hi-electric-cars-seniors&r=9&lti=split-bugfix-v1_var&ppb=CPYG&cpb=EjwyMDIzMDgwMS02X2IyLVBSLTU5NzUxLURFVi0xNDA5NzctLWludGVyc2VjdGlvbnMtNDBmOTk2MGMzNTMYASCc__________8BKhZ0YWJvb2xhc3luZGljYXRpb24uY29tMgh0cmMwMDI1NjiAkoDMC0CE1AxI59YMUNLw2ANY____________AWMI_kgQtmAYAWRjCNcWENUfGCNkYwjSAxDgBhgIZGMI9___________ARD3__________8BGAlkYwiXShD-YRgKZGMIu0oQpGIYC2RjCKQnEIo1GC9kYwi1ShCdYhgwZGMIs0YQzl8YMmRjCLNKEKhiGDVkYwjcChD7GhgWZGMIlhQQmRwYGGRjCORJELphGDhkYwjh__________8BEOH__________wEYH2R4AYABAogByYKMSZABHJgB2rH525sx&cta=true
Title: Leia mais

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://ads.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 132

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
https://eus.rubiconproject.com/usync.html?p=adiiix

Request Chain 137

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
https://eus.rubiconproject.com/usync.html?p=adiiix

Request Chain 156

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=logly&endpoint=apac HTTP 301
https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac

Request Chain 178

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134176&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1691067768&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691067768333&bpp=32&bdt=1065&idt=416&shv=r20230731&mjsv=m202308010102&ptt=5&saldr=sa&correlator=8702723933202&frm=23&ife=1&pv=2&ga_vid=1152059708.1691067769&ga_sid=1691067769&ga_hid=1779013483&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1164600765&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076510%2C42531706%2C31076700%2C44788441&oid=2&pvsid=3962355071051990&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.cdidt0kz9ah0&fsb=1&dtd=517 HTTP 302
https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html

Request Chain 181

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134177&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1691067768&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691067768381&bpp=20&bdt=1092&idt=381&shv=r20230731&mjsv=m202307270101&ptt=5&saldr=sa&correlator=8702723933202&frm=23&ife=1&pv=1&ga_vid=1152059708.1691067769&ga_sid=1691067769&ga_hid=2106662743&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2228&biw=1600&bih=1200&isw=336&ish=280&ifk=3446662464&scr_x=0&scr_y=0&eid=44759837%2C44759926%2C44759875%2C31076469%2C31076509%2C44788442&oid=2&pvsid=2371372344267328&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.6zob079x174q&btvi=1&fsb=1&dtd=487 HTTP 302
https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html

Request Chain 227

https://agent.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 228

https://agent.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 232

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=

Request Chain 233

https://s.company-target.com/s/rp HTTP 302
https://pixel.rubiconproject.com/tap.php?v=1181926&nid=5578&put=6de2a3d2-dda3-4d1f-90a2-e0e197802d4b

Request Chain 235

https://cms.quantserve.com/pixel/p-e4m3Yko6bFYVc.gif?idmatch=0 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=4939&nid=1902&&put=6MbWur_HguDzyo3r7ZeY7LvEhenzx9DgvZZBf0Qg

Request Chain 276

https://agent.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 283

https://agent.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

291 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html Show response
www.bg3.co/a/ 54 KB
16 KB 1675ms
1065ms Document
text/html 103.231.174.251
XLC-AS-AP XLC GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bg3.co/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.231.174.251 New York, United States, ASN9744 (XLC-AS-AP XLC GLOBAL, HK),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: d55fec727f544b6766754d7b94dc6448b2db5491e094fc4b487bfc4c3d5d6b80

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

cache-control: max-age=900
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 03 Aug 2023 13:02:45 GMT
etag: "d931-YzspbeMIcdKqUX5tcCPOhw05F8I"
expires: Thu, 03 Aug 2023 13:17:45 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 277 KB
72 KB 297ms
110ms Script
text/javascript 142.250.185.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f1.1e100.net

Software

sffe /

Resource Hash

bec100a88725b8aa87c85af62b54a24314255cf4f2f9a40eb49a5f4606b37fd9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Thu, 03 Aug 2023 13:02:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72951
x-xss-protection: 0
server: sffe
etag: "8f4eaea38fc96a6c"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 03 Aug 2023 13:02:46 GMT

GET
H2 200 amp-sidebar-0.1.js Show response
cdn.ampproject.org/v0/ 31 KB
10 KB 311ms
125ms Script
text/javascript 142.250.185.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-sidebar-0.1.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f1.1e100.net

Software

sffe /

Resource Hash

ac4a5d4f7704bfabd97126241009d730d156e68859c8bd7d0db1f049acc39e95

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Thu, 03 Aug 2023 13:02:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9715
x-xss-protection: 0
server: sffe
etag: "eb48d635b40b4bb9"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 03 Aug 2023 13:02:46 GMT

GET
H2 200 amp-auto-ads-0.1.js Show response
cdn.ampproject.org/v0/ 25 KB
8 KB 277ms
150ms Script
text/javascript 142.250.185.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f1.1e100.net

Software

sffe /

Resource Hash

c22797992dd1d24b0a0ca26c91d8db543627e90afcc35db9e65416373888359b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Thu, 03 Aug 2023 13:02:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7620
x-xss-protection: 0
server: sffe
etag: "8b05dcb7f07f21a0"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 03 Aug 2023 13:02:46 GMT

GET
H2

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/
Redirect Chain

https://ads.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

161ms
52ms

Script
application/octet-stream

104.26.4.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html
Protocol: H2
Server: 104.26.4.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:02:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 38
alt-svc: h3=":443"; ma=86400
content-length: 40181
last-modified: Tue, 20 Jun 2023 03:04:26 GMT
server: cloudflare
etag: "6491173a-9cf5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bft49KQaesjNNZLOM0FuK6HQUh5NTN5DASW96q7e%2FLtYpxxmauCHF0UjfUBNiUrAURWd1XCfWAHB%2FgF%2B1l0hjm2XALBcj7mcY4nzgE8IgUTV%2FXYlL4j5RTuAU34uoutwuA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7f0ec1c8be1d215a-MAD

Redirect headers

Location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection: close
Content-length: 0

GET
H2 200 adRecover.js Show response
delivery.adrecover.com/43519/ 37 KB
10 KB 241ms
79ms Script
application/javascript 193.108.153.16
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.adrecover.com/43519/adRecover.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.16 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-16.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: cee485246cdd0c208f39c2c3a38da5966166e82cb8da88809defdcbfa382dcda

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: PT
date: Thu, 03 Aug 2023 13:02:46 GMT
content-encoding: br
last-modified: Thu, 03 Aug 2023 07:00:26 GMT
server: nginx/1.18.0
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
x-cf-geodata: PT
content-length: 10019
expires: Thu, 03 Aug 2023 14:02:46 GMT

GET
H2 200 adpushup.js Show response
cdn.adpushup.com/42753/ 650 KB
137 KB 254ms
84ms Script
application/javascript 193.108.153.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/42753/adpushup.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-18.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: c3b841038d3e92059d020f8e07ac081fe3e75b5d274f88107475158bd05a834d

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: PT
date: Thu, 03 Aug 2023 13:02:46 GMT
content-encoding: br
last-modified: Wed, 02 Aug 2023 04:50:44 GMT
server: nginx/1.18.0
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
server-timing: cdn-cache; desc=HIT, edge; dur=9, origin; dur=0, ak_p; desc="469741_389467666_963598432_841_1097_36_0_146";dur=1
x-cf-geodata: PT
content-length: 139515
expires: Thu, 03 Aug 2023 14:02:46 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/palmate-bg3co/ 423 KB
50 KB 205ms
125ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 86370f5b539d715fc99a635217cccdb8520103a3a870ce563df97c70c20b873b

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: B.CcmElMEkigZNLSR25YyFMppGqP.Kq4
content-encoding: gzip
via: 1.1 varnish
date: Thu, 03 Aug 2023 13:02:46 GMT
x-amz-request-id: 0YGEFYPCHBVRYF2F
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS
x-from-cache: 1
x-envoy-upstream-service-time: 9
x-amz-replication-status: FAILED
content-length: 50315
x-amz-id-2: t7oa7sUTCrk8M8YIg9riyg7TRyUak2vtcqT9xSTIf6aSbI3itBdvCDq2PMN/mnuO5tkEh4IfS4k=
x-served-by: cache-lis1490038-LIS
last-modified: Thu, 03 Aug 2023 12:47:04 UTC
server: nginx
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1691067767.516452,VS0,VE87
etag: "1cdfa6665b30364998c13249608ae7fd5f9444e3"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
abp: 6
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 lift_widget.js Show response
nt.compass-fit.jp/ 78 KB
17 KB 1198ms
560ms Script
text/javascript 52.68.208.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.68.208.5 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-68-208-5.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 8dfe3a01e302a4044539117ac21d6278e5409d3e0fa804f89c51aa779fb18f4f

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Aug 2023 13:02:47 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"
content-type: text/javascript
cache-control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate

GET
H2 200 jquery-2.2.2.min.js Show response
code.jquery.com/ 84 KB
29 KB 179ms
67ms Script
application/javascript 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.2.min.js
Requested by: Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:02:46 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-14e98"
surrogate-control: max-age=315360000;hw-h2proxy
vary: Accept-Encoding
x-hw: 1691067766.cdn4-pxy038-mad02.ma1.evs,1691067766.cds035.ma1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000,public
accept-ranges: bytes
content-length: 29880

GET
H2 200 tr5
cdn.taboola.com/libtrc/ 3 B
86 B 39ms
38ms Image
text/html 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/tr5?abgroup=split-bugfix-v1_var
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by: cache-lis1490038-LIS
date: Thu, 03 Aug 2023 13:02:46 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1691067767.717996,VS0,VE0
x-cache: HIT
content-type: text/html
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
content-length: 3
retry-after: 0
x-cache-hits: 0

GET
H2 200 impl.20230801-6_b2-PR-59751-DEV-140977--intersections-40f9960c353.js Show response
cdn.taboola.com/libtrc/ 792 KB
164 KB 47ms
46ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20230801-6_b2-PR-59751-DEV-140977--intersections-40f9960c353.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 96b25f53ae3f279c2540a474dfc42f7d301fbccce9ad72da586bacc478d4b605

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 6tm6LVcHrWwUh.qjiACWQhJl5b0i82c6
content-encoding: br
via: 1.1 varnish
date: Thu, 03 Aug 2023 13:02:46 GMT
x-amz-request-id: GV7ZEZDS84YZYEZ0
age: 12451
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 167682
x-amz-id-2: 4Z1UNlooGJffHA4wIG8cJvUr/URC00u82CcIVmKBGx4GO7hb9VmRYmgW7z0KBkQnExPXrMQBKzw=
x-served-by: cache-lis1490038-LIS
last-modified: Tue, 01 Aug 2023 09:15:14 GMT
server: AmazonS3-br
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1691067767.748242,VS0,VE0
etag: "efdc0689a8184922942a07933e81a686"
vary: Accept-Encoding
content-type: application/javascript
abp: 25
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 248

GET 02e6a938b8c39e79b11935a028911d96.jpg
static.bg3.co/imgs/202105/ 0
0

GET e64f1aad0f4081deb01264b2e02414c5.jpg
static.bg3.co/imgs/202105/ 0
0

GET ebe842e62533611615b58af6382dbecc.jpg
static.bg3.co/imgs/202106/ 0
0

GET 55ad054dca5f735d50ce599d2035f6d3.jpg
static.bg3.co/imgs/202105/ 0
0

GET 0901b9fd824b2abf6957a7eed729ad9c.jpg
static.bg3.co/imgs/202105/ 0
0

GET 2c4521423c211ab8a15cf9ca0c67f87c.jpg
static.bg3.co/imgs/202105/ 0
0

GET 787a7a029487e4a99f1bb7791001a693.jpg
static.bg3.co/imgs/202106/ 0
0

GET c5670e3ba9155811512ecdf2938353a8.jpg
static.bg3.co/imgs/202106/ 0
0

GET ae2ede62cb3f3fe94f8e71e117c0a533.jpg
static.bg3.co/imgs/202105/ 0
0

GET 131604ace6a1dde3651fa86692f20609.jpg
static.bg3.co/imgs/202105/ 0
0

GET 7206727794732112ed90fbc455c55c50.jpg
static.bg3.co/imgs/202105/ 0
0

GET 1975aee9e84b4e7eb3c38ccd2d490fc0.jpg
static.bg3.co/imgs/202106/ 0
0

GET 5977e5be7766f9679a4043821b34b6a5.jpg
static.bg3.co/imgs/202105/ 0
0

GET d7009cccd2e6d05f7d26afdf0b56cb63.jpg
static.bg3.co/imgs/202105/ 0
0

GET 481449c804eb34cb00f7a8d5276610ef.jpg
static.bg3.co/imgs/202109/ 0
0

GET dfd89791823818cc3bfa50ae16fb7e6e.jpg
static.bg3.co/imgs/202105/ 0
0

GET 8e7b3ebc19fb21c73ba1a78204210d25.jpg
static.bg3.co/imgs/202105/ 0
0

GET 73b90d036aa96714a00055ac5f10cc65.jpg
static.bg3.co/imgs/202106/ 0
0

GET 5fbae40a67ec2cf4f35ee011f4fefe83.jpg
static.bg3.co/imgs/202105/ 0
0

GET 7eefafea070ebc1c6eab1255cce5e9fa.jpg
static.bg3.co/imgs/202105/ 0
0

GET 37a5aca441dbf98f5193d7e9e5f7328d.jpg
static.bg3.co/imgs/202105/ 0
0

GET 373929e5e49e186a781b9777a9abde0c.jpg
static.bg3.co/imgs/202105/ 0
0

GET 9a4c75312644db9a2f983ce6bd4ae69d.jpg
static.bg3.co/imgs/202105/ 0
0

GET c309aaa2355171828a1b10b57d4f2714.jpg
static.bg3.co/imgs/202105/ 0
0

GET 1057a41c9c75467ca61eb054642d0198.jpg
static.bg3.co/imgs/202105/ 0
0

GET
H3 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012307212240000/v0/ 8 KB
3 KB 223ms
71ms Script
text/javascript 142.250.185.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307212240000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f1.1e100.net

Software

sffe /

Resource Hash

7aabf43feb1a7fc3ab72a0e668ed7a2270a372e6302e3d9c597276da6688b669

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 01 Aug 2023 20:16:48 GMT
age: 146758
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3024
x-xss-protection: 0
server: sffe
etag: "d7a7f0b16a50c91a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 31 Jul 2024 20:16:48 GMT

GET
H3 200 amp-ad-0.1.js Show response
cdn.ampproject.org/rtv/012307212240000/v0/ 82 KB
23 KB 228ms
79ms Script
text/javascript 142.250.185.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307212240000/v0/amp-ad-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f1.1e100.net

Software

sffe /

Resource Hash

3973cb55df9a5b6cb4455c50724a1bd7085b4ef8b1006996def9d92436c4e732

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 01 Aug 2023 20:16:46 GMT
age: 146760
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23146
x-xss-protection: 0
server: sffe
etag: "1ad3966f9ca1cb05"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 31 Jul 2024 20:16:46 GMT

GET
H2 200 ama Show response
pagead2.googlesyndication.com/getconfig/ 2 KB
783 B 271ms
107ms Fetch
application/json 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/ama?client=ca-pub-3216231935713038&plah=www.bg3.co&ama_t=amp&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html&__amp_source_origin=https%3A%2F%2Fwww.bg3.co

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

ff5db27b3460f352d33d9dd07e320c709bf39c0fc3f68b83b7fa2c8ad44c6565

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:02:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 435
x-xss-protection: 0

GET
H3 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012307212240000/v0/ 13 KB
4 KB 214ms
72ms Script
text/javascript 142.250.185.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307212240000/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f1.1e100.net

Software

sffe /

Resource Hash

120d6f4483a00a7bccde9737c262e1085fb41e91ac401ec44ec4faf16ecceab6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 01 Aug 2023 20:16:48 GMT
age: 146758
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4005
x-xss-protection: 0
server: sffe
etag: "3d50c9c2d991323a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 31 Jul 2024 20:16:48 GMT

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 69ms
69ms Script
application/javascript 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:02:46 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-15d9d"
surrogate-control: max-age=315360000;hw-h2proxy
vary: Accept-Encoding
x-hw: 1691067766.cdn4-pxy038-mad02.ma1.evs,1691067766.cds208.ma1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000,public
accept-ranges: bytes
content-length: 30875

GET
H2 200 sync Show response
gum.criteo.com/ 46 B
288 B 218ms
70ms Script
text/javascript 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230801-6_b2-PR-59751-DEV-140977--intersections-40f9960c353.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:02:46 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 200976
expires: 60

GET
H2 200 json Show response
trc.taboola.com/palmate-bg3co/trc/3/ 81 KB
22 KB 366ms
360ms XHR
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-bg3co/trc/3/json?tim=13%3A02%3A46.920&lti=split-bugfix-v1_var&data=%7B%22id%22%3A3%2C%22ii%22%3A%22%2Fa%2Fmlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1690996095317%2C%22vi%22%3A1691067766914%2C%22cv%22%3A%2220230801-6_b2-PR-59751-DEV-140977--intersections-40f9960c353%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fmlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22pev%22%3A12542%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fmlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html%22%2C%22vpi%22%3A%22%2Fa%2Fmlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A3444%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Feed%22%2C%22orig_uip%22%3A%22Below%20Article%20Feed%22%2C%22cd%22%3A1923.9375%2C%22mw%22%3A760%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fa%2Fmlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html%2CBelow%20Article%20Feed%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22split-bugfix-v1_var%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230801-6_b2-PR-59751-DEV-140977--intersections-40f9960c353.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3f308a260fcdd3e58116379e2a129a40a7a67299e264db10ca89c81bb102621b

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 321
date: Thu, 03 Aug 2023 13:02:47 GMT
content-encoding: gzip
via: 1.1 varnish
x-fastly-to-nlb-rtt: 102914
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-lis1490038-LIS
server: nginx
x-timer: S1691067767.946675,VS0,VE321
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://www.bg3.co
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 block.jpg
delivery.adrecover.com/ 631 B
857 B 76ms
76ms Image
image/jpeg 193.108.153.16
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://delivery.adrecover.com/block.jpg?ts=1691067766936
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.16 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-16.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: PT
date: Thu, 03 Aug 2023 13:02:46 GMT
last-modified: Wed, 23 Jun 2021 06:37:54 GMT
server: nginx/1.18.0
etag: "60d2d6c2-277"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
accept-ranges: bytes
content-length: 631
expires: Thu, 03 Aug 2023 14:02:46 GMT

GET
H2 200 pb.42753.1685716554093.js Show response
cdn.adpushup.com/prebid/ 409 KB
120 KB 280ms
115ms Script
application/javascript 193.108.153.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-18.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 2e1c308b644d5be0cb3ca8d1ed6ca9caf2f559a2db097ce23040bb7e6f352d6e

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: PT
date: Thu, 03 Aug 2023 13:02:47 GMT
content-encoding: br
last-modified: Wed, 19 Jul 2023 17:13:32 GMT
server: nginx/1.18.0
etag: W/"64b819bc-66521"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=7, origin; dur=0, ak_p; desc="469741_389467666_963598984_685_1163_37_0_146";dur=1
content-length: 122286
expires: Fri, 02 Aug 2024 13:02:47 GMT

GET
H2 200 quantcast.js Show response
cdn.adpushup.com/pbuseridscripts/ 450 B
582 B 296ms
199ms Script
application/javascript 193.108.153.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-18.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: PT
date: Thu, 03 Aug 2023 13:02:47 GMT
content-encoding: br
last-modified: Mon, 28 Jun 2021 04:15:23 GMT
server: nginx/1.18.0
etag: W/"60d94cdb-1c2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=31536000
server-timing: cdn-cache; desc=MISS, edge; dur=5, origin; dur=90, ak_p; desc="469741_389467666_963598992_9598_925_37_0_146";dur=1
content-length: 211
expires: Fri, 02 Aug 2024 13:02:47 GMT

GET
H2 200 linkPreview.js Show response
cdn.adpushup.com/42753/ 75 KB
18 KB 179ms
83ms Script
application/javascript 193.108.153.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/42753/linkPreview.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-18.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: PT
date: Thu, 03 Aug 2023 13:02:47 GMT
content-encoding: br
last-modified: Tue, 13 Dec 2022 07:20:55 GMT
server: nginx/1.18.0
etag: W/"639827d7-12dc3"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
server-timing: cdn-cache; desc=HIT, edge; dur=4, origin; dur=0, ak_p; desc="469741_389467666_963598991_449_1149_37_0_146";dur=1
content-length: 18371
expires: Thu, 03 Aug 2023 14:02:47 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 82 KB
28 KB 293ms
137ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

cafe /

Resource Hash

5eced968fda8a4828b9ab4ccc3039fc8a1e548c32715055127a673084704c01e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:02:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28192
x-xss-protection: 0
server: cafe
etag: 623 / 19572 / 31076709 / config-hash: 10451620551299991446
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 03 Aug 2023 13:02:47 GMT

GET
H2 200 testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 70 B
309 B 230ms
79ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2OTEwNjc3NjcwMTQsInBhY2tldElkIjoiMDAwMEE3MDEtYjMwNjliN2ItNzYwZi00MDU1LWJlMWMtYjhhZjRlM2E1ZjgxIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL21sYi14aW4tcmVuLXNob3UteXVlLXFpYW8tNDR6aGktYW4tZGEtcHUteWktZ2Utc2hpLXNoYW5nLWRpLTJqaW4tY2kteXUtZGktbWEtcWlhby5odG1sIiwibW9kZSI6NCwiZXJyb3JDb2RlIjowLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGwsImNvdW50cnkiOiJQVCJ9&c_b=2348.900001525879
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Aug 2023 13:02:47 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 70 B
308 B 231ms
80ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Aug 2023 13:02:47 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 AGSKWxWGtL7zuZ1y1IcNdDu97XV3A1nSFYlAxzUsMF11iBnZwCEpDsaZDLJvauA2_Cx3VImW-PkAxWSsA1Yld5y1tqA= Show response
fundingchoicesmessages.google.com/f/ 19 KB
8 KB 287ms
128ms Script
application/javascript 142.250.184.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWGtL7zuZ1y1IcNdDu97XV3A1nSFYlAxzUsMF11iBnZwCEpDsaZDLJvauA2_Cx3VImW-PkAxWSsA1Yld5y1tqA=

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f14.1e100.net

Software

ESF /

Resource Hash

6bf122b7054e352794e08cd127c0c3fe32ecc2a258bde31001745898fbef7cce

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-jxmXVCkttUxikWQNRFGoRA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:02:47 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-jxmXVCkttUxikWQNRFGoRA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 amp-sticky-ad-1.0.js Show response
cdn.ampproject.org/rtv/012307212240000/v0/ 40 KB
10 KB 72ms
71ms Script
text/javascript 142.250.185.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307212240000/v0/amp-sticky-ad-1.0.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f1.1e100.net

Software

sffe /

Resource Hash

813259c2c1f1d3b42d9a6749d793fcc4d9cdf352160fb907c41a0e71c2de0b9c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 01 Aug 2023 20:16:46 GMT
age: 146761
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10409
x-xss-protection: 0
server: sffe
etag: "1f8c29a54f975295"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 31 Jul 2024 20:16:46 GMT

GET
H3 200 amp-ad-network-adsense-impl-0.1.js Show response
cdn.ampproject.org/rtv/012307212240000/v0/ 213 KB
56 KB 72ms
71ms Script
text/javascript 142.250.185.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307212240000/v0/amp-ad-network-adsense-impl-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f1.1e100.net

Software

sffe /

Resource Hash

7aeb79f60a16395b0f980556f6421e611710f447efd99ad7072d88eb4cb5f94d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 01 Aug 2023 20:17:37 GMT
age: 146710
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57602
x-xss-protection: 0
server: sffe
etag: "fbb020b0835c67fa"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 31 Jul 2024 20:17:37 GMT

GET
H3 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012307212240000/v0/ 110 KB
31 KB 72ms
72ms Script
text/javascript 142.250.185.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307212240000/v0/amp-analytics-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f1.1e100.net

Software

sffe /

Resource Hash

195251f734458153a0d5d070fc3439725d825ecea5bf2d10e2200f54072c36ca

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 01 Aug 2023 20:16:46 GMT
age: 146761
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32170
x-xss-protection: 0
server: sffe
etag: "363d8deba5bba0d7"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 31 Jul 2024 20:16:46 GMT

GET
H2 200 nameframe.html
d-3990198761571930581.ampproject.net/2307212240000/ 0
0 270ms
103ms Other
text/html 216.58.212.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d-3990198761571930581.ampproject.net/2307212240000/nameframe.html
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.212.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ams15s21-in-f131.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 ucfad-formats.css
cdn.aralego.net/css/dev/ 975 B
617 B 57ms
56ms Stylesheet
text/css 104.26.4.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:02:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2987
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PZCtjg%2FHpbdmlyprgs03tKGzNyfDWYUULvBdjEKke18eJ9mR7L%2BYK14PwptJVOdOiaxNsZt1QnMMOh6Ona4ASZBcO2CygXEvBWVbb8Jt6sSARgI3wHuwYOYeI%2FnFUkLkyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7f0ec1c98ff3215a-MAD

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ 46 B
488 B 572ms
152ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: f7cc731ab142db1e16ff5dc045e0af2dd888e3dac2b3c6ee1932d33daaa6adef

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 03 Aug 2023 13:02:47 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.bg3.co
Access-Control-Allow-Credentials: true
Connection: close
Content-Length: 46

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ 46 B
488 B 574ms
143ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: f7cc731ab142db1e16ff5dc045e0af2dd888e3dac2b3c6ee1932d33daaa6adef

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 03 Aug 2023 13:02:47 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.bg3.co
Access-Control-Allow-Credentials: true
Connection: close
Content-Length: 46

GET
H2 200 floating-unit.20230801-6_b2-PR-59751-DEV-140977--intersections-40f9960c353.es6.js Show response
cdn.taboola.com/libtrc/ 8 KB
3 KB 39ms
39ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/floating-unit.20230801-6_b2-PR-59751-DEV-140977--intersections-40f9960c353.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d9453956f7703a0d4e455d92d56b7e5790d92cea6326e6c2be099df3abaf4eae

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 7zzwASG4IhQwO0lSil7CIttJebLkorkM
content-encoding: gzip
via: 1.1 varnish
date: Thu, 03 Aug 2023 13:02:47 GMT
x-amz-request-id: NTTXPRVXZJATWKH6
age: 48
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 2499
x-amz-id-2: tJXRCciN2x+C3cQUSanJeT7OjSjZoPFc+T+/wPj5gWJgQvxtbReJk0MLp76hJ5aTub7HdIIZP0o=
x-served-by: cache-lis1490038-LIS
last-modified: Tue, 01 Aug 2023 09:15:25 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1691067767.338809,VS0,VE1
etag: "43e6378fc2b62fe835b6234113d8a989"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 19
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 taboola-vignette-new-scanning.20230801-6_b2-PR-59751-DEV-140977--intersections-40f9960c353.es6.js Show response
cdn.taboola.com/libtrc/ 27 KB
8 KB 38ms
38ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/taboola-vignette-new-scanning.20230801-6_b2-PR-59751-DEV-140977--intersections-40f9960c353.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d1c998e8df11ff3bf9e18904976ea4557053ad49732303ba8f3622bbe40b6741

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: QuEo0ciU1kbz1e0eBT8qQdZ_YsTmXhjO
content-encoding: gzip
via: 1.1 varnish
date: Thu, 03 Aug 2023 13:02:47 GMT
x-amz-request-id: VYWSRB6E14B0V9K9
age: 28125
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 8052
x-amz-id-2: uzikZyxA2z/QaaALOP4ZDpEgBIDBMvV8coU8LDS1dF9NRFSJSaJIf52ovu4VRRbZF9tr5o855Lg=
x-served-by: cache-lis1490038-LIS
last-modified: Tue, 01 Aug 2023 09:15:44 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1691067767.340630,VS0,VE0
etag: "a8440f75bfc107b365dc168b5c02417b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 61
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 90

GET
H2 200 distance-from-article.20230801-6_b2-PR-59751-DEV-140977--intersections-40f9960c353.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 41ms
41ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/distance-from-article.20230801-6_b2-PR-59751-DEV-140977--intersections-40f9960c353.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 70e0d598b0c4ff7c3a0dd4a5046c7da9d08dc9e78631634db1ab08f3487858c1

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: ejNAWLw_ybhd8MGd06VsKwdFB0w4RocI
content-encoding: gzip
via: 1.1 varnish
date: Thu, 03 Aug 2023 13:02:47 GMT
x-amz-request-id: W1B7RBTRJWCMJRFY
age: 68
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 1171
x-amz-id-2: yQY3AxfX+O6fGy+nEHFvTPFVEOqPh6CAq0n3Sr8jtgzI4LGnx1mzP8uaKV+CQRkloMBBQ810lJk=
x-served-by: cache-lis1490038-LIS
last-modified: Tue, 01 Aug 2023 09:15:15 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1691067767.359739,VS0,VE0
etag: "59925acc62702de2eb220879fda38809"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 71
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 3

GET
H2 200 article-detection.20230801-6_b2-PR-59751-DEV-140977--intersections-40f9960c353.es6.js Show response
cdn.taboola.com/libtrc/ 3 KB
2 KB 42ms
41ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/article-detection.20230801-6_b2-PR-59751-DEV-140977--intersections-40f9960c353.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: df87e6c5b8d37cfd08f40ca57b729f04252165012b5840caa0da9248a556e2f4

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: qcqn2SKtzJ1Thha4b4yXC._rJ1Q4gb_9
content-encoding: gzip
via: 1.1 varnish
date: Thu, 03 Aug 2023 13:02:47 GMT
x-amz-request-id: XBG7SD2GJGRAQQPY
age: 10
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 1305
x-amz-id-2: CyNEUw7wFwFru0NFkVCVNLLlOQlKdDTQQujt2Oxw4/6k9YPjjenusMAeMlD9OWVbGeUtdLLF8vg=
x-served-by: cache-lis1490038-LIS
last-modified: Tue, 01 Aug 2023 09:15:08 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1691067767.359773,VS0,VE0
etag: "fdb399f3b4f5fec60ec8a910bc70618c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 6
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 3

GET
H2 200 UnitFeedManagerDesktop.min.js Show response
vidstat.taboola.com/lite-unit/4.1.8/ 123 KB
35 KB 40ms
38ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/4.1.8/UnitFeedManagerDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230801-6_b2-PR-59751-DEV-140977--intersections-40f9960c353.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 33a6bceccdad3831c446c41d3f3eccf4753b5646b9205cda82960bb4dcd2249a

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:02:47 GMT
via: 1.1 60d5d039ddd1dfa7f8fb545bcd965e3a.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: LIS50-C1
age: 100544
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront, HIT
content-length: 35439
x-served-by: cache-lis1490038-LIS
last-modified: Wed, 02 Aug 2023 09:05:47 GMT
server: AmazonS3
x-timer: S1691067767.361143,VS0,VE0
etag: "d79f8f745c3d1249268e49970ed0fc7f"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: q4JJzOTl7HGkaWAXATt-Eba-nc3Q-Y1cg8Dvdj9l8__M7sFmkbM74A==
x-cache-hits: 1369

GET
H2 200 feed-card-placeholder.20230801-6_b2-PR-59751-DEV-140977--intersections-40f9960c353.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
2 KB 43ms
43ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/feed-card-placeholder.20230801-6_b2-PR-59751-DEV-140977--intersections-40f9960c353.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1cda63ab62cd9d83d63c77e4fef8735ae516fc537848d0a1dd585452af15bfcd

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: pQWZ1F1cPYDNFXm36wuT6rSSer7yK9gR
content-encoding: gzip
via: 1.1 varnish
date: Thu, 03 Aug 2023 13:02:47 GMT
x-amz-request-id: J5QMK58JDYRC1975
age: 106
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 1293
x-amz-id-2: 8+Djm4MQjp/hSYvziiY9/tgQ5IJ4zs4s0SNOd16Keud+smNLMK2oXnWYe7MvvYB6hqeULOtL51I=
x-served-by: cache-lis1490038-LIS
last-modified: Tue, 01 Aug 2023 09:15:20 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1691067767.361962,VS0,VE0
etag: "9c287a1958fcf520f8671a154a072a3a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 45
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 userx.20230801-6_b2-PR-59751-DEV-140977--intersections-40f9960c353.es6.js Show response
cdn.taboola.com/libtrc/ 17 KB
6 KB 39ms
39ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20230801-6_b2-PR-59751-DEV-140977--intersections-40f9960c353.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dabebdb778ec3cf6434cf2b2ac7f0ceed5218c664abb2fb1360c3447373759a7

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: YdmBKxPfFaoBxQwQNtQh97yOnsE7E073
content-encoding: gzip
via: 1.1 varnish
date: Thu, 03 Aug 2023 13:02:47 GMT
x-amz-request-id: WF0H3DVDHSC5QA8Q
age: 33
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 5432
x-amz-id-2: 6NBhHgU0PCnaZvc770+2fe3zdj+uCtk4Tuiy04tCbZMj6cuAiLGl2FRW1AKESQPef1b2wNgZQH4=
x-served-by: cache-lis1490038-LIS
last-modified: Tue, 01 Aug 2023 09:15:47 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1691067767.369787,VS0,VE0
etag: "1b775a95ee394566bd300590acc85643"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 34
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 explore-more.20230801-6_b2-PR-59751-DEV-140977--intersections-40f9960c353.es6.js Show response
cdn.taboola.com/libtrc/ 30 KB
9 KB 39ms
39ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/explore-more.20230801-6_b2-PR-59751-DEV-140977--intersections-40f9960c353.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4afbed455668e43ef5c703fb1b205beefe923c7fd7c591c09a3157ac8afb10ae

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: SG5V7tXjgWebADXgKSvzGYDXIe5u7_uI
content-encoding: gzip
via: 1.1 varnish
date: Thu, 03 Aug 2023 13:02:47 GMT
x-amz-request-id: EMBHXWQS3BDTFQT4
age: 23956
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 8835
x-amz-id-2: IiPgMsC9QiQMLhlxGmqlj0sAi4MeP8RgCZahXo1VJiVFprNJftOPXktZ1bO/SVViBGL9YheLm/Y=
x-served-by: cache-lis1490038-LIS
last-modified: Tue, 01 Aug 2023 09:15:18 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1691067767.382970,VS0,VE0
etag: "efb85fb325cb13d201402d403cc0a94c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 66
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 158

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 380ms
119ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&lti=split-bugfix-v1_var&ri=998d6f99efbe644b67533287ffd3f1f3&sd=v2_4ff65295c75bfebdfc771a5fd9550c90_712d837f-5819-496b-bd2f-fff2b5f812cc-tuctbc52af6_1691067766_1691067766_CNawjgYQ2YJdGIKx-dubMSABKAEwswE4hNQMQOfWDEjS8NgDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=712d837f-5819-496b-bd2f-fff2b5f812cc-tuctbc52af6&pi=/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html&wi=8374058654543631480&pt=text&vi=1691067766914&d=%7B%22event_type%22%3A%22next_up%22%2C%22event_state%22%3A%22RENDERED%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3Anull%7D&tim=13%3A02%3A47.318&id=5675&llvl=2&cv=20230801-6_b2-PR-59751-DEV-140977--intersections-40f9960c353&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 03 Aug 2023 13:02:47 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 380ms
120ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&lti=split-bugfix-v1_var&ri=998d6f99efbe644b67533287ffd3f1f3&sd=v2_4ff65295c75bfebdfc771a5fd9550c90_712d837f-5819-496b-bd2f-fff2b5f812cc-tuctbc52af6_1691067766_1691067766_CNawjgYQ2YJdGIKx-dubMSABKAEwswE4hNQMQOfWDEjS8NgDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=712d837f-5819-496b-bd2f-fff2b5f812cc-tuctbc52af6&pi=/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html&wi=8374058654543631480&pt=text&vi=1691067766914&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-before-load%22%2C%22eventTime%22%3A1691067767320%7D&tim=13%3A02%3A47.320&id=6109&llvl=2&cv=20230801-6_b2-PR-59751-DEV-140977--intersections-40f9960c353&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 03 Aug 2023 13:02:47 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 381ms
121ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&lti=split-bugfix-v1_var&ri=998d6f99efbe644b67533287ffd3f1f3&sd=v2_4ff65295c75bfebdfc771a5fd9550c90_712d837f-5819-496b-bd2f-fff2b5f812cc-tuctbc52af6_1691067766_1691067766_CNawjgYQ2YJdGIKx-dubMSABKAEwswE4hNQMQOfWDEjS8NgDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=712d837f-5819-496b-bd2f-fff2b5f812cc-tuctbc52af6&pi=/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html&wi=8374058654543631480&pt=text&vi=1691067766914&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1691067767329%7D&tim=13%3A02%3A47.329&id=8640&llvl=2&cv=20230801-6_b2-PR-59751-DEV-140977--intersections-40f9960c353&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 03 Aug 2023 13:02:47 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 381ms
120ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&lti=split-bugfix-v1_var&ri=998d6f99efbe644b67533287ffd3f1f3&sd=v2_4ff65295c75bfebdfc771a5fd9550c90_712d837f-5819-496b-bd2f-fff2b5f812cc-tuctbc52af6_1691067766_1691067766_CNawjgYQ2YJdGIKx-dubMSABKAEwswE4hNQMQOfWDEjS8NgDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=712d837f-5819-496b-bd2f-fff2b5f812cc-tuctbc52af6&pi=/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html&wi=8374058654543631480&pt=text&vi=1691067766914&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=13%3A02%3A47.363&id=5813&llvl=2&cv=20230801-6_b2-PR-59751-DEV-140977--intersections-40f9960c353&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 03 Aug 2023 13:02:47 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 379ms
119ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=13%3A02%3A47.366&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-rec-reel-01-x-delta&llvl=2&id=9038&cv=20230801-6_b2-PR-59751-DEV-140977--intersections-40f9960c353&lt=split-bugfix-v1_var&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:02:47 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 81225

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
90 B 378ms
118ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=13%3A02%3A47.367&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-x-delta&llvl=2&id=8449&cv=20230801-6_b2-PR-59751-DEV-140977--intersections-40f9960c353&lt=split-bugfix-v1_var&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:02:47 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 81225

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 122ms
115ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=13%3A02%3A47.373&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-b-em-delta&llvl=2&id=7574&cv=20230801-6_b2-PR-59751-DEV-140977--intersections-40f9960c353&lt=split-bugfix-v1_var&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:02:47 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 81225

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 123ms
116ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=13%3A02%3A47.374&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=9038&cv=20230801-6_b2-PR-59751-DEV-140977--intersections-40f9960c353&lt=split-bugfix-v1_var&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:02:47 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 81225

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 148ms
141ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=13%3A02%3A47.379&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=3307&cv=20230801-6_b2-PR-59751-DEV-140977--intersections-40f9960c353&lt=split-bugfix-v1_var&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:02:47 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 81225

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ 564 B
1 KB 476ms
203ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.5910335757497971&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 03 Aug 2023 13:02:47 GMT
X-Width: 336
X-Height: 280
X-AdStyle: banner
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.bg3.co
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-AdSource: PSA
X-Adtype: html
Connection: close
Content-Length: 564

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ 564 B
1 KB 475ms
203ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=1&cb=0.4494970195430148&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 03 Aug 2023 13:02:47 GMT
X-Width: 336
X-Height: 280
X-AdStyle: banner
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.bg3.co
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-AdSource: PSA
X-Adtype: html
Connection: close
Content-Length: 564

GET
H2 200 f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 4 KB
2 KB 39ms
38ms Image
image/svg+xml 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding: gzip
via: 1.1 varnish
date: Thu, 03 Aug 2023 13:02:47 GMT
x-amz-request-id: 059ZEMN3RJ2RVDH8
age: 38
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1758
x-amz-id-2: Uqp3/so7O5QYv3FWcpwAOgju02flQmqVEsjYqRmHIJMcvUuXH0zuWlPp4rIZfSi9EKtGo6/hebw=
x-served-by: cache-lis1490038-LIS
last-modified: Wed, 07 Feb 2018 11:15:52 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1691067767.436130,VS0,VE0
etag: "b8b410e4b18d45aa2f3d9bc09cd335fb"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
abp: 81
cache-control: private,max-age=31536000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 18

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 149ms
142ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=13%3A02%3A47.437&type=usage&msg=New_CTA-event-1691067767437&llvl=2&id=3434&cv=20230801-6_b2-PR-59751-DEV-140977--intersections-40f9960c353&lt=split-bugfix-v1_var&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-has_cta%22%2C%22itemId%22%3A%22~~V1~~8592879470642657307~~-n48pc0Y-7-fB%22%7D
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:02:47 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 81225

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 196ms
190ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=13%3A02%3A47.437&type=usage&msg=New_CTA-event-1691067767437&llvl=2&id=579&cv=20230801-6_b2-PR-59751-DEV-140977--intersections-40f9960c353&lt=split-bugfix-v1_var&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22filter-item_branding_before_title%22%2C%22itemId%22%3A%22~~V1~~8592879470642657307~~-n48pc0Y-7-fB%22%7D
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:02:47 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 81225

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 197ms
191ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=13%3A02%3A47.439&type=usage&msg=New_CTA-event-1691067767439&llvl=2&id=4168&cv=20230801-6_b2-PR-59751-DEV-140977--intersections-40f9960c353&lt=split-bugfix-v1_var&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-has_cta%22%2C%22itemId%22%3A%22~~V1~~8592879470642657307~~aO2tGC3PDYAtx%22%7D
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:02:47 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 81225

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 198ms
192ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=13%3A02%3A47.439&type=usage&msg=New_CTA-event-1691067767439&llvl=2&id=2458&cv=20230801-6_b2-PR-59751-DEV-140977--intersections-40f9960c353&lt=split-bugfix-v1_var&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-available%22%2C%22itemId%22%3A%22~~V1~~8592879470642657307~~aO2tGC3PDYAtx%22%7D
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:02:47 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 81225

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 199ms
192ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=13%3A02%3A47.442&type=usage&msg=New_CTA-event-1691067767442&llvl=2&id=6602&cv=20230801-6_b2-PR-59751-DEV-140977--intersections-40f9960c353&lt=split-bugfix-v1_var&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-has_cta%22%2C%22itemId%22%3A%22~~V1~~-7374836295806209063~~52kRjW8bcSum%22%7D
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:02:47 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 81225

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 199ms
193ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=13%3A02%3A47.442&type=usage&msg=New_CTA-event-1691067767442&llvl=2&id=5986&cv=20230801-6_b2-PR-59751-DEV-140977--intersections-40f9960c353&lt=split-bugfix-v1_var&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-available%22%2C%22itemId%22%3A%22~~V1~~-7374836295806209063~~52kRjW8bcSum%22%7D
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:02:47 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 81225

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 199ms
193ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=13%3A02%3A47.443&type=usage&msg=New_CTA-event-1691067767443&llvl=2&id=5073&cv=20230801-6_b2-PR-59751-DEV-140977--intersections-40f9960c353&lt=split-bugfix-v1_var&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-has_cta%22%2C%22itemId%22%3A%22~~V1~~-4467127564505210298~~MSiBSKx9omoQ%22%7D
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:02:47 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 81225

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 200ms
193ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=13%3A02%3A47.444&type=usage&msg=New_CTA-event-1691067767444&llvl=2&id=4337&cv=20230801-6_b2-PR-59751-DEV-140977--intersections-40f9960c353&lt=split-bugfix-v1_var&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-available%22%2C%22itemId%22%3A%22~~V1~~-4467127564505210298~~MSiBSKx9omoQ%22%7D
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:02:47 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 81225

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 200ms
194ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=13%3A02%3A47.445&type=usage&msg=New_CTA-event-1691067767445&llvl=2&id=2734&cv=20230801-6_b2-PR-59751-DEV-140977--intersections-40f9960c353&lt=split-bugfix-v1_var&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-has_cta%22%2C%22itemId%22%3A%22~~V1~~8592879470642657307~~uw66p8cfef9_S%22%7D
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:02:47 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 81225

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 200ms
194ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=13%3A02%3A47.446&type=usage&msg=New_CTA-event-1691067767446&llvl=2&id=9292&cv=20230801-6_b2-PR-59751-DEV-140977--intersections-40f9960c353&lt=split-bugfix-v1_var&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-available%22%2C%22itemId%22%3A%22~~V1~~8592879470642657307~~uw66p8cfef9_S%22%7D
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:02:47 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 80904

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 201ms
194ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=13%3A02%3A47.446&type=usage&msg=New_CTA-event-1691067767446&llvl=2&id=8593&cv=20230801-6_b2-PR-59751-DEV-140977--intersections-40f9960c353&lt=split-bugfix-v1_var&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-has_cta%22%2C%22itemId%22%3A%22~~V1~~-4467127564505210298~~WZ74qXbV8aaQ%22%7D
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:02:47 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 80624

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 201ms
195ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=13%3A02%3A47.449&type=usage&msg=New_CTA-event-1691067767449&llvl=2&id=4145&cv=20230801-6_b2-PR-59751-DEV-140977--intersections-40f9960c353&lt=split-bugfix-v1_var&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-has_cta%22%2C%22itemId%22%3A%22~~V1~~-7374836295806209063~~v1nrziPhHpjB%22%7D
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:02:47 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 80624

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 201ms
195ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=13%3A02%3A47.449&type=usage&msg=New_CTA-event-1691067767449&llvl=2&id=1203&cv=20230801-6_b2-PR-59751-DEV-140977--intersections-40f9960c353&lt=split-bugfix-v1_var&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-available%22%2C%22itemId%22%3A%22~~V1~~-7374836295806209063~~v1nrziPhHpjB%22%7D
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:02:47 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 80624

GET
H2 200 187dc81141d6a5010e3632fa0f5d55f4.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_825%2Cw_1100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 102 KB
103 KB 41ms
39ms Image
image/jpeg 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_825%2Cw_1100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/187dc81141d6a5010e3632fa0f5d55f4.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 0ebd6d4a5b4a733b73566f955c243de18d5d781e74ef7df5c54e91b178090f61

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 03 Aug 2023 13:02:47 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_825%2Cw_1100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/187dc81141d6a5010e3632fa0f5d55f4.jpg
age: 659095
edge-cache-tag: 537301612142190935677161674973253473942,297060431221729551163786313642290140321,29ecf9b93bbf306179626feeda1fab70
cache-tag: 537301612142190935677161674973253473942,297060431221729551163786313642290140321,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT
fastly-restarts: 1
content-length: 104323
x-request-id: 03c82d94235bc87fd0bb663641601c29
x-backend-name: CLOUDINARY-FALLBACK:3FP7YNX3LMizprTZsG7BSW--F_addr_taboola_res_cloudinary_com
x-served-by: cache-iad-kjyo7100059-IAD, cache-iad-kjyo7100059-IAD, cache-lis1490038-LIS
last-modified: Sun, 16 Jul 2023 19:50:56 GMT
server: cloudinary
x-timer: S1691067767.472249,VS0,VE1
etag: "e494806beb204a85906b563443e4b5f4"
vary: ImageFormat
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 3, 1

GET
H2 200 187dc81141d6a5010e3632fa0f5d55f4.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 50 KB
51 KB 43ms
42ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/187dc81141d6a5010e3632fa0f5d55f4.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5a2d9e49527a95680960a229818ad93a49d481958fa0302b90ee4a754d6cd743

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 03 Aug 2023 13:02:47 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/187dc81141d6a5010e3632fa0f5d55f4.jpg
age: 4427403
edge-cache-tag: 537301612142190935677161674973253473942,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 537301612142190935677161674973253473942,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 215
expiration: expiry-date="Thu, 06 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.penzcentrum.hu/
content-length: 51100
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kjyo7100148-IAD, cache-iad-kjyo7100122-IAD, cache-sna10744-LGB, cache-iad-kcgs7200167-IAD, cache-lis1490038-LIS
last-modified: Mon, 05 Jun 2023 18:40:29 GMT
server: nginx
x-timer: S1691067767.472361,VS0,VE1
etag: "0af7e57fbd6adf677dce0a2809c68ba2"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 705, 1

GET
H2 200 d7d472b2ddc99165fd0fcaa05c75176b.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 22 KB
22 KB 65ms
65ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d7d472b2ddc99165fd0fcaa05c75176b.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 75121139206ffbc6b85233db0520027d3cf8dff5c6c2ef536302048d342052c4

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Thu, 03 Aug 2023 13:02:47 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d7d472b2ddc99165fd0fcaa05c75176b.png
age: 1557084
edge-cache-tag: 404254293889025526933557156616791063751,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 404254293889025526933557156616791063751,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 162
req-referer: https://www.fcinter1908.it/
content-length: 22260
x-request-id: 6eb3a250269198dbb02aaa00ccb35a4f
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by: cache-iad-kcgs7200118-IAD, cache-iad-kiad7000067-IAD, cache-lga21976-LGA, cache-iad-kiad7000063-IAD, cache-lis1490038-LIS
last-modified: Fri, 16 Jun 2023 18:52:41 GMT
server: nginx
x-timer: S1691067767.472401,VS0,VE2
etag: "fbfbeac49fa04da07e7bc3c3b9c887fe"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 4, 1, 1, 1

GET
H2 200 b2ab8a59333fa006900599a1b3e912ad.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 18 KB
19 KB 41ms
40ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b2ab8a59333fa006900599a1b3e912ad.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 30d811fcec503ade45c52072bc2b3e126dfc7fff53eda0a0f6cb6d943f79570f

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 03 Aug 2023 13:02:47 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b2ab8a59333fa006900599a1b3e912ad.jpg
age: 1576151
edge-cache-tag: 428134583016551101384317556050354508409,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 428134583016551101384317556050354508409,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 127
req-referer: https://www.cnnphilippines.com/
content-length: 18568
x-request-id: 3d06c4f68a9220ffb09a3fbf842b14c8
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kcgs7200027-IAD, cache-iad-kiad7000097-IAD, cache-chi-kigq8000053-CHI, cache-iad-kiad7000143-IAD, cache-lis1490038-LIS
last-modified: Fri, 16 Jun 2023 15:52:30 GMT
server: nginx
x-timer: S1691067768.536410,VS0,VE1
etag: "37e4d26d5cbf4e45aefdd529a5cec00c"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 1, 33, 1

GET
H2 200 03cad2af8f8bdaf368ad0aecb584bbbb.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 34 KB
35 KB 41ms
41ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/03cad2af8f8bdaf368ad0aecb584bbbb.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 95340d68557bff28d6455d5dd904ee2f72fe02b7f1fe156154079039d003fb19

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 03 Aug 2023 13:02:47 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/03cad2af8f8bdaf368ad0aecb584bbbb.jpg
age: 4421887
edge-cache-tag: 629278368362485812204278233016319296852,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 629278368362485812204278233016319296852,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 142
req-referer: https://www.fcinter1908.it/
content-length: 34966
x-request-id: c9e4be642dbea90686e9682c1a61493b
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kiad7000150-IAD, cache-iad-kjyo7100141-IAD, cache-sna10747-LGB, cache-iad-kjyo7100100-IAD, cache-lis1490038-LIS
last-modified: Mon, 22 May 2023 22:19:34 GMT
server: nginx
x-timer: S1691067768.537671,VS0,VE1
etag: "05686e725bd7c1ab25724df4bdd17390"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 3, 1, 1, 1

GET
H2 200 4ca4621bbef415253b6d97d260b15d7b.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 15 KB
16 KB 41ms
40ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4ca4621bbef415253b6d97d260b15d7b.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c15f82439cd10160f3785e2b23bfb42cb3035acb6021db88117e5512af6aee7b

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Thu, 03 Aug 2023 13:02:47 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4ca4621bbef415253b6d97d260b15d7b.jpg
age: 1882506
edge-cache-tag: 535745196937353868742743497463140311808,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag: 535745196937353868742743497463140311808,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 190
expiration: expiry-date="Thu, 03 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://caras.uol.com.br/
content-length: 15366
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kiad7000075-IAD, cache-iad-kjyo7100137-IAD, cache-sna10738-LGB, cache-iad-kiad7000106-IAD, cache-lis1490038-LIS
last-modified: Mon, 03 Jul 2023 16:00:00 GMT
server: nginx
x-timer: S1691067768.541540,VS0,VE0
etag: "5023e040a7903f126d0e5c1a4c26927b"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 661, 48

GET
H2 200 1603f383d2103876411cfc70057ce43e.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 17 KB
18 KB 41ms
40ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1603f383d2103876411cfc70057ce43e.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0f0ffd4f7d14f1bfc2bf49e753aa7676ca378281f5ca931e8d90e92112ebc772

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 03 Aug 2023 13:02:47 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1603f383d2103876411cfc70057ce43e.jpg
age: 5005083
edge-cache-tag: 407853950544744235690048050458485413407,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 407853950544744235690048050458485413407,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 105
expiration: expiry-date="Wed, 14 Jun 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.abola.pt/
content-length: 17588
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kcgs7200178-IAD, cache-iad-kjyo7100156-IAD, cache-chi-klot8100135-CHI, cache-iad-kiad7000035-IAD, cache-lis1490038-LIS
last-modified: Sun, 14 May 2023 18:04:28 GMT
server: nginx
x-timer: S1691067768.578635,VS0,VE1
etag: "2347a7b0c445dd4410c2b66d91b4fd6a"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1, 35, 1

GET
H2 200 187dc81141d6a5010e3632fa0f5d55f4.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 54 KB
55 KB 39ms
39ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/187dc81141d6a5010e3632fa0f5d55f4.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: fe32cf79c25dff5a5cff723721ebd109212076da50e1037a68c81c82ca27f529

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 03 Aug 2023 13:02:47 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/187dc81141d6a5010e3632fa0f5d55f4.jpg
age: 2588913
edge-cache-tag: 537301612142190935677161674973253473942,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 537301612142190935677161674973253473942,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 285
expiration: expiry-date="Thu, 06 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.ledauphine.com/
content-length: 55186
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kcgs7200153-IAD, cache-iad-kcgs7200160-IAD, cache-sna10721-LGB, cache-iad-kiad7000161-IAD, cache-lis1490038-LIS
last-modified: Mon, 05 Jun 2023 19:30:16 GMT
server: nginx
x-timer: S1691067768.582602,VS0,VE1
etag: "ee3d67bb17a7052323f09bf4391664a7"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 582, 1

GET
H2 200 03cad2af8f8bdaf368ad0aecb584bbbb.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 37 KB
38 KB 51ms
51ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/03cad2af8f8bdaf368ad0aecb584bbbb.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5f9e2d42205b6a1c720cd33802edbad14351854bc4425726a291e9baed286a6f

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 03 Aug 2023 13:02:47 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/03cad2af8f8bdaf368ad0aecb584bbbb.jpg
age: 3199379
edge-cache-tag: 629278368362485812204278233016319296852,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 629278368362485812204278233016319296852,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 326
expiration: expiry-date="Fri, 14 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.wfsb.com/
content-length: 38042
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kjyo7100046-IAD, cache-iad-kcgs7200040-IAD, cache-chi-klot8100150-CHI, cache-iad-kjyo7100147-IAD, cache-lis1490038-LIS
last-modified: Tue, 13 Jun 2023 23:16:18 GMT
server: nginx
x-timer: S1691067768.584345,VS0,VE1
etag: "89095844a4b84ab8e6c0ad21f5274d7d"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 4, 1, 1105, 1

GET
H2 200 d7d472b2ddc99165fd0fcaa05c75176b.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 48 KB
49 KB 40ms
40ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d7d472b2ddc99165fd0fcaa05c75176b.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3665aacaceaa4bcc670183736fe655c0767bbc33c088e2c2a4c49cf932e3cb00

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 03 Aug 2023 13:02:47 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d7d472b2ddc99165fd0fcaa05c75176b.png
age: 4264103
edge-cache-tag: 404254293889025526933557156616791063751,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 404254293889025526933557156616791063751,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 249
req-referer: https://ballercap.com/
content-length: 49630
x-request-id: 0e8b49cf34380a985099272ae3b4beea
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kcgs7200118-IAD, cache-iad-kiad7000067-IAD, cache-chi-klot8100067-CHI, cache-iad-kcgs7200105-IAD, cache-lis1490038-LIS
last-modified: Tue, 16 May 2023 15:27:56 GMT
server: nginx
x-timer: S1691067768.621447,VS0,VE1
etag: "fbfbeac49fa04da07e7bc3c3b9c887fe"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 3, 1

GET
H2 200 b2ab8a59333fa006900599a1b3e912ad.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 41 KB
41 KB 43ms
40ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b2ab8a59333fa006900599a1b3e912ad.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 50f2c1e8466aec61a9b441d36da36639ae16937ebbf87a2654b5d1e72579b1d4

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 03 Aug 2023 13:02:47 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b2ab8a59333fa006900599a1b3e912ad.jpg
age: 1576151
edge-cache-tag: 428134583016551101384317556050354508409,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 428134583016551101384317556050354508409,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 354
req-referer: https://philnews.ph/
content-length: 41634
x-request-id: 3d06c4f68a9220ffb09a3fbf842b14c8
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kcgs7200027-IAD, cache-iad-kiad7000097-IAD, cache-sna10750-LGB, cache-iad-kjyo7100129-IAD, cache-lis1490038-LIS
last-modified: Fri, 16 Jun 2023 15:52:30 GMT
server: nginx
x-timer: S1691067768.640742,VS0,VE1
etag: "37e4d26d5cbf4e45aefdd529a5cec00c"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 6, 1, 15, 1

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
9 KB 258ms
82ms Script
application/javascript 91.228.74.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.228.74.168 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:02:47 GMT
content-encoding: gzip
etag: "sLp6xTjO7svFVaOemhLWUQ=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Thu, 10 Aug 2023 13:02:47 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308020101/ 400 KB
127 KB 79ms
75ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308020101/pubads_impl.js?cb=31076709

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

cafe /

Resource Hash

2b5eeeb211f2b120bf3f918a06f149d8e975a17a691b59e2108aefcc3d730686

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 10:36:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8753
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129448
x-xss-protection: 0
server: cafe
etag: 2615405546215963376
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 02 Aug 2024 10:36:54 GMT

GET
H2 200 next-up-widget.20230801-6_b2-PR-59751-DEV-140977--intersections-40f9960c353.es6.js Show response
cdn.taboola.com/libtrc/ 16 KB
5 KB 42ms
42ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/next-up-widget.20230801-6_b2-PR-59751-DEV-140977--intersections-40f9960c353.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f622451b466b40977065d043cef0a06ea89bd0f830d03516dcd27a57c9b6688a

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: .ksJM6mjOUKTBjetYdmrKL42OJUV99oh
content-encoding: gzip
via: 1.1 varnish
date: Thu, 03 Aug 2023 13:02:47 GMT
x-amz-request-id: DGGXNBBCDEHKK5FW
age: 114
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 4649
x-amz-id-2: ZhpWhpAnhjhUiJfN2U0TMc+6pqfhO53yn4A99LDYGHJmZQXxHQ3l53Wv64iOC5f1x6O0F3Y65os=
x-served-by: cache-lis1490038-LIS
last-modified: Tue, 01 Aug 2023 09:15:28 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1691067768.554517,VS0,VE1
etag: "f0c5154ccb93b1a8cf8dd7abfa10ff25"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 14
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 201ms
195ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&lti=split-bugfix-v1_var&ri=998d6f99efbe644b67533287ffd3f1f3&sd=v2_4ff65295c75bfebdfc771a5fd9550c90_712d837f-5819-496b-bd2f-fff2b5f812cc-tuctbc52af6_1691067766_1691067766_CNawjgYQ2YJdGIKx-dubMSABKAEwswE4hNQMQOfWDEjS8NgDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=712d837f-5819-496b-bd2f-fff2b5f812cc-tuctbc52af6&pi=/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html&wi=8374058654543631480&pt=text&vi=1691067766914&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%22344.203125%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=13%3A02%3A47.542&id=3960&llvl=2&cv=20230801-6_b2-PR-59751-DEV-140977--intersections-40f9960c353&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 03 Aug 2023 13:02:47 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 202ms
196ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&lti=split-bugfix-v1_var&ri=998d6f99efbe644b67533287ffd3f1f3&sd=v2_4ff65295c75bfebdfc771a5fd9550c90_712d837f-5819-496b-bd2f-fff2b5f812cc-tuctbc52af6_1691067766_1691067766_CNawjgYQ2YJdGIKx-dubMSABKAEwswE4hNQMQOfWDEjS8NgDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=712d837f-5819-496b-bd2f-fff2b5f812cc-tuctbc52af6&pi=/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html&wi=8374058654543631480&pt=text&vi=1691067766914&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-script-loaded%22%2C%22type%22%3A%22%7B%5C%22timeFromLoad%5C%22%3A1200%7D%22%2C%22eventTime%22%3A1691067767544%7D&tim=13%3A02%3A47.544&id=5910&llvl=2&cv=20230801-6_b2-PR-59751-DEV-140977--intersections-40f9960c353&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 03 Aug 2023 13:02:47 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 202ms
196ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=13%3A02%3A47.554&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=1201&cv=20230801-6_b2-PR-59751-DEV-140977--intersections-40f9960c353&lt=split-bugfix-v1_var&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:02:47 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 79668

GET
H2 200 css2
fonts.googleapis.com/ 20 KB
1 KB 240ms
84ms Stylesheet
text/css 142.250.186.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230801-6_b2-PR-59751-DEV-140977--intersections-40f9960c353.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f10.1e100.net

Software

ESF /

Resource Hash

a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 03 Aug 2023 13:02:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 03 Aug 2023 12:06:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 03 Aug 2023 13:02:47 GMT

GET
H2 200 spa-detector.20230801-6_b2-PR-59751-DEV-140977--intersections-40f9960c353.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 51ms
50ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/spa-detector.20230801-6_b2-PR-59751-DEV-140977--intersections-40f9960c353.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1207adf24cb9032f11fb0dcd2f207258ff809d192c26aebd75c7aed09879cc47

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: _7OCDU7dim70gBaJQq2Ietd1sWNLzc6.
content-encoding: gzip
via: 1.1 varnish
date: Thu, 03 Aug 2023 13:02:47 GMT
x-amz-request-id: A2M6QA3NNFAE5589
age: 120
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 849
x-amz-id-2: 5ktT2iU3GKATx/0vEkigFQx5NT2RKWuN6emt0j65LBeAsMTTO/V4Cae5B/B6O1Df62Yr+h3kSlk=
x-served-by: cache-lis1490038-LIS
last-modified: Tue, 01 Aug 2023 09:15:34 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1691067768.587574,VS0,VE1
etag: "eff960db41de339662cdad1fe266740e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 55
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 207ms
201ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&lti=split-bugfix-v1_var&ri=998d6f99efbe644b67533287ffd3f1f3&sd=v2_4ff65295c75bfebdfc771a5fd9550c90_712d837f-5819-496b-bd2f-fff2b5f812cc-tuctbc52af6_1691067766_1691067766_CNawjgYQ2YJdGIKx-dubMSABKAEwswE4hNQMQOfWDEjS8NgDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=712d837f-5819-496b-bd2f-fff2b5f812cc-tuctbc52af6&pi=/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html&wi=8374058654543631480&pt=text&vi=1691067766914&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=13%3A02%3A47.555&id=9725&llvl=2&cv=20230801-6_b2-PR-59751-DEV-140977--intersections-40f9960c353&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 03 Aug 2023 13:02:47 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 204ms
198ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&lti=split-bugfix-v1_var&ri=998d6f99efbe644b67533287ffd3f1f3&sd=v2_4ff65295c75bfebdfc771a5fd9550c90_712d837f-5819-496b-bd2f-fff2b5f812cc-tuctbc52af6_1691067766_1691067766_CNawjgYQ2YJdGIKx-dubMSABKAEwswE4hNQMQOfWDEjS8NgDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=712d837f-5819-496b-bd2f-fff2b5f812cc-tuctbc52af6&pi=/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html&wi=8374058654543631480&pt=text&vi=1691067766914&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22header%20found%22%2C%22eventTime%22%3A1691067767564%7D&tim=13%3A02%3A47.564&id=9283&llvl=2&cv=20230801-6_b2-PR-59751-DEV-140977--intersections-40f9960c353&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 03 Aug 2023 13:02:47 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 205ms
199ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&lti=split-bugfix-v1_var&ri=998d6f99efbe644b67533287ffd3f1f3&sd=v2_4ff65295c75bfebdfc771a5fd9550c90_712d837f-5819-496b-bd2f-fff2b5f812cc-tuctbc52af6_1691067766_1691067766_CNawjgYQ2YJdGIKx-dubMSABKAEwswE4hNQMQOfWDEjS8NgDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=712d837f-5819-496b-bd2f-fff2b5f812cc-tuctbc52af6&pi=/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html&wi=8374058654543631480&pt=text&vi=1691067766914&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=13%3A02%3A47.566&id=4279&llvl=2&cv=20230801-6_b2-PR-59751-DEV-140977--intersections-40f9960c353&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 03 Aug 2023 13:02:47 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 206ms
200ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&lti=split-bugfix-v1_var&ri=998d6f99efbe644b67533287ffd3f1f3&sd=v2_4ff65295c75bfebdfc771a5fd9550c90_712d837f-5819-496b-bd2f-fff2b5f812cc-tuctbc52af6_1691067766_1691067766_CNawjgYQ2YJdGIKx-dubMSABKAEwswE4hNQMQOfWDEjS8NgDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=712d837f-5819-496b-bd2f-fff2b5f812cc-tuctbc52af6&pi=/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html&wi=8374058654543631480&pt=text&vi=1691067766914&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1691067767567%7D&tim=13%3A02%3A47.568&id=5918&llvl=2&cv=20230801-6_b2-PR-59751-DEV-140977--intersections-40f9960c353&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 03 Aug 2023 13:02:47 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H3 200 googleanalytics.json Show response
cdn.ampproject.org/rtv/012307212240000/v0/analytics-vendors/ 2 KB
886 B 75ms
74ms Fetch
application/json 142.250.185.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307212240000/v0/analytics-vendors/googleanalytics.json

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f1.1e100.net

Software

sffe /

Resource Hash

6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 01 Aug 2023 20:16:43 GMT
age: 146764
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 856
x-xss-protection: 0
server: sffe
etag: "04ae58ebce20b996"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 31 Jul 2024 20:16:43 GMT

GET
H2 200 ga4.json Show response
amp.analytics-debugger.com/ 7 KB
3 KB 179ms
62ms Fetch
application/json 172.64.164.28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://amp.analytics-debugger.com/ga4.json?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.164.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fcde06d3963713e552d9d46936109ce6d3d389318c4c053217dd0a8b12e7b85

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:02:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 20529
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 03 Aug 2023 07:20:38 GMT
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qq5Z92dWTsK%2FezDYFeAGFptpEwfl7bKGYLtsOzXW%2BHR8kdRKh8o%2BmD9QJP5MOIbVbjscCljJFxcDwmDfUCVXlbCFUrGx5T5Bb0NdwRUxUZ3c0ICVS1vzi59i93wAb%2Bhxv7KtE6RiuRU44x7G%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: max-age=86400
access-control-allow-credentials: true
x-debug-em-all-ga4amp-version: 20230607
cf-ray: 7f0ec1cc5ef62f88-MAD

GET
H3 200 gtag.json Show response
cdn.ampproject.org/rtv/012307212240000/v0/analytics-vendors/ 3 KB
956 B 74ms
74ms Fetch
application/json 142.250.185.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307212240000/v0/analytics-vendors/gtag.json

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f1.1e100.net

Software

sffe /

Resource Hash

0cdc1d09aac29df4b32648b075b088d83174193624fe3c219cfd777692c9ba81

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 01 Aug 2023 20:16:43 GMT
age: 146764
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 926
x-xss-protection: 0
server: sffe
etag: "1e21a00c5f0706dd"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 31 Jul 2024 20:16:43 GMT

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 123ms
122ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=13%3A02%3A47.733&type=usage&msg=New_CTA-event-1691067767733&llvl=2&id=9949&cv=20230801-6_b2-PR-59751-DEV-140977--intersections-40f9960c353&lt=split-bugfix-v1_var&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-has_cta%22%2C%22itemId%22%3A%22~~V1~~8592879470642657307~~Tmvju2IL_McAI%22%7D
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:02:47 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 79508

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 123ms
123ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=13%3A02%3A47.733&type=usage&msg=New_CTA-event-1691067767733&llvl=2&id=8935&cv=20230801-6_b2-PR-59751-DEV-140977--intersections-40f9960c353&lt=split-bugfix-v1_var&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-available%22%2C%22itemId%22%3A%22~~V1~~8592879470642657307~~Tmvju2IL_McAI%22%7D
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:02:47 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 79508

GET
H2 200 im-uid-hook.js Show response
dmp.im-apps.net/scripts/ 633 B
568 B 241ms
74ms Script
text/javascript 23.36.163.132
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=6858
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.132 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-132.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 69fa4215009a4325ef2d8ed36a318853ec8597bfa8fc52197de529582b85a965

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/javascript
date: Thu, 03 Aug 2023 13:02:47 GMT
content-encoding: gzip
cache-control: private, no-store
content-length: 445
vary: Accept-Encoding
p3p: CP="NOI PSD OTR"

GET
H/1.1 200
OK lift.json Show response
l.logly.co.jp/ 0
603 B 481ms
304ms Script
text/plain 108.138.7.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.logly.co.jp/lift.json?adspot_id=4308934&widget_id=92995&auc_id=&callback=_lgy_lift_callback_4308934&render_id=MTY5MTA2Nzc2N18wXzc5NWVkYzdhOGFmYw%3D%3D&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html&ref=
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-64.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 03 Aug 2023 13:02:48 GMT
Via: 1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
Server: nginx
X-Amz-Cf-Pop: FRA56-P6
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
P3P: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
X-Amz-Cf-Id: jblqHwK3t52bKh4yaWjmJdjI5EAH-WfwZ2W_7G8a1bac1L6ovUetsw==

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/webp

POST
H2 200 amp Show response
www.googletagmanager.com/gtag/ 684 B
762 B 253ms
84ms Fetch
application/json 142.250.186.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fwww.bg3.co

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

2aec7a278e6dcbc6fe1215aa393f819226b5ce4c8e0490f7ff1e263f29b07f89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=utf-8

Response headers

date: Thu, 03 Aug 2023 13:02:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="amp.json"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 305
x-xss-protection: 0
pragma: no-cache
amp-access-control-allow-source-origin: https://www.bg3.co
server: Google Tag Manager
vary: *
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.bg3.co
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 187dc81141d6a5010e3632fa0f5d55f4.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 6 KB
6 KB 40ms
39ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/187dc81141d6a5010e3632fa0f5d55f4.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 98770489a1a03bc6f6c92fa59b392fdcbd5f6404fa96569cf2d6c43b40587562

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Thu, 03 Aug 2023 13:02:47 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/187dc81141d6a5010e3632fa0f5d55f4.jpg
age: 2559620
edge-cache-tag: 537301612142190935677161674973253473942,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 537301612142190935677161674973253473942,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 150
expiration: expiry-date="Sat, 15 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.sportnews.eu/2023/07/01/michelle-hunziker-bikini-sottile/
content-length: 5732
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kiad7000061-IAD, cache-iad-kcgs7200115-IAD, cache-sna10730-LGB, cache-iad-kiad7000133-IAD, cache-lis1490038-LIS
last-modified: Wed, 14 Jun 2023 14:59:55 GMT
server: nginx
x-timer: S1691067768.770706,VS0,VE1
etag: "35c50881049e5c3936b9f593f7791d29"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 336, 1

GET
H2 200 03cad2af8f8bdaf368ad0aecb584bbbb.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 6 KB
7 KB 43ms
42ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/03cad2af8f8bdaf368ad0aecb584bbbb.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 521d9c6d02e540d37c926a8754ff7732b534049339aa8da41df1673fe954d4c8

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 3
date: Thu, 03 Aug 2023 13:02:47 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/03cad2af8f8bdaf368ad0aecb584bbbb.jpg
age: 1966084
edge-cache-tag: 629278368362485812204278233016319296852,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 629278368362485812204278233016319296852,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 66
req-referer: https://www.lainformacion.com/
content-length: 6084
x-request-id: 4b4a36bbcdc33f155f7488414a530cd3
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kiad7000068-IAD, cache-iad-kjyo7100105-IAD, cache-chi-kigq8000110-CHI, cache-iad-kiad7000104-IAD, cache-lis1490038-LIS
last-modified: Fri, 23 Jun 2023 03:33:32 GMT
server: nginx
x-timer: S1691067768.783202,VS0,VE3
etag: "4e13e865bf99c5375d7a9b30a300f779"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 123, 1

GET
H2 200 d7d472b2ddc99165fd0fcaa05c75176b.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 7 KB
7 KB 40ms
39ms Image
image/webp 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d7d472b2ddc99165fd0fcaa05c75176b.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 02e0876345c1eb93793970c6625afc5cbd68044ee2504ddf875c1f6dd82e6abd

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Thu, 03 Aug 2023 13:02:47 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d7d472b2ddc99165fd0fcaa05c75176b.png
age: 2655239
edge-cache-tag: 404254293889025526933557156616791063751,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 404254293889025526933557156616791063751,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 90
expiration: expiry-date="Fri, 21 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.sportnews.eu/2023/07/02/carolina-stramare-costume-perde-stoffa/
content-length: 6752
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by: cache-iad-kjyo7100090-IAD, cache-iad-kiad7000092-IAD, cache-lga21935-LGA, cache-iad-kcgs7200148-IAD, cache-lis1490038-LIS
last-modified: Tue, 20 Jun 2023 10:26:24 GMT
server: nginx
x-timer: S1691067768.783202,VS0,VE0
etag: "a29c6a05e160865a3779599e931968bb"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 7, 6

GET
H2 200 st Show response
imprammp.taboola.com/ Frame E7A1 439 B
357 B 92ms
90ms Document
text/html 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8YaYCLAYUGAJ6Q7CJbBMoMAT0hmAT2S4AAABgYID-AAktZh6PzTJcK3aj4Vo0cazcwpFjuFYMh5vBYLdbuFYzIyChxczjsVmGa8VuNFyLJo6VWzhyDNeK4XAzGOx2C9dqZgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZraDodPte9Xvf73SU-z1zj9yv8arPFLXza3ZKX3a05-l1v5evlVjwdfrdoND063Qq7W-RwC15v5dOtc7k1R6dbc3TYfW6R0y2ZOu1ujdOtfL1FTrfa4VY8HX670PQ22wEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AqxwM2Om5-O3-AAAAAAACAAAAgAQAAvphCYAY470T__________8xBugzb2T8____3zDoAfDgA-BBCAAAANCQOc7gDVM7CngiBdJFGAEAAADIBUzoOTJJJ6hYVPn__--3AnAFACAgcdcvqyaL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iENNYL0wRL9MSp-QUEAFjzCwgAwEbdAAC8EYATdAhaMRisTkDMDgAAAMCd____fz0gNLPZVpPlauNbTWwui8nm8e0WC9fM5FytBhvnYHs-FfWW3HmuuPpsCMvs9x0UlNPTY3YZZCyXySA-aBiWk0EwPxO2GK0mk81yOFsuJoPhaDga7Y8ALgdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDB3GIyMm52M7dquFiuRcvZxC0xWWZumc1mmbhmxsVk43GLXh_TxeOaLGy2LRIMmNuL5GmRTlSjjW8x2phMg8FwYVrObKOFbbkceUwL58piW00mYonmZJFOZJd9aWazrSbL1ca3mthcFpPN49stFq6ZyblaDTbOwb63mIyMm93MrRoulmvRcjZxS0yWmVtms1kmrplxMdl43KLXx3TxuCYLm23fmC0Xg9luN5vtG7PlYjDb7WazfYfO8F19zkZlWSX5mFziW-S6uDkNCpfB4n1-L9LQzmgz-jRfiUX1FOc8E6vQ7_f7_X6_3-_3ezdmg8dgMMw82m1i7PJrNj_lUeM9GBSxRHCRTgQPs9therklPs_GbxFLlKaLdKJX-NVmi1v4tLslL7tbc_S73srXy614Ovxu0Wh6dLoVdrfI4Ra83sqnW-dya45Ot-bosPvcIqdbMnXa3RqnW_l6i5xutcOteDr8dqHpbbaIJYLTRToRvYyni_qPGGK4mismw7lyLlusEgAAAAAAAACAJZhmugkAAACAk0ENN8PFap0OZjKbDHar5QK4CMrSBQwCAAAAAABQrLHHGuBhdjtML7fE59n4rQxAgjmP2WafEcRarZY1AAAAAWwAAAAB3HTjTSAWE_f___8_DgAAgIwcegAAAPT7gLIAAAAAAAD4FcRkshnuH4AKsVar1e3GWq1WwIJYLHarCfz___8H!&cmcv=&pix=undefined&cb=1691067767860&uv=3313&tms=1691067767860&abt=nonrv_vA!ufm_vD!ufwfrtb_vA&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=41fccf28-1748-4b1e-8d18-18830077a55f&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.8/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ebe84c80a849aa29690b060bc501c57333111e8eeb6c0533c450f381e2e0deb8

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-type: text/html;charset=ISO-8859-1
date: Thu, 03 Aug 2023 13:02:47 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-lis1490038-LIS
x-timer: S1691067768.900460,VS0,VE41

GET
H2 200 sync Show response
am-match.taboola.com/ Frame BC09 422 B
507 B 1261ms
89ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V8YaYCLAYUGAJ6Q7CJbBMoMAT0hmAT2S4AAABgYID-AAktZh6PzTJcK3aj4Vo0cazcwpFjuFYMh5vBYLdbuFYzIyChxczjsVmGa8VuNFyLJo6VWzhyDNeK4XAzGOx2C9dqZgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZraDodPte9Xvf73SU-z1zj9yv8arPFLXza3ZKX3a05-l1v5evlVjwdfrdoND063Qq7W-RwC15v5dOtc7k1R6dbc3TYfW6R0y2ZOu1ujdOtfL1FTrfa4VY8HX670PQ22wEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AqxwM2Om5-O3-AAAAAAACAAAAgAQAAvphCYAY470T__________8xBugzb2T8____3zDoAfDgA-BBCAAAANCQOc7gDVM7CngiBdJFGAEAAADIBUzoOTJJJ6hYVPn__--3AnAFACAgcdcvqyaL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iENNYL0wRL9MSp-QUEAFjzCwgAwEbdAAC8EYATdAhaMRisTkDMDgAAAMCd____fz0gNLPZVpPlauNbTWwui8nm8e0WC9fM5FytBhvnYHs-FfWW3HmuuPpsCMvs9x0UlNPTY3YZZCyXySA-aBiWk0EwPxO2GK0mk81yOFsuJoPhaDga7Y8ALgdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDB3GIyMm52M7dquFiuRcvZxC0xWWZumc1mmbhmxsVk43GLXh_TxeOaLGy2LRIMmNuL5GmRTlSjjW8x2phMg8FwYVrObKOFbbkceUwL58piW00mYonmZJFOZJd9aWazrSbL1ca3mthcFpPN49stFq6ZyblaDTbOwb63mIyMm93MrRoulmvRcjZxS0yWmVtms1kmrplxMdl43KLXx3TxuCYLm23fmC0Xg9luN5vtG7PlYjDb7WazfYfO8F19zkZlWSX5mFziW-S6uDkNCpfB4n1-L9LQzmgz-jRfiUX1FOc8E6vQ7_f7_X6_3-_3ezdmg8dgMMw82m1i7PJrNj_lUeM9GBSxRHCRTgQPs9therklPs_GbxFLlKaLdKJX-NVmi1v4tLslL7tbc_S73srXy614Ovxu0Wh6dLoVdrfI4Ra83sqnW-dya45Ot-bosPvcIqdbMnXa3RqnW_l6i5xutcOteDr8dqHpbbaIJYLTRToRvYyni_qPGGK4mismw7lyLlusEgAAAAAAAACAJZhmugkAAACAk0ENN8PFap0OZjKbDHar5QK4CMrSBQwCAAAAAABQrLHHGuBhdjtML7fE59n4rQxAgjmP2WafEcRarZY1AAAAAWwAAAAB3HTjTSAWE_f___8_DgAAgIwcegAAAPT7gLIAAAAAAAD4FcRkshnuH4AKsVar1e3GWq1WwIJYLHarCfz___8H!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.8/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 78153d98c895d3796b4d5d47ee8f0537847e62cf5ec81e6d7585139592471acd

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Thu, 03 Aug 2023 13:02:49 GMT
machineid: 3402
server: nginx

GET
H2 200 cmTagFEED_MANAGER.js Show response
vidstat.taboola.com/vpaid/units/33_1_3/infra/ 889 KB
148 KB 119ms
38ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/33_1_3/infra/cmTagFEED_MANAGER.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.8/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 597ed7e46060dfafc51820d3b64f2e8554748c50e6aac55629147577108d1e77

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime: 1690967435
date: Thu, 03 Aug 2023 13:02:47 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: MYABEEEGFSRXFT8K
age: 100191
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1690967435
x-amz-meta-mode: 33188
content-length: 150895
x-amz-id-2: HLln9rqCprHy4DoP12LoGzxXEzOsX+C7GHzmpvFVnRfC1INBJR6kFuXKoAV3btdrMDdef3vsQCg=
x-served-by: cache-lis1490049-LIS
last-modified: Wed, 02 Aug 2023 09:10:36 GMT
server: AmazonS3-br
x-timer: S1691067768.984594,VS0,VE0
etag: "e033ec33e5f5051bf3f914c984436aea"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 7098

GET
H2 200 cmOsUnit.css
vidstat.taboola.com/vpaid/units/33_1_3/assets/css/ 60 KB
8 KB 39ms
39ms Stylesheet
text/css 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/33_1_3/assets/css/cmOsUnit.css
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.8/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime: 1690967454
date: Thu, 03 Aug 2023 13:02:47 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: MYA7T8R5PG6QGXR4
age: 100191
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1690967455
x-amz-meta-mode: 33188
content-length: 7924
x-amz-id-2: tm58uSwySGKCfDMrjzC0rxgym7BKdiDJkBOy8wmUemRExi0whW7tvJb0rbfmx7M0AIn0Un/vO2s=
x-served-by: cache-lis1490038-LIS
last-modified: Wed, 02 Aug 2023 09:10:56 GMT
server: AmazonS3-br
x-timer: S1691067768.904232,VS0,VE0
etag: "a6067988de416f653559cce5285c7c1b"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 12793

GET
H2 200 st
am-vid-events.taboola.com/ 0
44 B 3322ms
109ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8YaYCLAYUGAJ6Q7CJbBMoMAT0hmAT2S4AAABgYID-AAktZh6PzTJcK3aj4Vo0cazcwpFjuFYMh5vBYLdbuFYzIyChxczjsVmGa8VuNFyLJo6VWzhyDNeK4XAzGOx2C9dqZgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZraDodPte9Xvf73SU-z1zj9yv8arPFLXza3ZKX3a05-l1v5evlVjwdfrdoND063Qq7W-RwC15v5dOtc7k1R6dbc3TYfW6R0y2ZOu1ujdOtfL1FTrfa4VY8HX670PQ22wEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AqxwM2Om5-O3-AAAAAAACAAAAgAQAAvphCYAY470T__________8xBugzb2T8____3zDoAfDgA-BBCAAAANCQOc7gDVM7CngiBdJFGAEAAADIBUzoOTJJJ6hYVPn__--3AnAFACAgcdcvqyaL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iENNYL0wRL9MSp-QUEAFjzCwgAwEbdAAC8EYATdAhaMRisTkDMDgAAAMCd____fz0gNLPZVpPlauNbTWwui8nm8e0WC9fM5FytBhvnYHs-FfWW3HmuuPpsCMvs9x0UlNPTY3YZZCyXySA-aBiWk0EwPxO2GK0mk81yOFsuJoPhaDga7Y8ALgdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDB3GIyMm52M7dquFiuRcvZxC0xWWZumc1mmbhmxsVk43GLXh_TxeOaLGy2LRIMmNuL5GmRTlSjjW8x2phMg8FwYVrObKOFbbkceUwL58piW00mYonmZJFOZJd9aWazrSbL1ca3mthcFpPN49stFq6ZyblaDTbOwb63mIyMm93MrRoulmvRcjZxS0yWmVtms1kmrplxMdl43KLXx3TxuCYLm23fmC0Xg9luN5vtG7PlYjDb7WazfYfO8F19zkZlWSX5mFziW-S6uDkNCpfB4n1-L9LQzmgz-jRfiUX1FOc8E6vQ7_f7_X6_3-_3ezdmg8dgMMw82m1i7PJrNj_lUeM9GBSxRHCRTgQPs9therklPs_GbxFLlKaLdKJX-NVmi1v4tLslL7tbc_S73srXy614Ovxu0Wh6dLoVdrfI4Ra83sqnW-dya45Ot-bosPvcIqdbMnXa3RqnW_l6i5xutcOteDr8dqHpbbaIJYLTRToRvYyni_qPGGK4mismw7lyLlusEgAAAAAAAACAJZhmugkAAACAk0ENN8PFap0OZjKbDHar5QK4CMrSBQwCAAAAAABQrLHHGuBhdjtML7fE59n4rQxAgjmP2WafEcRarZY1AAAAAWwAAAAB3HTjTSAWE_f___8_DgAAgIwcegAAAPT7gLIAAAAAAAD4FcRkshnuH4AKsVar1e3GWq1WwIJYLHarCfz___8H!&cmcv=&pix=31589837&cb=1691067767860&uv=3313&tms=1691067767860&abt=nonrv_vA!ufm_vD!ufwfrtb_vA&ft=0&su=3&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1691067764666.6!ts:1691067767860&mntl=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:02:51 GMT
content-length: 0
server: nginx

GET
H3 200 cookieSyncIframe.html Show response
cdn.aralego.net/ucfad/cookie/ Frame ACCB 714 B
777 B 55ms
55ms Document
text/html 104.26.4.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.4.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

access-control-allow-credentials: true
age: 4099
alt-svc: h3=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 7f0ec1cd783ed651-MAD
content-encoding: br
content-type: text/html
date: Thu, 03 Aug 2023 13:02:47 GMT
last-modified: Wed, 09 Feb 2022 05:59:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jRqEwJMu2wF8iKPD%2Br3k6mpfcypM4M9Hqw5YC9%2B85PXybiTgrqaidITyq63yA8Lzh%2B23P%2FLLW8ViXSyOPyeQuPE2TjaE9QEHO%2Fo8tUVoCw4c7M0WsVjnh2gQcNRc5GD%2Bcg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 4C83
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
https://eus.rubiconproject.com/usync.html?p=adiiix

281 B
554 B

412ms
79ms

Document
text/html

23.35.229.251
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-251.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 03 Aug 2023 13:02:48 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Thu, 03 Aug 2023 13:02:48 GMT
location: https://eus.rubiconproject.com/usync.html?p=adiiix
server: AkamaiGHost

GET
H/1.1 200
OK idsync
sync.aralego.com/ 35 B
384 B 3450ms
139ms Image
image/gif 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 03 Aug 2023 13:02:51 GMT
Connection: close
Content-Length: 35
Content-Type: image/gif

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 8D54 92 KB
32 KB 309ms
157ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: ads.aralego.com
URL: https://ads.aralego.com/sdk

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

770ca90c340ad75b1ce78835305f292310d957b200a940123844c4f82ddf764e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:02:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32790
x-xss-protection: 0
server: cafe
etag: 6487201377359007682
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 03 Aug 2023 13:02:48 GMT

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 7266 92 KB
32 KB 382ms
231ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: ads.aralego.com
URL: https://ads.aralego.com/sdk

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

c557d0ac570f352129e7e621497f128d4a4bc8b82d33c022147b5161a9d52d61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:02:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32881
x-xss-protection: 0
server: cafe
etag: 5238267700445924039
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 03 Aug 2023 13:02:48 GMT

GET
H3 200 cookieSyncIframe.html Show response
cdn.aralego.net/ucfad/cookie/ Frame A3AF 714 B
742 B 55ms
54ms Document
text/html 104.26.4.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.4.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

access-control-allow-credentials: true
age: 4099
alt-svc: h3=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 7f0ec1cd9851d651-MAD
content-encoding: br
content-type: text/html
date: Thu, 03 Aug 2023 13:02:47 GMT
last-modified: Wed, 09 Feb 2022 05:59:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V%2FynlGD%2FCVvMFASeBvw04ch2%2BkyEywL7i2d7orQVmsiyU2tSfTu1I5RcyWhCU2nCrlCV3S6%2FcR6DciOsj4UFOJxRTPbsw%2FY869eHIKR2rr1t7TRhVJDElXM4%2FTNXUyJh%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame FB2F
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
https://eus.rubiconproject.com/usync.html?p=adiiix

281 B
554 B

333ms
77ms

Document
text/html

23.35.229.251
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-251.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 03 Aug 2023 13:02:48 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Thu, 03 Aug 2023 13:02:48 GMT
location: https://eus.rubiconproject.com/usync.html?p=adiiix
server: AkamaiGHost

GET
H2 200 rules-p-54Nt-1NAaEEe0.js Show response
rules.quantcount.com/ 160 B
633 B 514ms
97ms Script
application/javascript 18.66.97.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-52.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 12:17:16 GMT
via: 1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 2733
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Thu, 13 Oct 2022 15:29:19 GMT
server: AmazonS3
etag: "05b131079c67d484167fd1b1f6c79577"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: mXtVYQAzDimppxokgE0lztcfrtxwTMHXhjFTOUAyCp51fw7rK6lGsA==

POST
H2 204 collect
www.google-analytics.com/g/ 0
161 B 84ms
83ms Ping
text/plain 142.250.184.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?__read_this=https%3A%2F%2Fbit.ly%2Fofficial-ga4&v=2&tid=G-JLX4K2W8JS&ds=AMP&_p=496&cid=amp-F0oS4YOX4KBl2Q4wUab88g&ul=en-us&sr=1600x1200&_s=1&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html&dr=&dt=MLB%EF%BC%8F%E6%96%B0%E4%BA%BA%E9%A6%96%E6%9C%88%E6%95%B244%E6%94%AF%E5%AE%89%E6%89%93%E3%80%80%E6%99%AE%E4%BC%8A%E6%A0%BC%E5%8F%B2%E4%B8%8A%E7%AC%AC2%E5%83%85%E6%AC%A1%E6%96%BC%E7%8B%84%E9%A6%AC%E5%96%AC%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&_fv=1&_ss=1&__dbg=1&__nuid=&en=page_view&sid=1691067768&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307212240000/v0/amp-analytics-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.184.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s11-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 03 Aug 2023 13:02:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
251 B 204ms
67ms Ping
text/plain 74.125.133.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-JLX4K2W8JS&cid=amp-F0oS4YOX4KBl2Q4wUab88g&aip=1&sid=1691067768&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307212240000/v0/amp-analytics-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.125.133.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: wo-in-f155.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 03 Aug 2023 13:02:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame ACCB 81 KB
27 KB 138ms
137ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

cafe /

Resource Hash

b9c3bd3f644da1e4a4dd033d6da5bdd1a37a90bfc8a520df5b709684f6ad30ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:02:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27719
x-xss-protection: 0
server: cafe
etag: 494 / 19572 / 31076660 / config-hash: 10451620551299991446
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 03 Aug 2023 13:02:48 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame E7A1 70 B
265 B 503ms
88ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8YaYCLAYUGAJ6Q7CJbBMoMAT0hmAT2S4AAABgYID-AAktZh6PzTJcK3aj4Vo0cazcwpFjuFYMh5vBYLdbuFYzIyChxczjsVmGa8VuNFyLJo6VWzhyDNeK4XAzGOx2C9dqZgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZraDodPte9Xvf73SU-z1zj9yv8arPFLXza3ZKX3a05-l1v5evlVjwdfrdoND063Qq7W-RwC15v5dOtc7k1R6dbc3TYfW6R0y2ZOu1ujdOtfL1FTrfa4VY8HX670PQ22wEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AqxwM2Om5-O3-AAAAAAACAAAAgAQAAvphCYAY470T__________8xBugzb2T8____3zDoAfDgA-BBCAAAANCQOc7gDVM7CngiBdJFGAEAAADIBUzoOTJJJ6hYVPn__--3AnAFACAgcdcvqyaL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iENNYL0wRL9MSp-QUEAFjzCwgAwEbdAAC8EYATdAhaMRisTkDMDgAAAMCd____fz0gNLPZVpPlauNbTWwui8nm8e0WC9fM5FytBhvnYHs-FfWW3HmuuPpsCMvs9x0UlNPTY3YZZCyXySA-aBiWk0EwPxO2GK0mk81yOFsuJoPhaDga7Y8ALgdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDB3GIyMm52M7dquFiuRcvZxC0xWWZumc1mmbhmxsVk43GLXh_TxeOaLGy2LRIMmNuL5GmRTlSjjW8x2phMg8FwYVrObKOFbbkceUwL58piW00mYonmZJFOZJd9aWazrSbL1ca3mthcFpPN49stFq6ZyblaDTbOwb63mIyMm93MrRoulmvRcjZxS0yWmVtms1kmrplxMdl43KLXx3TxuCYLm23fmC0Xg9luN5vtG7PlYjDb7WazfYfO8F19zkZlWSX5mFziW-S6uDkNCpfB4n1-L9LQzmgz-jRfiUX1FOc8E6vQ7_f7_X6_3-_3ezdmg8dgMMw82m1i7PJrNj_lUeM9GBSxRHCRTgQPs9therklPs_GbxFLlKaLdKJX-NVmi1v4tLslL7tbc_S73srXy614Ovxu0Wh6dLoVdrfI4Ra83sqnW-dya45Ot-bosPvcIqdbMnXa3RqnW_l6i5xutcOteDr8dqHpbbaIJYLTRToRvYyni_qPGGK4mismw7lyLlusEgAAAAAAAACAJZhmugkAAACAk0ENN8PFap0OZjKbDHar5QK4CMrSBQwCAAAAAABQrLHHGuBhdjtML7fE59n4rQxAgjmP2WafEcRarZY1AAAAAWwAAAAB3HTjTSAWE_f___8_DgAAgIwcegAAAPT7gLIAAAAAAAD4FcRkshnuH4AKsVar1e3GWq1WwIJYLHarCfz___8H!&cmcv=&pix=undefined&cb=1691067767860&uv=3313&tms=1691067767860&abt=nonrv_vA!ufm_vD!ufwfrtb_vA&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=41fccf28-1748-4b1e-8d18-18830077a55f&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 03 Aug 2023 13:02:48 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 712d837f-5819-496b-bd2f-fff2b5f812cc-tuctbc52af6
pr-bh.ybp.yahoo.com/sync/taboola/ Frame E7A1 43 B
426 B 1271ms
81ms Image
image/gif 54.73.141.177
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/712d837f-5819-496b-bd2f-fff2b5f812cc-tuctbc52af6?gdpr=1&us_privacy=1---

Requested by

Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8YaYCLAYUGAJ6Q7CJbBMoMAT0hmAT2S4AAABgYID-AAktZh6PzTJcK3aj4Vo0cazcwpFjuFYMh5vBYLdbuFYzIyChxczjsVmGa8VuNFyLJo6VWzhyDNeK4XAzGOx2C9dqZgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZraDodPte9Xvf73SU-z1zj9yv8arPFLXza3ZKX3a05-l1v5evlVjwdfrdoND063Qq7W-RwC15v5dOtc7k1R6dbc3TYfW6R0y2ZOu1ujdOtfL1FTrfa4VY8HX670PQ22wEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AqxwM2Om5-O3-AAAAAAACAAAAgAQAAvphCYAY470T__________8xBugzb2T8____3zDoAfDgA-BBCAAAANCQOc7gDVM7CngiBdJFGAEAAADIBUzoOTJJJ6hYVPn__--3AnAFACAgcdcvqyaL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iENNYL0wRL9MSp-QUEAFjzCwgAwEbdAAC8EYATdAhaMRisTkDMDgAAAMCd____fz0gNLPZVpPlauNbTWwui8nm8e0WC9fM5FytBhvnYHs-FfWW3HmuuPpsCMvs9x0UlNPTY3YZZCyXySA-aBiWk0EwPxO2GK0mk81yOFsuJoPhaDga7Y8ALgdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDB3GIyMm52M7dquFiuRcvZxC0xWWZumc1mmbhmxsVk43GLXh_TxeOaLGy2LRIMmNuL5GmRTlSjjW8x2phMg8FwYVrObKOFbbkceUwL58piW00mYonmZJFOZJd9aWazrSbL1ca3mthcFpPN49stFq6ZyblaDTbOwb63mIyMm93MrRoulmvRcjZxS0yWmVtms1kmrplxMdl43KLXx3TxuCYLm23fmC0Xg9luN5vtG7PlYjDb7WazfYfO8F19zkZlWSX5mFziW-S6uDkNCpfB4n1-L9LQzmgz-jRfiUX1FOc8E6vQ7_f7_X6_3-_3ezdmg8dgMMw82m1i7PJrNj_lUeM9GBSxRHCRTgQPs9therklPs_GbxFLlKaLdKJX-NVmi1v4tLslL7tbc_S73srXy614Ovxu0Wh6dLoVdrfI4Ra83sqnW-dya45Ot-bosPvcIqdbMnXa3RqnW_l6i5xutcOteDr8dqHpbbaIJYLTRToRvYyni_qPGGK4mismw7lyLlusEgAAAAAAAACAJZhmugkAAACAk0ENN8PFap0OZjKbDHar5QK4CMrSBQwCAAAAAABQrLHHGuBhdjtML7fE59n4rQxAgjmP2WafEcRarZY1AAAAAWwAAAAB3HTjTSAWE_f___8_DgAAgIwcegAAAPT7gLIAAAAAAAD4FcRkshnuH4AKsVar1e3GWq1WwIJYLHarCfz___8H!&cmcv=&pix=undefined&cb=1691067767860&uv=3313&tms=1691067767860&abt=nonrv_vA!ufm_vD!ufwfrtb_vA&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=41fccf28-1748-4b1e-8d18-18830077a55f&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.73.141.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-73-141-177.eu-west-1.compute.amazonaws.com

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:02:49 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58785/ Frame E7A1 0
125 B 3320ms
119ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.64 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:02:51 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.64
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame A3AF 81 KB
27 KB 250ms
249ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

cafe /

Resource Hash

c3a09879b4e080a6ba2813b57feb0cd15d6251b08b39ff567d8f1e72444cf320

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:02:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27690
x-xss-protection: 0
server: cafe
etag: 181 / 19572 / m202307310101 / config-hash: 10451620551299991446
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 03 Aug 2023 13:02:48 GMT

GET
H2 200 im-uid.js Show response
dmp.im-apps.net/sdk/ 6 KB
3 KB 79ms
78ms Script
application/javascript 23.36.163.132
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/sdk/im-uid.js
Requested by: Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=6858
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.132 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-132.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Ewv0cV5pGNUFzf4cpCFpusOmzbO5pqOY
content-encoding: gzip
date: Thu, 03 Aug 2023 13:02:48 GMT
last-modified: Fri, 21 Apr 2023 06:05:08 GMT
etag: "14ccaf76e8933bdcf899015e943cd2df"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI PSD OTR"
cache-control: max-age=10800
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 2434

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
135 B 83ms
83ms Image
image/gif 142.250.184.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=MLB%EF%BC%8F%E6%96%B0%E4%BA%BA%E9%A6%96%E6%9C%88%E6%95%B244%E6%94%AF%E5%AE%89%E6%89%93%E3%80%80%E6%99%AE%E4%BC%8A%E6%A0%BC%E5%8F%B2%E4%B8%8A%E7%AC%AC2%E5%83%85%E6%AC%A1%E6%96%BC%E7%8B%84%E9%A6%AC%E5%96%AC%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-F0oS4YOX4KBl2Q4wUab88g&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.8714286324895626&gjid=0.18765340071423608&_r=1&a=496&z=0.9770356514500975&gtm=45De1110

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Aug 2023 13:02:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9A23 603 B
534 B 555ms
398ms Document
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-5414914353236715917&dff=sans-serif&prev_fmts=1600x96%2C1600x250&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=3&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3344&oid=2&is_amp=5&amp_v=2307212240000&d_imp=1&c=442488000496&ga_cid=amp-F0oS4YOX4KBl2Q4wUab88g&ga_hid=496&dt=1691067767971&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html&bdt=1622&dtd=17&__amp_source_origin=https%3A%2F%2Fwww.bg3.co

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307212240000/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 03 Aug 2023 13:02:48 GMT
expires: Thu, 03 Aug 2023 13:02:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 get Show response
audiencedata.im-apps.net/imuid/ 10 B
180 B 394ms
286ms XHR
application/json 34.120.96.193
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://audiencedata.im-apps.net/imuid/get?cid=6858&vid=01H6XQWQ8GWK6HB6HJ3WRGT48S
Requested by: Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/sdk/im-uid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.96.193 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 193.96.120.34.bc.googleusercontent.com
Software: /
Resource Hash: bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://www.bg3.co
date: Thu, 03 Aug 2023 13:02:48 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10
content-type: application/json

GET
H2 200 content_v3.js Show response
vidstat.taboola.com/ 16 KB
5 KB 39ms
39ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/content_v3.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_1_3/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:02:48 GMT
via: 1.1 cb4f40303e252a22c4df5918669814ac.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: LIS50-C1
age: 1907291
x-cache: Hit from cloudfront, HIT
content-length: 4839
x-served-by: cache-lis1490038-LIS
last-modified: Wed, 20 Jul 2022 13:23:50 GMT
server: AmazonS3
x-timer: S1691067768.246002,VS0,VE0
etag: "f7533e747bb02a8eb527ada4f2749620"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: OmMK25KHDtLgJBdHJS5nTmzdwO3Z6tWEggH3i8sti68ZYnuzVlmfQw==
x-cache-hits: 126280

GET
H2 200 OvaMediaPlayer.js Show response
vidstat.taboola.com/vpaid/vPlayer/player/v15.3.7/ 446 KB
84 KB 39ms
38ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.3.7/OvaMediaPlayer.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_1_3/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: bc8eb6aa508fc38cc82f97aba66d664d8e1d95ff882e32282b1af697efaac599

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime: 1690966864
date: Thu, 03 Aug 2023 13:02:48 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: G0T9JP29SXNBZFED
age: 100834
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1690966878
x-amz-meta-mode: 33188
content-length: 85795
x-amz-id-2: 4C7WnL6R4VKAYzbGGITV4wzN6cMIy2RoBF/YSqGr586zTz2EV5YlTU4uwgzoZTCpXUZBGn3BJtQ=
x-served-by: cache-lis1490038-LIS
last-modified: Wed, 02 Aug 2023 09:01:19 GMT
server: AmazonS3-br
x-timer: S1691067768.275517,VS0,VE0
etag: "a019ae7e90774b6e5460a27c7a3750e5"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 12508

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 9424 577 B
663 B 848ms
83ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V8YaYCLAYUGAJ6Q7CJbBMoMAT0hmAT2S4AAABgYID-AAktZh6PzTJcK3aj4Vo0cazcwpFjuFYMh5vBYLdbuFYzIyChxczjsVmGa8VuNFyLJo6VWzhyDNeK4XAzGOx2C9dqZgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZraDodPte9Xvf73SU-z1zj9yv8arPFLXza3ZKX3a05-l1v5evlVjwdfrdoND063Qq7W-RwC15v5dOtc7k1R6dbc3TYfW6R0y2ZOu1ujdOtfL1FTrfa4VY8HX670PQ22wEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AqxwM2Om5-O3-AAAAAAACAAAAgAQAAvphCYAY470T__________8xBugzb2T8____3zDoAfDgA-BBCAAAANCQOc7gDVM7CngiBdJFGAEAAADIBUzoOTJJJ6hYVPn__--3AnAFACAgcdcvqyaL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iENNYL0wRL9MSp-QUEAFjzCwgAwEbdAAC8EYATdAhaMRisTkDMDgAAAMCd____fz0gNLPZVpPlauNbTWwui8nm8e0WC9fM5FytBhvnYHs-FfWW3HmuuPpsCMvs9x0UlNPTY3YZZCyXySA-aBiWk0EwPxO2GK0mk81yOFsuJoPhaDga7Y8ALgdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDB3GIyMm52M7dquFiuRcvZxC0xWWZumc1mmbhmxsVk43GLXh_TxeOaLGy2LRIMmNuL5GmRTlSjjW8x2phMg8FwYVrObKOFbbkceUwL58piW00mYonmZJFOZJd9aWazrSbL1ca3mthcFpPN49stFq6ZyblaDTbOwb63mIyMm93MrRoulmvRcjZxS0yWmVtms1kmrplxMdl43KLXx3TxuCYLm23fmC0Xg9luN5vtG7PlYjDb7WazfYfO8F19zkZlWSX5mFziW-S6uDkNCpfB4n1-L9LQzmgz-jRfiUX1FOc8E6vQ7_f7_X6_3-_3ezdmg8dgMMw82m1i7PJrNj_lUeM9GBSxRHCRTgQPs9therklPs_GbxFLlKaLdKJX-NVmi1v4tLslL7tbc_S73srXy614Ovxu0Wh6dLoVdrfI4Ra83sqnW-dya45Ot-bosPvcIqdbMnXa3RqnW_l6i5xutcOteDr8dqHpbbaIJYLTRToRvYyni_qPGGK4mismw7lyLlusEgAAAAAAAACAJZhmugkAAACAk0ENN8PFap0OZjKbDHar5QK4CMrSBQwCAAAAAABQrLHHGuBhdjtML7fE59n4rQxAgjmP2WafEcRarZY1AAAAAWwAAAAB3HTjTSAWE_f___8_DgAAgIwcegAAAPT7gLIAAAAAAAD4FcRkshnuH4AKsVar1e3GWq1WwIJYLHarCfz___8H!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_1_3/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 0b867402564d1507a949459829b810518429e126ef037643198e76626ea93180

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Thu, 03 Aug 2023 13:02:49 GMT
machineid: 3406
server: nginx

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 2935ms
111ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=66361655&crid=-1&dast=V8YaYCLAYUGAJ6Q7CJbBMoMAT0hmAT2S4AAABgYID-AAktZh6PzTJcK3aj4Vo0cazcwpFjuFYMh5vBYLdbuFYzIyChxczjsVmGa8VuNFyLJo6VWzhyDNeK4XAzGOx2C9dqZgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZraDodPte9Xvf73SU-z1zj9yv8arPFLXza3ZKX3a05-l1v5evlVjwdfrdoND063Qq7W-RwC15v5dOtc7k1R6dbc3TYfW6R0y2ZOu1ujdOtfL1FTrfa4VY8HX670PQ22wEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AqxwM2Om5-O3-AAAAAAACAAAAgAQAAvphCYAY470T__________8xBugzb2T8____3zDoAfDgA-BBCAAAANCQOc7gDVM7CngiBdJFGAEAAADIBUzoOTJJJ6hYVPn__--3AnAFACAgcdcvqyaL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iENNYL0wRL9MSp-QUEAFjzCwgAwEbdAAC8EYATdAhaMRisTkDMDgAAAMCd____fz0gNLPZVpPlauNbTWwui8nm8e0WC9fM5FytBhvnYHs-FfWW3HmuuPpsCMvs9x0UlNPTY3YZZCyXySA-aBiWk0EwPxO2GK0mk81yOFsuJoPhaDga7Y8ALgdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDB3GIyMm52M7dquFiuRcvZxC0xWWZumc1mmbhmxsVk43GLXh_TxeOaLGy2LRIMmNuL5GmRTlSjjW8x2phMg8FwYVrObKOFbbkceUwL58piW00mYonmZJFOZJd9aWazrSbL1ca3mthcFpPN49stFq6ZyblaDTbOwb63mIyMm93MrRoulmvRcjZxS0yWmVtms1kmrplxMdl43KLXx3TxuCYLm23fmC0Xg9luN5vtG7PlYjDb7WazfYfO8F19zkZlWSX5mFziW-S6uDkNCpfB4n1-L9LQzmgz-jRfiUX1FOc8E6vQ7_f7_X6_3-_3ezdmg8dgMMw82m1i7PJrNj_lUeM9GBSxRHCRTgQPs9therklPs_GbxFLlKaLdKJX-NVmi1v4tLslL7tbc_S73srXy614Ovxu0Wh6dLoVdrfI4Ra83sqnW-dya45Ot-bosPvcIqdbMnXa3RqnW_l6i5xutcOteDr8dqHpbbaIJYLTRToRvYyni_qPGGK4mismw7lyLlusEgAAAAAAAACAJZhmugkAAACAk0ENN8PFap0OZjKbDHar5QK4CMrSBQwCAAAAAABQrLHHGuBhdjtML7fE59n4rQxAgjmP2WafEcRarZY1AAAAAWwAAAAB3HTjTSAWE_f___8_DgAAgIwcegAAAPT7gLIAAAAAAAD4FcRkshnuH4AKsVar1e3GWq1WwIJYLHarCfz___8H!&cmcv=&pix=31579697&cb=1691067768261&uv=3313&tms=1691067768261&su=3&abt=nonrv_vA!ufm_vG!ufwfrtb_vA&ft=0&unm=FEED_MANAGER&su=3&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:02:51 GMT
content-length: 0
server: nginx

GET
H2 206 blackScreen5.mp4
vidstatb.taboola.com/vid/ 89 KB
89 KB 49ms
40ms Media
video/mp4 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer: https://www.bg3.co/
Accept-Encoding: identity;q=1, *;q=0
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

x-amz-meta-mtime: 1497790207
date: Thu, 03 Aug 2023 13:02:48 GMT
via: 1.1 65fac79c4b1023a8d83e5e5bfb978ce0.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: LIS50-C1
age: 1501930
x-cache: Miss from cloudfront, HIT
Content-Range: bytes 0-90783/90784
x-amz-meta-mode: 33188
Content-Length: 90784
x-served-by: cache-lis1490038-LIS
last-modified: Sun, 02 Jul 2017 20:40:57 GMT
server: AmazonS3
x-timer: S1691067768.336612,VS0,VE0
etag: "b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid: 0
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: eL06zMABtpJic7IknWTjIcZ5BL2bh74ZaMAl4Dcqky23Vc0714d_9w==
x-cache-hits: 250798

GET
H2 200 sync.html Show response
sync.logly.co.jp/sync/ Frame E4B9 495 B
664 B 1183ms
302ms Document
text/html 35.74.222.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.logly.co.jp/sync/sync.html
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.74.222.51 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-74-222-51.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 13d5c0f2451f0a14104098f72c6f3334114a68927e50beb4779a0bf98966d9f5

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=2592000
content-length: 495
content-type: text/html
date: Thu, 03 Aug 2023 13:02:49 GMT
etag: "64ca7117-1ef"
last-modified: Wed, 02 Aug 2023 15:07:03 GMT
server: nginx

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame E998
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=logly&endpoint=apac
https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac

281 B
554 B

260ms
91ms

Document
text/html

23.35.229.251
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-251.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 03 Aug 2023 13:02:48 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Thu, 03 Aug 2023 13:02:48 GMT
location: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
server: AkamaiGHost

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/ Frame ACCB 398 KB
126 KB 78ms
78ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js?cb=31076660

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

cafe /

Resource Hash

8f7018f33777001d751d8c8d9107bb98e2b2dc3e6c6375a85518365653147c8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 13:38:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84281
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129167
x-xss-protection: 0
server: cafe
etag: 5057873641579568274
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 01 Aug 2024 13:38:07 GMT

GET
H2 404 L2EvbWxiLXhpbi1yZW4tc2hvdS15dWUtcWlhby00NHpoaS1hbi1kYS1wdS15aS1nZS1zaGktc2hhbmctZGktMmppbi1jaS15dS1kaS1tYS1xaWFvLmh0bWw=.json Show response
cdn.adpushup.com/42753/ 555 B
870 B 170ms
169ms XHR
text/html 193.108.153.18
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/42753/L2EvbWxiLXhpbi1yZW4tc2hvdS15dWUtcWlhby00NHpoaS1hbi1kYS1wdS15aS1nZS1zaGktc2hhbmctZGktMmppbi1jaS15dS1kaS1tYS1xaWFvLmh0bWw=.json
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.18 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-18.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: PT
date: Thu, 03 Aug 2023 13:02:48 GMT
server: nginx/1.18.0
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
server-timing: cdn-cache; desc=MISS, edge; dur=5, origin; dur=89, ak_p; desc="469741_389467666_963600529_9397_1097_36_0_219";dur=1
content-length: 555
expires: Thu, 03 Aug 2023 14:02:48 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308010102/ Frame 8D54 371 KB
125 KB 142ms
142ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308010102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co&bust=31076700

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

9e8af64d7d33c5040629bed13204bc6a9510d5e1df37251b9645a087fd80a0b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:02:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128127
x-xss-protection: 0
server: cafe
etag: 2312586672383488525
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 03 Aug 2023 13:02:48 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307270101/ Frame 7266 361 KB
123 KB 155ms
154ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

77ede5513abd60f656502ed2cf36a21ec9b0e93271b0936f1a5789b2042fe964

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:02:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126337
x-xss-protection: 0
server: cafe
etag: 3723815272070013367
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 03 Aug 2023 13:02:48 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307310101/ Frame A3AF 398 KB
126 KB 100ms
100ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307310101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

cafe /

Resource Hash

240ba45f09154352c61c79884a4662a0bc6c74282798088571f5271cd290361d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 10:53:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7744
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129139
x-xss-protection: 0
server: cafe
etag: 14350311164880230944
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 02 Aug 2024 10:53:44 GMT

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 2 KB
830 B 166ms
149ms XHR
application/json 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1691067768450&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1537&pt=-1495549126&tz=0&viewable=true&ddast=V8YaYCLAYUGAJ6Q7CJbBMoMAT0hmAT2S4AAABgYID-AAktZh6PzTJcK3aj4Vo0cazcwpFjuFYMh5vBYLdbuFYzIyChxczjsVmGa8VuNFyLJo6VWzhyDNeK4XAzGOx2C9dqZgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZraDodPte9Xvf73SU-z1zj9yv8arPFLXza3ZKX3a05-l1v5evlVjwdfrdoND063Qq7W-RwC15v5dOtc7k1R6dbc3TYfW6R0y2ZOu1ujdOtfL1FTrfa4VY8HX670PQ22wEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AqxwM2Om5-O3-AAAAAAACAAAAgAQAAvphCYAY470T__________8xBugzb2T8____3zDoAfDgA-BBCAAAANCQOc7gDVM7CngiBdJFGAEAAADIBUzoOTJJJ6hYVPn__--3AnAFACAgcdcvqyaL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iENNYL0wRL9MSp-QUEAFjzCwgAwEbdAAC8EYATdAhaMRisTkDMDgAAAMCd____fz0gNLPZVpPlauNbTWwui8nm8e0WC9fM5FytBhvnYHs-FfWW3HmuuPpsCMvs9x0UlNPTY3YZZCyXySA-aBiWk0EwPxO2GK0mk81yOFsuJoPhaDga7Y8ALgdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDB3GIyMm52M7dquFiuRcvZxC0xWWZumc1mmbhmxsVk43GLXh_TxeOaLGy2LRIMmNuL5GmRTlSjjW8x2phMg8FwYVrObKOFbbkceUwL58piW00mYonmZJFOZJd9aWazrSbL1ca3mthcFpPN49stFq6ZyblaDTbOwb63mIyMm93MrRoulmvRcjZxS0yWmVtms1kmrplxMdl43KLXx3TxuCYLm23fmC0Xg9luN5vtG7PlYjDb7WazfYfO8F19zkZlWSX5mFziW-S6uDkNCpfB4n1-L9LQzmgz-jRfiUX1FOc8E6vQ7_f7_X6_3-_3ezdmg8dgMMw82m1i7PJrNj_lUeM9GBSxRHCRTgQPs9therklPs_GbxFLlKaLdKJX-NVmi1v4tLslL7tbc_S73srXy614Ovxu0Wh6dLoVdrfI4Ra83sqnW-dya45Ot-bosPvcIqdbMnXa3RqnW_l6i5xutcOteDr8dqHpbbaIJYLTRToRvYyni_qPGGK4mismw7lyLlusEgAAAAAAAACAJZhmugkAAACAk0ENN8PFap0OZjKbDHar5QK4CMrSBQwCAAAAAABQrLHHGuBhdjtML7fE59n4rQxAgjmP2WafEcRarZY1AAAAAWwAAAAB3HTjTSAWE_f___8_DgAAgIwcegAAAPT7gLIAAAAAAAD4FcRkshnuH4AKsVar1e3GWq1WwIJYLHarCfz___8H!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=nonrv_vA!ufm_vG!ufwfrtb_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.8/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a618aa01df154e81e7cba8abba9523d276080bb12292b616a7c952c41ee82ac9

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Thu, 03 Aug 2023 13:02:48 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1479
x-cache: MISS
x-served-by: cache-lis1490038-LIS
pragma: no-cache
server: nginx
x-timer: S1691067769.500343,VS0,VE109
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 getmu Show response
ioms.bfmio.com/ 49 B
484 B 472ms
184ms XHR
application/xml 54.84.85.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://ioms.bfmio.com/getmu?aid=f3ba7097-c379-4680-c2af-b76fbd71dc0e&output=html5&width=700&height=393&v=1&pageurl=https%3A%2F%2Fwww.bg3.co&i_type=out&stream=out&playback=2&cb=R0.1691067768466&us_privacy=1---

Requested by

Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.3.7/OvaMediaPlayer.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.84.85.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-84-85-230.compute-1.amazonaws.com

Software

Resource Hash

ed8a3320b85003e4acda56beba20a58f9d931cbabc95024476a99be054813fe5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Thu, 03 Aug 2023 13:02:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://www.bg3.co
access-control-expose-headers: location
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 getmu Show response
ioms.bfmio.com/ 49 B
486 B 457ms
171ms XHR
application/xml 54.84.85.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://ioms.bfmio.com/getmu?aid=84e8e789-616d-47d7-c714-4c50c98f0387&output=html5&width=700&height=393&v=1&pageurl=https%3A%2F%2Fwww.bg3.co&i_type=out&stream=out&playback=2&cb=R0.1691067768469&us_privacy=1---

Requested by

Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.3.7/OvaMediaPlayer.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.84.85.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-84-85-230.compute-1.amazonaws.com

Software

Resource Hash

ed8a3320b85003e4acda56beba20a58f9d931cbabc95024476a99be054813fe5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Thu, 03 Aug 2023 13:02:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://www.bg3.co
access-control-expose-headers: location
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 204 bulk Show response
trc.taboola.com/palmate-bg3co/log/3/ 0
231 B 193ms
192ms XHR
image/gif 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-bg3co/log/3/bulk?route=AM%3AIL%3AV&lti=split-bugfix-v1_var&bulkSize=12
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230801-6_b2-PR-59751-DEV-140977--intersections-40f9960c353.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 116
date: Thu, 03 Aug 2023 13:02:48 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 103023
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-lis1490038-LIS
pragma: no-cache
server: nginx
x-timer: S1691067769.556904,VS0,VE116
content-type: image/gif
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 pixel;r=802202195;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc...
pixel.quantserve.com/ 35 B
371 B 93ms
83ms Image
image/gif 91.228.74.168
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=802202195;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-525109082-1691067767944;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;ref=;d=bg3.co;dst=0;et=1691067768504;tzo=0;ogl=;ses=89fce97d-83e4-474d-b64b-e0eebaf7dfbd;mdl=

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.168 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Aug 2023 13:02:48 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 242 KB
83 KB 96ms
94ms Script
application/javascript 142.250.186.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

a2aa63eed69f57bac36def178052b757dfae36c9186ebcab77061ce703347a01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:02:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84625
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 03 Aug 2023 13:02:48 GMT

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
744 B 39ms
39ms Image
image/png 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date: Thu, 03 Aug 2023 13:02:48 GMT
via: 1.1 varnish
x-amz-request-id: 4T9HD5F03CQKWW5F
age: 2366
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: lSoEvzXhqJLoKpvfWFl7Ah/8uMlGPX5JSuu1fj0iX8SuZTcXX+ikn4ChNiw6KH21t9pdaNS54d4=
x-served-by: cache-lis1490038-LIS
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1691067769.575002,VS0,VE0
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
content-type: image/png
abp: 64
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 337

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame ACCB 492 B
265 B 120ms
118ms XHR
text/plain 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3448959455761693&correlator=2593010596413008&eid=31076660&output=ldjh&gdfp_req=1&vrg=202308010101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1691067768632&lmt=1644386353&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=k7ycrcw8p1q3&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=2095647649.1691067769&ga_sid=1691067769&ga_hid=381526443&ga_fc=false&dlt=1691067767968&idt=620

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js?cb=31076660

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

cafe /

Resource Hash

7fd188c67ab443aabe8199adc8a0c5b15ed8393182577ebbf1632c3822c42493

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:02:48 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 234
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cdn.aralego.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame ACCB 15 KB
12 KB 133ms
130ms XHR
application/json 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308010101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js?cb=31076660

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

2e57a9a2b83ef9723874e9e243174c7f3058e393310cf79fe710591861511e0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:02:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11770
x-xss-protection: 0

GET
H2 200 container.html Show response
bb6ad35fab43e09d032d512ce4e9a92d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 611C 6 KB
3 KB 292ms
109ms Document
text/html 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bb6ad35fab43e09d032d512ce4e9a92d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js?cb=31076660

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 03 Aug 2023 13:02:48 GMT
expires: Fri, 02 Aug 2024 13:02:48 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame A3AF 492 B
263 B 113ms
113ms XHR
text/plain 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=571495336916514&correlator=266161754320891&output=ldjh&gdfp_req=1&vrg=202307310101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1691067768776&lmt=1644386353&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=byre8ltjrogx&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1139318053.1691067769&ga_sid=1691067769&ga_hid=2004279082&ga_fc=false&dlt=1691067767987&idt=683

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307310101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

cafe /

Resource Hash

8160fb343e74887943d5811723b899cb93461cc208a5253412b93c79b9e56b3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:02:48 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 234
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cdn.aralego.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame A3AF 15 KB
12 KB 121ms
121ms XHR
application/json 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307310101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

40058165f33746d21eba8af2a5db90d0a44596bd1eb6a733e1fd6c87c7c11242

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:02:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11768
x-xss-protection: 0

GET
H2 200 container.html Show response
8c205996eb486360c550377b1304b471.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4164 6 KB
3 KB 331ms
155ms Document
text/html 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8c205996eb486360c550377b1304b471.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 03 Aug 2023 13:02:49 GMT
expires: Fri, 02 Aug 2024 13:02:49 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame ACCB 17 KB
7 KB 250ms
84ms Script
text/javascript 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308010101/pubads_impl.js?cb=31076660

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f129.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:02:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 03 Aug 2023 13:02:49 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
251 B 475ms
74ms Ping
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je37v0&_p=496&cid=1152059708.1691067769&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1691067768&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html&dt=MLB%EF%BC%8F%E6%96%B0%E4%BA%BA%E9%A6%96%E6%9C%88%E6%95%B244%E6%94%AF%E5%AE%89%E6%89%93%E3%80%80%E6%99%AE%E4%BC%8A%E6%A0%BC%E5%8F%B2%E4%B8%8A%E7%AC%AC2%E5%83%85%E6%AC%A1%E6%96%BC%E7%8B%84%E9%A6%AC%E5%96%AC%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_nsi=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Aug 2023 13:02:49 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 8D54 379 B
593 B 1384ms
93ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308010102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co&bust=31076700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

f31b9b9a73fdff78275e9371e45054a4d05d32f40a964297b00dd0879c122c47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:02:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 242
x-xss-protection: 0

GET
H2

200

GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html Show response
adx.holmesmind.com/adx-file/20230617/ Frame 132C
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134176&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=169106...
https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html

459 B
869 B

302ms
79ms

Document
text/html

18.66.97.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308010102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co&bust=31076700
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-113.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eae438576c20d429574bb39337c98179423e0ec301675c2ba564e15fd2e0ae0c

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 32
content-length: 459
content-type: text/html
date: Thu, 03 Aug 2023 13:02:18 GMT
etag: "b488597db51c4a25cc169c0690d8eea0"
last-modified: Sat, 17 Jun 2023 07:13:44 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 c387974a86541bbcc6c5141a85eeaf36.cloudfront.net (CloudFront)
x-amz-cf-id: k1vRAPxYHz6P1uNi63D6LEemQED7-U_yfTzK5MCmz0m-_Rurpz-hOA==
x-amz-cf-pop: FRA56-P2
x-amz-server-side-encryption: AES256
x-amz-version-id: YJSjBgr7qtGU8YTUZxdm49TPP59hJ0a5
x-cache: Hit from cloudfront

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 03 Aug 2023 13:02:49 GMT
location: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 8D54 15 KB
12 KB 124ms
123ms XHR
application/json 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230731&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

39a50400ad3f1bb28a23223000358a20bb8aee69c7f3fc13c1b33a0d11434ab4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:02:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11806
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 7266 379 B
313 B 1370ms
97ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

d49d6e253d96bd613d9836f126575da7177a6061e7800e9519ebede3d5a19f85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:02:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 244
x-xss-protection: 0

GET
H2

200

GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html Show response
adx.holmesmind.com/adx-file/20230617/ Frame D1B5
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134177&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=169106...
https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html

459 B
869 B

315ms
78ms

Document
text/html

18.66.97.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-113.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eae438576c20d429574bb39337c98179423e0ec301675c2ba564e15fd2e0ae0c

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 32
content-length: 459
content-type: text/html
date: Thu, 03 Aug 2023 13:02:18 GMT
etag: "b488597db51c4a25cc169c0690d8eea0"
last-modified: Sat, 17 Jun 2023 07:13:44 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 c387974a86541bbcc6c5141a85eeaf36.cloudfront.net (CloudFront)
x-amz-cf-id: TaygiVTej_Yv392nOhuMMtfU1F72-S_V7-75TNqLjsWBm-isHtczHA==
x-amz-cf-pop: FRA56-P2
x-amz-server-side-encryption: AES256
x-amz-version-id: YJSjBgr7qtGU8YTUZxdm49TPP59hJ0a5
x-cache: Hit from cloudfront

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 03 Aug 2023 13:02:49 GMT
location: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 7266 15 KB
11 KB 124ms
123ms XHR
application/json 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230731&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

b9bd9e32440df2a5a85acc253be3918eeb8f9c1ee4a5bde15fe7ff1004fb509f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:02:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11748
x-xss-protection: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame E998 34 KB
10 KB 158ms
75ms Script
text/html 23.35.229.251
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-251.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 4a52a0201748dd82b033cfee0104e548bc12cf6d36e803d62d4699e72d68faaf

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 03 Aug 2023 13:02:48 GMT
Content-Encoding: gzip
Last-Modified: Thu, 03 Aug 2023 10:48:30 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=78270
Connection: keep-alive
Content-Length: 10114
Expires: Fri, 04 Aug 2023 10:47:18 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame FB2F 34 KB
10 KB 162ms
87ms Script
text/html 23.35.229.251
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-251.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 4a52a0201748dd82b033cfee0104e548bc12cf6d36e803d62d4699e72d68faaf

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 03 Aug 2023 13:02:49 GMT
Content-Encoding: gzip
Last-Modified: Thu, 03 Aug 2023 10:48:30 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=78269
Connection: keep-alive
Content-Length: 10114
Expires: Fri, 04 Aug 2023 10:47:18 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame A3AF 17 KB
6 KB 148ms
94ms Script
text/javascript 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f129.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:02:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 03 Aug 2023 13:02:49 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 4C83 34 KB
10 KB 145ms
90ms Script
text/html 23.35.229.251
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-251.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 4a52a0201748dd82b033cfee0104e548bc12cf6d36e803d62d4699e72d68faaf

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 03 Aug 2023 13:02:49 GMT
Content-Encoding: gzip
Last-Modified: Thu, 03 Aug 2023 10:48:30 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=78269
Connection: keep-alive
Content-Length: 10114
Expires: Fri, 04 Aug 2023 10:47:18 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 7266 17 KB
6 KB 105ms
105ms Script
text/javascript 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f129.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:02:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 03 Aug 2023 13:02:49 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 8D54 17 KB
6 KB 106ms
106ms Script
text/javascript 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f129.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:02:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 03 Aug 2023 13:02:49 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame E998 284 B
536 B 752ms
75ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 93E4 13 KB
5 KB 74ms
73ms Document
text/html 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f129.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 3280
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 03 Aug 2023 12:08:09 GMT
expires: Fri, 02 Aug 2024 12:08:09 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C462 783 B
1 KB 339ms
92ms Document
text/html 216.58.206.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.36 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f4.1e100.net

Software

GSE /

Resource Hash

af34f23466c52d9a00d4e7077c5f2218eda94f9014d9f882623d374b2ebac57e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8qEZqv9QOJu9ENSU2SZrFw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-8qEZqv9QOJu9ENSU2SZrFw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 03 Aug 2023 13:02:49 GMT
expires: Thu, 03 Aug 2023 13:02:49 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame FB2F 284 B
536 B 791ms
73ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E5E2 13 KB
5 KB 91ms
73ms Document
text/html 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f129.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 3280
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 03 Aug 2023 12:08:09 GMT
expires: Fri, 02 Aug 2024 12:08:09 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame FA52 783 B
739 B 282ms
119ms Document
text/html 216.58.206.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.36 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f4.1e100.net

Software

GSE /

Resource Hash

11e73a6acd842a4904dd95aa930d9ebe6ff599c0ef427e52ba32a0360543f8fa

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MP29QYJglNdhjIqrCYduVQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-MP29QYJglNdhjIqrCYduVQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 03 Aug 2023 13:02:49 GMT
expires: Thu, 03 Aug 2023 13:02:49 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5502 13 KB
5 KB 86ms
79ms Document
text/html 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f129.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 3280
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 03 Aug 2023 12:08:09 GMT
expires: Fri, 02 Aug 2024 12:08:09 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 44E0 783 B
739 B 275ms
123ms Document
text/html 216.58.206.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.36 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f4.1e100.net

Software

GSE /

Resource Hash

5dfe2f8567125e8ebc7b7753ea10803b4ad6ecf9ca3024af041fee03fb4105c6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-rG2nJoNu9rlYgHbkzAnkdw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-rG2nJoNu9rlYgHbkzAnkdw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 03 Aug 2023 13:02:49 GMT
expires: Thu, 03 Aug 2023 13:02:49 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 4C83 284 B
536 B 780ms
82ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8A78 13 KB
5 KB 76ms
75ms Document
text/html 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f129.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 3280
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 03 Aug 2023 12:08:09 GMT
expires: Fri, 02 Aug 2024 12:08:09 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9FB6 783 B
738 B 248ms
113ms Document
text/html 216.58.206.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.36 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f4.1e100.net

Software

GSE /

Resource Hash

0743608765f1f94ae2ea60b0aa19b6de38bf455b72a26f21a4c50ed552493372

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-lgFNBWI5cFvElh6fxM5StQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-lgFNBWI5cFvElh6fxM5StQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 03 Aug 2023 13:02:49 GMT
expires: Thu, 03 Aug 2023 13:02:49 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 9424 70 B
264 B 84ms
83ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8YaYCLAYUGAJ6Q7CJbBMoMAT0hmAT2S4AAABgYID-AAktZh6PzTJcK3aj4Vo0cazcwpFjuFYMh5vBYLdbuFYzIyChxczjsVmGa8VuNFyLJo6VWzhyDNeK4XAzGOx2C9dqZgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZraDodPte9Xvf73SU-z1zj9yv8arPFLXza3ZKX3a05-l1v5evlVjwdfrdoND063Qq7W-RwC15v5dOtc7k1R6dbc3TYfW6R0y2ZOu1ujdOtfL1FTrfa4VY8HX670PQ22wEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AqxwM2Om5-O3-AAAAAAACAAAAgAQAAvphCYAY470T__________8xBugzb2T8____3zDoAfDgA-BBCAAAANCQOc7gDVM7CngiBdJFGAEAAADIBUzoOTJJJ6hYVPn__--3AnAFACAgcdcvqyaL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iENNYL0wRL9MSp-QUEAFjzCwgAwEbdAAC8EYATdAhaMRisTkDMDgAAAMCd____fz0gNLPZVpPlauNbTWwui8nm8e0WC9fM5FytBhvnYHs-FfWW3HmuuPpsCMvs9x0UlNPTY3YZZCyXySA-aBiWk0EwPxO2GK0mk81yOFsuJoPhaDga7Y8ALgdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDB3GIyMm52M7dquFiuRcvZxC0xWWZumc1mmbhmxsVk43GLXh_TxeOaLGy2LRIMmNuL5GmRTlSjjW8x2phMg8FwYVrObKOFbbkceUwL58piW00mYonmZJFOZJd9aWazrSbL1ca3mthcFpPN49stFq6ZyblaDTbOwb63mIyMm93MrRoulmvRcjZxS0yWmVtms1kmrplxMdl43KLXx3TxuCYLm23fmC0Xg9luN5vtG7PlYjDb7WazfYfO8F19zkZlWSX5mFziW-S6uDkNCpfB4n1-L9LQzmgz-jRfiUX1FOc8E6vQ7_f7_X6_3-_3ezdmg8dgMMw82m1i7PJrNj_lUeM9GBSxRHCRTgQPs9therklPs_GbxFLlKaLdKJX-NVmi1v4tLslL7tbc_S73srXy614Ovxu0Wh6dLoVdrfI4Ra83sqnW-dya45Ot-bosPvcIqdbMnXa3RqnW_l6i5xutcOteDr8dqHpbbaIJYLTRToRvYyni_qPGGK4mismw7lyLlusEgAAAAAAAACAJZhmugkAAACAk0ENN8PFap0OZjKbDHar5QK4CMrSBQwCAAAAAABQrLHHGuBhdjtML7fE59n4rQxAgjmP2WafEcRarZY1AAAAAWwAAAAB3HTjTSAWE_f___8_DgAAgIwcegAAAPT7gLIAAAAAAAD4FcRkshnuH4AKsVar1e3GWq1WwIJYLHarCfz___8H!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 03 Aug 2023 13:02:49 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 712d837f-5819-496b-bd2f-fff2b5f812cc-tuctbc52af6
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 9424 43 B
425 B 85ms
84ms Image
image/gif 54.73.141.177
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/712d837f-5819-496b-bd2f-fff2b5f812cc-tuctbc52af6?gdpr=1&us_privacy=1---

Requested by

Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8YaYCLAYUGAJ6Q7CJbBMoMAT0hmAT2S4AAABgYID-AAktZh6PzTJcK3aj4Vo0cazcwpFjuFYMh5vBYLdbuFYzIyChxczjsVmGa8VuNFyLJo6VWzhyDNeK4XAzGOx2C9dqZgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZraDodPte9Xvf73SU-z1zj9yv8arPFLXza3ZKX3a05-l1v5evlVjwdfrdoND063Qq7W-RwC15v5dOtc7k1R6dbc3TYfW6R0y2ZOu1ujdOtfL1FTrfa4VY8HX670PQ22wEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AqxwM2Om5-O3-AAAAAAACAAAAgAQAAvphCYAY470T__________8xBugzb2T8____3zDoAfDgA-BBCAAAANCQOc7gDVM7CngiBdJFGAEAAADIBUzoOTJJJ6hYVPn__--3AnAFACAgcdcvqyaL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iENNYL0wRL9MSp-QUEAFjzCwgAwEbdAAC8EYATdAhaMRisTkDMDgAAAMCd____fz0gNLPZVpPlauNbTWwui8nm8e0WC9fM5FytBhvnYHs-FfWW3HmuuPpsCMvs9x0UlNPTY3YZZCyXySA-aBiWk0EwPxO2GK0mk81yOFsuJoPhaDga7Y8ALgdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDB3GIyMm52M7dquFiuRcvZxC0xWWZumc1mmbhmxsVk43GLXh_TxeOaLGy2LRIMmNuL5GmRTlSjjW8x2phMg8FwYVrObKOFbbkceUwL58piW00mYonmZJFOZJd9aWazrSbL1ca3mthcFpPN49stFq6ZyblaDTbOwb63mIyMm93MrRoulmvRcjZxS0yWmVtms1kmrplxMdl43KLXx3TxuCYLm23fmC0Xg9luN5vtG7PlYjDb7WazfYfO8F19zkZlWSX5mFziW-S6uDkNCpfB4n1-L9LQzmgz-jRfiUX1FOc8E6vQ7_f7_X6_3-_3ezdmg8dgMMw82m1i7PJrNj_lUeM9GBSxRHCRTgQPs9therklPs_GbxFLlKaLdKJX-NVmi1v4tLslL7tbc_S73srXy614Ovxu0Wh6dLoVdrfI4Ra83sqnW-dya45Ot-bosPvcIqdbMnXa3RqnW_l6i5xutcOteDr8dqHpbbaIJYLTRToRvYyni_qPGGK4mismw7lyLlusEgAAAAAAAACAJZhmugkAAACAk0ENN8PFap0OZjKbDHar5QK4CMrSBQwCAAAAAABQrLHHGuBhdjtML7fE59n4rQxAgjmP2WafEcRarZY1AAAAAWwAAAAB3HTjTSAWE_f___8_DgAAgIwcegAAAPT7gLIAAAAAAAD4FcRkshnuH4AKsVar1e3GWq1WwIJYLHarCfz___8H!&excid=22&docw=0&cijs=1&nlb=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.73.141.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-73-141-177.eu-west-1.compute.amazonaws.com

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:02:49 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame BC09 70 B
264 B 110ms
105ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8YaYCLAYUGAJ6Q7CJbBMoMAT0hmAT2S4AAABgYID-AAktZh6PzTJcK3aj4Vo0cazcwpFjuFYMh5vBYLdbuFYzIyChxczjsVmGa8VuNFyLJo6VWzhyDNeK4XAzGOx2C9dqZgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZraDodPte9Xvf73SU-z1zj9yv8arPFLXza3ZKX3a05-l1v5evlVjwdfrdoND063Qq7W-RwC15v5dOtc7k1R6dbc3TYfW6R0y2ZOu1ujdOtfL1FTrfa4VY8HX670PQ22wEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AqxwM2Om5-O3-AAAAAAACAAAAgAQAAvphCYAY470T__________8xBugzb2T8____3zDoAfDgA-BBCAAAANCQOc7gDVM7CngiBdJFGAEAAADIBUzoOTJJJ6hYVPn__--3AnAFACAgcdcvqyaL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iENNYL0wRL9MSp-QUEAFjzCwgAwEbdAAC8EYATdAhaMRisTkDMDgAAAMCd____fz0gNLPZVpPlauNbTWwui8nm8e0WC9fM5FytBhvnYHs-FfWW3HmuuPpsCMvs9x0UlNPTY3YZZCyXySA-aBiWk0EwPxO2GK0mk81yOFsuJoPhaDga7Y8ALgdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDB3GIyMm52M7dquFiuRcvZxC0xWWZumc1mmbhmxsVk43GLXh_TxeOaLGy2LRIMmNuL5GmRTlSjjW8x2phMg8FwYVrObKOFbbkceUwL58piW00mYonmZJFOZJd9aWazrSbL1ca3mthcFpPN49stFq6ZyblaDTbOwb63mIyMm93MrRoulmvRcjZxS0yWmVtms1kmrplxMdl43KLXx3TxuCYLm23fmC0Xg9luN5vtG7PlYjDb7WazfYfO8F19zkZlWSX5mFziW-S6uDkNCpfB4n1-L9LQzmgz-jRfiUX1FOc8E6vQ7_f7_X6_3-_3ezdmg8dgMMw82m1i7PJrNj_lUeM9GBSxRHCRTgQPs9therklPs_GbxFLlKaLdKJX-NVmi1v4tLslL7tbc_S73srXy614Ovxu0Wh6dLoVdrfI4Ra83sqnW-dya45Ot-bosPvcIqdbMnXa3RqnW_l6i5xutcOteDr8dqHpbbaIJYLTRToRvYyni_qPGGK4mismw7lyLlusEgAAAAAAAACAJZhmugkAAACAk0ENN8PFap0OZjKbDHar5QK4CMrSBQwCAAAAAABQrLHHGuBhdjtML7fE59n4rQxAgjmP2WafEcRarZY1AAAAAWwAAAAB3HTjTSAWE_f___8_DgAAgIwcegAAAPT7gLIAAAAAAAD4FcRkshnuH4AKsVar1e3GWq1WwIJYLHarCfz___8H!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 03 Aug 2023 13:02:49 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 712d837f-5819-496b-bd2f-fff2b5f812cc-tuctbc52af6
pr-bh.ybp.yahoo.com/sync/taboola/ Frame BC09 43 B
425 B 117ms
113ms Image
image/gif 54.73.141.177
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/712d837f-5819-496b-bd2f-fff2b5f812cc-tuctbc52af6?gdpr=1&us_privacy=1---

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.73.141.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-73-141-177.eu-west-1.compute.amazonaws.com

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:02:49 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 200 sync
x.bidswitch.net/ Frame BC09 43 B
146 B 267ms
79ms Image
image/gif 18.196.122.173
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8YaYCLAYUGAJ6Q7CJbBMoMAT0hmAT2S4AAABgYID-AAktZh6PzTJcK3aj4Vo0cazcwpFjuFYMh5vBYLdbuFYzIyChxczjsVmGa8VuNFyLJo6VWzhyDNeK4XAzGOx2C9dqZgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZraDodPte9Xvf73SU-z1zj9yv8arPFLXza3ZKX3a05-l1v5evlVjwdfrdoND063Qq7W-RwC15v5dOtc7k1R6dbc3TYfW6R0y2ZOu1ujdOtfL1FTrfa4VY8HX670PQ22wEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AqxwM2Om5-O3-AAAAAAACAAAAgAQAAvphCYAY470T__________8xBugzb2T8____3zDoAfDgA-BBCAAAANCQOc7gDVM7CngiBdJFGAEAAADIBUzoOTJJJ6hYVPn__--3AnAFACAgcdcvqyaL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iENNYL0wRL9MSp-QUEAFjzCwgAwEbdAAC8EYATdAhaMRisTkDMDgAAAMCd____fz0gNLPZVpPlauNbTWwui8nm8e0WC9fM5FytBhvnYHs-FfWW3HmuuPpsCMvs9x0UlNPTY3YZZCyXySA-aBiWk0EwPxO2GK0mk81yOFsuJoPhaDga7Y8ALgdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDB3GIyMm52M7dquFiuRcvZxC0xWWZumc1mmbhmxsVk43GLXh_TxeOaLGy2LRIMmNuL5GmRTlSjjW8x2phMg8FwYVrObKOFbbkceUwL58piW00mYonmZJFOZJd9aWazrSbL1ca3mthcFpPN49stFq6ZyblaDTbOwb63mIyMm93MrRoulmvRcjZxS0yWmVtms1kmrplxMdl43KLXx3TxuCYLm23fmC0Xg9luN5vtG7PlYjDb7WazfYfO8F19zkZlWSX5mFziW-S6uDkNCpfB4n1-L9LQzmgz-jRfiUX1FOc8E6vQ7_f7_X6_3-_3ezdmg8dgMMw82m1i7PJrNj_lUeM9GBSxRHCRTgQPs9therklPs_GbxFLlKaLdKJX-NVmi1v4tLslL7tbc_S73srXy614Ovxu0Wh6dLoVdrfI4Ra83sqnW-dya45Ot-bosPvcIqdbMnXa3RqnW_l6i5xutcOteDr8dqHpbbaIJYLTRToRvYyni_qPGGK4mismw7lyLlusEgAAAAAAAACAJZhmugkAAACAk0ENN8PFap0OZjKbDHar5QK4CMrSBQwCAAAAAABQrLHHGuBhdjtML7fE59n4rQxAgjmP2WafEcRarZY1AAAAAWwAAAAB3HTjTSAWE_f___8_DgAAgIwcegAAAPT7gLIAAAAAAAD4FcRkshnuH4AKsVar1e3GWq1WwIJYLHarCfz___8H!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.122.173 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-122-173.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:02:49 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame FB74 281 B
554 B 93ms
92ms Document
text/html 23.35.229.251
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8YaYCLAYUGAJ6Q7CJbBMoMAT0hmAT2S4AAABgYID-AAktZh6PzTJcK3aj4Vo0cazcwpFjuFYMh5vBYLdbuFYzIyChxczjsVmGa8VuNFyLJo6VWzhyDNeK4XAzGOx2C9dqZgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZraDodPte9Xvf73SU-z1zj9yv8arPFLXza3ZKX3a05-l1v5evlVjwdfrdoND063Qq7W-RwC15v5dOtc7k1R6dbc3TYfW6R0y2ZOu1ujdOtfL1FTrfa4VY8HX670PQ22wEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AqxwM2Om5-O3-AAAAAAACAAAAgAQAAvphCYAY470T__________8xBugzb2T8____3zDoAfDgA-BBCAAAANCQOc7gDVM7CngiBdJFGAEAAADIBUzoOTJJJ6hYVPn__--3AnAFACAgcdcvqyaL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iENNYL0wRL9MSp-QUEAFjzCwgAwEbdAAC8EYATdAhaMRisTkDMDgAAAMCd____fz0gNLPZVpPlauNbTWwui8nm8e0WC9fM5FytBhvnYHs-FfWW3HmuuPpsCMvs9x0UlNPTY3YZZCyXySA-aBiWk0EwPxO2GK0mk81yOFsuJoPhaDga7Y8ALgdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDB3GIyMm52M7dquFiuRcvZxC0xWWZumc1mmbhmxsVk43GLXh_TxeOaLGy2LRIMmNuL5GmRTlSjjW8x2phMg8FwYVrObKOFbbkceUwL58piW00mYonmZJFOZJd9aWazrSbL1ca3mthcFpPN49stFq6ZyblaDTbOwb63mIyMm93MrRoulmvRcjZxS0yWmVtms1kmrplxMdl43KLXx3TxuCYLm23fmC0Xg9luN5vtG7PlYjDb7WazfYfO8F19zkZlWSX5mFziW-S6uDkNCpfB4n1-L9LQzmgz-jRfiUX1FOc8E6vQ7_f7_X6_3-_3ezdmg8dgMMw82m1i7PJrNj_lUeM9GBSxRHCRTgQPs9therklPs_GbxFLlKaLdKJX-NVmi1v4tLslL7tbc_S73srXy614Ovxu0Wh6dLoVdrfI4Ra83sqnW-dya45Ot-bosPvcIqdbMnXa3RqnW_l6i5xutcOteDr8dqHpbbaIJYLTRToRvYyni_qPGGK4mismw7lyLlusEgAAAAAAAACAJZhmugkAAACAk0ENN8PFap0OZjKbDHar5QK4CMrSBQwCAAAAAABQrLHHGuBhdjtML7fE59n4rQxAgjmP2WafEcRarZY1AAAAAWwAAAAB3HTjTSAWE_f___8_DgAAgIwcegAAAPT7gLIAAAAAAAD4FcRkshnuH4AKsVar1e3GWq1WwIJYLHarCfz___8H!&excid=22&docw=0&cijs=1&nlb=false
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-251.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://am-match.taboola.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 03 Aug 2023 13:02:49 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H3 200 fEcdG_B7pUQXAq0S1D0jGwFCW0QHifFmsZMHxcblrt4.js Show response
pagead2.googlesyndication.com/bg/ Frame 93E4 37 KB
14 KB 84ms
83ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fEcdG_B7pUQXAq0S1D0jGwFCW0QHifFmsZMHxcblrt4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

sffe /

Resource Hash

7c471d1bf07ba5441702ad12d43d231b01425b440789f166b19307c5c6e5aede

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 12:30:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 88361
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14619
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Aug 2024 12:30:08 GMT

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 3 KB
2 KB 41ms
40ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230801-6_b2-PR-59751-DEV-140977--intersections-40f9960c353.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding: gzip
via: 1.1 varnish
date: Thu, 03 Aug 2023 13:02:49 GMT
x-amz-request-id: 2QTT4DE5AQFM88XF
age: 792
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1340
x-amz-id-2: dMpQEqvpkPUA1yI5WlgLWI6aQfPUJsjmB2fSziQmvtojBztCAzUgZKiq9ChhsF8Gs3NDPvc2z0Y=
x-served-by: cache-lis1490038-LIS
last-modified: Wed, 12 Oct 2022 13:57:57 GMT
server: AmazonS3
x-timer: S1691067769.337327,VS0,VE0
etag: "383fa66d2a0a09f4a6e64a9593ad43bb"
vary: Accept-Encoding
content-type: application/javascript
abp: 74
access-control-allow-origin: *
cache-control: private, max-age=3600
accept-ranges: bytes
x-cache-hits: 1742

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame FB74 34 KB
10 KB 101ms
101ms Script
text/html 23.35.229.251
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-251.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 4a52a0201748dd82b033cfee0104e548bc12cf6d36e803d62d4699e72d68faaf

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 03 Aug 2023 13:02:49 GMT
Content-Encoding: gzip
Last-Modified: Thu, 03 Aug 2023 10:48:30 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=78269
Connection: keep-alive
Content-Length: 10114
Expires: Fri, 04 Aug 2023 10:47:18 GMT

GET
H3 200 fEcdG_B7pUQXAq0S1D0jGwFCW0QHifFmsZMHxcblrt4.js Show response
pagead2.googlesyndication.com/bg/ Frame E5E2 37 KB
14 KB 88ms
87ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fEcdG_B7pUQXAq0S1D0jGwFCW0QHifFmsZMHxcblrt4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

sffe /

Resource Hash

7c471d1bf07ba5441702ad12d43d231b01425b440789f166b19307c5c6e5aede

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 12:30:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 88361
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14619
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Aug 2024 12:30:08 GMT

GET
H3 200 fEcdG_B7pUQXAq0S1D0jGwFCW0QHifFmsZMHxcblrt4.js Show response
pagead2.googlesyndication.com/bg/ Frame 5502 37 KB
14 KB 76ms
75ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fEcdG_B7pUQXAq0S1D0jGwFCW0QHifFmsZMHxcblrt4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

sffe /

Resource Hash

7c471d1bf07ba5441702ad12d43d231b01425b440789f166b19307c5c6e5aede

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 12:30:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 88361
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14619
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Aug 2024 12:30:08 GMT

GET
H2 200 / Show response
pips.taboola.com/ 4 B
119 B 101ms
44ms XHR
text/plain 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by: cache-lis1490049-LIS
date: Thu, 03 Aug 2023 13:02:49 GMT
via: 1.1 varnish
server: Varnish
access-control-allow-methods: GET
x-cache: HIT
access-control-allow-origin: https://www.bg3.co
cache-control: no-store
accept-ranges: bytes
content-length: 4
retry-after: 0
x-cache-hits: 0

GET
H3 200 fEcdG_B7pUQXAq0S1D0jGwFCW0QHifFmsZMHxcblrt4.js Show response
pagead2.googlesyndication.com/bg/ Frame 8A78 37 KB
14 KB 80ms
79ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fEcdG_B7pUQXAq0S1D0jGwFCW0QHifFmsZMHxcblrt4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

sffe /

Resource Hash

7c471d1bf07ba5441702ad12d43d231b01425b440789f166b19307c5c6e5aede

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 12:30:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 88361
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14619
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Aug 2024 12:30:08 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame FB74 284 B
536 B 565ms
108ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 / Show response
cds.taboola.com/ 0
82 B 424ms
134ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=712d837f-5819-496b-bd2f-fff2b5f812cc-tuctbc52af6&mbl=ZmFsc2U=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 03 Aug 2023 13:02:49 GMT
cache-control: no-store
server: nginx

GET
H2 200 sync.js Show response
sync.logly.co.jp/sync/ Frame E4B9 0
268 B 292ms
292ms Script
text/plain 35.74.222.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.logly.co.jp/sync/sync.js
Requested by: Host: sync.logly.co.jp
URL: https://sync.logly.co.jp/sync/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.74.222.51 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-74-222-51.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://sync.logly.co.jp/sync/sync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 03 Aug 2023 13:02:49 GMT
cache-control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
server: nginx
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
p3p: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C462 0
0 176ms
175ms Image
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308010101&jk=3448959455761693&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lcfraa-aa-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9FB6 0
0 176ms
176ms Image
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230731&jk=3962355071051990&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lcfraa-aa-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame FA52 0
0 180ms
180ms Image
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307310101&jk=571495336916514&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lcfraa-aa-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 44E0 0
0 187ms
187ms Image
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230731&jk=2371372344267328&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lcfraa-aa-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 ysm_bg3.js Show response
ad.sitemaji.com/ Frame D1B5 31 KB
10 KB 173ms
62ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/ysm_bg3.js
Requested by: Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 287077b1aeaca25ca5387fa4bccd16aa0f098f48ab4630152689426db2d97470

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 18:00:20 GMT
content-encoding: br
via: 1.1 google
last-modified: Mon, 26 Jun 2023 06:28:30 GMT
server: nginx/1.12.1 (Ubuntu)
age: 68549
etag: W/"6499300e-7b8f"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9956
expires: Thu, 03 Aug 2023 18:00:20 GMT

GET
H2 200 ysm_bg3.js Show response
ad.sitemaji.com/ Frame 132C 31 KB
10 KB 173ms
64ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/ysm_bg3.js
Requested by: Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 287077b1aeaca25ca5387fa4bccd16aa0f098f48ab4630152689426db2d97470

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 18:00:20 GMT
content-encoding: br
via: 1.1 google
last-modified: Mon, 26 Jun 2023 06:28:30 GMT
server: nginx/1.12.1 (Ubuntu)
age: 68549
etag: W/"6499300e-7b8f"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9956
expires: Thu, 03 Aug 2023 18:00:20 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 93E4 0
10 B 75ms
75ms Image
text/plain 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?DVTU4Q
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.16.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: zrh04s06-in-f129.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:02:49 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame E5E2 0
10 B 75ms
75ms Image
text/plain 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?zLt74w
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.16.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: zrh04s06-in-f129.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:02:49 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5502 0
10 B 75ms
75ms Image
text/plain 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?M6-9Cw
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.16.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: zrh04s06-in-f129.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:02:49 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 8A78 0
10 B 75ms
75ms Image
text/plain 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?BxCWIQ
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.16.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: zrh04s06-in-f129.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:02:49 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 204
No Content sync.php
pixel-apac.rubiconproject.com/exchange/ Frame E998 0
239 B 2112ms
201ms Image
image/gif 69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-apac.rubiconproject.com/exchange/sync.php?p=logly
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 808ed95536e7f55d8adbcb9fc76d309d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/ Frame D1B5
Redirect Chain

https://agent.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

56ms
56ms

Script
application/octet-stream

104.26.4.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol: H3
Server: 104.26.4.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:02:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4084
alt-svc: h3=":443"; ma=86400
content-length: 40181
last-modified: Tue, 20 Jun 2023 03:04:26 GMT
server: cloudflare
etag: "6491173a-9cf5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wLA5KH3bAgf1Mryv2aB5lKlRy0UEDvcdoCQVQp6FPPCL89QS1dk0WWBUiuLm8WUg3iHnSEhZVGoOcHhn%2FTWFXuCq%2FiHol6RW1qhbpvgO2FcVXcETdQbzUOhkS6QJc6RNJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7f0ec1e3d850d651-MAD

Redirect headers

Location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection: close
Content-length: 0

GET
H3

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/ Frame 132C
Redirect Chain

https://agent.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

143ms
143ms

Script
application/octet-stream

104.26.4.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol: H3
Server: 104.26.4.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:02:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4084
alt-svc: h3=":443"; ma=86400
content-length: 40181
last-modified: Tue, 20 Jun 2023 03:04:26 GMT
server: cloudflare
etag: "6491173a-9cf5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nmJyCEr8XzVBnMzts8WEjcOEubbdu7FzmoVDFl0IWdWKLEhBGZO2ChBgXLDqEKTpdaI27N0tyjJ%2Fw%2FJLYAs6mDRYzz7wHaRph92joalRE%2BHN3cqVuW6uAa%2F08bIYs4pLeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7f0ec1e3e854d651-MAD

Redirect headers

Location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection: close
Content-length: 0

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame E998 0
239 B 584ms
71ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 5b959e9b7aef6dd90a6fa539ca64ac62
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame E998 0
214 B 251ms
77ms Image
text/plain 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=36584
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame E998 70 B
264 B 119ms
117ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 03 Aug 2023 13:02:50 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame E998
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=

170 B
409 B

276ms
83ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Aug 2023 13:02:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame E998
Redirect Chain

https://s.company-target.com/s/rp
https://pixel.rubiconproject.com/tap.php?v=1181926&nid=5578&put=6de2a3d2-dda3-4d1f-90a2-e0e197802d4b

0
239 B

73ms
72ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=1181926&nid=5578&put=6de2a3d2-dda3-4d1f-90a2-e0e197802d4b
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 5b959e9b7aef6dd90a6fa539ca64ac62
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Thu, 03 Aug 2023 13:02:51 GMT
via: 1.1 google
access-control-allow-methods: GET,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *.rubiconproject.com
location: https://pixel.rubiconproject.com/tap.php?v=1181926&nid=5578&put=6de2a3d2-dda3-4d1f-90a2-e0e197802d4b
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131

GET rubicon
sync.adotmob.com/cookie/ Frame E998 0
0

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame E998
Redirect Chain

https://cms.quantserve.com/pixel/p-e4m3Yko6bFYVc.gif?idmatch=0
https://pixel.rubiconproject.com/tap.php?v=4939&nid=1902&&put=6MbWur_HguDzyo3r7ZeY7LvEhenzx9DgvZZBf0Qg

0
239 B

484ms
71ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=4939&nid=1902&&put=6MbWur_HguDzyo3r7ZeY7LvEhenzx9DgvZZBf0Qg
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 5b959e9b7aef6dd90a6fa539ca64ac62
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Thu, 03 Aug 2023 13:02:50 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://pixel.rubiconproject.com/tap.php?v=4939&nid=1902&&put=6MbWur_HguDzyo3r7ZeY7LvEhenzx9DgvZZBf0Qg
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 rubicon
tr.blismedia.com/v1/api/sync/ Frame E998 0
173 B 1183ms
78ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/rubicon
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:02:51 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame ACCB 0
0 181ms
181ms Image
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308010101&jk=3448959455761693&bg=!UlGlUQXNAAZGOVy5Zjk7ADkAdvg8WgXrY-Z1uvyp4I9EczshnmBe933bspKb5ZQLwJl3aQhDr0XmYG3dO173qnYBl5Jmpm1bzrkCAAABylIAAACLaAEHmQK7eMKpA-K0Em2p3LcxOWwLu6LPkPYOz0luZJJ_yhkrFs5KpvQktihu94SnVdg2k1UP0f6qqEi37bjP_RZoiqv6PjEFZD_-j-zVtKsc6MRgfhL8CZy3HfyjjeEWljZnVm922xMBni1Bb-YPcYRcXV7I_SCW5NnDzZPH5_RyirsLFrgoQpXBYtFeXb2JtEMGAuBZ10iO2xBys2AF7l64T-vACXH5xcJsavTyyZsJZPYFc1QXwf2T1JsVe06KqeWhekuIU_XInRNwftvwR7yyDuoAYQlHAGE3xrSMM7H_ND8mF48rx3Mamh2LUKlO_PnMgzijUirTH159cgrS4j7Mo52_rFvRZeAAvRydGX7kTMs4OaNPQ7tktILHxiF8zTJcf7WEyFTFlSOxn8AGJaoEK709f8bBj68Zf8FFKFa39oSjaeQhvIpMUVbueieh6dKbQZ0zKoXNfYhIKcdvCOYgMpRTNsABiNIfUUOmTw8tKg5OsaW1ueu1t_Xly44booULK7yzSKCkSSHEHLWZyqNpvlLNVCaK9T6WozI8fHWaU_juAI-107QxJZK2C2wUcqhCq8RQcXE21lj_-YkFR9CQrQOMuyVMfRFcH-mwQMLPd-NcKBB4v4FUTbz8CA6mG9RjIsr3hMhZQIJrQj9WZXjBL3g7cBX83nLPis_fd7-4kGW8OtQHp3Kmrln5O8b2lvBe7FPY7d446CDNT6yCP36JxHx6rVnGFHNAYcN3JrxCQ_aLtgR1P78mVY_UX-NnN4QDUidltfgJaCRZ87JDXVoHLa1l5ZOTvF__M5jHLdbd4yPMmvaABcfXVzUEriWYJBgi-FUFuB_FIR0n59PmFO5-VhIuNqhJCaAN0a271f3znftQZO2Q4QhO39Vp0wFVCuPoCvOVM8PmB1H0rOlOf1W5I6i0bPzVsU0zBKFDB2Uw
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lcfraa-aa-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8D54 0
0 183ms
183ms Image
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230731&jk=3962355071051990&bg=!srGlseXNAAZGOVy5Zjk7ADkAdvg8WswZzBUgSJLEQp9cmQqe76fEXZvhbR8SmOyvObznBndvU0Jmzfh1iqlpLyJsgLCVjKstd6cCAAABH1IAAABbaAEHCgAPF4zu2kueRG-GFpLfztEAmQLTiS9TpuDY4g5XHVpmj4L8yvWFvDX4rdBelu8Kjjz-frD3qfTEGY-yJ5_aZHJtYDVXTtRwj9mU0uRMNil3OpG5NvAcQjJDzwdMpRhONNb2AaUWHMUBhqqbxuv_-Omme6PgvZL_08re1cLFbLvzIMLJtbO4wTW1UdoRUFjrQDw6px03BFVNTVLHdXBZ2Zk0-AYxDaN8gPEq_ZShTt0gOsBo1cBaQv7sw6betNoHv6cRDh2ekK_AL1XZwvAeuwBWvB5yDPvTrjNakd7z_9ucisCgGiIvHirMkYVoUHNfob1FCDB9YSIda9ZwRIOtlqgD8pN0LO2uRFhz4jcyFdVZ_3nWk2s8BZhT_QGEgBM7lviQBI17KUmRb-fQ5KlJ9mvHxPbGKRJsokgsnIHL-jx8Tsx7RhsNE56b2QdX-q3yitfHvQU9qwO2fSy6T4lNQgFIKSgjxSQ15_jFZOlqj6M7R_wpg5LAZTGNc8mNn7DqY9qjOYiAnfU-SiDffIap2cPa7Y9wYzW59Zk1pagbVH2DolxsZAANSUpOTAZz0H8L-AHCxerR_D-0NkSLVntlgae0Ca7ELZ4s7Q5QZBPH1IaAe0YCdKaeBkxaDoJVqWQosmRjEnQTBAqCnbd2gpSC4wmqdAu_9RobycVBC_xYNs6bGTreI7InP0e171Yubpw_B9yk0n3zEIb4y0onUNT8MKwyivO4SBqC5dH0Cr_emDp4EfK_s-8SZpRlKcOZyv8OeY8o1PFQOCMS7socPDugIxEbLJKI9LrfkyPp-jgwX3tqPeIJOTgl9KZwCksbi30svMSzXR7SQuo3pIgzyiJJWkjmAAsNOaLLHfwEDLwF3vEJrFOgmvaYXtx9l4PkHyWP3GfUKYxu2ufGSWq6t1ZqUqehkA3ZehsesLqVvkgAIyYhzY1xT6hrAwpiBYVTRps9tqcr55kjl09ikLXVq6y23tkFzZHWE-0-
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lcfraa-aa-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A3AF 0
0 181ms
181ms Image
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307310101&jk=571495336916514&bg=!vb6lvurNAAZGOVy5Zjk7ADkAdvg8Wgs8oU34eAOETgo1PGOwCi-cE-L5hvJ2Qp8y8eE0DNT2OgZ1efkKEt-8Z7R63pANy694uvQCAAABHVIAAACTaAEHCgAh5e6f45TZMkdvOcYXHppOcjhbFxHqTasu_Gjk-_xH_APxmQK1nf4LQcWATPO-LA4dRSBGz-6OYGL66yDfgaX1PKcoAYPkHhIZfXvqclGy9YXMP1UneRrxmgWoXl224d7iNKians1HhbhjR8izDLhSKG6hU0XOx_7PENdGEkUYf9C1Kn7FWFBUYKXBAZKcdb4U3pGiSh2z0M8IpjFKZAVhXydXYL9wQzFgsB7ejuOxmV3RTHqAhr1_XZ4q6sCtfRPT6sDFYjpuEeEM7j8QmE-YXhlt0UyJeNtQZM3K2iIQ46KUKJIZf39gI9ZBT9rL8dFxvAy3bAazVkxs6PriJBtfRCEHyAOPLlzqUF8UQeDTUqBFJvaz-_3l3nLue0jWazbw8AdR7xoJHpZMa3wlBq9UJLJheKEtZ8gavGYkEbRbO4b9GMr5Wygh6LcqAn7o2_CXTNB-6DRyF6p6MIkffZAiKmtzvOh_-vGvaqlxGEG2RVYMECKErrtuRDkE-OH_hxvbsth421oSZRZdg3_EI334c-JVIirGkRsurS7zbWJ3YV7j0MCqciz8RTRXFapeM55gLmqmfrubmp7nZ9_KH1StBNO1SeFNOzE1Iey0is1HxeIUwqygHPetltEmOCXpbP5Kw0sFi6He34of0qHC3p3cP9d2V9eiSB5ZO1zH6tWHeFtS33AlJVu8DOTETKGJ63Ev4KdvBAe68lf_R2joALl0VzfE4c4WMTIzMZc6b3OJJvtUPbQ5FSQEj-u8u6UdIV9s3gnt7XhfbLPMW3ATBQBtKEmHZjEKhJAQxOURgAkvet25_Ns2AM0CQ0FFYSfPoufJk80T8Fq7QxWk7R5tvOMYCsGZmfoPRj6Ak3SPXpm6QuugUcuZ92qgYVZB5Cnn2iGatAUF8nDDRHVuPU2wUVPukJ0KOAhEGSawr1ty_RX98PvKNmdViu54XYgrb54qWiZKx1K0DkQsEJix
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lcfraa-aa-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7266 0
0 182ms
182ms Image
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230731&jk=2371372344267328&bg=!SEulSx_NAAZGOVy5Zjk7ADkAdvg8Wn1AapZMQVODhIDNWzsoMYDYbr8lXZ9DKhgW5rvsmEBBaaHrA0z78Ryl6efZviGJNeC17k4CAAABDFIAAACHaAEHmQK2W8GoKSt6FAOX998yqnN_PbZWUR9hELkgTAx269OpJrXKyLYXMvLIsPJfYgLJk2f-xb5MGKZDzvEZrKtzmVu94yeQ9ZOFH4NYqkj-K2xYyfZRlVlLgSW4O2H3z-u-_K8yVJ_3lgoDB5Xx14r6z7LLpoO-0UscDyinke5sMHa-yw7ZpKTTZJr1PcF6qwCzNTJod9A7_pa8OOaL9lKUy1zxwI_fVfCdN2-rB-suRAIKhExSmCf9jBN9AY1bNbS49kFUiZDjadVBYsG1g0vjd3MIsqM1qs73afhdKq9iaRVsUUcJ15wciIkiU-nSUyArZd2mNuxGse9ALG7_U5lQmlb5-h8q36NKDbKyRug8AEiV01bVg8MaPx4cGkx7e2XpYxaeqDrvA4NRKs-12cOXcwnIsLmYlzamE6LpOGe3I32CdpziFXKAu5psKQ9IiTO_BzeWt-3SwhfXLgkGjDjZR3o-apGvvooOGSh6aouWcs9RklsAkO3P0FQaL_So3itqSH3xvCxXpnVWXOoLnXOo4PISqwSAmi8_bVFbrTjaxcWEH9L2Tfv0HLTwOkwZH3w9IHvdBw4swJcawMXBuKNBovwhgrQCXSw5IPUsIZIPhuZtnZY7HOtYDkfsQ30BzyO_fBF0PS3Y_rU_EvGvXjzT7E0Ij9zRmyiI6N7NX95poN9LAJhdhD7fxwj_KIRNlC_TCbBNI2xIOLQH_A9a1T5MxpX80tNGcO1s_YyFSSS32R3GC289mUt-Xfpnv8Dr2VHaKc5xI4iJFsN2KbmzYu6XkA6Egj7Rivi6AA0v2oRNokhBTHNF9ow9j80Kxm2ayJlZh16agP9_K5ZiSc-Xi6NTlYtqEGSyXVia8G9VaY4TLOibVzzw36hoHSBtpKLtCo8_UEwXThWVHBJ2vHiA6p4HlZF_PJMmCOL0zA
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lcfraa-aa-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 2 KB
829 B 112ms
112ms XHR
application/json 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1691067771449&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1537&pt=-1495549126&tz=0&viewable=true&ddast=V8YaYCLAYUGAJ6Q7CJbBMoMAT0hmAT2S4AAABgYID-AAktZh6PzTJcK3aj4Vo0cazcwpFjuFYMh5vBYLdbuFYzIyChxczjsVmGa8VuNFyLJo6VWzhyDNeK4XAzGOx2C9dqZgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZraDodPte9Xvf73SU-z1zj9yv8arPFLXza3ZKX3a05-l1v5evlVjwdfrdoND063Qq7W-RwC15v5dOtc7k1R6dbc3TYfW6R0y2ZOu1ujdOtfL1FTrfa4VY8HX670PQ22wEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AqxwM2Om5-O3-AAAAAAACAAAAgAQAAvphCYAY470T__________8xBugzb2T8____3zDoAfDgA-BBCAAAANCQOc7gDVM7CngiBdJFGAEAAADIBUzoOTJJJ6hYVPn__--3AnAFACAgcdcvqyaL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iENNYL0wRL9MSp-QUEAFjzCwgAwEbdAAC8EYATdAhaMRisTkDMDgAAAMCd____fz0gNLPZVpPlauNbTWwui8nm8e0WC9fM5FytBhvnYHs-FfWW3HmuuPpsCMvs9x0UlNPTY3YZZCyXySA-aBiWk0EwPxO2GK0mk81yOFsuJoPhaDga7Y8ALgdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDB3GIyMm52M7dquFiuRcvZxC0xWWZumc1mmbhmxsVk43GLXh_TxeOaLGy2LRIMmNuL5GmRTlSjjW8x2phMg8FwYVrObKOFbbkceUwL58piW00mYonmZJFOZJd9aWazrSbL1ca3mthcFpPN49stFq6ZyblaDTbOwb63mIyMm93MrRoulmvRcjZxS0yWmVtms1kmrplxMdl43KLXx3TxuCYLm23fmC0Xg9luN5vtG7PlYjDb7WazfYfO8F19zkZlWSX5mFziW-S6uDkNCpfB4n1-L9LQzmgz-jRfiUX1FOc8E6vQ7_f7_X6_3-_3ezdmg8dgMMw82m1i7PJrNj_lUeM9GBSxRHCRTgQPs9therklPs_GbxFLlKaLdKJX-NVmi1v4tLslL7tbc_S73srXy614Ovxu0Wh6dLoVdrfI4Ra83sqnW-dya45Ot-bosPvcIqdbMnXa3RqnW_l6i5xutcOteDr8dqHpbbaIJYLTRToRvYyni_qPGGK4mismw7lyLlusEgAAAAAAAACAJZhmugkAAACAk0ENN8PFap0OZjKbDHar5QK4CMrSBQwCAAAAAABQrLHHGuBhdjtML7fE59n4rQxAgjmP2WafEcRarZY1AAAAAWwAAAAB3HTjTSAWE_f___8_DgAAgIwcegAAAPT7gLIAAAAAAAD4FcRkshnuH4AKsVar1e3GWq1WwIJYLHarCfz___8H!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=nonrv_vA!ufm_vG!ufwfrtb_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.8/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a618aa01df154e81e7cba8abba9523d276080bb12292b616a7c952c41ee82ac9

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Thu, 03 Aug 2023 13:02:51 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1431
x-cache: MISS
x-served-by: cache-lis1490038-LIS
pragma: no-cache
server: nginx
x-timer: S1691067771.469175,VS0,VE74
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 200 ucfad-formats.css
cdn.aralego.net/css/dev/ Frame D1B5 975 B
743 B 55ms
55ms Stylesheet
text/css 104.26.4.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.4.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:02:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4105
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ODYx38LrHo6pfmsEsJKfId6v7llEivaoBtwxhufzjcYJw9g1t0Tb5P0yvIlHJCevkpRcnZfib9Dfeki2%2FNyntVW467J7%2FtINL1YWPTL1fkPmM9eGB1bGWIgRUoacM6h4mQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7f0ec1e4c8c1d651-MAD

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ Frame D1B5 661 B
1 KB 496ms
212ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=adx.holmesmind.com&u=https%3A%2F%2Fwww.bg3.co%2F&adid=ad-D23E94E4EBE8E97E1A2434368A94EA6&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=undefined&cb=0.8213144285337013&ao=https%3A%2F%2Fwww.bg3.co&uaMobile=%3F0
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 5a42323e0b1c4e0d4d08124e092838d317dec3536cedfeb797380f02c1ebc132

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 03 Aug 2023 13:02:52 GMT
X-Width: 300
X-Height: 250
X-AdStyle: banner
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://adx.holmesmind.com
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-AdSource: PSA
X-SspId: 7d806f9d-f2ac-3618-8ed0-b4d981b59591
X-Adtype: html
Connection: close
Content-Length: 661

GET
H3 200 ucfad-formats.css
cdn.aralego.net/css/dev/ Frame 132C 975 B
745 B 53ms
53ms Stylesheet
text/css 104.26.4.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.4.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:02:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4105
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=68tVYLFV96r%2FLf4UFabQpMcn6WD7e2pdJzjpRNe5ysDpOL8q9Su4hzDekyR3jpWqzSI4y41cm6EiqqpJqu8d8zBb9LIFJlAFQfbJJT2Y3KbD2f0qsnHQCwfvHlEdj%2F2k5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7f0ec1e4e8d3d651-MAD

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ Frame 132C 661 B
1 KB 501ms
218ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=adx.holmesmind.com&u=https%3A%2F%2Fwww.bg3.co%2F&adid=ad-D23E94E4EBE8E97E1A2434368A94EA6&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=undefined&cb=0.23098061197983055&ao=https%3A%2F%2Fwww.bg3.co&uaMobile=%3F0
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 5a42323e0b1c4e0d4d08124e092838d317dec3536cedfeb797380f02c1ebc132

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 03 Aug 2023 13:02:52 GMT
X-Width: 300
X-Height: 250
X-AdStyle: banner
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://adx.holmesmind.com
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-AdSource: PSA
X-SspId: 7d806f9d-f2ac-3618-8ed0-b4d981b59591
X-Adtype: html
Connection: close
Content-Length: 661

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 859B 81 KB
27 KB 145ms
145ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: agent.aralego.com
URL: https://agent.aralego.com/sdk

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

cafe /

Resource Hash

e5eec0b80e94fecee6c1a5921e94663c5b4507d44dbe77fa31cb287b566ac6f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:02:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27694
x-xss-protection: 0
server: cafe
etag: 75 / 19572 / m202307310101 / config-hash: 10451620551299991446
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 03 Aug 2023 13:02:52 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 3C66 81 KB
27 KB 174ms
174ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: agent.aralego.com
URL: https://agent.aralego.com/sdk

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

cafe /

Resource Hash

c557ffd1c92338736ad687b2defe43b947849477a127b1911d956e703e485d98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:02:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27692
x-xss-protection: 0
server: cafe
etag: 159 / 19572 / m202307310101 / config-hash: 10451620551299991446
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 03 Aug 2023 13:02:52 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307310101/ Frame 859B 398 KB
126 KB 78ms
77ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307310101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

cafe /

Resource Hash

240ba45f09154352c61c79884a4662a0bc6c74282798088571f5271cd290361d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 10:53:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7748
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129139
x-xss-protection: 0
server: cafe
etag: 14350311164880230944
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 02 Aug 2024 10:53:44 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307310101/ Frame 3C66 398 KB
126 KB 79ms
78ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307310101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

cafe /

Resource Hash

240ba45f09154352c61c79884a4662a0bc6c74282798088571f5271cd290361d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 10:53:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7748
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129139
x-xss-protection: 0
server: cafe
etag: 14350311164880230944
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 02 Aug 2024 10:53:44 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 859B 27 KB
12 KB 240ms
240ms XHR
text/plain 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4152201663725913&correlator=4220460582460624&eid=31076625&output=ldjh&gdfp_req=1&vrg=202307310101&ptt=17&impl=fif&iu_parts=22670248360%2Cbg3_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=1911528252&sfv=1-0-40&sc=1&abxe=1&dt=1691067772432&lmt=1691067772&adxs=0&adys=125&biw=-12245933&bih=-12245933&isw=300&ish=250&scr_x=-12245933&scr_y=-12245933&ucis=ogrwn0n9qjee&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=3&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ref=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&top=https%3A%2F%2Fwww.bg3.co%2F&frm=8&vis=1&psz=300x250&msz=300x0&fws=260&ohw=300&ea=0&ga_vid=240623921.1691067772&ga_sid=1691067772&ga_hid=1796788476&ga_fc=false&dlt=1691067771631&idt=790

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307310101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

cafe /

Resource Hash

cc53e5d8f656cc93e56202a8c0be4f1fd0fd5be7cd1fd564561b68b3087cbdc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:02:52 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12062
x-xss-protection: 0
google-lineitem-id: 6336189971
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138437415221
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://adx.holmesmind.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 859B 15 KB
11 KB 125ms
125ms XHR
application/json 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307310101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307310101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

6a41b07ef6bc71a3aafcf827039797666e2aa0b0e17837c6a516fa3e12d52bd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:02:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11737
x-xss-protection: 0

GET
H2 200 container.html Show response
9a872fb22e3fb1e24f0e55f1f7c5439e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6453 6 KB
3 KB 124ms
109ms Document
text/html 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9a872fb22e3fb1e24f0e55f1f7c5439e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 03 Aug 2023 13:02:52 GMT
expires: Fri, 02 Aug 2024 13:02:52 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 3C66 27 KB
12 KB 214ms
214ms XHR
text/plain 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4107124828237087&correlator=2402872849678662&eid=31072020%2C31076474%2C31076624&output=ldjh&gdfp_req=1&vrg=202307310101&ptt=17&impl=fif&iu_parts=22670248360%2Cbg3_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=1911528252&sfv=1-0-40&sc=1&abxe=1&dt=1691067772482&lmt=1691067772&adxs=0&adys=125&biw=-12245933&bih=-12245933&isw=300&ish=250&scr_x=-12245933&scr_y=-12245933&ucis=api65p7cgbef&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=3&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ref=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&top=https%3A%2F%2Fwww.bg3.co%2F&frm=8&vis=1&psz=300x250&msz=300x0&fws=260&ohw=300&ea=0&ga_vid=754158362.1691067772&ga_sid=1691067772&ga_hid=1642818878&ga_fc=false&dlt=1691067771647&idt=824

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307310101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

cafe /

Resource Hash

750ce980ac9dfc4adecd635e8a2e1a5d1ec65e851d6114fb20c5238844b9cec0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:02:52 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12056
x-xss-protection: 0
google-lineitem-id: 6336189971
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138437415221
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://adx.holmesmind.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 3C66 15 KB
12 KB 122ms
122ms XHR
application/json 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307310101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307310101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

f8c9bbf2f06028c0d90f41455aebabfccacbf534226c58d29f346b4b0bd8503a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:02:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11876
x-xss-protection: 0

GET
H2 200 container.html Show response
06d0fc9c781a51dc51076a2163e623f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6CD8 6 KB
3 KB 125ms
109ms Document
text/html 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://06d0fc9c781a51dc51076a2163e623f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 03 Aug 2023 13:02:52 GMT
expires: Fri, 02 Aug 2024 13:02:52 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 859B 17 KB
6 KB 2366ms
2366ms Script
text/javascript 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307310101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f129.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:02:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 03 Aug 2023 13:02:54 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 3C66 17 KB
6 KB 2331ms
2330ms Script
text/javascript 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307310101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f129.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:02:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 03 Aug 2023 13:02:54 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame BCD9 0
0 117ms
117ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv2CrxdcR3BbxG1T0tTSSX7GLWLAjodqcKepGj-AXotGa1VlkS5AWx6QNCkBAXKsy6MM0G0p7FuqzLu9AcPKsq0tGJ-OGxHJt4sZmjQFTGBqXi6sVJsm4v8PXK_NYgWopl90jzlz6nX2fXjK-dxqeycJ60vLxfjUjsUcOSrHw2ywtZTls48QYYgqrntQ0NhHDckWdMFKhG-Z2KN63gPcXzMcewNrNev-yz6GiYqp3ZPCO3r_x4pYQqaY33QKrqKmxCXF6bmltNzyUIXz_eaj_yX9-PaTGwRtW4rbxnuMtsb8Kw4dnYukBxTXObOiryTNNJFJsNW2PqI1a1hRJE&sai=AMfl-YQtd4dnDv2K-6zEJdxYc0oQS56-7sI_UPevSHeAVc8gwqxRBKzdV4Ax4MCHx7V-rWUxICqvkAFSn_hHpb_wdJ3AiCtBDmUHGyzVug&sig=Cg0ArKJSzJI5vSqr4X_dEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:02:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 ysm_bg3.js Show response
ad.sitemaji.com/ Frame BCD9 31 KB
10 KB 50ms
49ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/ysm_bg3.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307310101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 287077b1aeaca25ca5387fa4bccd16aa0f098f48ab4630152689426db2d97470

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 18:00:20 GMT
content-encoding: br
via: 1.1 google
last-modified: Mon, 26 Jun 2023 06:28:30 GMT
server: nginx/1.12.1 (Ubuntu)
age: 68552
etag: W/"6499300e-7b8f"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9956
expires: Thu, 03 Aug 2023 18:00:20 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BCD9 179 KB
57 KB 273ms
88ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:02:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57355
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690371356542162"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 03 Aug 2023 13:02:52 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 516F 0
0 116ms
116ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstV0S1JePpcpf4jETWCsx1GYq-UdXF7XzTyvolOz2-sdEDorYzVLXUcuzk0GdS3-fjJVK32AguDEXONm0Q08i6eqfw4JWrP3KlfoWzY6Hpf1KYxMWbhJE_1j2h7p-9IG94A4wf-MDrGbM9VRBRmbBio_KRpOGa5-DfwJZyubjUMfERPLZqAFsqDSk5Q6T-_45yq0xkYc3TmnlxhQx1uKgEXs32d-iXi22Vu-Iwg5Wslorak6vOdEG0EoNSgH_0S6i8zXu1kRV_BHHHY1gJyeTqSU-L6VIqhwKzB2ILmsOhEOTgMPbL3l78X-5h7Vyof6T8ZMtPOG_12vcNJyxk&sai=AMfl-YRQlz_FhcxEnKPk2tm0uQ4113-KU7894KehRbdhtj3uCE-wzpbIcNc412IlyRtuIa8U83Ile4Wgd8F0VELjfmk6ToIhTAFXc4udBA&sig=Cg0ArKJSzM6FBFtM3IwAEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:02:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 ysm_bg3.js Show response
ad.sitemaji.com/ Frame 516F 31 KB
10 KB 49ms
48ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/ysm_bg3.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307310101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 287077b1aeaca25ca5387fa4bccd16aa0f098f48ab4630152689426db2d97470

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 18:00:20 GMT
content-encoding: br
via: 1.1 google
last-modified: Mon, 26 Jun 2023 06:28:30 GMT
server: nginx/1.12.1 (Ubuntu)
age: 68552
etag: W/"6499300e-7b8f"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9956
expires: Thu, 03 Aug 2023 18:00:20 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 516F 179 KB
56 KB 323ms
164ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:02:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57355
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690371356542162"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 03 Aug 2023 13:02:52 GMT

GET
H2 200 native.js Show response
s.yimg.com/dy/ads/ Frame BCD9 80 KB
30 KB 1155ms
397ms Script
application/javascript 87.248.119.252
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/dy/ads/native.js

Requested by

Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_bg3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.252 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

e2-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

fe397926b9153eef1ff4b993c12314dee516648b4b9eb17398b3e4252c0b61fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 12:59:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: 2AMW39HNM5TCGBVA
age: 211
x-amz-server-side-encryption: AES256
x-amz-id-2: AjEJVQ+QtSaULjTsvFpmkucNcBiroxkG/dAzjwr9iPnAxlJ8j4KiWOesor0N7/GLHioOn1TpI/c=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 09 Feb 2023 17:58:02 GMT
server: ATS
etag: "1ec4e10d0dddd5bd001bd7317afd4f4c-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
accept-ranges: bytes

GET
DATA 200
OK truncated
/ Frame BCD9 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2e7f3805c953f825e05d0fa978d487324de404121d16f0c7cea0f72a40880414

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 native.js Show response
s.yimg.com/dy/ads/ Frame 516F 80 KB
30 KB 1482ms
763ms Script
application/javascript 87.248.119.252
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/dy/ads/native.js

Requested by

Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_bg3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.252 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

e2-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

fe397926b9153eef1ff4b993c12314dee516648b4b9eb17398b3e4252c0b61fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 12:59:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: 2AMW39HNM5TCGBVA
age: 211
x-amz-server-side-encryption: AES256
x-amz-id-2: AjEJVQ+QtSaULjTsvFpmkucNcBiroxkG/dAzjwr9iPnAxlJ8j4KiWOesor0N7/GLHioOn1TpI/c=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 09 Feb 2023 17:58:02 GMT
server: ATS
etag: "1ec4e10d0dddd5bd001bd7317afd4f4c-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
accept-ranges: bytes

GET
DATA 200
OK truncated
/ Frame 516F 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e6a8b0795b0c85b8c362aa2e07437a5cf8912eaebbe005ed671eb37c4920d0bb

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 OpportunityServlet
am-vid-events.taboola.com/ 1 B
117 B 122ms
122ms Ping
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-vid-events.taboola.com/OpportunityServlet
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_1_3/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.bg3.co
date: Thu, 03 Aug 2023 13:02:53 GMT
access-control-allow-credentials: true
server: nginx
content-length: 1

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 123ms
122ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=13%3A02%3A53.459&type=usage&msg=New_CTA-event-1691067773459&llvl=2&id=1680&cv=20230801-6_b2-PR-59751-DEV-140977--intersections-40f9960c353&lt=split-bugfix-v1_var&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-visible%22%2C%22itemId%22%3A%22~~V1~~8592879470642657307~~Tmvju2IL_McAI%22%7D
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:02:53 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 85874

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 123ms
123ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=13%3A02%3A53.460&type=usage&msg=New_CTA-event-1691067773460&llvl=2&id=1039&cv=20230801-6_b2-PR-59751-DEV-140977--intersections-40f9960c353&lt=split-bugfix-v1_var&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-visible%22%2C%22itemId%22%3A%22~~V1~~-4467127564505210298~~G0IY6h4Ir8LP%22%7D
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:02:53 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 85874

POST
H2 204 collect
region1.google-analytics.com/g/ 0
45 B 74ms
74ms Ping
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je37v0&_p=496&cid=1152059708.1691067769&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1691067768&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html&dt=MLB%EF%BC%8F%E6%96%B0%E4%BA%BA%E9%A6%96%E6%9C%88%E6%95%B244%E6%94%AF%E5%AE%89%E6%89%93%E3%80%80%E6%99%AE%E4%BC%8A%E6%A0%BC%E5%8F%B2%E4%B8%8A%E7%AC%AC2%E5%83%85%E6%AC%A1%E6%96%BC%E7%8B%84%E9%A6%AC%E5%96%AC%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_failed&_et=3
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Aug 2023 13:02:53 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 VideoBidRequestHandlerServlet Show response
am-wf.taboola.com/ 2 KB
835 B 302ms
296ms XHR
application/json 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1691067774449&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1537&pt=-1495549126&tz=0&viewable=true&ddast=V8YaYCLAYUGAJ6Q7CJbBMoMAT0hmAT2S4AAABgYID-AAktZh6PzTJcK3aj4Vo0cazcwpFjuFYMh5vBYLdbuFYzIyChxczjsVmGa8VuNFyLJo6VWzhyDNeK4XAzGOx2C9dqZgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZraDodPte9Xvf73SU-z1zj9yv8arPFLXza3ZKX3a05-l1v5evlVjwdfrdoND063Qq7W-RwC15v5dOtc7k1R6dbc3TYfW6R0y2ZOu1ujdOtfL1FTrfa4VY8HX670PQ22wEAAADAg____38IAAAAABEAAAAAJAAAAABQCKjwb0HgAgAAAACG____fw0AqxwM2Om5-O3-AAAAAAACAAAAgAQAAvphCYAY470T__________8xBugzb2T8____3zDoAfDgA-BBCAAAANCQOc7gDVM7CngiBdJFGAEAAADIBUzoOTJJJ6hYVPn__--3AnAFACAgcdcvqyaL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iENNYL0wRL9MSp-QUEAFjzCwgAwEbdAAC8EYATdAhaMRisTkDMDgAAAMCd____fz0gNLPZVpPlauNbTWwui8nm8e0WC9fM5FytBhvnYHs-FfWW3HmuuPpsCMvs9x0UlNPTY3YZZCyXySA-aBiWk0EwPxO2GK0mk81yOFsuJoPhaDga7Y8ALgdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDB3GIyMm52M7dquFiuRcvZxC0xWWZumc1mmbhmxsVk43GLXh_TxeOaLGy2LRIMmNuL5GmRTlSjjW8x2phMg8FwYVrObKOFbbkceUwL58piW00mYonmZJFOZJd9aWazrSbL1ca3mthcFpPN49stFq6ZyblaDTbOwb63mIyMm93MrRoulmvRcjZxS0yWmVtms1kmrplxMdl43KLXx3TxuCYLm23fmC0Xg9luN5vtG7PlYjDb7WazfYfO8F19zkZlWSX5mFziW-S6uDkNCpfB4n1-L9LQzmgz-jRfiUX1FOc8E6vQ7_f7_X6_3-_3ezdmg8dgMMw82m1i7PJrNj_lUeM9GBSxRHCRTgQPs9therklPs_GbxFLlKaLdKJX-NVmi1v4tLslL7tbc_S73srXy614Ovxu0Wh6dLoVdrfI4Ra83sqnW-dya45Ot-bosPvcIqdbMnXa3RqnW_l6i5xutcOteDr8dqHpbbaIJYLTRToRvYyni_qPGGK4mismw7lyLlusEgAAAAAAAACAJZhmugkAAACAk0ENN8PFap0OZjKbDHar5QK4CMrSBQwCAAAAAABQrLHHGuBhdjtML7fE59n4rQxAgjmP2WafEcRarZY1AAAAAWwAAAAB3HTjTSAWE_f___8_DgAAgIwcegAAAPT7gLIAAAAAAAD4FcRkshnuH4AKsVar1e3GWq1WwIJYLHarCfz___8H!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=nonrv_vA!ufm_vG!ufwfrtb_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.8/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: db1d1c9fcf85b45b127914a9c2c4c56beb8f9352dfee7cc6557d10ee4dcea242

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Thu, 03 Aug 2023 13:02:54 GMT
content-encoding: gzip
server: nginx
machineid: 1434
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ Frame BCD9 290 B
624 B 275ms
96ms Script
application/javascript 87.248.100.136

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?agentVersion=205&adTrackingEnabled=true&locale=en&adUnitCode=bcca64ee-253d-4aef-a886-21cefca8d05d&apiKey=SXG6B5X3FQVQPXFZFMVG&gpp=&gppSid=&usp=&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Frisu.io%2F&caps=16&cb=jsonpCallback0

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.100.136 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

6227e2f11efa93c7eb0ea38ed73a866426f7080d40f3a34a6670bff550656d0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
date: Thu, 03 Aug 2023 13:02:54 GMT
server: ATS
age: 0
x-content-type-options: nosniff
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
x-envoy-upstream-service-time: 14
x-xss-protection: 1; mode=block
x-request-id: 26a853dd-8926-4d91-9d3b-3eddb23653d1

GET
H2 200 b
geo.yahoo.com/ Frame BCD9 43 B
366 B 256ms
82ms Image
image/gif 188.125.72.139

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://geo.yahoo.com/b?t=xhkd7&9sdk8454

Requested by

Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.125.72.139 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Aug 2023 13:02:54 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 0
content-length: 43

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4449 603 B
65 B 366ms
366ms Document
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-26481388713844605500&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=3628&oid=2&is_amp=5&amp_v=2307212240000&d_imp=1&c=442488000496&ga_cid=amp-F0oS4YOX4KBl2Q4wUab88g&ga_hid=496&dt=1691067767737&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html&bdt=1388&dtd=50&__amp_source_origin=https%3A%2F%2Fwww.bg3.co

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307212240000/v0/amp-ad-0.1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 03 Aug 2023 13:02:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/ Frame BCD9
Redirect Chain

https://agent.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

55ms
54ms

Script
application/octet-stream

104.26.4.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol: H3
Server: 104.26.4.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:02:55 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4088
alt-svc: h3=":443"; ma=86400
content-length: 40181
last-modified: Tue, 20 Jun 2023 03:04:26 GMT
server: cloudflare
etag: "6491173a-9cf5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cR8z8DWuJVZYTWAc6ht7CkcBVf6od5q68XmlMyCgneMjjDSu3Sy0pV2SfpO1V1lFBmP7gPjSWwDwGv9zcricI9ncq5wRRfl9Yut4wkaNqAE5UvVDNIp1zWGVr5W1Lu7cJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7f0ec1fbeb75d651-MAD

Redirect headers

Location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection: close
Content-length: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F32C 13 KB
5 KB 76ms
75ms Document
text/html 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f129.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 3285
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 03 Aug 2023 12:08:09 GMT
expires: Fri, 02 Aug 2024 12:08:09 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B902 783 B
766 B 84ms
82ms Document
text/html 216.58.206.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.36 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f4.1e100.net

Software

GSE /

Resource Hash

ef20a07d6de0f758a77ab43d7ee158523b088a0ad53c3b5b865f5e4ffc1c2bc5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Riw8Gs3UUD-MWA4VsG1q_w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-Riw8Gs3UUD-MWA4VsG1q_w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 03 Aug 2023 13:02:54 GMT
expires: Thu, 03 Aug 2023 13:02:54 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 b
geo.yahoo.com/ Frame 516F 43 B
96 B 83ms
82ms Image
image/gif 188.125.72.139

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://geo.yahoo.com/b?t=xhkd7&9sdk8454

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.125.72.139 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Aug 2023 13:02:54 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 1
content-length: 43

GET
H2 200 getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ Frame 516F 290 B
359 B 98ms
97ms Script
application/javascript 87.248.100.136

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.100.136 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

6227e2f11efa93c7eb0ea38ed73a866426f7080d40f3a34a6670bff550656d0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
date: Thu, 03 Aug 2023 13:02:54 GMT
server: ATS
age: 2
x-content-type-options: nosniff
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
x-envoy-upstream-service-time: 15
x-xss-protection: 1; mode=block
x-request-id: 2733f0bb-901d-408a-bd3f-32cc9cf784bb

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EEE3 13 KB
5 KB 92ms
76ms Document
text/html 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f129.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 3286
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 03 Aug 2023 12:08:09 GMT
expires: Fri, 02 Aug 2024 12:08:09 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0EDA 783 B
760 B 99ms
83ms Document
text/html 216.58.206.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.36 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f4.1e100.net

Software

GSE /

Resource Hash

eae78680163f328f09d62794eccca2901468cb80057fe3c188a4fe29040c8a43

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-tWTOhTCLbUEk-5yUqbYeqQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-tWTOhTCLbUEk-5yUqbYeqQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 03 Aug 2023 13:02:55 GMT
expires: Thu, 03 Aug 2023 13:02:55 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET

sdk
cdn.aralego.net/ucfad/sdk/us-east/ Frame 516F
Redirect Chain

https://agent.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

0
0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B902 0
0 176ms
175ms Image
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307310101&jk=4152201663725913&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lcfraa-aa-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 fEcdG_B7pUQXAq0S1D0jGwFCW0QHifFmsZMHxcblrt4.js Show response
pagead2.googlesyndication.com/bg/ Frame F32C 37 KB
14 KB 76ms
75ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fEcdG_B7pUQXAq0S1D0jGwFCW0QHifFmsZMHxcblrt4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

sffe /

Resource Hash

7c471d1bf07ba5441702ad12d43d231b01425b440789f166b19307c5c6e5aede

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 12:30:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 88367
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14619
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Aug 2024 12:30:08 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0EDA 0
0 175ms
175ms Image
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307310101&jk=4107124828237087&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lcfraa-aa-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 fEcdG_B7pUQXAq0S1D0jGwFCW0QHifFmsZMHxcblrt4.js Show response
pagead2.googlesyndication.com/bg/ Frame EEE3 37 KB
14 KB 75ms
75ms Script
text/javascript 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fEcdG_B7pUQXAq0S1D0jGwFCW0QHifFmsZMHxcblrt4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

sffe /

Resource Hash

7c471d1bf07ba5441702ad12d43d231b01425b440789f166b19307c5c6e5aede

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Aug 2023 12:30:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 88367
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14619
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Aug 2024 12:30:08 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame F32C 0
10 B 75ms
75ms Image
text/plain 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?dPYRcw
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.16.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: zrh04s06-in-f129.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:02:55 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 ucfad-formats.css
cdn.aralego.net/css/dev/ Frame BCD9 975 B
746 B 62ms
62ms Stylesheet
text/css 104.26.4.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.4.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:02:55 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4109
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w5qVR6a5Jj0XBzZYysR6Fig5GXz7KnDrFv66hYjqP7tQrFARAIu5od9p7qS%2Bn11GGpkF0CvmtdHhl5oFbWOxJ11KcjKFwmYxyfPVHzyWmT1HKGUMUgFFUWVpUVXtvhCD7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7f0ec1fc5b9ed651-MAD

GET ad_request
ads.aralego.com/ Frame BCD9 0
0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame EEE3 0
10 B 75ms
74ms Image
text/plain 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?NhjeDg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mlb-xin-ren-shou-yue-qiao-44zhi-an-da-pu-yi-ge-shi-shang-di-2jin-ci-yu-di-ma-qiao.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.16.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: zrh04s06-in-f129.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Aug 2023 13:02:55 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET view
securepubads.g.doubleclick.net/pcs/ Frame BCD9 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/02e6a938b8c39e79b11935a028911d96.jpg

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/e64f1aad0f4081deb01264b2e02414c5.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202106/ebe842e62533611615b58af6382dbecc.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/55ad054dca5f735d50ce599d2035f6d3.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/0901b9fd824b2abf6957a7eed729ad9c.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/2c4521423c211ab8a15cf9ca0c67f87c.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202106/787a7a029487e4a99f1bb7791001a693.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202106/c5670e3ba9155811512ecdf2938353a8.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/ae2ede62cb3f3fe94f8e71e117c0a533.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/131604ace6a1dde3651fa86692f20609.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/7206727794732112ed90fbc455c55c50.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202106/1975aee9e84b4e7eb3c38ccd2d490fc0.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/5977e5be7766f9679a4043821b34b6a5.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/d7009cccd2e6d05f7d26afdf0b56cb63.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202109/481449c804eb34cb00f7a8d5276610ef.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/dfd89791823818cc3bfa50ae16fb7e6e.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/8e7b3ebc19fb21c73ba1a78204210d25.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202106/73b90d036aa96714a00055ac5f10cc65.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/5fbae40a67ec2cf4f35ee011f4fefe83.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/7eefafea070ebc1c6eab1255cce5e9fa.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/37a5aca441dbf98f5193d7e9e5f7328d.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/373929e5e49e186a781b9777a9abde0c.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/9a4c75312644db9a2f983ce6bd4ae69d.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/c309aaa2355171828a1b10b57d4f2714.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/1057a41c9c75467ca61eb054642d0198.jpg?w=150&h=100&q=100

Domain: sync.adotmob.com
URL: https://sync.adotmob.com/cookie/rubicon?r=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D123034%26nid%3D3956%26put%3D%7Buser_token%7D

Domain: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Domain: ads.aralego.com
URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=adx.holmesmind.com&u=https%3A%2F%2Fwww.bg3.co%2F&adid=ad-47BD2AED499228741372878ADE27B2E&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=undefined&cb=0.23663457594927317&ao=https%3A%2F%2Fwww.bg3.co&uaMobile=%3F0

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuYjKtYy5cghnmH8BV2Vmq0W8RSUnIL-fRfwps-GfXjJiuzSXRwncmxSsiSUtPDk1iNNnd8nJzaHdNmuC50Cz3PtqxGAb5gh4gFqa1kQ6S__kOYJKMnd61VIszcX-BJwDlSiLfNuFwv0HTIEnIgz9bGWA5ijzWkZUu3J-E26idJgBWlSsjEvLyR8k6WmMo8sf_hO_s0nCqULjoKtl59-wJw-VUjDYGMQsqDJGGX-shICr0NfS32MxKjSq_dBqlkO3c_keWeGGLeZcq5PQIncEd7JH65W-atQAalL36utOH6EmQkq-o9oZWGBG_rDSdQsnJiRc-Iqb3AL-XTuL1I4g&sai=AMfl-YTi8yGeuOcAuJHM5aPMxV297uBHtS_LI_lWYBH3qZ1UQYpoAby0m6jeE4XK9EFN6i1sTkWI7ha6ew4ZQaipvJV0C1s6TKFyusBeNg&sig=Cg0ArKJSzLXbrs3LqMNzEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Verdicts & Comments Add Verdict or Comment

135 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.bg3.co/	1970-01-20 22:30:03	Name: trc_cookie_storage Value: taboola%2520global%253Auser-id%3D712d837f-5819-496b-bd2f-fff2b5f812cc-tuctbc52af6
.aralego.com/	1970-01-20 22:30:03	Name: sspid Value: 7d806f9d-f2ac-3618-8ed0-b4d981b59591
.www.bg3.co/	1970-01-20 14:27:39	Name: _im_vid Value: 01H6XQWQ8GWK6HB6HJ3WRGT48S
.quantserve.com/	1970-01-20 23:14:42	Name: mc Value: 64cba578-8833e-4e601-5e8cd
.bg3.co/	1970-01-20 23:08:56	Name: __qca Value: P0-525109082-1691067767944
.doubleclick.net/	1970-01-20 23:06:03	Name: IDE Value: AHWqTUn7XoB9PI9axzBeqp6735Jb86iuxNn2ZlULjW6MYWHVygg_WBEId56b-rZhDBs
.bg3.co/	1970-01-20 23:20:27	Name: _ga Value: GA1.1.1152059708.1691067769
.bg3.co/	1970-01-20 23:20:27	Name: _ga_Z0TZ7TDHS1 Value: GS1.1.1691067768.1.0.1691067768.0.0.0
.quantserve.com/	1970-01-20 15:54:03	Name: d Value: EJUBCwHPKcujAA
.bg3.co/	1970-01-20 23:06:03	Name: __gads Value: ID=33261ab6cdac1e4b-22f68abbb9e7002a:T=1691067770:RT=1691067770:S=ALNI_Mbg3GBPASHUV0zppsTn2_zpFYscdA
.bg3.co/	1970-01-20 23:06:03	Name: __gpi Value: UID=00000c4be3b01b0c:T=1691067770:RT=1691067770:S=ALNI_Mby--LOXFe1YckeMF70y3MIb9ItLQ
.blismedia.com/	1970-01-20 22:30:07	Name: b Value: 64CBA57B7B847311EC5817F4BLIS
.company-target.com/	1970-01-20 23:20:27	Name: tuuid Value: 6de2a3d2-dda3-4d1f-90a2-e0e197802d4b
.company-target.com/	1970-01-20 23:20:27	Name: tuuid_lu Value: 1691067771\|rp:0
.aralego.com/	1970-01-20 22:30:03	Name: euconsent-v2 Value:
.aralego.com/	1970-01-20 22:30:03	Name: gdpr Value: 1

26 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://static.bg3.co/imgs/202106/787a7a029487e4a99f1bb7791001a693.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/02e6a938b8c39e79b11935a028911d96.jpg Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/e64f1aad0f4081deb01264b2e02414c5.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/131604ace6a1dde3651fa86692f20609.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/ae2ede62cb3f3fe94f8e71e117c0a533.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/0901b9fd824b2abf6957a7eed729ad9c.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/55ad054dca5f735d50ce599d2035f6d3.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202106/c5670e3ba9155811512ecdf2938353a8.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/2c4521423c211ab8a15cf9ca0c67f87c.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/d7009cccd2e6d05f7d26afdf0b56cb63.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/dfd89791823818cc3bfa50ae16fb7e6e.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/5977e5be7766f9679a4043821b34b6a5.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/5fbae40a67ec2cf4f35ee011f4fefe83.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202109/481449c804eb34cb00f7a8d5276610ef.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/7eefafea070ebc1c6eab1255cce5e9fa.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/9a4c75312644db9a2f983ce6bd4ae69d.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202106/1975aee9e84b4e7eb3c38ccd2d490fc0.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202106/ebe842e62533611615b58af6382dbecc.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202106/73b90d036aa96714a00055ac5f10cc65.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/c309aaa2355171828a1b10b57d4f2714.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/7206727794732112ed90fbc455c55c50.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/373929e5e49e186a781b9777a9abde0c.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/1057a41c9c75467ca61eb054642d0198.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/8e7b3ebc19fb21c73ba1a78204210d25.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/37a5aca441dbf98f5193d7e9e5f7328d.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://cdn.adpushup.com/42753/L2EvbWxiLXhpbi1yZW4tc2hvdS15dWUtcWlhby00NHpoaS1hbi1kYS1wdS15aS1nZS1zaGktc2hhbmctZGktMmppbi1jaS15dS1kaS1tYS1xaWFvLmh0bWw=.json Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

06d0fc9c781a51dc51076a2163e623f9.safeframe.googlesyndication.com
8c205996eb486360c550377b1304b471.safeframe.googlesyndication.com
9a872fb22e3fb1e24f0e55f1f7c5439e.safeframe.googlesyndication.com
ad.sitemaji.com
ads.aralego.com
ads.yap.yahoo.com
adx.holmesmind.com
agent.aralego.com
am-match.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
amp.analytics-debugger.com
audiencedata.im-apps.net
bb6ad35fab43e09d032d512ce4e9a92d.safeframe.googlesyndication.com
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.taboola.com
cds.taboola.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
d-3990198761571930581.ampproject.net
delivery.adrecover.com
dmp.im-apps.net
e3.adpushup.com
eus.rubiconproject.com
fonts.googleapis.com
fundingchoicesmessages.google.com
geo.yahoo.com
googleads.g.doubleclick.net
gum.criteo.com
il-trc-events.taboola.com
images.taboola.com
imprammp.taboola.com
ioms.bfmio.com
l.logly.co.jp
match.adsrvr.org
nt.compass-fit.jp
pagead2.googlesyndication.com
partner.googleadservices.com
pips.taboola.com
pixel-apac.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
region1.google-analytics.com
rules.quantcount.com
s.company-target.com
s.yimg.com
secure-assets.rubiconproject.com
secure.quantserve.com
securepubads.g.doubleclick.net
static.bg3.co
stats.g.doubleclick.net
sync.adotmob.com
sync.aralego.com
sync.logly.co.jp
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
trc.taboola.com
ups.analytics.yahoo.com
vidstat.taboola.com
vidstatb.taboola.com
wf.taboola.com
www.bg3.co
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
ads.aralego.com
cdn.aralego.net
securepubads.g.doubleclick.net
static.bg3.co
sync.adotmob.com
103.231.174.251
104.26.4.103
108.138.7.64
141.226.224.32
141.226.228.48
142.250.184.194
142.250.184.206
142.250.185.129
142.250.185.226
142.250.185.65
142.250.185.66
142.250.185.98
142.250.186.168
142.250.186.42
151.101.1.44
151.101.193.44
172.217.16.129
172.217.16.194
172.64.164.28
178.250.1.11
18.196.122.173
18.66.97.113
18.66.97.52
185.106.33.48
188.125.72.139
192.96.203.13
193.108.153.16
193.108.153.18
216.239.34.36
216.58.206.34
216.58.206.36
216.58.212.131
23.218.164.71
23.35.229.251
23.36.163.132
23.97.225.52
3.75.62.37
34.120.96.193
34.96.105.8
34.96.71.22
35.186.215.140
35.71.131.137
35.74.222.51
52.68.208.5
54.73.141.177
54.84.85.230
69.16.175.10
69.173.144.139
69.173.144.165
69.173.158.64
74.125.133.155
87.248.100.136
87.248.119.252
91.228.74.168
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0
02e0876345c1eb93793970c6625afc5cbd68044ee2504ddf875c1f6dd82e6abd
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
0743608765f1f94ae2ea60b0aa19b6de38bf455b72a26f21a4c50ed552493372
0b867402564d1507a949459829b810518429e126ef037643198e76626ea93180
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cdc1d09aac29df4b32648b075b088d83174193624fe3c219cfd777692c9ba81
0ebd6d4a5b4a733b73566f955c243de18d5d781e74ef7df5c54e91b178090f61
0f0ffd4f7d14f1bfc2bf49e753aa7676ca378281f5ca931e8d90e92112ebc772
11e73a6acd842a4904dd95aa930d9ebe6ff599c0ef427e52ba32a0360543f8fa
1207adf24cb9032f11fb0dcd2f207258ff809d192c26aebd75c7aed09879cc47
120d6f4483a00a7bccde9737c262e1085fb41e91ac401ec44ec4faf16ecceab6
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1
13d5c0f2451f0a14104098f72c6f3334114a68927e50beb4779a0bf98966d9f5
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
195251f734458153a0d5d070fc3439725d825ecea5bf2d10e2200f54072c36ca
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1cda63ab62cd9d83d63c77e4fef8735ae516fc537848d0a1dd585452af15bfcd
240ba45f09154352c61c79884a4662a0bc6c74282798088571f5271cd290361d
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
287077b1aeaca25ca5387fa4bccd16aa0f098f48ab4630152689426db2d97470
2aec7a278e6dcbc6fe1215aa393f819226b5ce4c8e0490f7ff1e263f29b07f89
2b5eeeb211f2b120bf3f918a06f149d8e975a17a691b59e2108aefcc3d730686
2e1c308b644d5be0cb3ca8d1ed6ca9caf2f559a2db097ce23040bb7e6f352d6e
2e57a9a2b83ef9723874e9e243174c7f3058e393310cf79fe710591861511e0d
2e7f3805c953f825e05d0fa978d487324de404121d16f0c7cea0f72a40880414
30d811fcec503ade45c52072bc2b3e126dfc7fff53eda0a0f6cb6d943f79570f
33a6bceccdad3831c446c41d3f3eccf4753b5646b9205cda82960bb4dcd2249a
3665aacaceaa4bcc670183736fe655c0767bbc33c088e2c2a4c49cf932e3cb00
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6
3973cb55df9a5b6cb4455c50724a1bd7085b4ef8b1006996def9d92436c4e732
39a50400ad3f1bb28a23223000358a20bb8aee69c7f3fc13c1b33a0d11434ab4
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3f308a260fcdd3e58116379e2a129a40a7a67299e264db10ca89c81bb102621b
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40058165f33746d21eba8af2a5db90d0a44596bd1eb6a733e1fd6c87c7c11242
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4a52a0201748dd82b033cfee0104e548bc12cf6d36e803d62d4699e72d68faaf
4afbed455668e43ef5c703fb1b205beefe923c7fd7c591c09a3157ac8afb10ae
4fcde06d3963713e552d9d46936109ce6d3d389318c4c053217dd0a8b12e7b85
50f2c1e8466aec61a9b441d36da36639ae16937ebbf87a2654b5d1e72579b1d4
521d9c6d02e540d37c926a8754ff7732b534049339aa8da41df1673fe954d4c8
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
597ed7e46060dfafc51820d3b64f2e8554748c50e6aac55629147577108d1e77
5a2d9e49527a95680960a229818ad93a49d481958fa0302b90ee4a754d6cd743
5a42323e0b1c4e0d4d08124e092838d317dec3536cedfeb797380f02c1ebc132
5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de
5dfe2f8567125e8ebc7b7753ea10803b4ad6ecf9ca3024af041fee03fb4105c6
5eced968fda8a4828b9ab4ccc3039fc8a1e548c32715055127a673084704c01e
5f9e2d42205b6a1c720cd33802edbad14351854bc4425726a291e9baed286a6f
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6227e2f11efa93c7eb0ea38ed73a866426f7080d40f3a34a6670bff550656d0a
69fa4215009a4325ef2d8ed36a318853ec8597bfa8fc52197de529582b85a965
6a41b07ef6bc71a3aafcf827039797666e2aa0b0e17837c6a516fa3e12d52bd5
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8
6bf122b7054e352794e08cd127c0c3fe32ecc2a258bde31001745898fbef7cce
6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
70e0d598b0c4ff7c3a0dd4a5046c7da9d08dc9e78631634db1ab08f3487858c1
750ce980ac9dfc4adecd635e8a2e1a5d1ec65e851d6114fb20c5238844b9cec0
75121139206ffbc6b85233db0520027d3cf8dff5c6c2ef536302048d342052c4
770ca90c340ad75b1ce78835305f292310d957b200a940123844c4f82ddf764e
77ede5513abd60f656502ed2cf36a21ec9b0e93271b0936f1a5789b2042fe964
78153d98c895d3796b4d5d47ee8f0537847e62cf5ec81e6d7585139592471acd
7aabf43feb1a7fc3ab72a0e668ed7a2270a372e6302e3d9c597276da6688b669
7aeb79f60a16395b0f980556f6421e611710f447efd99ad7072d88eb4cb5f94d
7c471d1bf07ba5441702ad12d43d231b01425b440789f166b19307c5c6e5aede
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030
7fd188c67ab443aabe8199adc8a0c5b15ed8393182577ebbf1632c3822c42493
813259c2c1f1d3b42d9a6749d793fcc4d9cdf352160fb907c41a0e71c2de0b9c
8160fb343e74887943d5811723b899cb93461cc208a5253412b93c79b9e56b3b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec
86370f5b539d715fc99a635217cccdb8520103a3a870ce563df97c70c20b873b
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dfe3a01e302a4044539117ac21d6278e5409d3e0fa804f89c51aa779fb18f4f
8f7018f33777001d751d8c8d9107bb98e2b2dc3e6c6375a85518365653147c8e
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
95340d68557bff28d6455d5dd904ee2f72fe02b7f1fe156154079039d003fb19
957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8
96b25f53ae3f279c2540a474dfc42f7d301fbccce9ad72da586bacc478d4b605
98770489a1a03bc6f6c92fa59b392fdcbd5f6404fa96569cf2d6c43b40587562
9e8af64d7d33c5040629bed13204bc6a9510d5e1df37251b9645a087fd80a0b2
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2aa63eed69f57bac36def178052b757dfae36c9186ebcab77061ce703347a01
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
a618aa01df154e81e7cba8abba9523d276080bb12292b616a7c952c41ee82ac9
ac4a5d4f7704bfabd97126241009d730d156e68859c8bd7d0db1f049acc39e95
af34f23466c52d9a00d4e7077c5f2218eda94f9014d9f882623d374b2ebac57e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b9bd9e32440df2a5a85acc253be3918eeb8f9c1ee4a5bde15fe7ff1004fb509f
b9c3bd3f644da1e4a4dd033d6da5bdd1a37a90bfc8a520df5b709684f6ad30ac
bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336
bc8eb6aa508fc38cc82f97aba66d664d8e1d95ff882e32282b1af697efaac599
bec100a88725b8aa87c85af62b54a24314255cf4f2f9a40eb49a5f4606b37fd9
c15f82439cd10160f3785e2b23bfb42cb3035acb6021db88117e5512af6aee7b
c22797992dd1d24b0a0ca26c91d8db543627e90afcc35db9e65416373888359b
c3a09879b4e080a6ba2813b57feb0cd15d6251b08b39ff567d8f1e72444cf320
c3b841038d3e92059d020f8e07ac081fe3e75b5d274f88107475158bd05a834d
c557d0ac570f352129e7e621497f128d4a4bc8b82d33c022147b5161a9d52d61
c557ffd1c92338736ad687b2defe43b947849477a127b1911d956e703e485d98
cc53e5d8f656cc93e56202a8c0be4f1fd0fd5be7cd1fd564561b68b3087cbdc5
cee485246cdd0c208f39c2c3a38da5966166e82cb8da88809defdcbfa382dcda
d1c998e8df11ff3bf9e18904976ea4557053ad49732303ba8f3622bbe40b6741
d49d6e253d96bd613d9836f126575da7177a6061e7800e9519ebede3d5a19f85
d55fec727f544b6766754d7b94dc6448b2db5491e094fc4b487bfc4c3d5d6b80
d9453956f7703a0d4e455d92d56b7e5790d92cea6326e6c2be099df3abaf4eae
dabebdb778ec3cf6434cf2b2ac7f0ceed5218c664abb2fb1360c3447373759a7
db1d1c9fcf85b45b127914a9c2c4c56beb8f9352dfee7cc6557d10ee4dcea242
df87e6c5b8d37cfd08f40ca57b729f04252165012b5840caa0da9248a556e2f4
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5eec0b80e94fecee6c1a5921e94663c5b4507d44dbe77fa31cb287b566ac6f3
e6a8b0795b0c85b8c362aa2e07437a5cf8912eaebbe005ed671eb37c4920d0bb
eae438576c20d429574bb39337c98179423e0ec301675c2ba564e15fd2e0ae0c
eae78680163f328f09d62794eccca2901468cb80057fe3c188a4fe29040c8a43
ebe84c80a849aa29690b060bc501c57333111e8eeb6c0533c450f381e2e0deb8
ed8a3320b85003e4acda56beba20a58f9d931cbabc95024476a99be054813fe5
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
ef20a07d6de0f758a77ab43d7ee158523b088a0ad53c3b5b865f5e4ffc1c2bc5
f31b9b9a73fdff78275e9371e45054a4d05d32f40a964297b00dd0879c122c47
f622451b466b40977065d043cef0a06ea89bd0f830d03516dcd27a57c9b6688a
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f7cc731ab142db1e16ff5dc045e0af2dd888e3dac2b3c6ee1932d33daaa6adef
f8c9bbf2f06028c0d90f41455aebabfccacbf534226c58d29f346b4b0bd8503a
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fe32cf79c25dff5a5cff723721ebd109212076da50e1037a68c81c82ca27f529
fe397926b9153eef1ff4b993c12314dee516648b4b9eb17398b3e4252c0b61fe
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff5db27b3460f352d33d9dd07e320c709bf39c0fc3f68b83b7fa2c8ad44c6565

www.bg3.co Open in urlscan Pro 103.231.174.251 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

291 Requests

88 %HTTPS

0 %IPv6

35 Domains

72 Subdomains

53 IPs

10 Countries

3615 kBTransfer

10937 kBSize

16 Cookies

21 Outgoing links

Redirected requests

291 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.bg3.co Open in urlscan Pro
103.231.174.251 Public Scan

Screenshot
Live screenshot

Full Image

291
Requests

88 %
HTTPS

0 %
IPv6

35
Domains

72
Subdomains

53
IPs

10
Countries

3615 kB
Transfer

10937 kB
Size

16
Cookies

291 HTTP transactions
3 data transactions