www.bg3.co Open in urlscan Pro
103.231.174.251 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.bg3.co/a/mai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html
Submission: On July 18 via manual (July 18th 2023, 9:42:24 am UTC) from US — Scanned from PT

Summary HTTP 311 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 52 IPs in 9 countries across 36 domains to perform 311 HTTP transactions. The main IP is 103.231.174.251, located in New York, United States and belongs to XLC-AS-AP XLC GLOBAL, HK. The main domain is www.bg3.co.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on May 22nd 2023. Valid for: a year.

This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	103.231.174.251 103.231.174.251	9744 (XLC-AS-AP...) (XLC-AS-AP XLC GLOBAL)
15	142.250.186.33 142.250.186.33	15169 (GOOGLE) (GOOGLE)
1 7	192.96.203.13 192.96.203.13	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
12	104.26.4.103 104.26.4.103	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2.16.202.121 2.16.202.121	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	23.53.40.242 23.53.40.242	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
42	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
1	13.114.150.222 13.114.150.222	16509 (AMAZON-02) (AMAZON-02)
45	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
2	69.16.175.10 69.16.175.10	20446 (STACKPATH...) (STACKPATH-CDN)
4 7	162.210.196.208 162.210.196.208	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
18	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
2	23.97.225.52 23.97.225.52	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2.23.209.46 2.23.209.46	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	108.156.60.96 108.156.60.96	16509 (AMAZON-02) (AMAZON-02)
1	172.217.23.110 172.217.23.110	15169 (GOOGLE) (GOOGLE)
1	178.250.7.13 178.250.7.13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	23.218.164.71 23.218.164.71	16625 (AKAMAI-AS) (AKAMAI-AS)
6	95.101.149.233 95.101.149.233	16625 (AKAMAI-AS) (AKAMAI-AS)
2	91.228.74.159 91.228.74.159	16509 (AMAZON-02) (AMAZON-02)
5	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1	142.250.185.227 142.250.185.227	15169 (GOOGLE) (GOOGLE)
2	54.249.104.171 54.249.104.171	16509 (AMAZON-02) (AMAZON-02)
1	172.64.136.31 172.64.136.31	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	185.106.33.48 185.106.33.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	34.120.96.193 34.120.96.193	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.66.97.52 18.66.97.52	16509 (AMAZON-02) (AMAZON-02)
2	3.233.145.251 3.233.145.251	14618 (AMAZON-AES) (AMAZON-AES)
2 11	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2	142.250.185.136 142.250.185.136	15169 (GOOGLE) (GOOGLE)
1	142.250.184.234 142.250.184.234	15169 (GOOGLE) (GOOGLE)
8	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
3	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
2 8	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
2	18.66.122.127 18.66.122.127	16509 (AMAZON-02) (AMAZON-02)
6	142.250.185.206 142.250.185.206	15169 (GOOGLE) (GOOGLE)
1	108.177.15.155 108.177.15.155	15169 (GOOGLE) (GOOGLE)
3	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
3	34.241.131.206 34.241.131.206	16509 (AMAZON-02) (AMAZON-02)
2	54.93.152.109 54.93.152.109	16509 (AMAZON-02) (AMAZON-02)
2	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
1 2	52.46.130.91 52.46.130.91	16509 (AMAZON-02) (AMAZON-02)
2 3	52.95.115.196 52.95.115.196	16509 (AMAZON-02) (AMAZON-02)
1 1	64.227.64.62 64.227.64.62	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 1	34.95.81.168 34.95.81.168	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	193.0.160.131 193.0.160.131	54312 (ROCKETFUEL) (ROCKETFUEL)
24	172.217.23.97 172.217.23.97	15169 (GOOGLE) (GOOGLE)
1	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
4	35.186.215.140 35.186.215.140	15169 (GOOGLE) (GOOGLE)
8	172.217.18.100 172.217.18.100	15169 (GOOGLE) (GOOGLE)
1	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
2	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
2	87.248.119.251 87.248.119.251	203220 (YAHOO-DEB) (YAHOO-DEB)
2	87.248.100.136 87.248.100.136	34010 (YAHOO-IRD) (YAHOO-IRD)
2	188.125.72.139 188.125.72.139	34010 (YAHOO-IRD) (YAHOO-IRD)
311	52

1 103.231.174.251 (New York, United States)

ASN9744 (XLC-AS-AP XLC GLOBAL, HK)

www.bg3.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.250.186.33 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f1.1e100.net

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
0a9c77ec73b57b67966354804facfdfd.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
1d7b474b70eb67bcb6923a03ca70b886.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
38b6432ed8425dc66a05270e66c3b4b3.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a0020eb1a4c717861f6a21fdc8f4cd9d.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 192.96.203.13 (Manassas, United States) 1 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

ads.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 104.26.4.103 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.aralego.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.202.121 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-202-121.deploy.static.akamaitechnologies.com

delivery.adrecover.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.53.40.242 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-53-40-242.deploy.static.akamaitechnologies.com

cdn.adpushup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 151.101.65.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imprammp.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstatb.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.114.150.222 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-114-150-222.ap-northeast-1.compute.amazonaws.com

nt.compass-fit.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

45 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.16.175.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: tlb.hwcdn.net

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 162.210.196.208 (Ashburn, United States) 4 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

sync.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
agent.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.97.225.52 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

e3.adpushup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.23.209.46 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-23-209-46.deploy.static.akamaitechnologies.com

dmp.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.156.60.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-60-96.ams1.r.cloudfront.net

l.logly.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.110 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.218.164.71 (Munich, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-164-71.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 95.101.149.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-233.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.228.74.159 (United Kingdom)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f3.1e100.net

d-18319306701138821320.ampproject.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.249.104.171 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-249-104-171.ap-northeast-1.compute.amazonaws.com

sync.logly.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.136.31 (United States)

ASN13335 (CLOUDFLARENET, US)

amp.analytics-debugger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 185.106.33.48 (Israel)

ASN200478 (TABOOLA-AS, IL)

il-trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.96.193 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 193.96.120.34.bc.googleusercontent.com

audiencedata.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-52.fra56.r.cloudfront.net

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.233.145.251 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-145-251.compute-1.amazonaws.com

http-intake.logs.datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 69.173.144.165 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.136 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

am-match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-vid-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 216.58.212.130 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.122.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-127.fra60.r.cloudfront.net

adx.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.177.15.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wr-in-f155.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.241.131.206 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-131-206.eu-west-1.compute.amazonaws.com

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.93.152.109 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-152-109.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.44 (United States)

ASN54113 (FASTLY, US)

vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.130.91 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.95.115.196 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.227.64.62 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.81.168 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 168.81.95.34.bc.googleusercontent.com

rubiconcm.digitaleast.mobi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.131 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 172.217.23.97 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.186.215.140 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 140.215.186.35.bc.googleusercontent.com

ad.sitemaji.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.217.18.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)

pixel-us-east.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 87.248.119.251 (Dublin, Ireland)

ASN203220 (YAHOO-DEB, GB)
PTR: e1-bmr.ycpi.vip.deb.yahoo.com

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 87.248.100.136 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: o1.ycpi.vip.ir2.yahoo.com

ads.yap.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.125.72.139 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: media-router-brb71.prod.media.vip.ir2.yahoo.com

geo.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
73	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 135 0a9c77ec73b57b67966354804facfdfd.safeframe.googlesyndication.com 1d7b474b70eb67bcb6923a03ca70b886.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 160 38b6432ed8425dc66a05270e66c3b4b3.safeframe.googlesyndication.com a0020eb1a4c717861f6a21fdc8f4cd9d.safeframe.googlesyndication.com	961 KB
69	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 918 trc.taboola.com — Cisco Umbrella Rank: 634 vidstat.taboola.com — Cisco Umbrella Rank: 2607 il-trc-events.taboola.com — Cisco Umbrella Rank: 19529 images.taboola.com — Cisco Umbrella Rank: 1902 imprammp.taboola.com — Cisco Umbrella Rank: 12287 am-match.taboola.com — Cisco Umbrella Rank: 12293 wf.taboola.com — Cisco Umbrella Rank: 2720 am-vid-events.taboola.com — Cisco Umbrella Rank: 11586 pips.taboola.com — Cisco Umbrella Rank: 1578 cds.taboola.com — Cisco Umbrella Rank: 1879 vidstatb.taboola.com — Cisco Umbrella Rank: 5163 am-wf.taboola.com — Cisco Umbrella Rank: 13312	1 MB
28	doubleclick.net 2 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 216 googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 stats.g.doubleclick.net — Cisco Umbrella Rank: 130 cm.g.doubleclick.net — Cisco Umbrella Rank: 254	790 KB
20	rubiconproject.com 4 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1160 eus.rubiconproject.com — Cisco Umbrella Rank: 616 token.rubiconproject.com — Cisco Umbrella Rank: 652 pixel.rubiconproject.com — Cisco Umbrella Rank: 374 pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1199	37 KB
14	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1670 adservice.google.com — Cisco Umbrella Rank: 113 www.google.com — Cisco Umbrella Rank: 10	15 KB
14	aralego.com 5 redirects ads.aralego.com — Cisco Umbrella Rank: 26534 sync.aralego.com — Cisco Umbrella Rank: 3151 agent.aralego.com — Cisco Umbrella Rank: 288928	10 KB
12	aralego.net cdn.aralego.net — Cisco Umbrella Rank: 14019	204 KB
11	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 391	219 KB
7	yahoo.com pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 481 ads.yap.yahoo.com — Cisco Umbrella Rank: 13923 geo.yahoo.com — Cisco Umbrella Rank: 1423	3 KB
7	adpushup.com cdn.adpushup.com — Cisco Umbrella Rank: 18317 e3.adpushup.com — Cisco Umbrella Rank: 19943	255 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 63	515 B
5	amazon-adsystem.com 3 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 333 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1025	4 KB
4	sitemaji.com ad.sitemaji.com — Cisco Umbrella Rank: 105036	39 KB
3	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 383	793 B
3	logly.co.jp l.logly.co.jp — Cisco Umbrella Rank: 61233 sync.logly.co.jp — Cisco Umbrella Rank: 68396	1 KB
3	im-apps.net dmp.im-apps.net — Cisco Umbrella Rank: 24528 audiencedata.im-apps.net — Cisco Umbrella Rank: 26833	3 KB
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 538	60 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 205	113 KB
2	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 359	291 B
2	holmesmind.com adx.holmesmind.com — Cisco Umbrella Rank: 577628	2 KB
2	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1129	916 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	83 KB
2	datadoghq.com http-intake.logs.datadoghq.com — Cisco Umbrella Rank: 10735	505 B
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1250 pixel.quantserve.com — Cisco Umbrella Rank: 1003	10 KB
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 749	60 KB
2	adrecover.com delivery.adrecover.com — Cisco Umbrella Rank: 28755	12 KB
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 977	764 B
1	digitaleast.mobi 1 redirects rubiconcm.digitaleast.mobi — Cisco Umbrella Rank: 4620	267 B
1	bidtheatre.com 1 redirects match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2864	515 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 88	1 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1172	634 B
1	analytics-debugger.com amp.analytics-debugger.com — Cisco Umbrella Rank: 19625	3 KB
1	ampproject.net d-18319306701138821320.ampproject.net
1	criteo.com gum.criteo.com — Cisco Umbrella Rank: 405	288 B
1	compass-fit.jp nt.compass-fit.jp — Cisco Umbrella Rank: 88578	17 KB
1	bg3.co www.bg3.co static.bg3.co Failed	16 KB
311	36

	Domain	Requested by
45	pagead2.googlesyndication.com	cdn.ampproject.org ads.aralego.com pagead2.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com www.bg3.co agent.aralego.com adx.holmesmind.com www.googletagservices.com
24	tpc.googlesyndication.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
18	securepubads.g.doubleclick.net	cdn.adpushup.com cdn.aralego.net securepubads.g.doubleclick.net agent.aralego.com www.bg3.co www.googletagservices.com
16	il-trc-events.taboola.com	www.bg3.co
16	cdn.taboola.com	www.bg3.co cdn.taboola.com
14	images.taboola.com	www.bg3.co
12	cdn.aralego.net	www.bg3.co ads.aralego.com adx.holmesmind.com agent.aralego.com
11	cdn.ampproject.org	www.bg3.co cdn.ampproject.org
8	www.google.com	tpc.googlesyndication.com
8	googleads.g.doubleclick.net	2 redirects cdn.ampproject.org pagead2.googlesyndication.com
7	ads.aralego.com	1 redirects ads.aralego.com agent.aralego.com
6	www.google-analytics.com	cdn.ampproject.org www.bg3.co www.googletagmanager.com
6	pixel.rubiconproject.com	1 redirects eus.rubiconproject.com
6	eus.rubiconproject.com	ads.aralego.com eus.rubiconproject.com am-match.taboola.com
5	token.rubiconproject.com	1 redirects eus.rubiconproject.com
5	vidstat.taboola.com	cdn.taboola.com vidstat.taboola.com
5	adservice.google.com	cdn.ampproject.org pagead2.googlesyndication.com
5	cdn.adpushup.com	www.bg3.co cdn.adpushup.com
4	am-wf.taboola.com	vidstat.taboola.com
4	agent.aralego.com	4 redirects
4	ad.sitemaji.com	adx.holmesmind.com securepubads.g.doubleclick.net
4	trc.taboola.com	cdn.taboola.com
3	aax-eu.amazon-adsystem.com	2 redirects eus.rubiconproject.com
3	pr-bh.ybp.yahoo.com	imprammp.taboola.com am-match.taboola.com
3	match.adsrvr.org	imprammp.taboola.com am-match.taboola.com
3	sync.aralego.com	ads.aralego.com www.bg3.co
2	geo.yahoo.com	adx.holmesmind.com s.yimg.com
2	ads.yap.yahoo.com	s.yimg.com
2	s.yimg.com	ad.sitemaji.com
2	www.googletagservices.com	securepubads.g.doubleclick.net
2	s.amazon-adsystem.com	1 redirects eus.rubiconproject.com
2	x.bidswitch.net	imprammp.taboola.com am-match.taboola.com
2	adx.holmesmind.com	pagead2.googlesyndication.com
2	partner.googleadservices.com	pagead2.googlesyndication.com
2	am-vid-events.taboola.com	www.bg3.co
2	wf.taboola.com	vidstat.taboola.com
2	am-match.taboola.com	vidstat.taboola.com
2	www.googletagmanager.com	cdn.ampproject.org cdn.adpushup.com
2	http-intake.logs.datadoghq.com	cdn.adpushup.com
2	sync.logly.co.jp	nt.compass-fit.jp sync.logly.co.jp
2	secure-assets.rubiconproject.com	2 redirects
2	dmp.im-apps.net	nt.compass-fit.jp dmp.im-apps.net
2	e3.adpushup.com	www.bg3.co
2	code.jquery.com	cdn.adpushup.com delivery.adrecover.com
2	delivery.adrecover.com	www.bg3.co
1	a0020eb1a4c717861f6a21fdc8f4cd9d.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	38b6432ed8425dc66a05270e66c3b4b3.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	pixel-us-east.rubiconproject.com	eus.rubiconproject.com
1	vidstatb.taboola.com	www.bg3.co
1	cds.taboola.com	cdn.taboola.com
1	pips.taboola.com	cdn.taboola.com
1	p.rfihub.com	1 redirects
1	rubiconcm.digitaleast.mobi	1 redirects
1	match.adsby.bidtheatre.com	1 redirects
1	cm.g.doubleclick.net	eus.rubiconproject.com
1	1d7b474b70eb67bcb6923a03ca70b886.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	stats.g.doubleclick.net	cdn.ampproject.org
1	pixel.quantserve.com	www.bg3.co
1	imprammp.taboola.com	vidstat.taboola.com
1	0a9c77ec73b57b67966354804facfdfd.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	fonts.googleapis.com	cdn.taboola.com
1	rules.quantcount.com	secure.quantserve.com
1	audiencedata.im-apps.net	dmp.im-apps.net
1	amp.analytics-debugger.com	cdn.ampproject.org
1	d-18319306701138821320.ampproject.net	cdn.ampproject.org
1	secure.quantserve.com	cdn.adpushup.com
1	gum.criteo.com	cdn.taboola.com
1	fundingchoicesmessages.google.com	cdn.adpushup.com
1	l.logly.co.jp	nt.compass-fit.jp
1	nt.compass-fit.jp	www.bg3.co
1	www.bg3.co
0	static.bg3.co Failed	www.bg3.co
311	72

This site contains links to these domains. Also see Links.

Domain
www.conselhosetruques.com
popup.taboola.com
mrwvhw.dmtrlsng.com
5minstory.com
1t5cbr.llsdzktnxwnnr.com
2ab710.zbrjtstrclnm.com
0c6fdd.llsdzktnxwnnr.com

Subject Issuer	Validity	Valid
*.bg3.co AlphaSSL CA - SHA256 - G4	`2023-05-22` - `2024-06-22`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
cdn.adpushup.com R3	`2023-06-14` - `2023-09-12`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
*.compass-fit.jp GlobalSign RSA OV SSL CA 2018	`2023-04-11` - `2024-05-12`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-18` - `2024-04-17`	a year	crt.sh
*.aralego.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-19` - `2023-11-19`	a year	crt.sh
*.adpushup.com Sectigo ECC Domain Validation Secure Server CA	`2022-08-02` - `2023-09-02`	a year	crt.sh
*.im-apps.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-13` - `2024-04-13`	a year	crt.sh
*.logly.co.jp Amazon RSA 2048 M02	`2023-04-05` - `2024-05-04`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
analytics-debugger.com GTS CA 1P5	`2023-05-20` - `2023-08-18`	3 months	crt.sh
audiencedata.im-apps.net GTS CA 1D4	`2023-06-08` - `2023-09-06`	3 months	crt.sh
quantserve.com R3	`2023-06-13` - `2023-09-11`	3 months	crt.sh
*.logs.datadoghq.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-22` - `2024-03-22`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.holmesmind.com Go Daddy Secure Certificate Authority - G2	`2023-05-19` - `2024-06-19`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-04-04` - `2023-09-27`	6 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
feebee.com.tw R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-07-03` - `2023-08-23`	2 months	crt.sh
*.pubgw.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-07-03` - `2023-08-23`	2 months	crt.sh
yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-05-02` - `2023-10-25`	6 months	crt.sh

This page contains 46 frames:

Primary Page: https://www.bg3.co/a/mai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html
Frame ID: 48CAE663B113E33C5E150585BE01C867
Requests: 144 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: DEB0F637B33C3B79FB3B59B68DA47E81
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: C0D1DAD13FEA1C5F246AA3904D9B1769
Requests: 3 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: F1071436124DB9195BCE034B5D3872E5
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: A3DE7FAAB7F0D28B30535AC79C7E9986
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 748590C1B4351FD3305E674DAAB97493
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: D0BD988203B15F253FCF68030FC516DA
Requests: 7 HTTP requests in this frame

Frame: https://sync.logly.co.jp/sync/sync.html
Frame ID: 8C9BF6F52A8F2AAB82366D3951494982
Requests: 2 HTTP requests in this frame

Frame: https://0a9c77ec73b57b67966354804facfdfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: D2329FB672ED5B086144EE2355B44F9D
Requests: 1 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8yisCLAaQ1u3p1ZvivhIgrdvTqzfFfS0AAABgYID-AEmNJrbNZrda6xbO3Vo0WgzXyonNtBbNXCbnwjRyjIwLIyCp0cS22exWa93CuVuLRovhWjmxmdaimcvkXJhGjpFxYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZtaDodPte9Xvf73SU-z1zj9yv8aofTLXza3Rqjy605Otw6v-stfDrsbqnTrfO73pqj0632uzVGl1tzdNndmodb6HK6dX7XW_h0uSUOv1v4tPvcGqPLLXjafW6F3S40vc12AAAAAPDg____HwIAAABABAAAAAAJAAAAABQCKvxbELgAAAAAgOH___9fA8AqBwN2ei5-uz8AAAAAgAAAAAAgAYCAflgCIMZ478T_________f4wB-swbGf____83DHoAPPgAeBACAAAANKQK7LozDyjbg0iBbBFGAAAAAIY98QWOTNIJKhZV_v__-60AXAEACEhEA7PuyqI7KPEWBgAAQGDMAj0sfr_ZYdf43S7z_________2_m_8w_GiGN-uE0wRKPXGp-AQEA1vwCAgCwUTcAAG8C4AQdglYMBqsTELMDAAAAcOf___9fD8gNBoPFbLaZWVyr3WpjG86cu9Vi5HB4fCvXYmPbHnbUj2ynayuPPhvCMvt9BwXl9PSYXQYZy2UyiA8ahuVkEMzPhC1Gq8lksxzOlovJYDgajkb7I4DLAZqIwXI5mSwmu9VoNdoMd6PZYIEEYjBBFC0aTFaj0WQxGa5Gk9VsudjtNoiiVavZaDMYrmaT2W63Gg6Gy9EITdhitJpMNsvhbLmYDIaj4Wg0RDAxHIyWE4txrXCsFm7RYrdZKzwbz1q2mKyck8XGNZuM3KLXx3Rx2FyelceLBAPq9iJ5WqQT0cpkMw4nk8XItPIshyPXcrQaTkye5Waz8K1cm4lYojlZpBPZZd8bDAaL2Wwzs7hWu9XGNpw5d6vFyOHw-Fauxca2bwwHo-XEYlwrHKuFW7TYbdYKz8azli0mK-dksXHNJiO36PUxXRw2l2fl8Tdmw-Vst9lMRvvGbLic7TabyWjfoTN8V5-zUVlWST4m8_Iz7nltToPCZbB4n9-LNLQz2ow-zVdiUT3FOc_EKvT7_X6_3-_3-_3ejdngMRgMM492mxi7_JrNT3nUeA8GRSwRXKQTwcPsdphebonPs_FbxBKl6SKd6BV-tcPpFj7tbo3R5dYcHW6d3_UWPh12t9Tp1vldb83R6Vb73Rqjy605uuxuzcMtdDndOr_rLXy63BKH3y182n1ujdHlFjztPrfCbhea3maLWCI4XaQT0ct4uqj_qCGWq7liNZxLRsO5ZJUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28CsZi4_____3EAAABk5NADAACg3weUBQAAAAAAwG-gVYP9A1Ah1mq1ut1Yq9UC!&cmcv=&pix=undefined&cb=1689673327256&uv=3303&tms=1689673327256&abt=dupplfs1_vB!ll411_vB!nonrv_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=54b63375-7a97-4418-9bf4-4fed9a4d1d8a&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 8131565B7A16CA8F26922D9BB1884BE9
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8yisCLAaQ1u3p1ZvivhIgrdvTqzfFfS0AAABgYID-AEmNJrbNZrda6xbO3Vo0WgzXyonNtBbNXCbnwjRyjIwLIyCp0cS22exWa93CuVuLRovhWjmxmdaimcvkXJhGjpFxYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZtaDodPte9Xvf73SU-z1zj9yv8aofTLXza3Rqjy605Otw6v-stfDrsbqnTrfO73pqj0632uzVGl1tzdNndmodb6HK6dX7XW_h0uSUOv1v4tPvcGqPLLXjafW6F3S40vc12AAAAAPDg____HwIAAABABAAAAAAJAAAAABQCKvxbELgAAAAAgOH___9fA8AqBwN2ei5-uz8AAAAAgAAAAAAgAYCAflgCIMZ478T_________f4wB-swbGf____83DHoAPPgAeBACAAAANKQK7LozDyjbg0iBbBFGAAAAAIY98QWOTNIJKhZV_v__-60AXAEACEhEA7PuyqI7KPEWBgAAQGDMAj0sfr_ZYdf43S7z_________2_m_8w_GiGN-uE0wRKPXGp-AQEA1vwCAgCwUTcAAG8C4AQdglYMBqsTELMDAAAAcOf___9fD8gNBoPFbLaZWVyr3WpjG86cu9Vi5HB4fCvXYmPbHnbUj2ynayuPPhvCMvt9BwXl9PSYXQYZy2UyiA8ahuVkEMzPhC1Gq8lksxzOlovJYDgajkb7I4DLAZqIwXI5mSwmu9VoNdoMd6PZYIEEYjBBFC0aTFaj0WQxGa5Gk9VsudjtNoiiVavZaDMYrmaT2W63Gg6Gy9EITdhitJpMNsvhbLmYDIaj4Wg0RDAxHIyWE4txrXCsFm7RYrdZKzwbz1q2mKyck8XGNZuM3KLXx3Rx2FyelceLBAPq9iJ5WqQT0cpkMw4nk8XItPIshyPXcrQaTkye5Waz8K1cm4lYojlZpBPZZd8bDAaL2Wwzs7hWu9XGNpw5d6vFyOHw-Fauxca2bwwHo-XEYlwrHKuFW7TYbdYKz8azli0mK-dksXHNJiO36PUxXRw2l2fl8Tdmw-Vst9lMRvvGbLic7TabyWjfoTN8V5-zUVlWST4m8_Iz7nltToPCZbB4n9-LNLQz2ow-zVdiUT3FOc_EKvT7_X6_3-_3-_3ejdngMRgMM492mxi7_JrNT3nUeA8GRSwRXKQTwcPsdphebonPs_FbxBKl6SKd6BV-tcPpFj7tbo3R5dYcHW6d3_UWPh12t9Tp1vldb83R6Vb73Rqjy605uuxuzcMtdDndOr_rLXy63BKH3y182n1ujdHlFjztPrfCbhea3maLWCI4XaQT0ct4uqj_qCGWq7liNZxLRsO5ZJUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28CsZi4_____3EAAABk5NADAACg3weUBQAAAAAAwG-gVYP9A1Ah1mq1ut1Yq9UC!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: A888DC82E34B81F2F0A01FEE9BD307F0
Requests: 4 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Frame ID: 7408CF23B2F4AD0540498C0637A4E0F1
Requests: 5 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Frame ID: D21B16E53AED7605DFFCE3C08CFA7F62
Requests: 5 HTTP requests in this frame

Frame: https://1d7b474b70eb67bcb6923a03ca70b886.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 635D713556A1705F02BF68CD28617650
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-7644626061899591488&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=3576&oid=2&is_amp=5&amp_v=2306301917000&d_imp=1&c=4001873&ga_cid=amp-lxp_UTgOnmKoHP4JZNPyVg&ga_hid=1873&dt=1689673325116&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html&bdt=2919&dtd=993&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Frame ID: 9E576B01F952E6486DCDD1AA44C3A35A
Requests: 1 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8yisCLAaQ1u3p1ZvivhIgrdvTqzfFfS0AAABgYID-AEmNJrbNZrda6xbO3Vo0WgzXyonNtBbNXCbnwjRyjIwLIyCp0cS22exWa93CuVuLRovhWjmxmdaimcvkXJhGjpFxYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZtaDodPte9Xvf73SU-z1zj9yv8aofTLXza3Rqjy605Otw6v-stfDrsbqnTrfO73pqj0632uzVGl1tzdNndmodb6HK6dX7XW_h0uSUOv1v4tPvcGqPLLXjafW6F3S40vc12AAAAAPDg____HwIAAABABAAAAAAJAAAAABQCKvxbELgAAAAAgOH___9fA8AqBwN2ei5-uz8AAAAAgAAAAAAgAYCAflgCIMZ478T_________f4wB-swbGf____83DHoAPPgAeBACAAAANKQK7LozDyjbg0iBbBFGAAAAAIY98QWOTNIJKhZV_v__-60AXAEACEhEA7PuyqI7KPEWBgAAQGDMAj0sfr_ZYdf43S7z_________2_m_8w_GiGN-uE0wRKPXGp-AQEA1vwCAgCwUTcAAG8C4AQdglYMBqsTELMDAAAAcOf___9fD8gNBoPFbLaZWVyr3WpjG86cu9Vi5HB4fCvXYmPbHnbUj2ynayuPPhvCMvt9BwXl9PSYXQYZy2UyiA8ahuVkEMzPhC1Gq8lksxzOlovJYDgajkb7I4DLAZqIwXI5mSwmu9VoNdoMd6PZYIEEYjBBFC0aTFaj0WQxGa5Gk9VsudjtNoiiVavZaDMYrmaT2W63Gg6Gy9EITdhitJpMNsvhbLmYDIaj4Wg0RDAxHIyWE4txrXCsFm7RYrdZKzwbz1q2mKyck8XGNZuM3KLXx3Rx2FyelceLBAPq9iJ5WqQT0cpkMw4nk8XItPIshyPXcrQaTkye5Waz8K1cm4lYojlZpBPZZd8bDAaL2Wwzs7hWu9XGNpw5d6vFyOHw-Fauxca2bwwHo-XEYlwrHKuFW7TYbdYKz8azli0mK-dksXHNJiO36PUxXRw2l2fl8Tdmw-Vst9lMRvvGbLic7TabyWjfoTN8V5-zUVlWST4m8_Iz7nltToPCZbB4n9-LNLQz2ow-zVdiUT3FOc_EKvT7_X6_3-_3-_3ejdngMRgMM492mxi7_JrNT3nUeA8GRSwRXKQTwcPsdphebonPs_FbxBKl6SKd6BV-tcPpFj7tbo3R5dYcHW6d3_UWPh12t9Tp1vldb83R6Vb73Rqjy605uuxuzcMtdDndOr_rLXy63BKH3y182n1ujdHlFjztPrfCbhea3maLWCI4XaQT0ct4uqj_qCGWq7liNZxLRsO5ZJUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28CsZi4_____3EAAABk5NADAACg3weUBQAAAAAAwG-gVYP9A1Ah1mq1ut1Yq9UC!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 4720F4D468A48EECC1E4D112772FD4CC
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 97427933A72A57D86C003E7DE7E5B774
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DE7B6D349BA65319A4188C7E345101B3
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6BC573DFA5E1A1FA412AAB307BB43771
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0A4D1386325E9657BCF75BD46F06E69C
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 83F1EA91B958A7CD9794687C53685EE8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B3B53C14FE0D8AAB5F444B51EDCD2212
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3CF0B58A697C7A1DC3E3D9B47E392C2C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 56E0521ED1EDD1711F47446938CF2330
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: 08143184655C89CE65D4E591F2E1125C
Requests: 4 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 48F188E676402B8C3ED74471FF9B62A3
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: E9401BE5478FACDAE8B32D148EC229C0
Requests: 6 HTTP requests in this frame

Frame: https://38b6432ed8425dc66a05270e66c3b4b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Frame ID: 67465DA0617351BC930CD60EED5ADAC8
Requests: 1 HTTP requests in this frame

Frame: https://a0020eb1a4c717861f6a21fdc8f4cd9d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Frame ID: CC2F3F902710FA72665F6676D7D0FE94
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstbpA5K5uPYbBW4PzhXxBRwpzKrCRh42wK45ihjqPs4F5o873cSBu1cYK6hJizGoNDcVQ1mJpuYAYavhz2uKHo-Nf5W7rupJK2wIkBhfWBcZ14sPJcSAzK6IKT-ImMgk8Y95hSdple60yaQdOf_QKD4m1uX5sBB10MGxsDhm--M9_NlNviUwf3o5G83IVY4SLiBbtuz8DOJXNJCoXUwErwxHTso6_y6ElYEBiuCaRcdJ9wKx89b7AMBJI-7QPbbL9s8XdPKGTGEfWxLV0CaQd0TqA9kc4ItJjFuwUERTlFxIisN_Z-UWA1xmea6WeBezfJznqcK6AjQhLT5&sai=AMfl-YQaWQTfLqqEySbosbj1G9Rv258Y0F07DSaxVqkj0qW8pRwjtENXFT8AXxgp8oLqZy1GKC8DvQPmeZeMfm1txnCYZsEY6eeaHUDEKw&sig=Cg0ArKJSzJnqvlCTF8AVEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: F2C689F8EF6988475723305993E16A1B
Requests: 12 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvXU70eoq3vlHNVta80G-SGUgccAtaRoe5HwDaEKXWp0AexetRauKxMdgnESMGtcZ4G4aS97WBNBeWB77H-5Q1sc_nIUsFGtizsBXQpnctKtxMPP4pJahQWUtZrt2j70lwI3pwqJHWb6e1ZvvvbTDHngEeuNQVduAm3w-7xe06wXIWJ3BgHuwLfWOyysSmhdT-Hi0qbhLpSZyQGCGgHWOrU1HEb66wSMANlaajUvfGSJA9law5oD5vw9XYpfeNlrBHkSCgyphlic-hCzkl2A1lXigcZ-Yn2sQI523MYoKqx0h4NuMTODGoI0KziBwIMkahUOejXHZBvFul8&sai=AMfl-YTS3RJXU3IFcUbZvoq4RwZSWV3pXCsyrfppwUhRwUDthXs1V8mpB46NZpTOnIXhC-1QvM-mgQgGmEaxYH0oOoDgiP6bZ1Fcx58guw&sig=Cg0ArKJSzGjUVyV4KnmXEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: CA0DAA0509C53D25B2B4CC566250CFC8
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 01DCC9E8346C78E35451D8CB87552718
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9202D3C35F48C64B3D9DA3A4326D6557
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A3D2029C5346FCF8A3E94B95F854C218
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1CB508E00E7AAA4856F1331EAAECE4A8
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5961800537962381
Frame ID: 443FA7E2354EC0AE8D1ABB01E1B68E18
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5961800537962381
Frame ID: E79D74B78C4DE3FD49BA0A6CC8A2E60B
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230713/r20190131/zrt_lookup.html
Frame ID: 27B0BDC453BE5398841050326AB1A35C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961800537962381&output=html&adk=1812271804&adf=376782693&lmt=1689673335&plat=1%3A66056%2C2%3A66056%2C3%3A2163200%2C4%3A2163200%2C8%3A66048%2C9%3A66056%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A66048%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689673335261&bpp=25&bdt=892&idt=688&shv=r20230713&mjsv=m202307120102&ptt=9&saldr=aa&nras=1&correlator=2468301889196&frm=8&ife=4&pv=2&ga_vid=1078365856.1689673336&ga_sid=1689673336&ga_hid=1708366869&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=1366830207&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759837%2C44759875%2C31075813%2C31076010%2C31076133%2C44788441%2C44796826&oid=2&pvsid=2048057344609669&tmod=2040897003&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.wpflkwaiqizc&fsb=1&dtd=748
Frame ID: A2C402C7C98B98DC3B516782C3172DB4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961800537962381&output=html&h=250&slotname=9099904862&adk=3685774430&adf=712771307&pi=t.ma~as.9099904862&w=300&lmt=1689673336&format=300x250&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689673335261&bpp=28&bdt=892&idt=708&shv=r20230713&mjsv=m202307120102&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2468301889196&frm=8&ife=4&pv=1&ga_vid=1078365856.1689673336&ga_sid=1689673336&ga_hid=1708366869&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=1366830207&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759837%2C44759875%2C31075813%2C31076010%2C31076133%2C44788441%2C44796826&oid=2&pvsid=2048057344609669&tmod=2040897003&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.a45ul0ye84lk&fsb=1&dtd=771
Frame ID: C36138F6F4C5D0848377763C3E2591B0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961800537962381&output=html&adk=1812271804&adf=376782690&lmt=1689673336&plat=1%3A66056%2C2%3A66056%2C3%3A2163200%2C4%3A2163200%2C8%3A66048%2C9%3A66056%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A66048%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689673335913&bpp=8&bdt=1345&idt=307&shv=r20230713&mjsv=m202307170101&ptt=9&saldr=aa&nras=1&correlator=2813576500077&frm=8&ife=4&pv=2&ga_vid=1638357825.1689673336&ga_sid=1689673336&ga_hid=1239706904&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3065304276&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31076162%2C31076187%2C44788441%2C44789818&oid=2&pvsid=1992270276722123&tmod=918775823&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.j0p9eqmrxvyf&fsb=1&dtd=410
Frame ID: 861945699FA5B7A443DEF33A31A14BC9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961800537962381&output=html&h=250&slotname=9099904862&adk=3685774430&adf=712771304&pi=t.ma~as.9099904862&w=300&lmt=1689673336&format=300x250&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689673335913&bpp=3&bdt=1345&idt=324&shv=r20230713&mjsv=m202307170101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2813576500077&frm=8&ife=4&pv=1&ga_vid=1638357825.1689673336&ga_sid=1689673336&ga_hid=1239706904&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3065304276&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31076162%2C31076187%2C44788441%2C44789818&oid=2&pvsid=1992270276722123&tmod=918775823&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.ajuf6l8yddxf&fsb=1&dtd=529
Frame ID: 53979AA9948A0C904D9942024B5D8A55
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5757CA7DD37A581BC876A912F9902412
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 14053E7ABF620DED6781F4058A9FB937
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 82FEE18FB563B1F9812AF042701AA5E8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 056729F4B33617EDD4AD0F2BC5891949
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

買新車「殺狗獻祭」　狗屍抹車身「灑黑狗血」保行車平安 - 天天要聞

Detected technologies

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

311
Requests

90 %
HTTPS

0 %
IPv6

36
Domains

72
Subdomains

52
IPs

9
Countries

4313 kB
Transfer

12157 kB
Size

18
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://www.conselhosetruques.com/varios/spot-the-difference/
Title: Conselhos E Truques

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%201:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://mrwvhw.dmtrlsng.com/
Title: Carros à Venda | Links Patrocinados

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-a-delta:Below%20Article%20Feed%20|%20Card%202:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://5minstory.com/pt-watermelontricks/
Title: 5minstory.com

Search URL Search Domain Scan URL

URL: https://1t5cbr.llsdzktnxwnnr.com/
Title: Carros elétricos | Links Patrocinados

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%203:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://2ab710.zbrjtstrclnm.com/
Title: Liquidação de sofás | Links patrocinados

Search URL Search Domain Scan URL

URL: https://0c6fdd.llsdzktnxwnnr.com/
Title: Cuidado em casa | Links Patrocinados

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-y-delta:Explore%20More%20|%20Card%202:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-y-delta:Explore%20More%20|%20Card%205:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=next-up-a:Next%20Up:
Title: Sponsored

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://ads.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 55

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
https://eus.rubiconproject.com/usync.html?p=adiiix

Request Chain 58

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
https://eus.rubiconproject.com/usync.html?p=adiiix

Request Chain 139

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134176&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1689673327&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689673325204&bpp=86&bdt=1800&idt=1263&shv=r20230713&mjsv=m202307120102&ptt=5&saldr=sa&correlator=6029932449341&frm=23&ife=1&pv=2&ga_vid=1647915503.1689673327&ga_sid=1689673327&ga_hid=1696144311&ga_fc=0&ga_cid=amp-lxp_UTgOnmKoHP4JZNPyVg&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1578&biw=1600&bih=1200&isw=336&ish=280&ifk=4002382147&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31076087%2C31076133%2C44788442&oid=2&pvsid=3117553162672381&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.fn0b4rq78oc&btvi=1&fsb=1&dtd=2133 HTTP 302
https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html

Request Chain 152

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134179&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1689673327&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689673325535&bpp=44&bdt=2218&idt=1439&shv=r20230713&mjsv=m202307130102&ptt=5&saldr=sa&correlator=6029932449341&frm=23&ife=1&pv=1&ga_vid=1613994276.1689673328&ga_sid=1689673328&ga_hid=1649413501&ga_fc=0&ga_cid=amp-lxp_UTgOnmKoHP4JZNPyVg&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=3921500648&scr_x=0&scr_y=0&eid=44759837%2C44759927%2C44759876%2C31075850%2C31076134%2C44788442%2C44796827&oid=2&pvsid=4320294866366381&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.u01gijxezwyv&fsb=1&dtd=1978 HTTP 302
https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html

Request Chain 160

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t

Request Chain 161

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=0cACu0uDTP6Tk6c3WxtNcA&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=0cACu0uDTP6Tk6c3WxtNcA

Request Chain 162

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=

Request Chain 163

https://match.adsby.bidtheatre.com/rubiconmatch HTTP 302
https://pixel.rubiconproject.com/tap.php?v=17039&nid=2650&days=30&gdpr=&gdpr_consent=&put=913a00ac-e2b0-44a5-be70-3cbcb3d20dde

Request Chain 164

https://rubiconcm.digitaleast.mobi/usersync/rubicon.gif HTTP 302
https://pixel.rubiconproject.com/tap.php?v=600424&nid=5498&put=df3b4ae9-b574-4062-8115-f29b7228ffcf

Request Chain 166

https://p.rfihub.com/cm?in=1&pub=64 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=5142336724221632517&expires=30

Request Chain 202

https://agent.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 203

https://agent.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 268

https://agent.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 269

https://agent.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

311 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request mai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html Show response
www.bg3.co/a/ 53 KB
16 KB 1435ms
912ms Document
text/html 103.231.174.251
XLC-AS-AP XLC GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bg3.co/a/mai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.231.174.251 New York, United States, ASN9744 (XLC-AS-AP XLC GLOBAL, HK),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 520e3268ae5db11cef295f493721ed450e1d9666bc2d24235ef4e3b2837337de

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

cache-control: max-age=900
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 18 Jul 2023 09:42:01 GMT
etag: "d3f4-0rLRxwPdnVbhrSHI5AszDS3USTw"
expires: Tue, 18 Jul 2023 09:57:01 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 277 KB
72 KB 308ms
91ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/mai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

sffe /

Resource Hash

c7957cb5d31c5fe5776a6265fb232b4e6d389e7640555fb4274e7d4e8b4169e5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 18 Jul 2023 09:42:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72829
x-xss-protection: 0
server: sffe
etag: "8304488b317d967d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 18 Jul 2023 09:42:02 GMT

GET
H2 200 amp-sidebar-0.1.js Show response
cdn.ampproject.org/v0/ 31 KB
10 KB 358ms
141ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-sidebar-0.1.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/mai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

sffe /

Resource Hash

7e9a0eee24552685c01e4a0226727549b596c7a3cce9250aea58bcfd2f628600

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 18 Jul 2023 09:42:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9635
x-xss-protection: 0
server: sffe
etag: "7edd01788a8b5e8e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 18 Jul 2023 09:42:02 GMT

GET
H2 200 amp-auto-ads-0.1.js Show response
cdn.ampproject.org/v0/ 24 KB
7 KB 346ms
169ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/mai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

sffe /

Resource Hash

9b6759f743c5b103f7872b7f7d44d5a4da400665dadfbe42cadb58e83c75461c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 18 Jul 2023 09:42:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7571
x-xss-protection: 0
server: sffe
etag: "8a2ece532cd27eac"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 18 Jul 2023 09:42:02 GMT

GET
H2

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/
Redirect Chain

https://ads.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

210ms
71ms

Script
application/octet-stream

104.26.4.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html
Protocol: H2
Server: 104.26.4.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:42:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9288
alt-svc: h3=":443"; ma=86400
content-length: 40181
last-modified: Tue, 20 Jun 2023 03:04:26 GMT
server: cloudflare
etag: "6491173a-9cf5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EiYIouon6M3MAgCnt4wFM8JI3vhnhiR3NCEET5Mx0JFdhcANoRgqNZxQM%2FVVM5Qclp5duDlexROtBgapg%2BNKYIMZqO1NqiD4tLTSbCl9TutrijlYKN%2FQ1U8fMFeH4uukvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7e89c5bd9fb7489b-LIS

Redirect headers

Location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection: close
Content-length: 0

GET
H2 200 adRecover.js Show response
delivery.adrecover.com/43519/ 40 KB
11 KB 705ms
505ms Script
application/javascript 2.16.202.121
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.adrecover.com/43519/adRecover.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.202.121 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-202-121.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 2cc0037e1a4737627c4c2c8f1a3a14398329c1ec88b76eb98c1357dc2359e1ca

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: PT
date: Tue, 18 Jul 2023 09:42:02 GMT
content-encoding: br
last-modified: Tue, 18 Jul 2023 07:00:25 GMT
server: nginx/1.18.0
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
x-cf-geodata: PT
content-length: 10966
expires: Tue, 18 Jul 2023 10:42:02 GMT

GET
H2 200 adpushup.js Show response
cdn.adpushup.com/42753/ 629 KB
134 KB 326ms
106ms Script
application/javascript 23.53.40.242
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/42753/adpushup.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.40.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-40-242.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 5962135eb2e88f4889b9bf417b0ecebfee05ca1ed67211649ccf9f65a3d34d12

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: PT
date: Tue, 18 Jul 2023 09:42:02 GMT
content-encoding: br
last-modified: Mon, 17 Jul 2023 20:24:33 GMT
server: nginx/1.18.0
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
server-timing: cdn-cache; desc=HIT, edge; dur=12, origin; dur=0, ak_p; desc="469353_389359854_517543041_1221_2272_42_0_-";dur=1
x-cf-geodata: PT
content-length: 137160
expires: Tue, 18 Jul 2023 10:42:02 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/palmate-bg3co/ 273 KB
45 KB 742ms
639ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a4833c55f15f0f887c178e35b9582fd2e22ef417ee206e7c81af346ba4f4f0a9

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: _QVg4WtIzpbPvUe_MXTDAvPK8_y41rzR
content-encoding: gzip
via: 1.1 varnish
date: Tue, 18 Jul 2023 09:42:02 GMT
x-amz-request-id: E92N6TK0S54Z31ZH
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS
x-amz-replication-status: FAILED
content-length: 45195
x-amz-id-2: 2/ofzO5iIHqR/GFYAZxf9MneSCKzarMslXPMnL8azWJXL3Hs4+H5Kv5t27AVsP1UPvS+xoRFbnY=
x-served-by: cache-lis1490043-LIS
last-modified: Tue, 18 Jul 2023 08:53:27 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1689673322.377588,VS0,VE582
etag: "4738d3e13285a1aa2b6bd324223920f9"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 60
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 lift_widget.js Show response
nt.compass-fit.jp/ 78 KB
17 KB 1190ms
551ms Script
text/javascript 13.114.150.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.114.150.222 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-114-150-222.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 3d860ba6769f8f51f4f456a8746bc51d24333fb72f50b69e6dfb80b239f7f22f

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jul 2023 09:42:03 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"
content-type: text/javascript
cache-control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate

GET 16e13167ef5fb6653a9690eb7330820f.jpg
static.bg3.co/imgs/202105/ 0
0

GET 5b74d4a4edd55797af9096fd1258efc2.jpg
static.bg3.co/imgs/202201/ 0
0

GET edce7d91255a0c3e264393d73a6608d0.jpg
static.bg3.co/imgs/202105/ 0
0

GET 7ef474d0efd277a8eda6b7b7fd5aaf45.jpg
static.bg3.co/imgs/202203/ 0
0

GET 46b68dbdfa5d9e8ac31dac2eceda873b.jpg
static.bg3.co/imgs/202105/ 0
0

GET 41081485efbf02a4e47f3a8069256678.jpg
static.bg3.co/imgs/202105/ 0
0

GET 3b5ef5f186da2165771f211fa87688a7.jpg
static.bg3.co/imgs/202105/ 0
0

GET 1a39184c5bc4efb9c8b41207f4702994.jpg
static.bg3.co/imgs/202107/ 0
0

GET 56a4fc859e17f15c3e1c5b62f69475a9.jpg
static.bg3.co/imgs/202105/ 0
0

GET c6ee0e5a1e78dd85dd8957906f01b836.jpg
static.bg3.co/imgs/202105/ 0
0

GET 2f3bc35b415ec3352a8b1a9823425336.jpg
static.bg3.co/imgs/202105/ 0
0

GET 0058612b87888cce9b44acce649ef960.jpg
static.bg3.co/imgs/202205/ 0
0

GET 2268997d83891daa8e6c49265fd3033c.jpg
static.bg3.co/imgs/202105/ 0
0

GET 742aef3f788db837fb2cdb5fc7d000dd.jpg
static.bg3.co/imgs/202105/ 0
0

GET 7ebdad95f85c484b25bfbeaab18f9193.jpg
static.bg3.co/imgs/202105/ 0
0

GET f5442d4cb7e33006808c3fe7c1b6b946.jpg
static.bg3.co/imgs/202105/ 0
0

GET 9e2e6e204892f4a5d13c61ccb52bc35c.jpg
static.bg3.co/imgs/202105/ 0
0

GET f4e9062126afded7623ed5249d1790fa.jpg
static.bg3.co/imgs/202105/ 0
0

GET 1f46bc152018d2ec8745b3535d1ebfba.jpg
static.bg3.co/imgs/202106/ 0
0

GET
H3 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012306301917000/v0/ 8 KB
3 KB 306ms
131ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306301917000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

sffe /

Resource Hash

690964dc7677739af15182f897b06197652f5c4a99510925314f7ec1e7886f5a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 17 Jul 2023 18:15:42 GMT
age: 55581
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2967
x-xss-protection: 0
server: sffe
etag: "2eebb9df52d58e90"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 16 Jul 2024 18:15:42 GMT

GET
H3 200 amp-ad-0.1.js Show response
cdn.ampproject.org/rtv/012306301917000/v0/ 82 KB
23 KB 270ms
137ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306301917000/v0/amp-ad-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

sffe /

Resource Hash

74d147083935eff827ac2e4ed54fc2e7dd254cab52095a0e4aa6159d8ffb470f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 12 Jul 2023 15:33:30 GMT
age: 497313
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23131
x-xss-protection: 0
server: sffe
etag: "5bdd4272a04c205e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 11 Jul 2024 15:33:30 GMT

GET
H2 200 ama Show response
pagead2.googlesyndication.com/getconfig/ 5 KB
877 B 426ms
153ms Fetch
application/json 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/ama?client=ca-pub-3216231935713038&plah=www.bg3.co&ama_t=amp&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html&__amp_source_origin=https%3A%2F%2Fwww.bg3.co

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

0469a166341589dcdcce75a1ca717f923f264d964802e4211d6396a8c38bc5d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:42:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 529
x-xss-protection: 0

GET
H3 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012306301917000/v0/ 12 KB
4 KB 261ms
128ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306301917000/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

sffe /

Resource Hash

10183d5a68f7bc154fc847bf06ffa7eab682922e435794c3581717d749242113

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 12 Jul 2023 15:33:21 GMT
age: 497322
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3938
x-xss-protection: 0
server: sffe
etag: "a2a3ce515b89db02"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 11 Jul 2024 15:33:21 GMT

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 371ms
152ms Script
application/javascript 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: tlb.hwcdn.net
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:42:03 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-15d9d"
surrogate-control: max-age=315360000;hw-h2proxy
vary: Accept-Encoding
x-hw: 1689673323.cdn4-pxy210-mad02.ma1.evs,1689673323.cds208.ma1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000,public
accept-ranges: bytes
content-length: 30875

GET
H2 200 jquery-2.2.2.min.js Show response
code.jquery.com/ 84 KB
29 KB 289ms
80ms Script
application/javascript 69.16.175.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.2.min.js
Requested by: Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: tlb.hwcdn.net
Software: nginx /
Resource Hash: dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:42:03 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-14e98"
surrogate-control: max-age=315360000;hw-h2proxy
vary: Accept-Encoding
x-hw: 1689673323.cdn4-pxy210-mad02.ma1.evs,1689673323.cds035.ma1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000,public
accept-ranges: bytes
content-length: 29880

GET
H2 200 impl.20230717-4-RELEASE.js Show response
cdn.taboola.com/libtrc/ 789 KB
164 KB 109ms
44ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20230717-4-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 01afc9d74eca107f9dba9bc329542d6c54ac97538196b2f38d8c5593f3180598

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: .o5Ecr3somWvqj4MmaJOYKYouEiMDf7S
content-encoding: br
via: 1.1 varnish
date: Tue, 18 Jul 2023 09:42:03 GMT
x-amz-request-id: XKA19V68P22R5EWK
age: 2491
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 167118
x-amz-id-2: fhCVko8QdP5oL1/+9fkS3IT0BmUh9Lw+XXa4MApSN+cx2Ciuq/s66gXSfclYdKw0qWMtRnYNx60=
x-served-by: cache-lis1490043-LIS
last-modified: Mon, 17 Jul 2023 09:00:31 GMT
server: AmazonS3-br
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1689673323.244899,VS0,VE0
etag: "723dd2d6c91cace3c6a7e2e126a625db"
vary: Accept-Encoding
content-type: application/javascript
abp: 40
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 1631

GET
H2 200 ucfad-formats.css
cdn.aralego.net/css/dev/ 975 B
617 B 103ms
94ms Stylesheet
text/css 104.26.4.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:42:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9287
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YXvPY1gHKq%2FWH1IO7X3AhaGl7gXctNOEvJA%2BZ7665gGFRZtdTyFFGXIKmZisDibBy92Z4KOubPG2jMCVba43A9OAvbbX0gFstv%2FpVa78Lp6WfNoQ0wURxG8PM6HuHUbBvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7e89c5beb8b4489b-LIS

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ 46 B
488 B 659ms
144ms XHR
text/html 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Ashburn, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 2d03cf7a30869074694017384f91d778711d030d3b18914bc24183626e904ab2

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:42:03 GMT
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.bg3.co
access-control-allow-credentials: true
connection: close
content-length: 46

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ 46 B
488 B 613ms
146ms XHR
text/html 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Ashburn, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 2d03cf7a30869074694017384f91d778711d030d3b18914bc24183626e904ab2

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:42:03 GMT
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.bg3.co
access-control-allow-credentials: true
connection: close
content-length: 46

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ 564 B
1 KB 525ms
221ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.1682903352229932&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 18 Jul 2023 09:42:03 GMT
X-Width: 336
X-Height: 280
X-AdStyle: banner
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.bg3.co
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-AdSource: PSA
X-Adtype: html
Connection: close
Content-Length: 564

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ 564 B
1 KB 520ms
223ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=1&cb=0.49636817989666815&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 18 Jul 2023 09:42:03 GMT
X-Width: 336
X-Height: 280
X-AdStyle: banner
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.bg3.co
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-AdSource: PSA
X-Adtype: html
Connection: close
Content-Length: 564

GET
H3 200 amp-sticky-ad-1.0.js Show response
cdn.ampproject.org/rtv/012306301917000/v0/ 40 KB
10 KB 84ms
83ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306301917000/v0/amp-sticky-ad-1.0.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

sffe /

Resource Hash

0e6b5bbca42157b97d47e0c70980d08d309762466caf6a0dcb8822a60580ca2a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 12 Jul 2023 15:33:34 GMT
age: 497309
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10342
x-xss-protection: 0
server: sffe
etag: "1541930e4a2c142a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 11 Jul 2024 15:33:34 GMT

GET
H2 200 pb.42753.1685716554093.js Show response
cdn.adpushup.com/prebid/ 371 KB
101 KB 287ms
98ms Script
application/javascript 23.53.40.242
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.40.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-40-242.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: bca22b8906a0fcf316d42d0a0e41aa2291afce21ba6c8e41b7c5e6e6da0d480c

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: PT
date: Tue, 18 Jul 2023 09:42:03 GMT
content-encoding: br
last-modified: Fri, 02 Jun 2023 14:36:08 GMT
server: nginx/1.18.0
etag: W/"6479fe58-5cb64"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=9, origin; dur=0, ak_p; desc="469353_389359854_517545658_942_1851_40_0_-";dur=1
content-length: 102722
expires: Wed, 17 Jul 2024 09:42:03 GMT

GET
H2 200 quantcast.js Show response
cdn.adpushup.com/pbuseridscripts/ 450 B
579 B 103ms
97ms Script
application/javascript 23.53.40.242
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.40.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-40-242.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: PT
date: Tue, 18 Jul 2023 09:42:03 GMT
content-encoding: br
last-modified: Mon, 28 Jun 2021 04:15:23 GMT
server: nginx/1.18.0
etag: W/"60d94cdb-1c2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=5, origin; dur=0, ak_p; desc="469353_389359854_517545663_556_1592_40_0_-";dur=1
content-length: 211
expires: Wed, 17 Jul 2024 09:42:03 GMT

GET
H2 200 linkPreview.js Show response
cdn.adpushup.com/42753/ 75 KB
18 KB 226ms
223ms Script
application/javascript 23.53.40.242
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/42753/linkPreview.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.40.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-40-242.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: PT
date: Tue, 18 Jul 2023 09:42:03 GMT
content-encoding: br
last-modified: Tue, 13 Dec 2022 07:20:55 GMT
server: nginx/1.18.0
etag: W/"639827d7-12dc3"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
server-timing: cdn-cache; desc=HIT, edge; dur=15, origin; dur=0, ak_p; desc="469353_389359854_517545662_1486_1491_40_0_-";dur=1
content-length: 18371
expires: Tue, 18 Jul 2023 10:42:03 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 82 KB
28 KB 458ms
192ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

1f62002f80dafa3a5e9cae8792c5500d0fb847f479752fa3f1eb2607495f7901

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:42:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28006
x-xss-protection: 0
server: cafe
etag: 313 / 19556 / 31076055 / config-hash: 2841643792367511638
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 18 Jul 2023 09:42:04 GMT

GET
H2 200 testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 70 B
309 B 352ms
87ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2ODk2NzMzMjM3NzcsInBhY2tldElkIjoiMDAwMEE3MDEtOGEyNzQ4YjgtZjg1MS00Yjk3LWIzM2QtNjdhMWJkZmRiMDNkIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL21haS14aW4tY2hlLXNoYS1nb3UteGlhbi1qaS1nb3Utc2hpLW1vLWNoZS1zaGVuLXNhLWhlaS1nb3UteGllLWJhby14aW5nLWNoZS1waW5nLWFuLmh0bWwiLCJtb2RlIjo0LCJlcnJvckNvZGUiOjAsInJlZmVycmVyIjoiIiwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6bnVsbCwiY291bnRyeSI6IlBUIn0%3D&c_b=3023
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jul 2023 09:42:04 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 70 B
308 B 353ms
88ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jul 2023 09:42:04 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H3 200 amp-ad-network-adsense-impl-0.1.js Show response
cdn.ampproject.org/rtv/012306301917000/v0/ 215 KB
57 KB 81ms
80ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306301917000/v0/amp-ad-network-adsense-impl-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

sffe /

Resource Hash

d5656ba3004db4c16838167fc60c65845406d9c28331483afc80840a1f07acf8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 12 Jul 2023 15:33:30 GMT
age: 497313
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58110
x-xss-protection: 0
server: sffe
etag: "fbe9014bc2216cdf"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 11 Jul 2024 15:33:30 GMT

GET
H2 200 im-uid-hook.js Show response
dmp.im-apps.net/scripts/ 633 B
568 B 357ms
92ms Script
text/javascript 2.23.209.46
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=6858
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.209.46 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-209-46.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 69fa4215009a4325ef2d8ed36a318853ec8597bfa8fc52197de529582b85a965

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/javascript
date: Tue, 18 Jul 2023 09:42:04 GMT
content-encoding: gzip
cache-control: private, no-store
content-length: 445
vary: Accept-Encoding
p3p: CP="NOI PSD OTR"

GET
H/1.1 200
OK lift.json Show response
l.logly.co.jp/ 0
602 B 562ms
301ms Script
text/plain 108.156.60.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.logly.co.jp/lift.json?adspot_id=4308934&widget_id=92995&auc_id=&callback=_lgy_lift_callback_4308934&render_id=MTY4OTY3MzMyM18wX2Q0YjY5Yzc4ZjUzOA%3D%3D&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html&ref=
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.60.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-60-96.ams1.r.cloudfront.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 18 Jul 2023 09:42:04 GMT
Via: 1.1 b4b344356515496fe04e908f6ee73f4e.cloudfront.net (CloudFront)
Server: nginx
X-Amz-Cf-Pop: AMS1-P2
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
P3P: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
X-Amz-Cf-Id: r3QTrVnQUXCE4c07BKonN7VQCpDxlqArncLf9ELqXsl0atM-slMnrQ==

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 block.jpg
delivery.adrecover.com/ 631 B
857 B 100ms
99ms Image
image/jpeg 2.16.202.121
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://delivery.adrecover.com/block.jpg?ts=1689673323820
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.202.121 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-202-121.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: PT
date: Tue, 18 Jul 2023 09:42:03 GMT
last-modified: Wed, 23 Jun 2021 06:37:54 GMT
server: nginx/1.18.0
etag: "60d2d6c2-277"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
accept-ranges: bytes
content-length: 631
expires: Tue, 18 Jul 2023 10:42:03 GMT

GET
H2 200 AGSKWxWGtL7zuZ1y1IcNdDu97XV3A1nSFYlAxzUsMF11iBnZwCEpDsaZDLJvauA2_Cx3VImW-PkAxWSsA1Yld5y1tqA= Show response
fundingchoicesmessages.google.com/f/ 19 KB
8 KB 347ms
111ms Script
application/javascript 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWGtL7zuZ1y1IcNdDu97XV3A1nSFYlAxzUsMF11iBnZwCEpDsaZDLJvauA2_Cx3VImW-PkAxWSsA1Yld5y1tqA=

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f14.1e100.net

Software

ESF /

Resource Hash

e1a56d876538cdf66ae578f226857855caa19e371e0f4eb0cadee535206f5fe5

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-7EnSCKOhlu_dg4fsGh7xOQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:42:04 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-7EnSCKOhlu_dg4fsGh7xOQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync Show response
gum.criteo.com/ 46 B
288 B 264ms
85ms Script
text/javascript 178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230717-4-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:42:04 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 234723
expires: 60

GET
H2 200 json Show response
trc.taboola.com/palmate-bg3co/trc/3/ 91 KB
22 KB 499ms
491ms XHR
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-bg3co/trc/3/json?tim=09%3A42%3A03.926&lti=deflated&data=%7B%22id%22%3A271%2C%22ii%22%3A%22%2Fa%2Fmai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1689670403821%2C%22vi%22%3A1689673323916%2C%22cv%22%3A%2220230717-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fmai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fmai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html%22%2C%22vpi%22%3A%22%2Fa%2Fmai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A3246%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Feed%22%2C%22orig_uip%22%3A%22Below%20Article%20Feed%22%2C%22cd%22%3A1273.796875%2C%22mw%22%3A760%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fa%2Fmai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html%2CBelow%20Article%20Feed%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230717-4-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 692b334fbff1c2f43bbd07c46f2ec5fc6ea19346adf9885c41ce6d0e48b5d251

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 444
date: Tue, 18 Jul 2023 09:42:04 GMT
content-encoding: gzip
via: 1.1 varnish
x-fastly-to-nlb-rtt: 98935
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-lis1490043-LIS
server: nginx
x-timer: S1689673324.958535,VS0,VE444
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://www.bg3.co
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H3 200 cookieSyncIframe.html Show response
cdn.aralego.net/ucfad/cookie/ Frame DEB0 714 B
779 B 58ms
55ms Document
text/html 104.26.4.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.4.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

access-control-allow-credentials: true
age: 9237
alt-svc: h3=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 7e89c5c3990a48a9-LIS
content-encoding: br
content-type: text/html
date: Tue, 18 Jul 2023 09:42:04 GMT
last-modified: Wed, 09 Feb 2022 05:59:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nQAWtXIKtMihZTPQpsC8Pc04bHz%2BY48JR3SlZv1PHNGTKmywgwhepAQF7ko6n4sCNVeYSxWlYSR6qZcaVQPi5%2BoudMaVWJNGB42PT%2BguAgxaTsqUVlbUpVGyR6%2BIriLORQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame C0D1
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
https://eus.rubiconproject.com/usync.html?p=adiiix

281 B
554 B

349ms
106ms

Document
text/html

95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 18 Jul 2023 09:42:04 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Tue, 18 Jul 2023 09:42:04 GMT
location: https://eus.rubiconproject.com/usync.html?p=adiiix
server: AkamaiGHost

GET
H/1.1 200
OK idsync
sync.aralego.com/ 35 B
384 B 512ms
196ms Image
image/gif 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Ashburn, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:42:04 GMT
connection: close
content-length: 35
content-type: image/gif

GET
H3 200 cookieSyncIframe.html Show response
cdn.aralego.net/ucfad/cookie/ Frame F107 714 B
745 B 53ms
49ms Document
text/html 104.26.4.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.4.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

access-control-allow-credentials: true
age: 9237
alt-svc: h3=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 7e89c5c3b92648a9-LIS
content-encoding: br
content-type: text/html
date: Tue, 18 Jul 2023 09:42:04 GMT
last-modified: Wed, 09 Feb 2022 05:59:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5GKc%2BwdtlybBhikIbuf7Xyf%2BfULkTbVir1yMUJCxGyGr8vWokhA3WP6MvNW6MLghpPlA7LwnVjbZqWYpvmAEHdv2L8dUpiMmBuSnk6%2FTovqN%2FqusAHElENH3QX95z%2FhXBA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame A3DE
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
https://eus.rubiconproject.com/usync.html?p=adiiix

281 B
554 B

330ms
87ms

Document
text/html

95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 18 Jul 2023 09:42:04 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Tue, 18 Jul 2023 09:42:04 GMT
location: https://eus.rubiconproject.com/usync.html?p=adiiix
server: AkamaiGHost

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 7485 92 KB
32 KB 363ms
196ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: ads.aralego.com
URL: https://ads.aralego.com/sdk

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

b065acdf513599d47661cb09ebad8758310db063a785c16b3401c083436c6c05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:42:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32780
x-xss-protection: 0
server: cafe
etag: 5151484391971335133
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 18 Jul 2023 09:42:04 GMT

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame D0BD 92 KB
32 KB 262ms
125ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: ads.aralego.com
URL: https://ads.aralego.com/sdk

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

b7516493a830098b2e7835ec2a3f1696be0447d28a5be516c0f005eb20f4d7cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:42:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32772
x-xss-protection: 0
server: cafe
etag: 8800549756399902903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 18 Jul 2023 09:42:04 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
9 KB 311ms
92ms Script
application/javascript 91.228.74.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.228.74.159 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:42:04 GMT
content-encoding: gzip
etag: "sLp6xTjO7svFVaOemhLWUQ=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Tue, 25 Jul 2023 09:42:04 GMT

GET
H3 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012306301917000/v0/ 110 KB
31 KB 88ms
85ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306301917000/v0/amp-analytics-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

sffe /

Resource Hash

90749ff55eef5ddcfb2a33f1844851df55d8dd94e11459574592b980378c1ff8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 12 Jul 2023 15:33:30 GMT
age: 497314
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32124
x-xss-protection: 0
server: sffe
etag: "decfd95af2b74263"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 11 Jul 2024 15:33:30 GMT

GET
H2 200 integrator.json Show response
adservice.google.com/adsid/ 86 B
479 B 306ms
95ms Fetch
application/json 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.json?domain=www.bg3.co

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:42:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.bg3.co
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83
x-xss-protection: 0

GET
H2 200 nameframe.html
d-18319306701138821320.ampproject.net/2306301917000/ 0
0 340ms
112ms Other
text/html 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d-18319306701138821320.ampproject.net/2306301917000/nameframe.html
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f3.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame DEB0 81 KB
27 KB 155ms
154ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

abeb202ca0eb08d7c9190ea9edc89ea1a192c0b6a8516ed056c38d0ace783b3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:42:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27628
x-xss-protection: 0
server: cafe
etag: 889 / 19556 / 31076056 / config-hash: 2841643792367511638
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 18 Jul 2023 09:42:04 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame F107 81 KB
27 KB 188ms
188ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

7bf169808c7dca78ab9148d52fb3fd8aeccb95f9685289053bb848b058d16c3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:42:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27658
x-xss-protection: 0
server: cafe
etag: 379 / 19556 / m202307110101 / config-hash: 2841643792367511638
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 18 Jul 2023 09:42:04 GMT

GET
H2 200 im-uid.js Show response
dmp.im-apps.net/sdk/ 6 KB
3 KB 92ms
90ms Script
application/javascript 2.23.209.46
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/sdk/im-uid.js
Requested by: Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=6858
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.209.46 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-23-209-46.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Ewv0cV5pGNUFzf4cpCFpusOmzbO5pqOY
content-encoding: gzip
date: Tue, 18 Jul 2023 09:42:04 GMT
last-modified: Fri, 21 Apr 2023 06:05:08 GMT
etag: "14ccaf76e8933bdcf899015e943cd2df"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI PSD OTR"
cache-control: max-age=10800
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 2434

GET
H2 200 sync.html Show response
sync.logly.co.jp/sync/ Frame 8C9B 495 B
665 B 945ms
302ms Document
text/html 54.249.104.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.logly.co.jp/sync/sync.html
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.249.104.171 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-249-104-171.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 13d5c0f2451f0a14104098f72c6f3334114a68927e50beb4779a0bf98966d9f5

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=2592000
content-length: 495
content-type: text/html
date: Tue, 18 Jul 2023 09:42:05 GMT
etag: "64b63889-1ef"
last-modified: Tue, 18 Jul 2023 07:00:25 GMT
server: nginx

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/ 391 KB
125 KB 116ms
73ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js?cb=31076055

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

5aa49f0af3e388fdd29408e87eba4ea66280dc6023105732c233ebc6924784b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 01:07:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30854
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127551
x-xss-protection: 0
server: cafe
etag: 10618836103773446959
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 17 Jul 2024 01:07:50 GMT

GET
H3 200 googleanalytics.json Show response
cdn.ampproject.org/rtv/012306301917000/v0/analytics-vendors/ 2 KB
812 B 149ms
83ms Fetch
application/json 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306301917000/v0/analytics-vendors/googleanalytics.json

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

sffe /

Resource Hash

8065f98a0c313ee69495c3c529c6d093e08c980c4419bdf2c9c7318925056ead

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 12 Jul 2023 15:33:28 GMT
age: 497316
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 782
x-xss-protection: 0
server: sffe
etag: "707e438c9747f86f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 11 Jul 2024 15:33:28 GMT

GET
H2 200 ga4.json Show response
amp.analytics-debugger.com/ 7 KB
3 KB 298ms
74ms Fetch
application/json 172.64.136.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://amp.analytics-debugger.com/ga4.json?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.136.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fcde06d3963713e552d9d46936109ce6d3d389318c4c053217dd0a8b12e7b85

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:42:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8832
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 18 Jul 2023 07:14:52 GMT
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N4Ei8qTRgEiAik%2BndPe%2FO%2BBejGZ3r%2Fsay2%2FNzqNlaS2XfcfQabYaMK%2BQ7TfEW0Teh%2FQKg4k1XRkf7U8hjHuKMnHa2tMffyfSW3lKvrAYkEqedMhHTYevyyaud3v7zFqAxwfrrOwCwM9VGbpiew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: max-age=86400
access-control-allow-credentials: true
x-debug-em-all-ga4amp-version: 20230607
cf-ray: 7e89c5c838cb2fa3-MAD

GET
H3 200 gtag.json Show response
cdn.ampproject.org/rtv/012306301917000/v0/analytics-vendors/ 3 KB
956 B 110ms
82ms Fetch
application/json 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012306301917000/v0/analytics-vendors/gtag.json

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

sffe /

Resource Hash

0cdc1d09aac29df4b32648b075b088d83174193624fe3c219cfd777692c9ba81

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 12 Jul 2023 15:33:22 GMT
age: 497322
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 926
x-xss-protection: 0
server: sffe
etag: "59941a1a09d8d63d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 11 Jul 2024 15:33:22 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307120101/ Frame DEB0 391 KB
125 KB 82ms
82ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307120101/pubads_impl.js?cb=31076056

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

ddf8ed50c8e98fd5487859d7b60442e342e76496191eaecca316ffdffa437a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 02:43:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25133
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127551
x-xss-protection: 0
server: cafe
etag: 11165969021637306507
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 17 Jul 2024 02:43:11 GMT

GET
H2 200 em-different-fonts.js Show response
cdn.taboola.com/ui-ab-tests/em-different-fonts/ 1 KB
817 B 46ms
45ms Script
application/x-javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/ui-ab-tests/em-different-fonts/em-different-fonts.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230717-4-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b751c7ef24b8a91a3ed44c775ad011332e5b399eb0faa4a3da5b15fa99e70ef4

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: ZFH2xT9TTaJCMKjfJd0ldRMjn_sFmXns
content-encoding: gzip
via: 1.1 varnish
date: Tue, 18 Jul 2023 09:42:04 GMT
x-amz-request-id: F3TAQ8PG271KM4N5
age: 8020
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 442
x-amz-id-2: qlxEH5ouL+acpBBiBaI8MG6A0RoF10iMdZA1kSG7WkAIPsBmJ6SH59TlFeFH2A6HWKoD+t+DHBo=
x-served-by: cache-lis1490043-LIS
last-modified: Sun, 16 Jul 2023 07:13:22 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1689673325.686219,VS0,VE0
etag: "0806ac1d94e71882cf3f9d9346a84e34"
vary: Accept-Encoding
content-type: application/x-javascript
abp: 84
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 227

GET
H2 200 em-different-fonts.css
cdn.taboola.com/ui-ab-tests/em-different-fonts/ 913 B
536 B 45ms
45ms Stylesheet
text/css 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/ui-ab-tests/em-different-fonts/em-different-fonts.css
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230717-4-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1bc5c1253bf61376d888d0f55afd4630abb3ffc8ee3c0b6be00e16585c172316

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: b62wsEWBDKoR3E0QKoanFmDggbR7M3Ux
content-encoding: gzip
via: 1.1 varnish
date: Tue, 18 Jul 2023 09:42:04 GMT
x-amz-request-id: F3T0J8BMZRZ1B5YM
age: 8018
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 211
x-amz-id-2: hQK2f2G6VARnMOH+cxzocgUAYvKrP5y2v63IYyhgEPcfxUvckpy01TB1yNKVL/qCu38J6HBdQeA=
x-served-by: cache-lis1490043-LIS
last-modified: Sun, 16 Jul 2023 07:13:21 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1689673325.687337,VS0,VE0
etag: "362ce594aa61943453f696ced5022101"
vary: Accept-Encoding
content-type: text/css
abp: 18
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 233

GET
H2 200 floating-unit.20230717-4-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 8 KB
3 KB 46ms
46ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/floating-unit.20230717-4-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 064622a2cb814cda1595c65e6747736773aae930ee40afcfcabb0fa729a632e1

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: QtI8eqGtCFE2PfJtm41dapZ0ytaHx1Uy
content-encoding: gzip
via: 1.1 varnish
date: Tue, 18 Jul 2023 09:42:04 GMT
x-amz-request-id: 9G2Y99PNR09QAWF1
age: 3013
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 2473
x-amz-id-2: cIge/nilPpKFUz+Yymo1bJ7GyCqDh1IZhdo1NZd23ogSdTr+6/GCiRe5alnBOoc8K2p5GliJfJw=
x-served-by: cache-lis1490043-LIS
last-modified: Tue, 18 Jul 2023 08:51:51 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1689673325.695703,VS0,VE0
etag: "f3b729ca7830a63865f9137f7d12edaa"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 65
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 291

GET
H2 200 taboola-vignette-new-scanning.20230717-4-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 27 KB
8 KB 46ms
46ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/taboola-vignette-new-scanning.20230717-4-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3dc4250b258106839b24e88e25a3fb976674b95d467b7add6761dfba6eb14c4a

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 3_zm3JD1TLF4_JU5kdnaHAV4Xek0vWAE
content-encoding: gzip
via: 1.1 varnish
date: Tue, 18 Jul 2023 09:42:04 GMT
x-amz-request-id: 9CJ2RHXH8PDM7X89
age: 2996
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 8011
x-amz-id-2: swAIelCQn2ExZfvyPAa6LhKXl6J7OOrhI0TJeBrG38zzy0g5+BJYPwZfEGcoT9dH0s01fYIvp0M=
x-served-by: cache-lis1490043-LIS
last-modified: Tue, 18 Jul 2023 08:52:09 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1689673325.697624,VS0,VE0
etag: "a8e489c71975cdf8a52e56ebdac11b59"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 61
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 254

GET
H2 200 distance-from-article.20230717-4-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 45ms
45ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/distance-from-article.20230717-4-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b54317c30226c1f7f8dcdce527c10de0989837ccab76570cdb49db7c9a0d5845

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: oW5BqAPFu1Jbs6QzC9Iah8RLzR_7ye8A
content-encoding: gzip
via: 1.1 varnish
date: Tue, 18 Jul 2023 09:42:04 GMT
x-amz-request-id: EGX6BJSEJ996PQM0
age: 3023
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1135
x-amz-id-2: yFlG3MDpL7Ticd9y8tYoV31OHROgOkbkdVlgkbhLlC9uE9nnV4GiS2D5qhQL+Qx3FnZzSorCj6M=
x-served-by: cache-lis1490043-LIS
last-modified: Tue, 18 Jul 2023 08:51:42 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1689673325.713696,VS0,VE0
etag: "33426dfec50786874a64372825017549"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 89
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 1800

GET
H2 200 article-detection.20230717-4-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 3 KB
2 KB 45ms
45ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/article-detection.20230717-4-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1100c82f6a65084db37c7d6ec16c37136199b898bdac3bf0522841cdbfdf6ebb

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: wBebXGEzrzCNZW4RtjSKI5sTYbxmn0_x
content-encoding: gzip
via: 1.1 varnish
date: Tue, 18 Jul 2023 09:42:04 GMT
x-amz-request-id: HJCMFSZAT68138Y8
age: 3030
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1270
x-amz-id-2: ruOLefkWpU9E71vkl5n5u/rMQckhIfg77h6NnBeJbja4bmK8XVMZFEdxHP0KAkT/wxDFppY+Fls=
x-served-by: cache-lis1490043-LIS
last-modified: Tue, 18 Jul 2023 08:51:35 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1689673325.714662,VS0,VE0
etag: "e7752a5b82859f82758fdc840fc8607e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 59
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 1810

GET
H2 200 UnitFeedManagerDesktop.min.js Show response
vidstat.taboola.com/lite-unit/4.1.0/ 124 KB
35 KB 82ms
81ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/4.1.0/UnitFeedManagerDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230717-4-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d9ceebf892c9a6b44db2158869110bb36e2ea529b4630fac1003e0626996db10

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:42:04 GMT
via: 1.1 b1d2f89f3441d5c7e661028fba49a636.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: LIS50-C1
age: 174415
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront, HIT
content-length: 35310
x-served-by: cache-lis1490043-LIS
last-modified: Sun, 16 Jul 2023 09:14:19 GMT
server: AmazonS3
x-timer: S1689673325.721660,VS0,VE0
etag: "39118222999740332a2de1a48bf2f402"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: pwuh85-Sj73lBViK4ADdnkVDy3AAW8tS3GADg7RE6_lUF4YbzQ9b1g==
x-cache-hits: 439

GET
H2 200 feed-card-placeholder.20230717-4-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
2 KB 88ms
87ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/feed-card-placeholder.20230717-4-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bb7427fcba6d2ea8377b45f697df70ebd883ca592f178e3cc0a69a89ec9485da

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: d4HnG9wM6wmgaLsCY00dgll7dgUNXYaF
content-encoding: gzip
via: 1.1 varnish
date: Tue, 18 Jul 2023 09:42:04 GMT
x-amz-request-id: 2K240C66G33CAZNJ
age: 3018
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1261
x-amz-id-2: JUGmNQRl4BrcE6thN2OrMfnAj7lhqDPonVjMAzwQPGAgx9dXVdaZKbJxAMTUbFIGgn3NduIeD7A=
x-served-by: cache-lis1490043-LIS
last-modified: Tue, 18 Jul 2023 08:51:46 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1689673325.723869,VS0,VE0
etag: "a111411c9b16d1ff59fbef475b940a8c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 74
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 1295

GET
H2 200 userx.20230717-4-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 17 KB
6 KB 59ms
56ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20230717-4-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 36eb7db7a1ae79db82ff786cbcbbacfdd7057c144f85e4927ab6d93fc01c13d3

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: F0Mtw_W.r2To53_TuZXRC5zGYHfUTQHh
content-encoding: gzip
via: 1.1 varnish
date: Tue, 18 Jul 2023 09:42:04 GMT
x-amz-request-id: F69P57D1YAHD2N86
age: 2991
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5398
x-amz-id-2: 8jvLIIVc3UuOJgeHkdFrASZhqfupPMfEF2hwonhRnfEaTY7P4fm/vyiW9veeigafxR7C8oAMBj8=
x-served-by: cache-lis1490043-LIS
last-modified: Tue, 18 Jul 2023 08:52:14 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1689673325.757307,VS0,VE0
etag: "f7c65cd5453e664e7a6c229354b363ed"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 50
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 514

GET
H2 200 explore-more.20230717-4-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 30 KB
9 KB 55ms
54ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/explore-more.20230717-4-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0681b7df71cbec317e983cfe7ee669cb93e3bbfa8001c56d74fba078f70e2d5b

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: fXilSXz1eZYJNvOpEGQ541ayWJ0LuJqG
content-encoding: gzip
via: 1.1 varnish
date: Tue, 18 Jul 2023 09:42:04 GMT
x-amz-request-id: 6FDDFS58F2TRHEJR
age: 3020
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 8777
x-amz-id-2: GDZf/d/vBCBzYXqraGom1RhP4pJFQAq9NwtL3ybibxqXOYcb4k/BwJFi/je6RishqbSviUsh5dU=
x-served-by: cache-lis1490043-LIS
last-modified: Tue, 18 Jul 2023 08:51:45 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1689673325.893201,VS0,VE0
etag: "37a2d57f5896ee4c80d7d2a5656c6e2a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 12
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 814

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 457ms
133ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&lti=deflated&ri=b710ef91e553eaac33a516c17d0b75b8&sd=v2_70001663fb5575c68f9751daac7e51c6_18049bb8-a15a-4173-a3c3-612e921c562d-tuctbafe3ec_1689673324_1689673324_CNawjgYQ2YJdGIyrg8OWMSABKAEwswE4hNQMQOfWDEjS8NgDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=18049bb8-a15a-4173-a3c3-612e921c562d-tuctbafe3ec&pi=/a/mai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html&wi=-3490375990920042684&pt=text&vi=1689673323916&d=%7B%22event_type%22%3A%22next_up%22%2C%22event_state%22%3A%22RENDERED%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3Anull%7D&tim=09%3A42%3A04.671&id=4593&llvl=2&cv=20230717-4-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 18 Jul 2023 09:42:05 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 471ms
147ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&lti=deflated&ri=b710ef91e553eaac33a516c17d0b75b8&sd=v2_70001663fb5575c68f9751daac7e51c6_18049bb8-a15a-4173-a3c3-612e921c562d-tuctbafe3ec_1689673324_1689673324_CNawjgYQ2YJdGIyrg8OWMSABKAEwswE4hNQMQOfWDEjS8NgDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=18049bb8-a15a-4173-a3c3-612e921c562d-tuctbafe3ec&pi=/a/mai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html&wi=-3490375990920042684&pt=text&vi=1689673323916&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-before-load%22%2C%22eventTime%22%3A1689673324673%7D&tim=09%3A42%3A04.674&id=1171&llvl=2&cv=20230717-4-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 18 Jul 2023 09:42:05 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 464ms
140ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&lti=deflated&ri=b710ef91e553eaac33a516c17d0b75b8&sd=v2_70001663fb5575c68f9751daac7e51c6_18049bb8-a15a-4173-a3c3-612e921c562d-tuctbafe3ec_1689673324_1689673324_CNawjgYQ2YJdGIyrg8OWMSABKAEwswE4hNQMQOfWDEjS8NgDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=18049bb8-a15a-4173-a3c3-612e921c562d-tuctbafe3ec&pi=/a/mai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html&wi=-3490375990920042684&pt=text&vi=1689673323916&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1689673324684%7D&tim=09%3A42%3A04.684&id=9678&llvl=2&cv=20230717-4-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 18 Jul 2023 09:42:05 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 491ms
167ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&lti=deflated&ri=b710ef91e553eaac33a516c17d0b75b8&sd=v2_70001663fb5575c68f9751daac7e51c6_18049bb8-a15a-4173-a3c3-612e921c562d-tuctbafe3ec_1689673324_1689673324_CNawjgYQ2YJdGIyrg8OWMSABKAEwswE4hNQMQOfWDEjS8NgDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=18049bb8-a15a-4173-a3c3-612e921c562d-tuctbafe3ec&pi=/a/mai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html&wi=-3490375990920042684&pt=text&vi=1689673323916&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=09%3A42%3A04.844&id=2161&llvl=2&cv=20230717-4-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 18 Jul 2023 09:42:05 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
90 B 453ms
130ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=09%3A42%3A04.897&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-rec-reel-01-x-delta&llvl=2&id=3203&cv=20230717-4-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:42:05 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 85857

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 455ms
132ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=09%3A42%3A04.913&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-x-delta&llvl=2&id=8969&cv=20230717-4-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:42:05 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 85857

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 256ms
135ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=09%3A42%3A04.938&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-b-em-delta&llvl=2&id=8507&cv=20230717-4-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:42:05 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 85826

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 258ms
141ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=09%3A42%3A04.948&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=7305&cv=20230717-4-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:42:05 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 85826

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 259ms
143ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=09%3A42%3A04.966&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=4869&cv=20230717-4-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:42:05 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 85826

GET
H2 200 f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 4 KB
2 KB 45ms
45ms Image
image/svg+xml 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding: gzip
via: 1.1 varnish
date: Tue, 18 Jul 2023 09:42:05 GMT
x-amz-request-id: 8R6Y8MF83F4SX453
age: 76
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1758
x-amz-id-2: y2mfqW0zNaVKBEwFw8dY+fcbOjSB9dkUju7ClvLvpp+A82nlMU2QeiiPhh7eMjog9LKHLsuhxI8=
x-served-by: cache-lis1490043-LIS
last-modified: Wed, 07 Feb 2018 11:15:52 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1689673325.002989,VS0,VE0
etag: "b8b410e4b18d45aa2f3d9bc09cd335fb"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
abp: 82
cache-control: private,max-age=31536000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 36

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307120102/ Frame D0BD 357 KB
123 KB 186ms
170ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307120102/show_ads_impl_fy2021.js?bust=31076133

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

bc45774beb951bd61e0281013afc3619583f9e59b00f47f709fcd06b82fa70eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:42:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125684
x-xss-protection: 0
server: cafe
etag: 7376707936391099776
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Jul 2023 09:42:05 GMT

GET
H2 200 get Show response
audiencedata.im-apps.net/imuid/ 10 B
171 B 483ms
286ms XHR
application/json 34.120.96.193
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://audiencedata.im-apps.net/imuid/get?cid=6858&vid=01H5M61PT4NBWRTR3JQ3DMXN9J
Requested by: Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/sdk/im-uid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.96.193 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 193.96.120.34.bc.googleusercontent.com
Software: /
Resource Hash: bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://www.bg3.co
date: Tue, 18 Jul 2023 09:42:05 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10
content-type: application/json

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame A3DE 34 KB
10 KB 211ms
102ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: d16b7e791947e153bd624220a710934e78b687ddb2ff2315adf78da32a953431

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 18 Jul 2023 09:42:05 GMT
Content-Encoding: gzip
Last-Modified: Tue, 18 Jul 2023 01:54:57 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=58316
Connection: keep-alive
Content-Length: 10114
Expires: Wed, 19 Jul 2023 01:54:01 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame C0D1 34 KB
10 KB 144ms
100ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: d16b7e791947e153bd624220a710934e78b687ddb2ff2315adf78da32a953431

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 18 Jul 2023 09:42:05 GMT
Content-Encoding: gzip
Last-Modified: Tue, 18 Jul 2023 01:54:57 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=58316
Connection: keep-alive
Content-Length: 10114
Expires: Wed, 19 Jul 2023 01:54:01 GMT

GET
H2 200 8b924ef7b726e783b20b4076e78c62d2.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_1080%2Cw_1440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 152 KB
153 KB 141ms
95ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_1080%2Cw_1440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8b924ef7b726e783b20b4076e78c62d2.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8e51089d22c99aa4d9196e60c2d527a2352b8a139fb3ca86e89cc9fa2c1b7a36

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Tue, 18 Jul 2023 09:42:05 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_1080%2Cw_1440%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8b924ef7b726e783b20b4076e78c62d2.png
age: 1128530
edge-cache-tag: 628131638865840138074933382416259481994,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
cache-tag: 628131638865840138074933382416259481994,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 837
expiration: expiry-date="Fri, 07 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.tipsenweetjes.nl/
content-length: 156108
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kjyo7100091-IAD, cache-iad-kiad7000157-IAD, cache-lga21960-LGA, cache-iad-kjyo7100135-IAD, cache-lis1490043-LIS
last-modified: Tue, 06 Jun 2023 18:27:33 GMT
server: nginx
x-timer: S1689673326.599361,VS0,VE1
etag: "4c60e174c5d98ad4dabb9f240af990d7"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 2, 1

GET
H2 200 5bd1b2035631f99bd2edfaadf243afd6.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 96 KB
97 KB 137ms
91ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5bd1b2035631f99bd2edfaadf243afd6.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 311d28a7744f147d36746147ac2b7c091f1efe1992ec61160fff9f6ce3a7b30e

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Tue, 18 Jul 2023 09:42:05 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5bd1b2035631f99bd2edfaadf243afd6.jpg
age: 319675
edge-cache-tag: 356312433787861980264249462799846831266,498584393636076703798430334516519001030,29ecf9b93bbf306179626feeda1fab70
cache-tag: 356312433787861980264249462799846831266,498584393636076703798430334516519001030,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 1246
req-referer: https://www.chedonna.it/2023/07/13/abito-estate-giulia-de-lellis-2023/
content-length: 98792
x-request-id: 11a60190a04e4995d6aabfe82740e8a4
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by: cache-iad-kcgs7200051-IAD, cache-iad-kcgs7200082-IAD, cache-chi-kigq8000077-CHI, cache-iad-kiad7000139-IAD, cache-lis1490043-LIS
last-modified: Fri, 14 Jul 2023 12:10:09 GMT
server: nginx
x-timer: S1689673326.599067,VS0,VE1
etag: "92f66d551f94b9005d33205ad5bc96ca"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 2, 1

GET
H2 200 21095320aba5ba7fbe1dea85e5408335.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 30 KB
31 KB 92ms
46ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/21095320aba5ba7fbe1dea85e5408335.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f76a147cbe130718d6c2e85d94d52d1e9334b6539b63ba1e5a25975d99ea8db3

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Tue, 18 Jul 2023 09:42:05 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/21095320aba5ba7fbe1dea85e5408335.jpg
age: 4991800
edge-cache-tag: 581651182490352650140986442054686683286,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 581651182490352650140986442054686683286,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 97
expiration: expiry-date="Sun, 11 Jun 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.meiahora.com.br/
content-length: 30336
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kcgs7200027-IAD, cache-iad-kjyo7100157-IAD, cache-chi-klot8100044-CHI, cache-iad-kcgs7200143-IAD, cache-lis1490043-LIS
last-modified: Thu, 11 May 2023 21:24:54 GMT
server: nginx
x-timer: S1689673326.599339,VS0,VE0
etag: "060ac8b01c387c8b35efce55351b6933"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 739, 7

GET
H2 200 23c1de97514e93799b30e1ac710535f3.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 18 KB
19 KB 112ms
66ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/23c1de97514e93799b30e1ac710535f3.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 85bc8c2064c97cb08fd7e7a287e0d472c13a0d2a58a8b324064ce9b441a07f4f

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Tue, 18 Jul 2023 09:42:05 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/23c1de97514e93799b30e1ac710535f3.jpg
age: 667389
edge-cache-tag: 361270766881685655910580872308822735840,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 361270766881685655910580872308822735840,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 71
req-referer: https://misteriosdomundo.org/
content-length: 18570
x-request-id: b95ee7804a5951d43ee43a000b1b58ac
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kiad7000139-IAD, cache-iad-kiad7000138-IAD, cache-lax10650-LGB, cache-iad-kiad7000110-IAD, cache-lis1490043-LIS
last-modified: Mon, 10 Jul 2023 16:02:09 GMT
server: nginx
x-timer: S1689673326.599070,VS0,VE1
etag: "79089aaf16ea606381d9bba097a2f5a5"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 5, 1

GET
H2 200 8b924ef7b726e783b20b4076e78c62d2.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 60 KB
60 KB 111ms
75ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8b924ef7b726e783b20b4076e78c62d2.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c7acc881e9cf06986917157dec024e7ece426958d682a62c69d73bd0068c03ed

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Tue, 18 Jul 2023 09:42:05 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8b924ef7b726e783b20b4076e78c62d2.png
age: 2407250
edge-cache-tag: 628131638865840138074933382416259481994,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 628131638865840138074933382416259481994,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 312
expiration: expiry-date="Fri, 07 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.gazzetta.it/
content-length: 61196
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kiad7000166-IAD, cache-iad-kcgs7200088-IAD, cache-lga21939-LGA, cache-iad-kcgs7200146-IAD, cache-lis1490043-LIS
last-modified: Tue, 06 Jun 2023 14:49:00 GMT
server: nginx
x-timer: S1689673326.599365,VS0,VE1
etag: "41f70f4e09383f37d26f3a047e8d7fbc"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 873, 1

GET
H2 200 9067458821bd75560fe23f90aaac44c6.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 28 KB
29 KB 84ms
48ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9067458821bd75560fe23f90aaac44c6.jpeg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6692d8a5a14b43ea79f4f2c831f0efacf19cdc9915516dc0a4d883457ce89cb4

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Tue, 18 Jul 2023 09:42:05 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9067458821bd75560fe23f90aaac44c6.jpeg
age: 3450060
edge-cache-tag: 551890399620475095705372564126400574950,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 551890399620475095705372564126400574950,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 245
expiration: expiry-date="Sun, 11 Jun 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://lols.pl/
content-length: 29070
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kjyo7100022-IAD, cache-iad-kjyo7100047-IAD, cache-sna10727-LGB, cache-iad-kjyo7100126-IAD, cache-lis1490043-LIS
last-modified: Thu, 11 May 2023 17:18:15 GMT
server: nginx
x-timer: S1689673326.599603,VS0,VE0
etag: "a53f6d7809d0e19242af07577ede08e7"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 1, 332, 21

GET
H2 200 homecare.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.ibb.co/WGW8bSN/ 12 KB
12 KB 102ms
62ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.ibb.co/WGW8bSN/homecare.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 220b8755839d4a62c052b987d8ed0cc7061d3eed236ef0a959a41745cfbca5a1

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Tue, 18 Jul 2023 09:42:05 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//i.ibb.co/WGW8bSN/homecare.jpg
age: 2268977
edge-cache-tag: 371782523217464828271078446523630643155,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag: 371782523217464828271078446523630643155,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 871
req-referer: https://www.express.co.uk/
content-length: 11910
x-request-id: 62d154266a7978b4232500ba4065e93b
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kiad7000072-IAD, cache-iad-kcgs7200025-IAD, cache-chi-kigq8000150-CHI, cache-iad-kjyo7100068-IAD, cache-lis1490043-LIS
last-modified: Tue, 20 Jun 2023 17:47:28 GMT
server: nginx
x-timer: S1689673326.697217,VS0,VE0
etag: "73cd37454d57079f6a6f1edc3b43298b"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 1, 12, 3

GET
H2 200 5bd1b2035631f99bd2edfaadf243afd6.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 107 KB
108 KB 81ms
61ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5bd1b2035631f99bd2edfaadf243afd6.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ef74bcb1232541f20d664d9aaa42000fefdf195a3698d18182bc3c1048b8ebeb

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Tue, 18 Jul 2023 09:42:05 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5bd1b2035631f99bd2edfaadf243afd6.jpg
age: 322183
edge-cache-tag: 356312433787861980264249462799846831266,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
cache-tag: 356312433787861980264249462799846831266,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 1410
req-referer: https://paperela.com/
content-length: 109802
x-request-id: 05a7f09220f750a81233ed8ed8ccea7c
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kcgs7200125-IAD, cache-iad-kjyo7100038-IAD, cache-lga21920-LGA, cache-iad-kiad7000109-IAD, cache-lis1490043-LIS
last-modified: Fri, 14 Jul 2023 12:10:09 GMT
server: nginx
x-timer: S1689673326.703337,VS0,VE1
etag: "f9b3eb7ef8402bb85647296037b2a90b"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 9, 1

GET
H2 200 8b924ef7b726e783b20b4076e78c62d2.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 69 KB
70 KB 86ms
67ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8b924ef7b726e783b20b4076e78c62d2.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e763ae6619d2ac1bc90c7092d781922dc2116ea3a1e0deed7886f18c0a665152

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Tue, 18 Jul 2023 09:42:05 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8b924ef7b726e783b20b4076e78c62d2.png
age: 2742216
edge-cache-tag: 628131638865840138074933382416259481994,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 628131638865840138074933382416259481994,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 399
expiration: expiry-date="Fri, 07 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.sueddeutsche.de/
content-length: 70920
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kiad7000033-IAD, cache-iad-kjyo7100036-IAD, cache-sna10723-LGB, cache-iad-kiad7000022-IAD, cache-lis1490043-LIS
last-modified: Tue, 06 Jun 2023 13:58:16 GMT
server: nginx
x-timer: S1689673326.706063,VS0,VE1
etag: "1c90d421946f35c8a49a65461da750a1"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 0, 797, 1

GET
H2 200 21095320aba5ba7fbe1dea85e5408335.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 98 KB
99 KB 82ms
74ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/21095320aba5ba7fbe1dea85e5408335.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 4ba2a5f2d74cd9941d09d0da725f620af02aabea20a8f489391240df67552615

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Tue, 18 Jul 2023 09:42:05 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/21095320aba5ba7fbe1dea85e5408335.jpg
age: 1372610
edge-cache-tag: 581651182490352650140986442054686683286,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 581651182490352650140986442054686683286,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 259
expiration: expiry-date="Sat, 15 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.revistafama.com/
content-length: 100368
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kcgs7200027-IAD, cache-iad-kjyo7100157-IAD, cache-lax10659-LGB, cache-iad-kcgs7200138-IAD, cache-lis1490043-LIS
last-modified: Wed, 14 Jun 2023 18:12:36 GMT
server: nginx
x-timer: S1689673326.708832,VS0,VE1
etag: "060ac8b01c387c8b35efce55351b6933"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 126, 1

GET
H2 200 23c1de97514e93799b30e1ac710535f3.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 40 KB
41 KB 77ms
64ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/23c1de97514e93799b30e1ac710535f3.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b29b68988feff019de3d41852456ce8d2e0b55a09d5cc350cfe9ac7e1bc3b26a

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Tue, 18 Jul 2023 09:42:05 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/23c1de97514e93799b30e1ac710535f3.jpg
age: 667390
edge-cache-tag: 361270766881685655910580872308822735840,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 361270766881685655910580872308822735840,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 324
req-referer: https://buzzvip.pt/
content-length: 41234
x-request-id: b95ee7804a5951d43ee43a000b1b58ac
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by: cache-iad-kiad7000139-IAD, cache-iad-kiad7000138-IAD, cache-lga21972-LGA, cache-iad-kcgs7200065-IAD, cache-lis1490043-LIS
last-modified: Mon, 10 Jul 2023 16:02:09 GMT
server: nginx
x-timer: S1689673326.727199,VS0,VE1
etag: "79089aaf16ea606381d9bba097a2f5a5"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 3, 1

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307130102/ Frame 7485 359 KB
123 KB 206ms
205ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307130102/show_ads_impl_fy2021.js?bust=31076134

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

2b0e93786481f17c19375c1d144311330f37905a8471af93dccb746be3e7c92e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:42:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126140
x-xss-protection: 0
server: cafe
etag: 5413073604996925192
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Jul 2023 09:42:05 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/ Frame F107 391 KB
125 KB 78ms
77ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

5aa49f0af3e388fdd29408e87eba4ea66280dc6023105732c233ebc6924784b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:21:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1254
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127551
x-xss-protection: 0
server: cafe
etag: 10618836103773446959
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 17 Jul 2024 09:21:11 GMT

GET
H2 200 rules-p-54Nt-1NAaEEe0.js Show response
rules.quantcount.com/ 160 B
634 B 315ms
89ms Script
application/javascript 18.66.97.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-52.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:17:16 GMT
via: 1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 1491
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Thu, 13 Oct 2022 15:29:19 GMT
server: AmazonS3
etag: "05b131079c67d484167fd1b1f6c79577"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: X5NjiCgz-0Jfvc6U7D643epPqof95qkpxBqKFH1h96dUVK28kppj-A==

GET
H2 200 sync.js Show response
sync.logly.co.jp/sync/ Frame 8C9B 0
268 B 319ms
319ms Script
text/plain 54.249.104.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.logly.co.jp/sync/sync.js
Requested by: Host: sync.logly.co.jp
URL: https://sync.logly.co.jp/sync/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.249.104.171 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-249-104-171.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://sync.logly.co.jp/sync/sync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 18 Jul 2023 09:42:06 GMT
cache-control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
server: nginx
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
p3p: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"

POST
H2 202 logs Show response
http-intake.logs.datadoghq.com/api/v2/ 2 B
253 B 564ms
193ms Fetch
application/json 3.233.145.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.233.145.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-145-251.compute-1.amazonaws.com

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 18 Jul 2023 09:42:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 2

GET
H2 404 L2EvbWFpLXhpbi1jaGUtc2hhLWdvdS14aWFuLWppLWdvdS1zaGktbW8tY2hlLXNoZW4tc2EtaGVpLWdvdS14aWUtYmFvLXhpbmctY2hlLXBpbmctYW4uaHRtbA==.json Show response
cdn.adpushup.com/42753/ 555 B
870 B 236ms
236ms XHR
text/html 23.53.40.242
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/42753/L2EvbWFpLXhpbi1jaGUtc2hhLWdvdS14aWFuLWppLWdvdS1zaGktbW8tY2hlLXNoZW4tc2EtaGVpLWdvdS14aWUtYmFvLXhpbmctY2hlLXBpbmctYW4uaHRtbA==.json
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.40.242 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-40-242.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 /
Resource Hash: 6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: PT
date: Tue, 18 Jul 2023 09:42:06 GMT
server: nginx/1.18.0
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
server-timing: cdn-cache; desc=MISS, edge; dur=13, origin; dur=124, ak_p; desc="469353_389359854_517550975_13737_1926_42_0_-";dur=1
content-length: 555
expires: Tue, 18 Jul 2023 10:42:06 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame A3DE 284 B
536 B 395ms
99ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame C0D1 284 B
536 B 388ms
104ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: c1913d0f161dfd12bb229b87994a2d1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

POST
H2 200 amp Show response
www.googletagmanager.com/gtag/ 684 B
762 B 320ms
104ms Fetch
application/json 142.250.185.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fwww.bg3.co

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

2aec7a278e6dcbc6fe1215aa393f819226b5ce4c8e0490f7ff1e263f29b07f89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=utf-8

Response headers

date: Tue, 18 Jul 2023 09:42:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="amp.json"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 305
x-xss-protection: 0
pragma: no-cache
amp-access-control-allow-source-origin: https://www.bg3.co
server: Google Tag Manager
vary: *
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.bg3.co
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 next-up-widget.20230717-4-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 16 KB
5 KB 48ms
47ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/next-up-widget.20230717-4-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5598d6ff50f77584df138197b258d8f0c8ed1133a1ee872014d3db224effe852

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: OrcVkenzBxgT5yd9IpEqtKJ33iptyscp
content-encoding: gzip
via: 1.1 varnish
date: Tue, 18 Jul 2023 09:42:06 GMT
x-amz-request-id: GRK6CC0RNBAMGY02
age: 3011
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 4623
x-amz-id-2: jx6ZoojjBPFLwleHA5ZlGQhnmqEEemH+RPOqJ6b553QIEye77RF06K9bTQqemakoImHFQSGvvms=
x-served-by: cache-lis1490043-LIS
last-modified: Tue, 18 Jul 2023 08:51:54 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1689673327.532182,VS0,VE0
etag: "47e6bb9fee72905703c44dc21b483513"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 84
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 286

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 132ms
131ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&lti=deflated&ri=b710ef91e553eaac33a516c17d0b75b8&sd=v2_70001663fb5575c68f9751daac7e51c6_18049bb8-a15a-4173-a3c3-612e921c562d-tuctbafe3ec_1689673324_1689673324_CNawjgYQ2YJdGIyrg8OWMSABKAEwswE4hNQMQOfWDEjS8NgDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=18049bb8-a15a-4173-a3c3-612e921c562d-tuctbafe3ec&pi=/a/mai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html&wi=-3490375990920042684&pt=text&vi=1689673323916&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-script-loaded%22%2C%22type%22%3A%22%7B%5C%22timeFromLoad%5C%22%3A4323%7D%22%2C%22eventTime%22%3A1689673326517%7D&tim=09%3A42%3A06.517&id=240&llvl=2&cv=20230717-4-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 18 Jul 2023 09:42:06 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 147ms
146ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&lti=deflated&ri=b710ef91e553eaac33a516c17d0b75b8&sd=v2_70001663fb5575c68f9751daac7e51c6_18049bb8-a15a-4173-a3c3-612e921c562d-tuctbafe3ec_1689673324_1689673324_CNawjgYQ2YJdGIyrg8OWMSABKAEwswE4hNQMQOfWDEjS8NgDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=18049bb8-a15a-4173-a3c3-612e921c562d-tuctbafe3ec&pi=/a/mai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html&wi=-3490375990920042684&pt=text&vi=1689673323916&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22feed-distance-from-article-end%22%2C%22type%22%3A%22304.796875%22%2C%22eventTime%22%3A1689673326566%7D&tim=09%3A42%3A06.566&id=4697&llvl=2&cv=20230717-4-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 18 Jul 2023 09:42:06 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 131ms
130ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=09%3A42%3A06.616&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=9819&cv=20230717-4-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:42:06 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 90533

GET
H2 200 css2
fonts.googleapis.com/ 20 KB
1 KB 335ms
100ms Stylesheet
text/css 142.250.184.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230717-4-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f10.1e100.net

Software

ESF /

Resource Hash

a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 18 Jul 2023 09:42:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 09:26:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 18 Jul 2023 09:42:06 GMT

GET
H2 200 spa-detector.20230717-4-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 60ms
60ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/spa-detector.20230717-4-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 060dbeeec45d3877f648acff05e866d0fe3bee5347a9e107db6aba41426a61cf

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: drUDmZXDYi1Iq4loOJMgHMOma4BH8KPz
content-encoding: gzip
via: 1.1 varnish
date: Tue, 18 Jul 2023 09:42:06 GMT
x-amz-request-id: 18G1PPS3PN451NQV
age: 3006
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 810
x-amz-id-2: 7eQJzJsLQYpZReEnN58IGdvNU1iqYPoACFD3u3+uuuUaW/ZWnrU7k/1vRvZc1jNLZ4X2W1x8VGw=
x-served-by: cache-lis1490043-LIS
last-modified: Tue, 18 Jul 2023 08:52:01 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1689673327.814105,VS0,VE0
etag: "0467062c4cde3a73f6ab5787ec357912"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 83
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 834

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 134ms
133ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&lti=deflated&ri=b710ef91e553eaac33a516c17d0b75b8&sd=v2_70001663fb5575c68f9751daac7e51c6_18049bb8-a15a-4173-a3c3-612e921c562d-tuctbafe3ec_1689673324_1689673324_CNawjgYQ2YJdGIyrg8OWMSABKAEwswE4hNQMQOfWDEjS8NgDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=18049bb8-a15a-4173-a3c3-612e921c562d-tuctbafe3ec&pi=/a/mai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html&wi=-3490375990920042684&pt=text&vi=1689673323916&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=09%3A42%3A06.618&id=6530&llvl=2&cv=20230717-4-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 18 Jul 2023 09:42:06 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 134ms
133ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&lti=deflated&ri=b710ef91e553eaac33a516c17d0b75b8&sd=v2_70001663fb5575c68f9751daac7e51c6_18049bb8-a15a-4173-a3c3-612e921c562d-tuctbafe3ec_1689673324_1689673324_CNawjgYQ2YJdGIyrg8OWMSABKAEwswE4hNQMQOfWDEjS8NgDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=18049bb8-a15a-4173-a3c3-612e921c562d-tuctbafe3ec&pi=/a/mai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html&wi=-3490375990920042684&pt=text&vi=1689673323916&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22header%20found%22%2C%22eventTime%22%3A1689673326743%7D&tim=09%3A42%3A06.743&id=1241&llvl=2&cv=20230717-4-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 18 Jul 2023 09:42:06 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 135ms
134ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&lti=deflated&ri=b710ef91e553eaac33a516c17d0b75b8&sd=v2_70001663fb5575c68f9751daac7e51c6_18049bb8-a15a-4173-a3c3-612e921c562d-tuctbafe3ec_1689673324_1689673324_CNawjgYQ2YJdGIyrg8OWMSABKAEwswE4hNQMQOfWDEjS8NgDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=18049bb8-a15a-4173-a3c3-612e921c562d-tuctbafe3ec&pi=/a/mai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html&wi=-3490375990920042684&pt=text&vi=1689673323916&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=09%3A42%3A06.782&id=2269&llvl=2&cv=20230717-4-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 18 Jul 2023 09:42:06 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 134ms
133ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&lti=deflated&ri=b710ef91e553eaac33a516c17d0b75b8&sd=v2_70001663fb5575c68f9751daac7e51c6_18049bb8-a15a-4173-a3c3-612e921c562d-tuctbafe3ec_1689673324_1689673324_CNawjgYQ2YJdGIyrg8OWMSABKAEwswE4hNQMQOfWDEjS8NgDUP___________wFYAGAAaLGv6bXK_ffOrQFwAA&ui=18049bb8-a15a-4173-a3c3-612e921c562d-tuctbafe3ec&pi=/a/mai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html&wi=-3490375990920042684&pt=text&vi=1689673323916&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1689673326789%7D&tim=09%3A42%3A06.789&id=8769&llvl=2&cv=20230717-4-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 18 Jul 2023 09:42:06 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

POST
H2 204 bulk Show response
trc.taboola.com/palmate-bg3co/log/3/ 0
363 B 220ms
219ms XHR
image/gif 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-bg3co/log/3/bulk?route=AM%3AIL%3AV&lti=deflated&bulkSize=11
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230717-4-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 120
date: Tue, 18 Jul 2023 09:42:07 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 103187
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-lis1490043-LIS
pragma: no-cache
server: nginx
x-timer: S1689673327.927191,VS0,VE120
content-type: image/gif
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 3 KB
2 KB 45ms
45ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230717-4-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding: gzip
via: 1.1 varnish
date: Tue, 18 Jul 2023 09:42:06 GMT
x-amz-request-id: 2QTT4DE5AQFM88XF
age: 467
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1340
x-amz-id-2: dMpQEqvpkPUA1yI5WlgLWI6aQfPUJsjmB2fSziQmvtojBztCAzUgZKiq9ChhsF8Gs3NDPvc2z0Y=
x-served-by: cache-lis1490043-LIS
last-modified: Wed, 12 Oct 2022 13:57:57 GMT
server: AmazonS3
x-timer: S1689673327.988210,VS0,VE0
etag: "383fa66d2a0a09f4a6e64a9593ad43bb"
vary: Accept-Encoding
content-type: application/javascript
abp: 44
access-control-allow-origin: *
cache-control: private, max-age=3600
accept-ranges: bytes
x-cache-hits: 930

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame DEB0 492 B
264 B 127ms
125ms XHR
text/plain 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2456436762176039&correlator=1092698962356006&eid=31076056&output=ldjh&gdfp_req=1&vrg=202307120101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1689673327052&lmt=1644386353&dlt=1689673324194&idt=2044&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=pct8e91sv6c5&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1271066196.1689673327&ga_sid=1689673327&ga_hid=1805706882&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307120101/pubads_impl.js?cb=31076056

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

6ad596ed16a501242fa0fdf511aab6298ab68b9412ed830a27a795455e79a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:42:07 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 234
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cdn.aralego.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame DEB0 15 KB
12 KB 148ms
147ms XHR
application/json 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307120101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307120101/pubads_impl.js?cb=31076056

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

2125a0368b75a7586c5106cbcc2411e82ea97e5177841cfed169c004223f1aab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:42:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11891
x-xss-protection: 0

GET
H2 200 container.html Show response
0a9c77ec73b57b67966354804facfdfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D232 6 KB
3 KB 297ms
84ms Document
text/html 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0a9c77ec73b57b67966354804facfdfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307120101/pubads_impl.js?cb=31076056

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jul 2023 09:42:07 GMT
expires: Wed, 17 Jul 2024 09:42:07 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 st Show response
imprammp.taboola.com/ Frame 8131 422 B
344 B 93ms
86ms Document
text/html 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8yisCLAaQ1u3p1ZvivhIgrdvTqzfFfS0AAABgYID-AEmNJrbNZrda6xbO3Vo0WgzXyonNtBbNXCbnwjRyjIwLIyCp0cS22exWa93CuVuLRovhWjmxmdaimcvkXJhGjpFxYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZtaDodPte9Xvf73SU-z1zj9yv8aofTLXza3Rqjy605Otw6v-stfDrsbqnTrfO73pqj0632uzVGl1tzdNndmodb6HK6dX7XW_h0uSUOv1v4tPvcGqPLLXjafW6F3S40vc12AAAAAPDg____HwIAAABABAAAAAAJAAAAABQCKvxbELgAAAAAgOH___9fA8AqBwN2ei5-uz8AAAAAgAAAAAAgAYCAflgCIMZ478T_________f4wB-swbGf____83DHoAPPgAeBACAAAANKQK7LozDyjbg0iBbBFGAAAAAIY98QWOTNIJKhZV_v__-60AXAEACEhEA7PuyqI7KPEWBgAAQGDMAj0sfr_ZYdf43S7z_________2_m_8w_GiGN-uE0wRKPXGp-AQEA1vwCAgCwUTcAAG8C4AQdglYMBqsTELMDAAAAcOf___9fD8gNBoPFbLaZWVyr3WpjG86cu9Vi5HB4fCvXYmPbHnbUj2ynayuPPhvCMvt9BwXl9PSYXQYZy2UyiA8ahuVkEMzPhC1Gq8lksxzOlovJYDgajkb7I4DLAZqIwXI5mSwmu9VoNdoMd6PZYIEEYjBBFC0aTFaj0WQxGa5Gk9VsudjtNoiiVavZaDMYrmaT2W63Gg6Gy9EITdhitJpMNsvhbLmYDIaj4Wg0RDAxHIyWE4txrXCsFm7RYrdZKzwbz1q2mKyck8XGNZuM3KLXx3Rx2FyelceLBAPq9iJ5WqQT0cpkMw4nk8XItPIshyPXcrQaTkye5Waz8K1cm4lYojlZpBPZZd8bDAaL2Wwzs7hWu9XGNpw5d6vFyOHw-Fauxca2bwwHo-XEYlwrHKuFW7TYbdYKz8azli0mK-dksXHNJiO36PUxXRw2l2fl8Tdmw-Vst9lMRvvGbLic7TabyWjfoTN8V5-zUVlWST4m8_Iz7nltToPCZbB4n9-LNLQz2ow-zVdiUT3FOc_EKvT7_X6_3-_3-_3ejdngMRgMM492mxi7_JrNT3nUeA8GRSwRXKQTwcPsdphebonPs_FbxBKl6SKd6BV-tcPpFj7tbo3R5dYcHW6d3_UWPh12t9Tp1vldb83R6Vb73Rqjy605uuxuzcMtdDndOr_rLXy63BKH3y182n1ujdHlFjztPrfCbhea3maLWCI4XaQT0ct4uqj_qCGWq7liNZxLRsO5ZJUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28CsZi4_____3EAAABk5NADAACg3weUBQAAAAAAwG-gVYP9A1Ah1mq1ut1Yq9UC!&cmcv=&pix=undefined&cb=1689673327256&uv=3303&tms=1689673327256&abt=dupplfs1_vB!ll411_vB!nonrv_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=54b63375-7a97-4418-9bf4-4fed9a4d1d8a&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.0/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f8812c7f4caf660eb00f1d5301c8777f53df14ae2814cb43396eafa4e9398033

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-type: text/html;charset=ISO-8859-1
date: Tue, 18 Jul 2023 09:42:07 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-lis1490043-LIS
x-timer: S1689673327.290302,VS0,VE41

GET
H2 200 sync Show response
am-match.taboola.com/ Frame A888 422 B
517 B 295ms
91ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V8yisCLAaQ1u3p1ZvivhIgrdvTqzfFfS0AAABgYID-AEmNJrbNZrda6xbO3Vo0WgzXyonNtBbNXCbnwjRyjIwLIyCp0cS22exWa93CuVuLRovhWjmxmdaimcvkXJhGjpFxYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZtaDodPte9Xvf73SU-z1zj9yv8aofTLXza3Rqjy605Otw6v-stfDrsbqnTrfO73pqj0632uzVGl1tzdNndmodb6HK6dX7XW_h0uSUOv1v4tPvcGqPLLXjafW6F3S40vc12AAAAAPDg____HwIAAABABAAAAAAJAAAAABQCKvxbELgAAAAAgOH___9fA8AqBwN2ei5-uz8AAAAAgAAAAAAgAYCAflgCIMZ478T_________f4wB-swbGf____83DHoAPPgAeBACAAAANKQK7LozDyjbg0iBbBFGAAAAAIY98QWOTNIJKhZV_v__-60AXAEACEhEA7PuyqI7KPEWBgAAQGDMAj0sfr_ZYdf43S7z_________2_m_8w_GiGN-uE0wRKPXGp-AQEA1vwCAgCwUTcAAG8C4AQdglYMBqsTELMDAAAAcOf___9fD8gNBoPFbLaZWVyr3WpjG86cu9Vi5HB4fCvXYmPbHnbUj2ynayuPPhvCMvt9BwXl9PSYXQYZy2UyiA8ahuVkEMzPhC1Gq8lksxzOlovJYDgajkb7I4DLAZqIwXI5mSwmu9VoNdoMd6PZYIEEYjBBFC0aTFaj0WQxGa5Gk9VsudjtNoiiVavZaDMYrmaT2W63Gg6Gy9EITdhitJpMNsvhbLmYDIaj4Wg0RDAxHIyWE4txrXCsFm7RYrdZKzwbz1q2mKyck8XGNZuM3KLXx3Rx2FyelceLBAPq9iJ5WqQT0cpkMw4nk8XItPIshyPXcrQaTkye5Waz8K1cm4lYojlZpBPZZd8bDAaL2Wwzs7hWu9XGNpw5d6vFyOHw-Fauxca2bwwHo-XEYlwrHKuFW7TYbdYKz8azli0mK-dksXHNJiO36PUxXRw2l2fl8Tdmw-Vst9lMRvvGbLic7TabyWjfoTN8V5-zUVlWST4m8_Iz7nltToPCZbB4n9-LNLQz2ow-zVdiUT3FOc_EKvT7_X6_3-_3-_3ejdngMRgMM492mxi7_JrNT3nUeA8GRSwRXKQTwcPsdphebonPs_FbxBKl6SKd6BV-tcPpFj7tbo3R5dYcHW6d3_UWPh12t9Tp1vldb83R6Vb73Rqjy605uuxuzcMtdDndOr_rLXy63BKH3y182n1ujdHlFjztPrfCbhea3maLWCI4XaQT0ct4uqj_qCGWq7liNZxLRsO5ZJUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28CsZi4_____3EAAABk5NADAACg3weUBQAAAAAAwG-gVYP9A1Ah1mq1ut1Yq9UC!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.0/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: f8812c7f4caf660eb00f1d5301c8777f53df14ae2814cb43396eafa4e9398033

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Tue, 18 Jul 2023 09:42:07 GMT
machineid: 3408
server: nginx

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 2 KB
666 B 129ms
125ms XHR
application/json 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1689673327277&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1533&pt=95318218&tz=0&viewable=true&ddast=V8yisCLAaQ1u3p1ZvivhIgrdvTqzfFfS0AAABgYID-AEmNJrbNZrda6xbO3Vo0WgzXyonNtBbNXCbnwjRyjIwLIyCp0cS22exWa93CuVuLRovhWjmxmdaimcvkXJhGjpFxYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZtaDodPte9Xvf73SU-z1zj9yv8aofTLXza3Rqjy605Otw6v-stfDrsbqnTrfO73pqj0632uzVGl1tzdNndmodb6HK6dX7XW_h0uSUOv1v4tPvcGqPLLXjafW6F3S40vc12AAAAAPDg____HwIAAABABAAAAAAJAAAAABQCKvxbELgAAAAAgOH___9fA8AqBwN2ei5-uz8AAAAAgAAAAAAgAYCAflgCIMZ478T_________f4wB-swbGf____83DHoAPPgAeBACAAAANKQK7LozDyjbg0iBbBFGAAAAAIY98QWOTNIJKhZV_v__-60AXAEACEhEA7PuyqI7KPEWBgAAQGDMAj0sfr_ZYdf43S7z_________2_m_8w_GiGN-uE0wRKPXGp-AQEA1vwCAgCwUTcAAG8C4AQdglYMBqsTELMDAAAAcOf___9fD8gNBoPFbLaZWVyr3WpjG86cu9Vi5HB4fCvXYmPbHnbUj2ynayuPPhvCMvt9BwXl9PSYXQYZy2UyiA8ahuVkEMzPhC1Gq8lksxzOlovJYDgajkb7I4DLAZqIwXI5mSwmu9VoNdoMd6PZYIEEYjBBFC0aTFaj0WQxGa5Gk9VsudjtNoiiVavZaDMYrmaT2W63Gg6Gy9EITdhitJpMNsvhbLmYDIaj4Wg0RDAxHIyWE4txrXCsFm7RYrdZKzwbz1q2mKyck8XGNZuM3KLXx3Rx2FyelceLBAPq9iJ5WqQT0cpkMw4nk8XItPIshyPXcrQaTkye5Waz8K1cm4lYojlZpBPZZd8bDAaL2Wwzs7hWu9XGNpw5d6vFyOHw-Fauxca2bwwHo-XEYlwrHKuFW7TYbdYKz8azli0mK-dksXHNJiO36PUxXRw2l2fl8Tdmw-Vst9lMRvvGbLic7TabyWjfoTN8V5-zUVlWST4m8_Iz7nltToPCZbB4n9-LNLQz2ow-zVdiUT3FOc_EKvT7_X6_3-_3-_3ejdngMRgMM492mxi7_JrNT3nUeA8GRSwRXKQTwcPsdphebonPs_FbxBKl6SKd6BV-tcPpFj7tbo3R5dYcHW6d3_UWPh12t9Tp1vldb83R6Vb73Rqjy605uuxuzcMtdDndOr_rLXy63BKH3y182n1ujdHlFjztPrfCbhea3maLWCI4XaQT0ct4uqj_qCGWq7liNZxLRsO5ZJUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28CsZi4_____3EAAABk5NADAACg3weUBQAAAAAAwG-gVYP9A1Ah1mq1ut1Yq9UC!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=3262075&dpubid=583815&abtst=dupplfs1_vB!ll411_vB!nonrv_vA!ufm_vD&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.0/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 31a1c0d06015f78dbc83b2e0848a1e0a7eb2ed4060c6e85aebf4b622c24735b6

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Tue, 18 Jul 2023 09:42:07 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1406
x-cache: MISS
x-served-by: cache-lis1490043-LIS
pragma: no-cache
server: nginx
x-timer: S1689673327.308825,VS0,VE73
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 st
am-vid-events.taboola.com/ 0
44 B 291ms
90ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8yisCLAaQ1u3p1ZvivhIgrdvTqzfFfS0AAABgYID-AEmNJrbNZrda6xbO3Vo0WgzXyonNtBbNXCbnwjRyjIwLIyCp0cS22exWa93CuVuLRovhWjmxmdaimcvkXJhGjpFxYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZtaDodPte9Xvf73SU-z1zj9yv8aofTLXza3Rqjy605Otw6v-stfDrsbqnTrfO73pqj0632uzVGl1tzdNndmodb6HK6dX7XW_h0uSUOv1v4tPvcGqPLLXjafW6F3S40vc12AAAAAPDg____HwIAAABABAAAAAAJAAAAABQCKvxbELgAAAAAgOH___9fA8AqBwN2ei5-uz8AAAAAgAAAAAAgAYCAflgCIMZ478T_________f4wB-swbGf____83DHoAPPgAeBACAAAANKQK7LozDyjbg0iBbBFGAAAAAIY98QWOTNIJKhZV_v__-60AXAEACEhEA7PuyqI7KPEWBgAAQGDMAj0sfr_ZYdf43S7z_________2_m_8w_GiGN-uE0wRKPXGp-AQEA1vwCAgCwUTcAAG8C4AQdglYMBqsTELMDAAAAcOf___9fD8gNBoPFbLaZWVyr3WpjG86cu9Vi5HB4fCvXYmPbHnbUj2ynayuPPhvCMvt9BwXl9PSYXQYZy2UyiA8ahuVkEMzPhC1Gq8lksxzOlovJYDgajkb7I4DLAZqIwXI5mSwmu9VoNdoMd6PZYIEEYjBBFC0aTFaj0WQxGa5Gk9VsudjtNoiiVavZaDMYrmaT2W63Gg6Gy9EITdhitJpMNsvhbLmYDIaj4Wg0RDAxHIyWE4txrXCsFm7RYrdZKzwbz1q2mKyck8XGNZuM3KLXx3Rx2FyelceLBAPq9iJ5WqQT0cpkMw4nk8XItPIshyPXcrQaTkye5Waz8K1cm4lYojlZpBPZZd8bDAaL2Wwzs7hWu9XGNpw5d6vFyOHw-Fauxca2bwwHo-XEYlwrHKuFW7TYbdYKz8azli0mK-dksXHNJiO36PUxXRw2l2fl8Tdmw-Vst9lMRvvGbLic7TabyWjfoTN8V5-zUVlWST4m8_Iz7nltToPCZbB4n9-LNLQz2ow-zVdiUT3FOc_EKvT7_X6_3-_3-_3ejdngMRgMM492mxi7_JrNT3nUeA8GRSwRXKQTwcPsdphebonPs_FbxBKl6SKd6BV-tcPpFj7tbo3R5dYcHW6d3_UWPh12t9Tp1vldb83R6Vb73Rqjy605uuxuzcMtdDndOr_rLXy63BKH3y182n1ujdHlFjztPrfCbhea3maLWCI4XaQT0ct4uqj_qCGWq7liNZxLRsO5ZJUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28CsZi4_____3EAAABk5NADAACg3weUBQAAAAAAwG-gVYP9A1Ah1mq1ut1Yq9UC!&cmcv=&pix=31589837&cb=1689673327255&uv=3303&tms=1689673327255&abt=dupplfs1_vB!ll411_vB!nonrv_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1689673320755.8!ts:1689673327255&mntl=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:42:07 GMT
content-length: 0
server: nginx

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame D0BD 379 B
599 B 271ms
91ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307120102/show_ads_impl_fy2021.js?bust=31076133

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

c0288cc6634e8931c1e32db97d1b23ec27c9df5638610625d53ac04972bc16b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:42:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 247
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame D0BD 107 B
196 B 95ms
95ms Script
application/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307120102/show_ads_impl_fy2021.js?bust=31076133

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:42:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2

200

GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html Show response
adx.holmesmind.com/adx-file/20230617/ Frame 7408
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134176&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=168967...
https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html

459 B
870 B

250ms
88ms

Document
text/html

18.66.122.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307120102/show_ads_impl_fy2021.js?bust=31076133
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-127.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eae438576c20d429574bb39337c98179423e0ec301675c2ba564e15fd2e0ae0c

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 310
content-length: 459
content-type: text/html
date: Tue, 18 Jul 2023 09:42:08 GMT
etag: "b488597db51c4a25cc169c0690d8eea0"
last-modified: Sat, 17 Jun 2023 07:13:44 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
x-amz-cf-id: z8GVJMQjpjzS75I_Zkh6RFZxtLtavowhcZJhC3xic04U3wreZxyZ2g==
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
x-amz-version-id: YJSjBgr7qtGU8YTUZxdm49TPP59hJ0a5
x-cache: Hit from cloudfront

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jul 2023 09:42:08 GMT
location: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame D0BD 15 KB
12 KB 132ms
132ms XHR
application/json 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230713&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307120102/show_ads_impl_fy2021.js?bust=31076133

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

60df759810846b32f0ec6e3a502130ea2618b3673e1bbb3de4f6cb867d974c3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:42:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11878
x-xss-protection: 0

GET
H2 200 pixel;r=760340210;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html;uh=e51ed67dfb8d91dc24b15e2ace0c3...
pixel.quantserve.com/ 35 B
372 B 95ms
92ms Image
image/gif 91.228.74.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=760340210;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-13850394-1689673325806;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;ref=;d=bg3.co;dst=0;et=1689673327362;tzo=0;ogl=;ses=7f32d532-313d-4170-8b8e-7882c2c941e9;mdl=

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/mai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.159 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jul 2023 09:42:07 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame A3DE 0
239 B 359ms
91ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

POST
H2 204 collect
www.google-analytics.com/g/ 0
251 B 274ms
89ms Ping
text/plain 142.250.185.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?__read_this=https%3A%2F%2Fbit.ly%2Fofficial-ga4&v=2&tid=G-JLX4K2W8JS&ds=AMP&_p=1873&cid=amp-lxp_UTgOnmKoHP4JZNPyVg&ul=en-us&sr=1600x1200&_s=1&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html&dr=&dt=%E8%B2%B7%E6%96%B0%E8%BB%8A%E3%80%8C%E6%AE%BA%E7%8B%97%E7%8D%BB%E7%A5%AD%E3%80%8D%E3%80%80%E7%8B%97%E5%B1%8D%E6%8A%B9%E8%BB%8A%E8%BA%AB%E3%80%8C%E7%81%91%E9%BB%91%E7%8B%97%E8%A1%80%E3%80%8D%E4%BF%9D%E8%A1%8C%E8%BB%8A%E5%B9%B3%E5%AE%89%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&_fv=1&_ss=1&__dbg=1&__nuid=&en=page_view&sid=1689673327&sct=1&seg=1&_et=2000&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012306301917000/v0/amp-analytics-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s52-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 18 Jul 2023 09:42:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
251 B 242ms
87ms Ping
text/plain 108.177.15.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-JLX4K2W8JS&cid=amp-lxp_UTgOnmKoHP4JZNPyVg&aip=1&sid=1689673327&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012306301917000/v0/amp-analytics-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.177.15.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: wr-in-f155.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 18 Jul 2023 09:42:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 239 KB
82 KB 100ms
98ms Script
application/javascript 142.250.185.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

3d4238cf67c7de99232ebec7c1be094ddccfc643f47655059875422c5d70520b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:42:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83997
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 18 Jul 2023 09:42:07 GMT

POST
H2 202 logs Show response
http-intake.logs.datadoghq.com/api/v2/ 2 B
252 B 190ms
189ms Fetch
application/json 3.233.145.251
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.233.145.251 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-233-145-251.compute-1.amazonaws.com

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 18 Jul 2023 09:42:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 2

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 8131 70 B
264 B 383ms
116ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8yisCLAaQ1u3p1ZvivhIgrdvTqzfFfS0AAABgYID-AEmNJrbNZrda6xbO3Vo0WgzXyonNtBbNXCbnwjRyjIwLIyCp0cS22exWa93CuVuLRovhWjmxmdaimcvkXJhGjpFxYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZtaDodPte9Xvf73SU-z1zj9yv8aofTLXza3Rqjy605Otw6v-stfDrsbqnTrfO73pqj0632uzVGl1tzdNndmodb6HK6dX7XW_h0uSUOv1v4tPvcGqPLLXjafW6F3S40vc12AAAAAPDg____HwIAAABABAAAAAAJAAAAABQCKvxbELgAAAAAgOH___9fA8AqBwN2ei5-uz8AAAAAgAAAAAAgAYCAflgCIMZ478T_________f4wB-swbGf____83DHoAPPgAeBACAAAANKQK7LozDyjbg0iBbBFGAAAAAIY98QWOTNIJKhZV_v__-60AXAEACEhEA7PuyqI7KPEWBgAAQGDMAj0sfr_ZYdf43S7z_________2_m_8w_GiGN-uE0wRKPXGp-AQEA1vwCAgCwUTcAAG8C4AQdglYMBqsTELMDAAAAcOf___9fD8gNBoPFbLaZWVyr3WpjG86cu9Vi5HB4fCvXYmPbHnbUj2ynayuPPhvCMvt9BwXl9PSYXQYZy2UyiA8ahuVkEMzPhC1Gq8lksxzOlovJYDgajkb7I4DLAZqIwXI5mSwmu9VoNdoMd6PZYIEEYjBBFC0aTFaj0WQxGa5Gk9VsudjtNoiiVavZaDMYrmaT2W63Gg6Gy9EITdhitJpMNsvhbLmYDIaj4Wg0RDAxHIyWE4txrXCsFm7RYrdZKzwbz1q2mKyck8XGNZuM3KLXx3Rx2FyelceLBAPq9iJ5WqQT0cpkMw4nk8XItPIshyPXcrQaTkye5Waz8K1cm4lYojlZpBPZZd8bDAaL2Wwzs7hWu9XGNpw5d6vFyOHw-Fauxca2bwwHo-XEYlwrHKuFW7TYbdYKz8azli0mK-dksXHNJiO36PUxXRw2l2fl8Tdmw-Vst9lMRvvGbLic7TabyWjfoTN8V5-zUVlWST4m8_Iz7nltToPCZbB4n9-LNLQz2ow-zVdiUT3FOc_EKvT7_X6_3-_3-_3ejdngMRgMM492mxi7_JrNT3nUeA8GRSwRXKQTwcPsdphebonPs_FbxBKl6SKd6BV-tcPpFj7tbo3R5dYcHW6d3_UWPh12t9Tp1vldb83R6Vb73Rqjy605uuxuzcMtdDndOr_rLXy63BKH3y182n1ujdHlFjztPrfCbhea3maLWCI4XaQT0ct4uqj_qCGWq7liNZxLRsO5ZJUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28CsZi4_____3EAAABk5NADAACg3weUBQAAAAAAwG-gVYP9A1Ah1mq1ut1Yq9UC!&cmcv=&pix=undefined&cb=1689673327256&uv=3303&tms=1689673327256&abt=dupplfs1_vB!ll411_vB!nonrv_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=54b63375-7a97-4418-9bf4-4fed9a4d1d8a&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 18 Jul 2023 09:42:07 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 18049bb8-a15a-4173-a3c3-612e921c562d-tuctbafe3ec
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 8131 43 B
426 B 288ms
93ms Image
image/gif 34.241.131.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/18049bb8-a15a-4173-a3c3-612e921c562d-tuctbafe3ec?gdpr=1&us_privacy=1---

Requested by

Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8yisCLAaQ1u3p1ZvivhIgrdvTqzfFfS0AAABgYID-AEmNJrbNZrda6xbO3Vo0WgzXyonNtBbNXCbnwjRyjIwLIyCp0cS22exWa93CuVuLRovhWjmxmdaimcvkXJhGjpFxYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZtaDodPte9Xvf73SU-z1zj9yv8aofTLXza3Rqjy605Otw6v-stfDrsbqnTrfO73pqj0632uzVGl1tzdNndmodb6HK6dX7XW_h0uSUOv1v4tPvcGqPLLXjafW6F3S40vc12AAAAAPDg____HwIAAABABAAAAAAJAAAAABQCKvxbELgAAAAAgOH___9fA8AqBwN2ei5-uz8AAAAAgAAAAAAgAYCAflgCIMZ478T_________f4wB-swbGf____83DHoAPPgAeBACAAAANKQK7LozDyjbg0iBbBFGAAAAAIY98QWOTNIJKhZV_v__-60AXAEACEhEA7PuyqI7KPEWBgAAQGDMAj0sfr_ZYdf43S7z_________2_m_8w_GiGN-uE0wRKPXGp-AQEA1vwCAgCwUTcAAG8C4AQdglYMBqsTELMDAAAAcOf___9fD8gNBoPFbLaZWVyr3WpjG86cu9Vi5HB4fCvXYmPbHnbUj2ynayuPPhvCMvt9BwXl9PSYXQYZy2UyiA8ahuVkEMzPhC1Gq8lksxzOlovJYDgajkb7I4DLAZqIwXI5mSwmu9VoNdoMd6PZYIEEYjBBFC0aTFaj0WQxGa5Gk9VsudjtNoiiVavZaDMYrmaT2W63Gg6Gy9EITdhitJpMNsvhbLmYDIaj4Wg0RDAxHIyWE4txrXCsFm7RYrdZKzwbz1q2mKyck8XGNZuM3KLXx3Rx2FyelceLBAPq9iJ5WqQT0cpkMw4nk8XItPIshyPXcrQaTkye5Waz8K1cm4lYojlZpBPZZd8bDAaL2Wwzs7hWu9XGNpw5d6vFyOHw-Fauxca2bwwHo-XEYlwrHKuFW7TYbdYKz8azli0mK-dksXHNJiO36PUxXRw2l2fl8Tdmw-Vst9lMRvvGbLic7TabyWjfoTN8V5-zUVlWST4m8_Iz7nltToPCZbB4n9-LNLQz2ow-zVdiUT3FOc_EKvT7_X6_3-_3-_3ejdngMRgMM492mxi7_JrNT3nUeA8GRSwRXKQTwcPsdphebonPs_FbxBKl6SKd6BV-tcPpFj7tbo3R5dYcHW6d3_UWPh12t9Tp1vldb83R6Vb73Rqjy605uuxuzcMtdDndOr_rLXy63BKH3y182n1ujdHlFjztPrfCbhea3maLWCI4XaQT0ct4uqj_qCGWq7liNZxLRsO5ZJUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28CsZi4_____3EAAABk5NADAACg3weUBQAAAAAAwG-gVYP9A1Ah1mq1ut1Yq9UC!&cmcv=&pix=undefined&cb=1689673327256&uv=3303&tms=1689673327256&abt=dupplfs1_vB!ll411_vB!nonrv_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=54b63375-7a97-4418-9bf4-4fed9a4d1d8a&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.241.131.206 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-241-131-206.eu-west-1.compute.amazonaws.com

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:42:07 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 200 sync
x.bidswitch.net/ Frame 8131 43 B
146 B 280ms
86ms Image
image/gif 54.93.152.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8yisCLAaQ1u3p1ZvivhIgrdvTqzfFfS0AAABgYID-AEmNJrbNZrda6xbO3Vo0WgzXyonNtBbNXCbnwjRyjIwLIyCp0cS22exWa93CuVuLRovhWjmxmdaimcvkXJhGjpFxYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZtaDodPte9Xvf73SU-z1zj9yv8aofTLXza3Rqjy605Otw6v-stfDrsbqnTrfO73pqj0632uzVGl1tzdNndmodb6HK6dX7XW_h0uSUOv1v4tPvcGqPLLXjafW6F3S40vc12AAAAAPDg____HwIAAABABAAAAAAJAAAAABQCKvxbELgAAAAAgOH___9fA8AqBwN2ei5-uz8AAAAAgAAAAAAgAYCAflgCIMZ478T_________f4wB-swbGf____83DHoAPPgAeBACAAAANKQK7LozDyjbg0iBbBFGAAAAAIY98QWOTNIJKhZV_v__-60AXAEACEhEA7PuyqI7KPEWBgAAQGDMAj0sfr_ZYdf43S7z_________2_m_8w_GiGN-uE0wRKPXGp-AQEA1vwCAgCwUTcAAG8C4AQdglYMBqsTELMDAAAAcOf___9fD8gNBoPFbLaZWVyr3WpjG86cu9Vi5HB4fCvXYmPbHnbUj2ynayuPPhvCMvt9BwXl9PSYXQYZy2UyiA8ahuVkEMzPhC1Gq8lksxzOlovJYDgajkb7I4DLAZqIwXI5mSwmu9VoNdoMd6PZYIEEYjBBFC0aTFaj0WQxGa5Gk9VsudjtNoiiVavZaDMYrmaT2W63Gg6Gy9EITdhitJpMNsvhbLmYDIaj4Wg0RDAxHIyWE4txrXCsFm7RYrdZKzwbz1q2mKyck8XGNZuM3KLXx3Rx2FyelceLBAPq9iJ5WqQT0cpkMw4nk8XItPIshyPXcrQaTkye5Waz8K1cm4lYojlZpBPZZd8bDAaL2Wwzs7hWu9XGNpw5d6vFyOHw-Fauxca2bwwHo-XEYlwrHKuFW7TYbdYKz8azli0mK-dksXHNJiO36PUxXRw2l2fl8Tdmw-Vst9lMRvvGbLic7TabyWjfoTN8V5-zUVlWST4m8_Iz7nltToPCZbB4n9-LNLQz2ow-zVdiUT3FOc_EKvT7_X6_3-_3-_3ejdngMRgMM492mxi7_JrNT3nUeA8GRSwRXKQTwcPsdphebonPs_FbxBKl6SKd6BV-tcPpFj7tbo3R5dYcHW6d3_UWPh12t9Tp1vldb83R6Vb73Rqjy605uuxuzcMtdDndOr_rLXy63BKH3y182n1ujdHlFjztPrfCbhea3maLWCI4XaQT0ct4uqj_qCGWq7liNZxLRsO5ZJUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28CsZi4_____3EAAABk5NADAACg3weUBQAAAAAAwG-gVYP9A1Ah1mq1ut1Yq9UC!&cmcv=&pix=undefined&cb=1689673327256&uv=3303&tms=1689673327256&abt=dupplfs1_vB!ll411_vB!nonrv_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=54b63375-7a97-4418-9bf4-4fed9a4d1d8a&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.93.152.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-93-152-109.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:42:07 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 7485 379 B
317 B 89ms
88ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307130102/show_ads_impl_fy2021.js?bust=31076134

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

9153ee7b70130ab16562030738889cf8229edf0a38a7cdeca3c45ce1c63ff558

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:42:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 248
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 7485 107 B
122 B 92ms
91ms Script
application/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307130102/show_ads_impl_fy2021.js?bust=31076134

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:42:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2

200

GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html Show response
adx.holmesmind.com/adx-file/20230617/ Frame D21B
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134179&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=168967...
https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html

459 B
871 B

295ms
87ms

Document
text/html

18.66.122.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307130102/show_ads_impl_fy2021.js?bust=31076134
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-127.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eae438576c20d429574bb39337c98179423e0ec301675c2ba564e15fd2e0ae0c

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 310
content-length: 459
content-type: text/html
date: Tue, 18 Jul 2023 09:42:08 GMT
etag: "b488597db51c4a25cc169c0690d8eea0"
last-modified: Sat, 17 Jun 2023 07:13:44 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
x-amz-cf-id: 6cGjG2mkwGyBQhlNNdUeYVM-KUZgWNzM7TFbi048SMBPskuCGdhoLw==
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
x-amz-version-id: YJSjBgr7qtGU8YTUZxdm49TPP59hJ0a5
x-cache: Hit from cloudfront

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jul 2023 09:42:07 GMT
location: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 7485 15 KB
12 KB 158ms
157ms XHR
application/json 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230713&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307130102/show_ads_impl_fy2021.js?bust=31076134

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

4cd122d5d5fd1d51de4b006bb6a25db3e9002146289dc8ffe2d56f313508e82a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:42:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11932
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame F107 492 B
265 B 168ms
162ms XHR
text/plain 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2452838901357345&correlator=398692391963677&output=ldjh&gdfp_req=1&vrg=202307110101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1689673327538&lmt=1644386353&dlt=1689673324238&idt=2754&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=qt8owcbvto66&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=147063547.1689673328&ga_sid=1689673328&ga_hid=1252011807&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

f63cd5b08dc57ade5c364b9487df44c395945f72963cd4f36f6d50bbf969e21c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:42:07 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 234
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cdn.aralego.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame F107 15 KB
12 KB 136ms
135ms XHR
application/json 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307110101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

09a0b785293fb6455314ac00ab81bfecc39c435f37b5653dcf93a612edb3c93e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:42:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11833
x-xss-protection: 0

GET
H2 200 container.html Show response
1d7b474b70eb67bcb6923a03ca70b886.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 635D 6 KB
3 KB 106ms
89ms Document
text/html 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1d7b474b70eb67bcb6923a03ca70b886.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jul 2023 09:42:07 GMT
expires: Wed, 17 Jul 2024 09:42:07 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cmTagFEED_MANAGER.js Show response
vidstat.taboola.com/vpaid/units/33_0_3/infra/ 889 KB
148 KB 148ms
47ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/33_0_3/infra/cmTagFEED_MANAGER.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.0/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 63ba84abe31d88779e7453e08095a9255e91d4550ae230bb3756acd66c4a3439

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime: 1689582562
date: Tue, 18 Jul 2023 09:42:07 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: GDPMMYTZEZNEEGPE
age: 90645
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1689582563
x-amz-meta-mode: 33188
content-length: 150866
x-amz-id-2: BBwU1koKvBmwZQ1LP/znvzDOZAX+PIJA5ZgfsCrklwVGXI80Qw3sJhKvUDzPHy8zTyw+QUK8A6g=
x-served-by: cache-lis1490055-LIS
last-modified: Mon, 17 Jul 2023 08:29:24 GMT
server: AmazonS3-br
x-timer: S1689673328.712804,VS0,VE0
etag: "2edf353f4a8a2eb5f96a10da1ddee65b"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 5423

GET
H2 200 cmOsUnit.css
vidstat.taboola.com/vpaid/units/33_0_3/assets/css/ 61 KB
8 KB 47ms
46ms Stylesheet
text/css 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/33_0_3/assets/css/cmOsUnit.css
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.0/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: a278d9459c8a7c717423ad4989df1b5097095b847a9c1a4549d1cd5dac3aca15

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime: 1689582581
date: Tue, 18 Jul 2023 09:42:07 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: X2P8VRK1GF2WFE10
age: 90647
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1689582582
x-amz-meta-mode: 33188
content-length: 7934
x-amz-id-2: HvE7Utzf2CIl8fKV4jJfuBxXRj2/KUKtc6MdqN5Kl5Puz0MwlwOhNo9GaCXY4i23lEnBNgIk03E=
x-served-by: cache-lis1490043-LIS
last-modified: Mon, 17 Jul 2023 08:29:43 GMT
server: AmazonS3-br
x-timer: S1689673328.619982,VS0,VE0
etag: "7d5846b7fa6c83e210775caa76d96cb7"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 5479

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame A3DE 0
214 B 86ms
85ms Image
text/plain 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=25470
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: c1913d0f161dfd12bb229b87994a2d1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame A3DE
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t

43 B
855 B

155ms
153ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 18 Jul 2023 09:42:08 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 7AR6QTGNSGXYSF956NSJ
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 18 Jul 2023 09:42:08 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: W54YSPP4YF9PATYV7S2Q
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame A3DE
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=0cACu0uDTP6Tk6c3WxtNcA&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=0cACu0uDTP6Tk6c3WxtNcA

43 B
479 B

103ms
103ms

Image
image/gif

52.95.115.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=0cACu0uDTP6Tk6c3WxtNcA

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix

Protocol

HTTP/1.1

Server

52.95.115.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 18 Jul 2023 09:42:09 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: G6MY2ZEN9MWVM8CVY7FS
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=0cACu0uDTP6Tk6c3WxtNcA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame A3DE
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=

170 B
409 B

297ms
89ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jul 2023 09:42:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame A3DE
Redirect Chain

https://match.adsby.bidtheatre.com/rubiconmatch
https://pixel.rubiconproject.com/tap.php?v=17039&nid=2650&days=30&gdpr=&gdpr_consent=&put=913a00ac-e2b0-44a5-be70-3cbcb3d20dde

0
239 B

125ms
93ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=17039&nid=2650&days=30&gdpr=&gdpr_consent=&put=913a00ac-e2b0-44a5-be70-3cbcb3d20dde
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location: https://pixel.rubiconproject.com/tap.php?v=17039&nid=2650&days=30&gdpr=&gdpr_consent=&put=913a00ac-e2b0-44a5-be70-3cbcb3d20dde
Date: Tue, 18 Jul 2023 09:42:07 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame A3DE
Redirect Chain

https://rubiconcm.digitaleast.mobi/usersync/rubicon.gif
https://pixel.rubiconproject.com/tap.php?v=600424&nid=5498&put=df3b4ae9-b574-4062-8115-f29b7228ffcf

0
239 B

126ms
90ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=600424&nid=5498&put=df3b4ae9-b574-4062-8115-f29b7228ffcf
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location: https://pixel.rubiconproject.com/tap.php?v=600424&nid=5498&put=df3b4ae9-b574-4062-8115-f29b7228ffcf
date: Tue, 18 Jul 2023 09:42:07 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 130
content-type: text/html; charset=utf-8

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame A3DE 0
239 B 226ms
94ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=12776
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame A3DE
Redirect Chain

https://p.rfihub.com/cm?in=1&pub=64
https://pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=5142336724221632517&expires=30

0
239 B

94ms
94ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=5142336724221632517&expires=30
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location: https://pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=5142336724221632517&expires=30
Date: Tue, 18 Jul 2023 09:42:07 GMT
Server: Jetty(9.4.51.v20230217)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame A888 70 B
265 B 252ms
115ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8yisCLAaQ1u3p1ZvivhIgrdvTqzfFfS0AAABgYID-AEmNJrbNZrda6xbO3Vo0WgzXyonNtBbNXCbnwjRyjIwLIyCp0cS22exWa93CuVuLRovhWjmxmdaimcvkXJhGjpFxYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZtaDodPte9Xvf73SU-z1zj9yv8aofTLXza3Rqjy605Otw6v-stfDrsbqnTrfO73pqj0632uzVGl1tzdNndmodb6HK6dX7XW_h0uSUOv1v4tPvcGqPLLXjafW6F3S40vc12AAAAAPDg____HwIAAABABAAAAAAJAAAAABQCKvxbELgAAAAAgOH___9fA8AqBwN2ei5-uz8AAAAAgAAAAAAgAYCAflgCIMZ478T_________f4wB-swbGf____83DHoAPPgAeBACAAAANKQK7LozDyjbg0iBbBFGAAAAAIY98QWOTNIJKhZV_v__-60AXAEACEhEA7PuyqI7KPEWBgAAQGDMAj0sfr_ZYdf43S7z_________2_m_8w_GiGN-uE0wRKPXGp-AQEA1vwCAgCwUTcAAG8C4AQdglYMBqsTELMDAAAAcOf___9fD8gNBoPFbLaZWVyr3WpjG86cu9Vi5HB4fCvXYmPbHnbUj2ynayuPPhvCMvt9BwXl9PSYXQYZy2UyiA8ahuVkEMzPhC1Gq8lksxzOlovJYDgajkb7I4DLAZqIwXI5mSwmu9VoNdoMd6PZYIEEYjBBFC0aTFaj0WQxGa5Gk9VsudjtNoiiVavZaDMYrmaT2W63Gg6Gy9EITdhitJpMNsvhbLmYDIaj4Wg0RDAxHIyWE4txrXCsFm7RYrdZKzwbz1q2mKyck8XGNZuM3KLXx3Rx2FyelceLBAPq9iJ5WqQT0cpkMw4nk8XItPIshyPXcrQaTkye5Waz8K1cm4lYojlZpBPZZd8bDAaL2Wwzs7hWu9XGNpw5d6vFyOHw-Fauxca2bwwHo-XEYlwrHKuFW7TYbdYKz8azli0mK-dksXHNJiO36PUxXRw2l2fl8Tdmw-Vst9lMRvvGbLic7TabyWjfoTN8V5-zUVlWST4m8_Iz7nltToPCZbB4n9-LNLQz2ow-zVdiUT3FOc_EKvT7_X6_3-_3-_3ejdngMRgMM492mxi7_JrNT3nUeA8GRSwRXKQTwcPsdphebonPs_FbxBKl6SKd6BV-tcPpFj7tbo3R5dYcHW6d3_UWPh12t9Tp1vldb83R6Vb73Rqjy605uuxuzcMtdDndOr_rLXy63BKH3y182n1ujdHlFjztPrfCbhea3maLWCI4XaQT0ct4uqj_qCGWq7liNZxLRsO5ZJUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28CsZi4_____3EAAABk5NADAACg3weUBQAAAAAAwG-gVYP9A1Ah1mq1ut1Yq9UC!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 18 Jul 2023 09:42:07 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 18049bb8-a15a-4173-a3c3-612e921c562d-tuctbafe3ec
pr-bh.ybp.yahoo.com/sync/taboola/ Frame A888 43 B
425 B 160ms
95ms Image
image/gif 34.241.131.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/18049bb8-a15a-4173-a3c3-612e921c562d-tuctbafe3ec?gdpr=1&us_privacy=1---

Requested by

Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8yisCLAaQ1u3p1ZvivhIgrdvTqzfFfS0AAABgYID-AEmNJrbNZrda6xbO3Vo0WgzXyonNtBbNXCbnwjRyjIwLIyCp0cS22exWa93CuVuLRovhWjmxmdaimcvkXJhGjpFxYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZtaDodPte9Xvf73SU-z1zj9yv8aofTLXza3Rqjy605Otw6v-stfDrsbqnTrfO73pqj0632uzVGl1tzdNndmodb6HK6dX7XW_h0uSUOv1v4tPvcGqPLLXjafW6F3S40vc12AAAAAPDg____HwIAAABABAAAAAAJAAAAABQCKvxbELgAAAAAgOH___9fA8AqBwN2ei5-uz8AAAAAgAAAAAAgAYCAflgCIMZ478T_________f4wB-swbGf____83DHoAPPgAeBACAAAANKQK7LozDyjbg0iBbBFGAAAAAIY98QWOTNIJKhZV_v__-60AXAEACEhEA7PuyqI7KPEWBgAAQGDMAj0sfr_ZYdf43S7z_________2_m_8w_GiGN-uE0wRKPXGp-AQEA1vwCAgCwUTcAAG8C4AQdglYMBqsTELMDAAAAcOf___9fD8gNBoPFbLaZWVyr3WpjG86cu9Vi5HB4fCvXYmPbHnbUj2ynayuPPhvCMvt9BwXl9PSYXQYZy2UyiA8ahuVkEMzPhC1Gq8lksxzOlovJYDgajkb7I4DLAZqIwXI5mSwmu9VoNdoMd6PZYIEEYjBBFC0aTFaj0WQxGa5Gk9VsudjtNoiiVavZaDMYrmaT2W63Gg6Gy9EITdhitJpMNsvhbLmYDIaj4Wg0RDAxHIyWE4txrXCsFm7RYrdZKzwbz1q2mKyck8XGNZuM3KLXx3Rx2FyelceLBAPq9iJ5WqQT0cpkMw4nk8XItPIshyPXcrQaTkye5Waz8K1cm4lYojlZpBPZZd8bDAaL2Wwzs7hWu9XGNpw5d6vFyOHw-Fauxca2bwwHo-XEYlwrHKuFW7TYbdYKz8azli0mK-dksXHNJiO36PUxXRw2l2fl8Tdmw-Vst9lMRvvGbLic7TabyWjfoTN8V5-zUVlWST4m8_Iz7nltToPCZbB4n9-LNLQz2ow-zVdiUT3FOc_EKvT7_X6_3-_3-_3ejdngMRgMM492mxi7_JrNT3nUeA8GRSwRXKQTwcPsdphebonPs_FbxBKl6SKd6BV-tcPpFj7tbo3R5dYcHW6d3_UWPh12t9Tp1vldb83R6Vb73Rqjy605uuxuzcMtdDndOr_rLXy63BKH3y182n1ujdHlFjztPrfCbhea3maLWCI4XaQT0ct4uqj_qCGWq7liNZxLRsO5ZJUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28CsZi4_____3EAAABk5NADAACg3weUBQAAAAAAwG-gVYP9A1Ah1mq1ut1Yq9UC!&excid=22&docw=0&cijs=1&nlb=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.241.131.206 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-241-131-206.eu-west-1.compute.amazonaws.com

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:42:07 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 200 sync
x.bidswitch.net/ Frame A888 43 B
145 B 87ms
86ms Image
image/gif 54.93.152.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8yisCLAaQ1u3p1ZvivhIgrdvTqzfFfS0AAABgYID-AEmNJrbNZrda6xbO3Vo0WgzXyonNtBbNXCbnwjRyjIwLIyCp0cS22exWa93CuVuLRovhWjmxmdaimcvkXJhGjpFxYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZtaDodPte9Xvf73SU-z1zj9yv8aofTLXza3Rqjy605Otw6v-stfDrsbqnTrfO73pqj0632uzVGl1tzdNndmodb6HK6dX7XW_h0uSUOv1v4tPvcGqPLLXjafW6F3S40vc12AAAAAPDg____HwIAAABABAAAAAAJAAAAABQCKvxbELgAAAAAgOH___9fA8AqBwN2ei5-uz8AAAAAgAAAAAAgAYCAflgCIMZ478T_________f4wB-swbGf____83DHoAPPgAeBACAAAANKQK7LozDyjbg0iBbBFGAAAAAIY98QWOTNIJKhZV_v__-60AXAEACEhEA7PuyqI7KPEWBgAAQGDMAj0sfr_ZYdf43S7z_________2_m_8w_GiGN-uE0wRKPXGp-AQEA1vwCAgCwUTcAAG8C4AQdglYMBqsTELMDAAAAcOf___9fD8gNBoPFbLaZWVyr3WpjG86cu9Vi5HB4fCvXYmPbHnbUj2ynayuPPhvCMvt9BwXl9PSYXQYZy2UyiA8ahuVkEMzPhC1Gq8lksxzOlovJYDgajkb7I4DLAZqIwXI5mSwmu9VoNdoMd6PZYIEEYjBBFC0aTFaj0WQxGa5Gk9VsudjtNoiiVavZaDMYrmaT2W63Gg6Gy9EITdhitJpMNsvhbLmYDIaj4Wg0RDAxHIyWE4txrXCsFm7RYrdZKzwbz1q2mKyck8XGNZuM3KLXx3Rx2FyelceLBAPq9iJ5WqQT0cpkMw4nk8XItPIshyPXcrQaTkye5Waz8K1cm4lYojlZpBPZZd8bDAaL2Wwzs7hWu9XGNpw5d6vFyOHw-Fauxca2bwwHo-XEYlwrHKuFW7TYbdYKz8azli0mK-dksXHNJiO36PUxXRw2l2fl8Tdmw-Vst9lMRvvGbLic7TabyWjfoTN8V5-zUVlWST4m8_Iz7nltToPCZbB4n9-LNLQz2ow-zVdiUT3FOc_EKvT7_X6_3-_3-_3ejdngMRgMM492mxi7_JrNT3nUeA8GRSwRXKQTwcPsdphebonPs_FbxBKl6SKd6BV-tcPpFj7tbo3R5dYcHW6d3_UWPh12t9Tp1vldb83R6Vb73Rqjy605uuxuzcMtdDndOr_rLXy63BKH3y182n1ujdHlFjztPrfCbhea3maLWCI4XaQT0ct4uqj_qCGWq7liNZxLRsO5ZJUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28CsZi4_____3EAAABk5NADAACg3weUBQAAAAAAwG-gVYP9A1Ah1mq1ut1Yq9UC!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.93.152.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-93-152-109.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:42:07 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9E57 603 B
367 B 479ms
478ms Document
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-7644626061899591488&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=3576&oid=2&is_amp=5&amp_v=2306301917000&d_imp=1&c=4001873&ga_cid=amp-lxp_UTgOnmKoHP4JZNPyVg&ga_hid=1873&dt=1689673325116&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html&bdt=2919&dtd=993&__amp_source_origin=https%3A%2F%2Fwww.bg3.co

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012306301917000/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jul 2023 09:42:08 GMT
expires: Tue, 18 Jul 2023 09:42:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame DEB0 17 KB
7 KB 294ms
95ms Script
text/javascript 172.217.23.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307120101/pubads_impl.js?cb=31076056

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:42:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 18 Jul 2023 09:42:07 GMT

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
743 B 50ms
49ms Image
image/png 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date: Tue, 18 Jul 2023 09:42:07 GMT
via: 1.1 varnish
x-amz-request-id: 4T9HD5F03CQKWW5F
age: 19165
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: lSoEvzXhqJLoKpvfWFl7Ah/8uMlGPX5JSuu1fj0iX8SuZTcXX+ikn4ChNiw6KH21t9pdaNS54d4=
x-served-by: cache-lis1490043-LIS
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1689673328.803134,VS0,VE0
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
content-type: image/png
abp: 48
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 1741

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame D0BD 17 KB
6 KB 217ms
160ms Script
text/javascript 172.217.23.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307120102/show_ads_impl_fy2021.js?bust=31076133

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:42:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 18 Jul 2023 09:42:07 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 7485 17 KB
6 KB 207ms
161ms Script
text/javascript 172.217.23.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307130102/show_ads_impl_fy2021.js?bust=31076134

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:42:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 18 Jul 2023 09:42:07 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame F107 17 KB
6 KB 129ms
102ms Script
text/javascript 172.217.23.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:42:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 18 Jul 2023 09:42:07 GMT

GET
H2 200 / Show response
pips.taboola.com/ 4 B
96 B 80ms
64ms XHR
text/plain 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by: cache-lis1490055-LIS
date: Tue, 18 Jul 2023 09:42:07 GMT
via: 1.1 varnish
server: Varnish
access-control-allow-methods: GET
x-cache: HIT
access-control-allow-origin: https://www.bg3.co
cache-control: no-store
accept-ranges: bytes
content-length: 4
retry-after: 0
x-cache-hits: 0

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
158 B 97ms
95ms Image
image/gif 142.250.185.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=%E8%B2%B7%E6%96%B0%E8%BB%8A%E3%80%8C%E6%AE%BA%E7%8B%97%E7%8D%BB%E7%A5%AD%E3%80%8D%E3%80%80%E7%8B%97%E5%B1%8D%E6%8A%B9%E8%BB%8A%E8%BA%AB%E3%80%8C%E7%81%91%E9%BB%91%E7%8B%97%E8%A1%80%E3%80%8D%E4%BF%9D%E8%A1%8C%E8%BB%8A%E5%B9%B3%E5%AE%89%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-lxp_UTgOnmKoHP4JZNPyVg&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.7262297824379105&gjid=0.18481653312112756&_r=1&a=1873&z=0.9107765553398979&gtm=45De1110

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/mai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jul 2023 09:42:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 5bd1b2035631f99bd2edfaadf243afd6.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 12 KB
13 KB 98ms
47ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5bd1b2035631f99bd2edfaadf243afd6.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3b0dc1f1f3d6e6edd3a8200f35354f0103c0d01c443ab469ea8a05d8e9755f98

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Tue, 18 Jul 2023 09:42:07 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5bd1b2035631f99bd2edfaadf243afd6.jpg
age: 257742
edge-cache-tag: 356312433787861980264249462799846831266,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 356312433787861980264249462799846831266,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 627
req-referer: https://www.bassitassi.com/mutuo-liquidita-ecco-struttura-e-funzionamento/43567/
content-length: 12566
x-request-id: 9e69cfd5dde37fc4a0a8d024c0a32432
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kcgs7200161-IAD, cache-iad-kiad7000052-IAD, cache-lax10674-LGB, cache-iad-kcgs7200032-IAD, cache-lis1490043-LIS
last-modified: Fri, 14 Jul 2023 12:10:09 GMT
server: nginx
x-timer: S1689673328.980421,VS0,VE1
etag: "bb78cbab5d427081a2d3b137916d796c"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 4, 1

GET
H2 200 8b924ef7b726e783b20b4076e78c62d2.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 6 KB
7 KB 108ms
58ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8b924ef7b726e783b20b4076e78c62d2.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: cf90fafe87467629de54d30ad2a7aa91d751f4aa2e734d20c0f4d5211455fcba

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Tue, 18 Jul 2023 09:42:07 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8b924ef7b726e783b20b4076e78c62d2.png
age: 1282408
edge-cache-tag: 628131638865840138074933382416259481994,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 628131638865840138074933382416259481994,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 195
expiration: expiry-date="Fri, 07 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.jnportugal.com/
content-length: 6196
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kcgs7200050-IAD, cache-iad-kiad7000029-IAD, cache-sna10730-LGB, cache-iad-kiad7000025-IAD, cache-lis1490043-LIS
last-modified: Tue, 06 Jun 2023 15:55:33 GMT
server: nginx
x-timer: S1689673328.980396,VS0,VE0
etag: "4dacb31c72359ff4d305c3c8787a1e5c"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 318, 2

GET
H2 200 21095320aba5ba7fbe1dea85e5408335.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 8 KB
9 KB 97ms
48ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/21095320aba5ba7fbe1dea85e5408335.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b393065f31b0140779aab2af150e1e39c75cddd31a0ef18a72d6274c6d6a06a5

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Tue, 18 Jul 2023 09:42:07 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/21095320aba5ba7fbe1dea85e5408335.jpg
age: 275794
edge-cache-tag: 581651182490352650140986442054686683286,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 581651182490352650140986442054686683286,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 162
expiration: expiry-date="Tue, 08 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.atlantaleader.com/
content-length: 8476
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kiad7000022-IAD, cache-iad-kiad7000101-IAD, cache-chi-kigq8000159-CHI, cache-iad-kjyo7100135-IAD, cache-lis1490043-LIS
last-modified: Sat, 08 Jul 2023 07:36:23 GMT
server: nginx
x-timer: S1689673328.980388,VS0,VE1
etag: "acbf8ae03ab58815360bcdf97019c95d"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1, 1

GET
H2 204 / Show response
cds.taboola.com/ 0
82 B 458ms
150ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=18049bb8-a15a-4173-a3c3-612e921c562d-tuctbafe3ec&mbl=ZmFsc2U=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 18 Jul 2023 09:42:08 GMT
cache-control: no-store
server: nginx

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 90ms
90ms Ping
text/plain 142.250.185.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je37c0&_p=1873&cid=791826794.1689673328&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1689673328&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html&dt=%E8%B2%B7%E6%96%B0%E8%BB%8A%E3%80%8C%E6%AE%BA%E7%8B%97%E7%8D%BB%E7%A5%AD%E3%80%8D%E3%80%80%E7%8B%97%E5%B1%8D%E6%8A%B9%E8%BB%8A%E8%BA%AB%E3%80%8C%E7%81%91%E9%BB%91%E7%8B%97%E8%A1%80%E3%80%8D%E4%BF%9D%E8%A1%8C%E8%BB%8A%E5%B9%B3%E5%AE%89%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_nsi=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s52-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jul 2023 09:42:08 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 content_v3.js Show response
vidstat.taboola.com/ 16 KB
5 KB 45ms
45ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/content_v3.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_0_3/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:42:08 GMT
via: 1.1 cb4f40303e252a22c4df5918669814ac.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: LIS50-C1
age: 512851
x-cache: Hit from cloudfront, HIT
content-length: 4839
x-served-by: cache-lis1490043-LIS
last-modified: Wed, 20 Jul 2022 13:23:50 GMT
server: AmazonS3
x-timer: S1689673328.481578,VS0,VE0
etag: "f7533e747bb02a8eb527ada4f2749620"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: OmMK25KHDtLgJBdHJS5nTmzdwO3Z6tWEggH3i8sti68ZYnuzVlmfQw==
x-cache-hits: 2748

GET
H2 200 OvaMediaPlayer.js Show response
vidstat.taboola.com/vpaid/vPlayer/player/v15.3.3/ 444 KB
83 KB 47ms
46ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.3.3/OvaMediaPlayer.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_0_3/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: d87c2fedac29b7103d7b6b3cba3f23547ae3fdb319eded5937d23c10154dacc1

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime: 1688806868
date: Tue, 18 Jul 2023 09:42:08 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: K1TCTRWWT6HMN7BT
age: 866389
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1688806881
x-amz-meta-mode: 33188
content-length: 84969
x-amz-id-2: 8hfZyH8V/ji+4DSwlLcFyNe1az+2J9r5LeUPx8PoKNPXjroW9uSRA0ghZWeyg6EBQz+/ddjf6Og=
x-served-by: cache-lis1490043-LIS
last-modified: Sat, 08 Jul 2023 09:01:22 GMT
server: AmazonS3-br
x-timer: S1689673329.606213,VS0,VE0
etag: "495314d071af2f9ae6f90cb9bdb64cd6"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 5109

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 4720 577 B
671 B 95ms
95ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V8yisCLAaQ1u3p1ZvivhIgrdvTqzfFfS0AAABgYID-AEmNJrbNZrda6xbO3Vo0WgzXyonNtBbNXCbnwjRyjIwLIyCp0cS22exWa93CuVuLRovhWjmxmdaimcvkXJhGjpFxYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZtaDodPte9Xvf73SU-z1zj9yv8aofTLXza3Rqjy605Otw6v-stfDrsbqnTrfO73pqj0632uzVGl1tzdNndmodb6HK6dX7XW_h0uSUOv1v4tPvcGqPLLXjafW6F3S40vc12AAAAAPDg____HwIAAABABAAAAAAJAAAAABQCKvxbELgAAAAAgOH___9fA8AqBwN2ei5-uz8AAAAAgAAAAAAgAYCAflgCIMZ478T_________f4wB-swbGf____83DHoAPPgAeBACAAAANKQK7LozDyjbg0iBbBFGAAAAAIY98QWOTNIJKhZV_v__-60AXAEACEhEA7PuyqI7KPEWBgAAQGDMAj0sfr_ZYdf43S7z_________2_m_8w_GiGN-uE0wRKPXGp-AQEA1vwCAgCwUTcAAG8C4AQdglYMBqsTELMDAAAAcOf___9fD8gNBoPFbLaZWVyr3WpjG86cu9Vi5HB4fCvXYmPbHnbUj2ynayuPPhvCMvt9BwXl9PSYXQYZy2UyiA8ahuVkEMzPhC1Gq8lksxzOlovJYDgajkb7I4DLAZqIwXI5mSwmu9VoNdoMd6PZYIEEYjBBFC0aTFaj0WQxGa5Gk9VsudjtNoiiVavZaDMYrmaT2W63Gg6Gy9EITdhitJpMNsvhbLmYDIaj4Wg0RDAxHIyWE4txrXCsFm7RYrdZKzwbz1q2mKyck8XGNZuM3KLXx3Rx2FyelceLBAPq9iJ5WqQT0cpkMw4nk8XItPIshyPXcrQaTkye5Waz8K1cm4lYojlZpBPZZd8bDAaL2Wwzs7hWu9XGNpw5d6vFyOHw-Fauxca2bwwHo-XEYlwrHKuFW7TYbdYKz8azli0mK-dksXHNJiO36PUxXRw2l2fl8Tdmw-Vst9lMRvvGbLic7TabyWjfoTN8V5-zUVlWST4m8_Iz7nltToPCZbB4n9-LNLQz2ow-zVdiUT3FOc_EKvT7_X6_3-_3-_3ejdngMRgMM492mxi7_JrNT3nUeA8GRSwRXKQTwcPsdphebonPs_FbxBKl6SKd6BV-tcPpFj7tbo3R5dYcHW6d3_UWPh12t9Tp1vldb83R6Vb73Rqjy605uuxuzcMtdDndOr_rLXy63BKH3y182n1ujdHlFjztPrfCbhea3maLWCI4XaQT0ct4uqj_qCGWq7liNZxLRsO5ZJUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28CsZi4_____3EAAABk5NADAACg3weUBQAAAAAAwG-gVYP9A1Ah1mq1ut1Yq9UC!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_0_3/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 3d095b131085a70278cddd03374bb730826241d99fb18df5aa94a213e67a21ca

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Tue, 18 Jul 2023 09:42:08 GMT
machineid: 3406
server: nginx

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 93ms
93ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=66361655&crid=-1&dast=V8yisCLAaQ1u3p1ZvivhIgrdvTqzfFfS0AAABgYID-AEmNJrbNZrda6xbO3Vo0WgzXyonNtBbNXCbnwjRyjIwLIyCp0cS22exWa93CuVuLRovhWjmxmdaimcvkXJhGjpFxYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZtaDodPte9Xvf73SU-z1zj9yv8aofTLXza3Rqjy605Otw6v-stfDrsbqnTrfO73pqj0632uzVGl1tzdNndmodb6HK6dX7XW_h0uSUOv1v4tPvcGqPLLXjafW6F3S40vc12AAAAAPDg____HwIAAABABAAAAAAJAAAAABQCKvxbELgAAAAAgOH___9fA8AqBwN2ei5-uz8AAAAAgAAAAAAgAYCAflgCIMZ478T_________f4wB-swbGf____83DHoAPPgAeBACAAAANKQK7LozDyjbg0iBbBFGAAAAAIY98QWOTNIJKhZV_v__-60AXAEACEhEA7PuyqI7KPEWBgAAQGDMAj0sfr_ZYdf43S7z_________2_m_8w_GiGN-uE0wRKPXGp-AQEA1vwCAgCwUTcAAG8C4AQdglYMBqsTELMDAAAAcOf___9fD8gNBoPFbLaZWVyr3WpjG86cu9Vi5HB4fCvXYmPbHnbUj2ynayuPPhvCMvt9BwXl9PSYXQYZy2UyiA8ahuVkEMzPhC1Gq8lksxzOlovJYDgajkb7I4DLAZqIwXI5mSwmu9VoNdoMd6PZYIEEYjBBFC0aTFaj0WQxGa5Gk9VsudjtNoiiVavZaDMYrmaT2W63Gg6Gy9EITdhitJpMNsvhbLmYDIaj4Wg0RDAxHIyWE4txrXCsFm7RYrdZKzwbz1q2mKyck8XGNZuM3KLXx3Rx2FyelceLBAPq9iJ5WqQT0cpkMw4nk8XItPIshyPXcrQaTkye5Waz8K1cm4lYojlZpBPZZd8bDAaL2Wwzs7hWu9XGNpw5d6vFyOHw-Fauxca2bwwHo-XEYlwrHKuFW7TYbdYKz8azli0mK-dksXHNJiO36PUxXRw2l2fl8Tdmw-Vst9lMRvvGbLic7TabyWjfoTN8V5-zUVlWST4m8_Iz7nltToPCZbB4n9-LNLQz2ow-zVdiUT3FOc_EKvT7_X6_3-_3-_3ejdngMRgMM492mxi7_JrNT3nUeA8GRSwRXKQTwcPsdphebonPs_FbxBKl6SKd6BV-tcPpFj7tbo3R5dYcHW6d3_UWPh12t9Tp1vldb83R6Vb73Rqjy605uuxuzcMtdDndOr_rLXy63BKH3y182n1ujdHlFjztPrfCbhea3maLWCI4XaQT0ct4uqj_qCGWq7liNZxLRsO5ZJUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28CsZi4_____3EAAABk5NADAACg3weUBQAAAAAAwG-gVYP9A1Ah1mq1ut1Yq9UC!&cmcv=&pix=31579697&cb=1689673328602&uv=3303&tms=1689673328602&su=3&abt=dupplfs1_vB!ll411_vB!nonrv_vA!ufm_vG&ft=0&unm=FEED_MANAGER&su=3&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:42:08 GMT
content-length: 0
server: nginx

GET
H2 200 ysm_bg3.js Show response
ad.sitemaji.com/ Frame D21B 31 KB
10 KB 200ms
56ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/ysm_bg3.js
Requested by: Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 287077b1aeaca25ca5387fa4bccd16aa0f098f48ab4630152689426db2d97470

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 21:15:59 GMT
content-encoding: br
via: 1.1 google
last-modified: Mon, 26 Jun 2023 06:28:33 GMT
server: nginx/1.12.1 (Ubuntu)
age: 44770
etag: W/"64993011-7b8f"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9956
expires: Tue, 18 Jul 2023 21:15:59 GMT

GET
H2 200 ysm_bg3.js Show response
ad.sitemaji.com/ Frame 7408 31 KB
10 KB 216ms
73ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/ysm_bg3.js
Requested by: Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 287077b1aeaca25ca5387fa4bccd16aa0f098f48ab4630152689426db2d97470

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 21:15:59 GMT
content-encoding: br
via: 1.1 google
last-modified: Mon, 26 Jun 2023 06:28:33 GMT
server: nginx/1.12.1 (Ubuntu)
age: 44770
etag: W/"64993011-7b8f"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9956
expires: Tue, 18 Jul 2023 21:15:59 GMT

GET
H2 206 blackScreen5.mp4
vidstatb.taboola.com/vid/ 89 KB
89 KB 57ms
52ms Media
video/mp4 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer: https://www.bg3.co/
Accept-Encoding: identity;q=1, *;q=0
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

x-amz-meta-mtime: 1497790207
date: Tue, 18 Jul 2023 09:42:08 GMT
via: 1.1 65fac79c4b1023a8d83e5e5bfb978ce0.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: LIS50-C1
age: 107490
x-cache: Miss from cloudfront, HIT
Content-Range: bytes 0-90783/90784
x-amz-meta-mode: 33188
Content-Length: 90784
x-served-by: cache-lis1490043-LIS
last-modified: Sun, 02 Jul 2017 20:40:57 GMT
server: AmazonS3
x-timer: S1689673329.900676,VS0,VE0
etag: "b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid: 0
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: eL06zMABtpJic7IknWTjIcZ5BL2bh74ZaMAl4Dcqky23Vc0714d_9w==
x-cache-hits: 3420

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9742 13 KB
5 KB 90ms
89ms Document
text/html 172.217.23.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 1584
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jul 2023 09:15:44 GMT
expires: Wed, 17 Jul 2024 09:15:44 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame DE7B 783 B
1 KB 327ms
92ms Document
text/html 172.217.18.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f4.1e100.net

Software

GSE /

Resource Hash

b6229c6faf2f603177d9e9e0fc95bd2e8da58f659a97415518ddcdc9f5f99b0f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-fCEZ_YhjI4LzA0zzGcklpw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-fCEZ_YhjI4LzA0zzGcklpw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jul 2023 09:42:09 GMT
expires: Tue, 18 Jul 2023 09:42:09 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6BC5 13 KB
5 KB 81ms
80ms Document
text/html 172.217.23.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 1584
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jul 2023 09:15:44 GMT
expires: Wed, 17 Jul 2024 09:15:44 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0A4D 783 B
739 B 327ms
110ms Document
text/html 172.217.18.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f4.1e100.net

Software

GSE /

Resource Hash

d39550a78e4e3a4052864d787da808fef03341acd261a610002cc68cc9c6dda2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-c6YwSF375CyNzEgD6xnEkQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-c6YwSF375CyNzEgD6xnEkQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jul 2023 09:42:09 GMT
expires: Tue, 18 Jul 2023 09:42:09 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 83F1 13 KB
5 KB 135ms
133ms Document
text/html 172.217.23.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 1585
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jul 2023 09:15:44 GMT
expires: Wed, 17 Jul 2024 09:15:44 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B3B5 783 B
743 B 288ms
93ms Document
text/html 172.217.18.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f4.1e100.net

Software

GSE /

Resource Hash

cd270c1fd09babb8b13e6edfcfe334bf353bfe953dca73e5d938a8951db8adae

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-J2jAYjFk-hDgXTdmPSMQOg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-J2jAYjFk-hDgXTdmPSMQOg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jul 2023 09:42:09 GMT
expires: Tue, 18 Jul 2023 09:42:09 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3CF0 13 KB
5 KB 131ms
130ms Document
text/html 172.217.23.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 1585
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jul 2023 09:15:44 GMT
expires: Wed, 17 Jul 2024 09:15:44 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 56E0 783 B
740 B 282ms
94ms Document
text/html 172.217.18.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f4.1e100.net

Software

GSE /

Resource Hash

b176f8262e8f01581fe97aff65ffd0aef832e4285f5fb575c567e6657566e748

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-UwUH-wOoMzELtyu4f7s6Aw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-UwUH-wOoMzELtyu4f7s6Aw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jul 2023 09:42:09 GMT
expires: Tue, 18 Jul 2023 09:42:09 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 4720 70 B
264 B 125ms
123ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8yisCLAaQ1u3p1ZvivhIgrdvTqzfFfS0AAABgYID-AEmNJrbNZrda6xbO3Vo0WgzXyonNtBbNXCbnwjRyjIwLIyCp0cS22exWa93CuVuLRovhWjmxmdaimcvkXJhGjpFxYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZtaDodPte9Xvf73SU-z1zj9yv8aofTLXza3Rqjy605Otw6v-stfDrsbqnTrfO73pqj0632uzVGl1tzdNndmodb6HK6dX7XW_h0uSUOv1v4tPvcGqPLLXjafW6F3S40vc12AAAAAPDg____HwIAAABABAAAAAAJAAAAABQCKvxbELgAAAAAgOH___9fA8AqBwN2ei5-uz8AAAAAgAAAAAAgAYCAflgCIMZ478T_________f4wB-swbGf____83DHoAPPgAeBACAAAANKQK7LozDyjbg0iBbBFGAAAAAIY98QWOTNIJKhZV_v__-60AXAEACEhEA7PuyqI7KPEWBgAAQGDMAj0sfr_ZYdf43S7z_________2_m_8w_GiGN-uE0wRKPXGp-AQEA1vwCAgCwUTcAAG8C4AQdglYMBqsTELMDAAAAcOf___9fD8gNBoPFbLaZWVyr3WpjG86cu9Vi5HB4fCvXYmPbHnbUj2ynayuPPhvCMvt9BwXl9PSYXQYZy2UyiA8ahuVkEMzPhC1Gq8lksxzOlovJYDgajkb7I4DLAZqIwXI5mSwmu9VoNdoMd6PZYIEEYjBBFC0aTFaj0WQxGa5Gk9VsudjtNoiiVavZaDMYrmaT2W63Gg6Gy9EITdhitJpMNsvhbLmYDIaj4Wg0RDAxHIyWE4txrXCsFm7RYrdZKzwbz1q2mKyck8XGNZuM3KLXx3Rx2FyelceLBAPq9iJ5WqQT0cpkMw4nk8XItPIshyPXcrQaTkye5Waz8K1cm4lYojlZpBPZZd8bDAaL2Wwzs7hWu9XGNpw5d6vFyOHw-Fauxca2bwwHo-XEYlwrHKuFW7TYbdYKz8azli0mK-dksXHNJiO36PUxXRw2l2fl8Tdmw-Vst9lMRvvGbLic7TabyWjfoTN8V5-zUVlWST4m8_Iz7nltToPCZbB4n9-LNLQz2ow-zVdiUT3FOc_EKvT7_X6_3-_3-_3ejdngMRgMM492mxi7_JrNT3nUeA8GRSwRXKQTwcPsdphebonPs_FbxBKl6SKd6BV-tcPpFj7tbo3R5dYcHW6d3_UWPh12t9Tp1vldb83R6Vb73Rqjy605uuxuzcMtdDndOr_rLXy63BKH3y182n1ujdHlFjztPrfCbhea3maLWCI4XaQT0ct4uqj_qCGWq7liNZxLRsO5ZJUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28CsZi4_____3EAAABk5NADAACg3weUBQAAAAAAwG-gVYP9A1Ah1mq1ut1Yq9UC!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 18 Jul 2023 09:42:09 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 18049bb8-a15a-4173-a3c3-612e921c562d-tuctbafe3ec
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 4720 43 B
425 B 108ms
107ms Image
image/gif 34.241.131.206
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/18049bb8-a15a-4173-a3c3-612e921c562d-tuctbafe3ec?gdpr=1&us_privacy=1---

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.241.131.206 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-241-131-206.eu-west-1.compute.amazonaws.com

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:42:09 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

POST
H2 204 bulk Show response
trc.taboola.com/palmate-bg3co/log/3/ 0
337 B 149ms
149ms XHR
image/gif 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-bg3co/log/3/bulk?route=AM%3AIL%3AV&lti=deflated&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230717-4-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 101
date: Tue, 18 Jul 2023 09:42:09 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 98675
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-lis1490043-LIS
pragma: no-cache
server: nginx
x-timer: S1689673329.073870,VS0,VE101
content-type: image/gif
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 0814 281 B
554 B 92ms
91ms Document
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8yisCLAaQ1u3p1ZvivhIgrdvTqzfFfS0AAABgYID-AEmNJrbNZrda6xbO3Vo0WgzXyonNtBbNXCbnwjRyjIwLIyCp0cS22exWa93CuVuLRovhWjmxmdaimcvkXJhGjpFxYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZtaDodPte9Xvf73SU-z1zj9yv8aofTLXza3Rqjy605Otw6v-stfDrsbqnTrfO73pqj0632uzVGl1tzdNndmodb6HK6dX7XW_h0uSUOv1v4tPvcGqPLLXjafW6F3S40vc12AAAAAPDg____HwIAAABABAAAAAAJAAAAABQCKvxbELgAAAAAgOH___9fA8AqBwN2ei5-uz8AAAAAgAAAAAAgAYCAflgCIMZ478T_________f4wB-swbGf____83DHoAPPgAeBACAAAANKQK7LozDyjbg0iBbBFGAAAAAIY98QWOTNIJKhZV_v__-60AXAEACEhEA7PuyqI7KPEWBgAAQGDMAj0sfr_ZYdf43S7z_________2_m_8w_GiGN-uE0wRKPXGp-AQEA1vwCAgCwUTcAAG8C4AQdglYMBqsTELMDAAAAcOf___9fD8gNBoPFbLaZWVyr3WpjG86cu9Vi5HB4fCvXYmPbHnbUj2ynayuPPhvCMvt9BwXl9PSYXQYZy2UyiA8ahuVkEMzPhC1Gq8lksxzOlovJYDgajkb7I4DLAZqIwXI5mSwmu9VoNdoMd6PZYIEEYjBBFC0aTFaj0WQxGa5Gk9VsudjtNoiiVavZaDMYrmaT2W63Gg6Gy9EITdhitJpMNsvhbLmYDIaj4Wg0RDAxHIyWE4txrXCsFm7RYrdZKzwbz1q2mKyck8XGNZuM3KLXx3Rx2FyelceLBAPq9iJ5WqQT0cpkMw4nk8XItPIshyPXcrQaTkye5Waz8K1cm4lYojlZpBPZZd8bDAaL2Wwzs7hWu9XGNpw5d6vFyOHw-Fauxca2bwwHo-XEYlwrHKuFW7TYbdYKz8azli0mK-dksXHNJiO36PUxXRw2l2fl8Tdmw-Vst9lMRvvGbLic7TabyWjfoTN8V5-zUVlWST4m8_Iz7nltToPCZbB4n9-LNLQz2ow-zVdiUT3FOc_EKvT7_X6_3-_3-_3ejdngMRgMM492mxi7_JrNT3nUeA8GRSwRXKQTwcPsdphebonPs_FbxBKl6SKd6BV-tcPpFj7tbo3R5dYcHW6d3_UWPh12t9Tp1vldb83R6Vb73Rqjy605uuxuzcMtdDndOr_rLXy63BKH3y182n1ujdHlFjztPrfCbhea3maLWCI4XaQT0ct4uqj_qCGWq7liNZxLRsO5ZJUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28CsZi4_____3EAAABk5NADAACg3weUBQAAAAAAwG-gVYP9A1Ah1mq1ut1Yq9UC!&excid=22&docw=0&cijs=1&nlb=false
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://am-match.taboola.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 18 Jul 2023 09:42:09 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H3

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/ Frame D21B
Redirect Chain

https://agent.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

52ms
51ms

Script
application/octet-stream

104.26.4.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol: H3
Server: 104.26.4.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:42:09 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9294
alt-svc: h3=":443"; ma=86400
content-length: 40181
last-modified: Tue, 20 Jun 2023 03:04:26 GMT
server: cloudflare
etag: "6491173a-9cf5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tfGGL8Y9vvJ6w06J7rqR201TsamUzpufltsaOSsv1pp4gfg5WbTzysR9756LHeaT9OhEC6rPOxwDi%2BfalpzkboRP8zLiwxv6LVLGP%2F4IkR4KduJiWrXFsltI5M9O16fCxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7e89c5e84d9048a9-LIS

Redirect headers

location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
connection: close
content-length: 0

GET
H3

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/ Frame 7408
Redirect Chain

https://agent.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

188ms
187ms

Script
application/octet-stream

104.26.4.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol: H3
Server: 104.26.4.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:42:09 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9294
alt-svc: h3=":443"; ma=86400
content-length: 40181
last-modified: Tue, 20 Jun 2023 03:04:26 GMT
server: cloudflare
etag: "6491173a-9cf5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hNRhLYmN3W5vm4LN1Z6xHwHJqRMqSMnJeBBgBGLuO%2BJ%2Bs18lsa5A48lGnkfi6F8XFC%2F8nLqNAT9le0eL60Avv%2B6Zg%2B%2BJzaEDc9i4bc%2FMew%2BYBJC7J1O6aK3LITqJmQ4djw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7e89c5e85da248a9-LIS

Redirect headers

location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
connection: close
content-length: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 0814 34 KB
10 KB 99ms
99ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: d16b7e791947e153bd624220a710934e78b687ddb2ff2315adf78da32a953431

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 18 Jul 2023 09:42:09 GMT
Content-Encoding: gzip
Last-Modified: Tue, 18 Jul 2023 01:54:57 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=58312
Connection: keep-alive
Content-Length: 10114
Expires: Wed, 19 Jul 2023 01:54:01 GMT

GET
H3 200 z4IayZfX88ZX2_EYt94GdYIPN7RJq1GGqWNWESymoNs.js Show response
pagead2.googlesyndication.com/bg/ Frame 9742 37 KB
14 KB 84ms
84ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/z4IayZfX88ZX2_EYt94GdYIPN7RJq1GGqWNWESymoNs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

cf821ac997d7f3c657dbf118b7de0675820f37b449ab5186a96356112ca6a0db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 08:17:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5089
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14789
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Jul 2024 08:17:20 GMT

GET
H3 200 z4IayZfX88ZX2_EYt94GdYIPN7RJq1GGqWNWESymoNs.js Show response
pagead2.googlesyndication.com/bg/ Frame 6BC5 37 KB
14 KB 86ms
86ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/z4IayZfX88ZX2_EYt94GdYIPN7RJq1GGqWNWESymoNs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

cf821ac997d7f3c657dbf118b7de0675820f37b449ab5186a96356112ca6a0db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 08:17:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5089
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14789
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Jul 2024 08:17:20 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame DE7B 0
0 113ms
113ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307120101&jk=2456436762176039&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B3B5 0
0 115ms
114ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230713&jk=3117553162672381&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 56E0 0
0 117ms
116ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230713&jk=4320294866366381&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0A4D 0
0 115ms
115ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307110101&jk=2452838901357345&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/mai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 z4IayZfX88ZX2_EYt94GdYIPN7RJq1GGqWNWESymoNs.js Show response
pagead2.googlesyndication.com/bg/ Frame 83F1 37 KB
14 KB 84ms
83ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/z4IayZfX88ZX2_EYt94GdYIPN7RJq1GGqWNWESymoNs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

cf821ac997d7f3c657dbf118b7de0675820f37b449ab5186a96356112ca6a0db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 08:17:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5089
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14789
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Jul 2024 08:17:20 GMT

GET
H3 200 z4IayZfX88ZX2_EYt94GdYIPN7RJq1GGqWNWESymoNs.js Show response
pagead2.googlesyndication.com/bg/ Frame 3CF0 37 KB
14 KB 80ms
80ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/z4IayZfX88ZX2_EYt94GdYIPN7RJq1GGqWNWESymoNs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

cf821ac997d7f3c657dbf118b7de0675820f37b449ab5186a96356112ca6a0db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 08:17:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5089
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14789
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Jul 2024 08:17:20 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 0814 284 B
536 B 82ms
82ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 204
No Content sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 0814 0
239 B 688ms
141ms Image
image/gif 69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=16698&gdpr=1&us_privacy=1---&gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: c1df09169f58a071f2a391dff1b3307b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3 200 ucfad-formats.css
cdn.aralego.net/css/dev/ Frame D21B 975 B
749 B 71ms
66ms Stylesheet
text/css 104.26.4.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.4.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:42:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9294
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=68TdKj13%2BwvzoP4w68AqHokIC8HcBhoko3Rwql5qlsdn%2BVGrECZMDMMdngTgqK8v6l%2FAiCkag8uNNs8APQIwzrmkZW37FzAJy90iRGjkoIZDuMIHvj9%2Bqk7cdcuHAOQeZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7e89c5ea580b48a9-LIS

GET
H3 200 ucfad-formats.css
cdn.aralego.net/css/dev/ Frame 7408 975 B
756 B 56ms
54ms Stylesheet
text/css 104.26.4.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.4.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:42:10 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9294
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ecfvypNBKXHx%2FPU3H7eL%2ButOYvuMe49RYeEErSozBEOU%2FGhFmoUutTOOl4R%2FHRCaTBCpCq%2FgfQd23MssalQlZs%2F2eCG%2Br1tNNx3%2BuFBLe7wV%2FXFFnTltRRor5Cj4Mz3FHA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7e89c5eab88448a9-LIS

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ Frame D21B 661 B
1 KB 525ms
223ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=adx.holmesmind.com&u=https%3A%2F%2Fwww.bg3.co%2F&adid=ad-D23E94E4EBE8E97E1A2434368A94EA6&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=undefined&cb=0.4277078309475164&ao=https%3A%2F%2Fwww.bg3.co&uaMobile=%3F0
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 5a42323e0b1c4e0d4d08124e092838d317dec3536cedfeb797380f02c1ebc132

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 18 Jul 2023 09:42:10 GMT
X-Width: 300
X-Height: 250
X-AdStyle: banner
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://adx.holmesmind.com
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-AdSource: PSA
X-SspId: 93074214-e49a-3af9-b83d-9bbf357fd927
X-Adtype: html
Connection: close
Content-Length: 661

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ Frame 7408 661 B
1 KB 513ms
225ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=adx.holmesmind.com&u=https%3A%2F%2Fwww.bg3.co%2F&adid=ad-D23E94E4EBE8E97E1A2434368A94EA6&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=undefined&cb=0.24041517626752595&ao=https%3A%2F%2Fwww.bg3.co&uaMobile=%3F0
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 5a42323e0b1c4e0d4d08124e092838d317dec3536cedfeb797380f02c1ebc132

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 18 Jul 2023 09:42:10 GMT
X-Width: 300
X-Height: 250
X-AdStyle: banner
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://adx.holmesmind.com
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-AdSource: PSA
X-SspId: 93074214-e49a-3af9-b83d-9bbf357fd927
X-Adtype: html
Connection: close
Content-Length: 661

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 1 KB
707 B 910ms
910ms XHR
application/json 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1689673330504&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1533&pt=-1666768528&tz=0&viewable=true&ddast=V8yisCLAaQ1u3p1ZvivhIgrdvTqzfFfS0AAABgYID-AEmNJrbNZrda6xbO3Vo0WgzXyonNtBbNXCbnwjRyjIwLIyCp0cS22exWa93CuVuLRovhWjmxmdaimcvkXJhGjpFxYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZtaDodPte9Xvf73SU-z1zj9yv8aofTLXza3Rqjy605Otw6v-stfDrsbqnTrfO73pqj0632uzVGl1tzdNndmodb6HK6dX7XW_h0uSUOv1v4tPvcGqPLLXjafW6F3S40vc12AAAAAPDg____HwIAAABABAAAAAAJAAAAABQCKvxbELgAAAAAgOH___9fA8AqBwN2ei5-uz8AAAAAgAAAAAAgAYCAflgCIMZ478T_________f4wB-swbGf____83DHoAPPgAeBACAAAANKQK7LozDyjbg0iBbBFGAAAAAIY98QWOTNIJKhZV_v__-60AXAEACEhEA7PuyqI7KPEWBgAAQGDMAj0sfr_ZYdf43S7z_________2_m_8w_GiGN-uE0wRKPXGp-AQEA1vwCAgCwUTcAAG8C4AQdglYMBqsTELMDAAAAcOf___9fD8gNBoPFbLaZWVyr3WpjG86cu9Vi5HB4fCvXYmPbHnbUj2ynayuPPhvCMvt9BwXl9PSYXQYZy2UyiA8ahuVkEMzPhC1Gq8lksxzOlovJYDgajkb7I4DLAZqIwXI5mSwmu9VoNdoMd6PZYIEEYjBBFC0aTFaj0WQxGa5Gk9VsudjtNoiiVavZaDMYrmaT2W63Gg6Gy9EITdhitJpMNsvhbLmYDIaj4Wg0RDAxHIyWE4txrXCsFm7RYrdZKzwbz1q2mKyck8XGNZuM3KLXx3Rx2FyelceLBAPq9iJ5WqQT0cpkMw4nk8XItPIshyPXcrQaTkye5Waz8K1cm4lYojlZpBPZZd8bDAaL2Wwzs7hWu9XGNpw5d6vFyOHw-Fauxca2bwwHo-XEYlwrHKuFW7TYbdYKz8azli0mK-dksXHNJiO36PUxXRw2l2fl8Tdmw-Vst9lMRvvGbLic7TabyWjfoTN8V5-zUVlWST4m8_Iz7nltToPCZbB4n9-LNLQz2ow-zVdiUT3FOc_EKvT7_X6_3-_3-_3ejdngMRgMM492mxi7_JrNT3nUeA8GRSwRXKQTwcPsdphebonPs_FbxBKl6SKd6BV-tcPpFj7tbo3R5dYcHW6d3_UWPh12t9Tp1vldb83R6Vb73Rqjy605uuxuzcMtdDndOr_rLXy63BKH3y182n1ujdHlFjztPrfCbhea3maLWCI4XaQT0ct4uqj_qCGWq7liNZxLRsO5ZJUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28CsZi4_____3EAAABk5NADAACg3weUBQAAAAAAwG-gVYP9A1Ah1mq1ut1Yq9UC!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=dupplfs1_vB!ll411_vB!nonrv_vA!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.0/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b9fa38a4a4fc46d86399d8cde257e9ab91d9a08ef31d24bab62f57df92a674b2

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Tue, 18 Jul 2023 09:42:11 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1487
x-cache: MISS
x-served-by: cache-lis1490043-LIS
pragma: no-cache
server: nginx
x-timer: S1689673331.532742,VS0,VE852
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 90ms
90ms Ping
text/plain 142.250.185.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?__read_this=https%3A%2F%2Fbit.ly%2Fofficial-ga4&v=2&tid=G-JLX4K2W8JS&ds=AMP&_p=1873&cid=amp-lxp_UTgOnmKoHP4JZNPyVg&ul=en-us&sr=1600x1200&_s=3&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html&dr=&dt=%E8%B2%B7%E6%96%B0%E8%BB%8A%E3%80%8C%E6%AE%BA%E7%8B%97%E7%8D%BB%E7%A5%AD%E3%80%8D%E3%80%80%E7%8B%97%E5%B1%8D%E6%8A%B9%E8%BB%8A%E8%BA%AB%E3%80%8C%E7%81%91%E9%BB%91%E7%8B%97%E8%A1%80%E3%80%8D%E4%BF%9D%E8%A1%8C%E8%BB%8A%E5%B9%B3%E5%AE%89%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&_fv=1&_ss=1&__dbg=1&__nuid=&en=performance_timing&sid=1689673327&sct=1&seg=1&_et=1000&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co&epn.page_load_time=9777&epn.domain_lookup_time=21&epn.tcp_connect_time=501&epn.redirect_time=0&epn.server_response_time=912&epn.page_download_time=1&epn.content_download_time=1501&epn.dom_interactive_time=1501
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012306301917000/v0/amp-analytics-0.1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s52-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 18 Jul 2023 09:42:10 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 82ms
82ms Image
image/gif 142.250.185.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=a1&ds=AMP&aip&_s=2&dt=%E8%B2%B7%E6%96%B0%E8%BB%8A%E3%80%8C%E6%AE%BA%E7%8B%97%E7%8D%BB%E7%A5%AD%E3%80%8D%E3%80%80%E7%8B%97%E5%B1%8D%E6%8A%B9%E8%BB%8A%E8%BA%AB%E3%80%8C%E7%81%91%E9%BB%91%E7%8B%97%E8%A1%80%E3%80%8D%E4%BF%9D%E8%A1%8C%E8%BB%8A%E5%B9%B3%E5%AE%89%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=791826794.1689673328&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html&dr=&sd=24&ul=en-us&de=UTF-8&jid=&plt=9777&dns=21&tcp=501&rrt=0&srt=912&pdt=1&clt=1501&dit=1501&a=1873&z=0.729140883899704&gtm=45De1110&t=timing

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jul 2023 02:43:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 25124
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6BC5 0
10 B 84ms
83ms Image
text/plain 172.217.23.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?AV18Tw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.23.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s45-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:42:10 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 9742 0
10 B 87ms
86ms Image
text/plain 172.217.23.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?B1SsoQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.23.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s45-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:42:10 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3CF0 0
10 B 116ms
100ms Image
text/plain 172.217.23.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ueH6-Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.23.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s45-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:42:11 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 48F1 81 KB
27 KB 157ms
152ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: agent.aralego.com
URL: https://agent.aralego.com/sdk

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

93ec65638143248137b048a42ea6e690fef07cfbd4032cb5eab43812076f51a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:42:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27662
x-xss-protection: 0
server: cafe
etag: 705 / 19556 / m202307110101 / config-hash: 2841643792367511638
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 18 Jul 2023 09:42:11 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame E940 81 KB
27 KB 210ms
207ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: agent.aralego.com
URL: https://agent.aralego.com/sdk

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

9c6b55a00b28947bff02f240888a216be90be1082298cf5d9c6d6cc3994ddf75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:42:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27662
x-xss-protection: 0
server: cafe
etag: 714 / 19556 / m202307110101 / config-hash: 2841643792367511638
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 18 Jul 2023 09:42:11 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 83F1 0
10 B 103ms
102ms Image
text/plain 172.217.23.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?kRtLfA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.23.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s45-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:42:11 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/ Frame 48F1 391 KB
125 KB 119ms
117ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

5aa49f0af3e388fdd29408e87eba4ea66280dc6023105732c233ebc6924784b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:21:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1260
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127551
x-xss-protection: 0
server: cafe
etag: 10618836103773446959
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 17 Jul 2024 09:21:11 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/ Frame E940 391 KB
125 KB 128ms
125ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

5aa49f0af3e388fdd29408e87eba4ea66280dc6023105732c233ebc6924784b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:21:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1260
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127551
x-xss-protection: 0
server: cafe
etag: 10618836103773446959
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 17 Jul 2024 09:21:11 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 48F1 27 KB
12 KB 417ms
416ms XHR
text/plain 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1068971970009795&correlator=2720800924280916&eid=44769661&output=ldjh&gdfp_req=1&vrg=202307110101&ptt=17&impl=fif&iu_parts=22670248360%2Cbg3_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=1911528252&sfv=1-0-40&sc=1&abxe=1&dt=1689673331660&lmt=1689673331&dlt=1689673330279&idt=1288&adxs=0&adys=125&biw=-12245933&bih=-12245933&isw=300&ish=250&scr_x=-12245933&scr_y=-12245933&ucis=20zw3wsvhgoj&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=3&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ref=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&top=https%3A%2F%2Fwww.bg3.co%2F&frm=8&vis=1&psz=300x250&msz=300x0&fws=260&ohw=300&ea=0&ga_vid=661258227.1689673332&ga_sid=1689673332&ga_hid=1623577494&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

80d67d1eb8f1a8b45d9693c879292a7776fc68f19fb21584c3daa54fdbc96401

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:42:11 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11949
x-xss-protection: 0
google-lineitem-id: 6336189971
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138437415221
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://adx.holmesmind.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 48F1 16 KB
12 KB 309ms
309ms XHR
application/json 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307110101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

46942117c2cea12066fca7e1898475f6f762559ee52d2fce1e08f12d7fe2c700

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:42:11 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11984
x-xss-protection: 0

GET
H2 200 container.html
38b6432ed8425dc66a05270e66c3b4b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6746 6 KB
0 285ms
264ms Document
text/html 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://38b6432ed8425dc66a05270e66c3b4b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jul 2023 09:42:11 GMT
expires: Wed, 17 Jul 2024 09:42:11 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame E940 27 KB
12 KB 249ms
165ms XHR
text/plain 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=271996496966966&correlator=2117418566743731&eid=31072019&output=ldjh&gdfp_req=1&vrg=202307110101&ptt=17&impl=fif&iu_parts=22670248360%2Cbg3_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=1911528252&sfv=1-0-40&sc=1&abxe=1&dt=1689673331979&lmt=1689673331&dlt=1689673330350&idt=1344&adxs=0&adys=125&biw=-12245933&bih=-12245933&isw=300&ish=250&scr_x=-12245933&scr_y=-12245933&ucis=k2ngwj3p3y3o&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=3&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ref=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&top=https%3A%2F%2Fwww.bg3.co%2F&frm=8&vis=1&psz=300x250&msz=300x0&fws=260&ohw=300&ea=0&ga_vid=451894748.1689673332&ga_sid=1689673332&ga_hid=815804807&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

0d95f2a890dc3411bd88d2edf2503bba5f4f287948fe8961f134200c2f7681c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:42:12 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11924
x-xss-protection: 0
google-lineitem-id: 6336189971
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138437415221
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://adx.holmesmind.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame E940 15 KB
12 KB 230ms
145ms XHR
application/json 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307110101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

1bd9747d89536ff38e153383ebd96c96899946be1969af036d88323c371a62bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:42:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11837
x-xss-protection: 0

GET
H2 200 container.html
a0020eb1a4c717861f6a21fdc8f4cd9d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CC2F 0
0 163ms
95ms Document
text/html 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a0020eb1a4c717861f6a21fdc8f4cd9d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jul 2023 09:42:12 GMT
expires: Wed, 17 Jul 2024 09:42:12 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 48F1 17 KB
6 KB 111ms
106ms Script
text/javascript 172.217.23.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:42:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 18 Jul 2023 09:42:12 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F2C6 0
0 126ms
124ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstbpA5K5uPYbBW4PzhXxBRwpzKrCRh42wK45ihjqPs4F5o873cSBu1cYK6hJizGoNDcVQ1mJpuYAYavhz2uKHo-Nf5W7rupJK2wIkBhfWBcZ14sPJcSAzK6IKT-ImMgk8Y95hSdple60yaQdOf_QKD4m1uX5sBB10MGxsDhm--M9_NlNviUwf3o5G83IVY4SLiBbtuz8DOJXNJCoXUwErwxHTso6_y6ElYEBiuCaRcdJ9wKx89b7AMBJI-7QPbbL9s8XdPKGTGEfWxLV0CaQd0TqA9kc4ItJjFuwUERTlFxIisN_Z-UWA1xmea6WeBezfJznqcK6AjQhLT5&sai=AMfl-YQaWQTfLqqEySbosbj1G9Rv258Y0F07DSaxVqkj0qW8pRwjtENXFT8AXxgp8oLqZy1GKC8DvQPmeZeMfm1txnCYZsEY6eeaHUDEKw&sig=Cg0ArKJSzJnqvlCTF8AVEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/mai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:42:12 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 ysm_bg3.js Show response
ad.sitemaji.com/ Frame F2C6 31 KB
10 KB 76ms
73ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/ysm_bg3.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 287077b1aeaca25ca5387fa4bccd16aa0f098f48ab4630152689426db2d97470

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 21:15:59 GMT
content-encoding: br
via: 1.1 google
last-modified: Mon, 26 Jun 2023 06:28:33 GMT
server: nginx/1.12.1 (Ubuntu)
age: 44773
etag: W/"64993011-7b8f"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9956
expires: Tue, 18 Jul 2023 21:15:59 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F2C6 179 KB
57 KB 280ms
89ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

sffe /

Resource Hash

deb428f7b8dc8e920a46777cd7f0d271923623abedb2e7bdf397a3f76fc2f43a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:42:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57311
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689594152080714"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Jul 2023 09:42:12 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame E940 17 KB
6 KB 152ms
106ms Script
text/javascript 172.217.23.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:42:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 18 Jul 2023 09:42:12 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame CA0D 0
0 174ms
164ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvXU70eoq3vlHNVta80G-SGUgccAtaRoe5HwDaEKXWp0AexetRauKxMdgnESMGtcZ4G4aS97WBNBeWB77H-5Q1sc_nIUsFGtizsBXQpnctKtxMPP4pJahQWUtZrt2j70lwI3pwqJHWb6e1ZvvvbTDHngEeuNQVduAm3w-7xe06wXIWJ3BgHuwLfWOyysSmhdT-Hi0qbhLpSZyQGCGgHWOrU1HEb66wSMANlaajUvfGSJA9law5oD5vw9XYpfeNlrBHkSCgyphlic-hCzkl2A1lXigcZ-Yn2sQI523MYoKqx0h4NuMTODGoI0KziBwIMkahUOejXHZBvFul8&sai=AMfl-YTS3RJXU3IFcUbZvoq4RwZSWV3pXCsyrfppwUhRwUDthXs1V8mpB46NZpTOnIXhC-1QvM-mgQgGmEaxYH0oOoDgiP6bZ1Fcx58guw&sig=Cg0ArKJSzGjUVyV4KnmXEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/mai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:42:12 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 ysm_bg3.js Show response
ad.sitemaji.com/ Frame CA0D 31 KB
10 KB 89ms
65ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/ysm_bg3.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 287077b1aeaca25ca5387fa4bccd16aa0f098f48ab4630152689426db2d97470

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 21:15:59 GMT
content-encoding: br
via: 1.1 google
last-modified: Mon, 26 Jun 2023 06:28:33 GMT
server: nginx/1.12.1 (Ubuntu)
age: 44773
etag: W/"64993011-7b8f"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9956
expires: Tue, 18 Jul 2023 21:15:59 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CA0D 179 KB
56 KB 249ms
188ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

sffe /

Resource Hash

deb428f7b8dc8e920a46777cd7f0d271923623abedb2e7bdf397a3f76fc2f43a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:42:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57311
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689594152080714"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Jul 2023 09:42:12 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 01DC 13 KB
5 KB 175ms
121ms Document
text/html 172.217.23.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 1588
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jul 2023 09:15:44 GMT
expires: Wed, 17 Jul 2024 09:15:44 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9202 783 B
762 B 185ms
122ms Document
text/html 172.217.18.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f4.1e100.net

Software

GSE /

Resource Hash

b39ed304e6d8272a15859e8b5529a7ca383beb8ae3e0cafc34a37b72af1f9aeb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-b-W_XCiFj7BSdnLppgGTWg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-b-W_XCiFj7BSdnLppgGTWg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jul 2023 09:42:12 GMT
expires: Tue, 18 Jul 2023 09:42:12 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D0BD 0
0 238ms
185ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230713&jk=3117553162672381&bg=!ZWalZjLNAAa3SiIRl0o7ADkAdvg8WhVcSKWkeQIKVpIDZfncFMZfTSFe8iPFHdpevl1-QdOBh4XzgLoE0q2rmBDBUp-m0LaAe9YCAAAGclIAAAEkaAEHCgBa-p8OM2Q_hY9qcWFkfVmSaaj9s-fdfMp91Jn1k9vIKnNP94Jyx14jLFMRk3ABXE9fw5YV4rG-FV9z5-EVWxlElwlAd49CrDKX69cUhMMRhE-8OQKM9WMeV_6UmQK5ixr02QJaQ9Twg50Rufe5PcqEzwP1wx3ZgAs2d4kf0sdCVehQjhJE-hUNGkHFNuNM2Ti6bt3TUvgMP6uIYQF97mGdO5q9pkGu9RZRK8dhY6IcxaKDy5jnkuxPCvDSpM_1AkT27wZ1drA_LQI5zjlAyox-mOag6xATQeOoAL_3jozDcuLkfOuL2zUfq80XrPq3HpljwN2ZFVPgJA9KKP2w7RBJtvo3N9ZIO00LPuD6fPweF0j5bZYIQeRqwoIwCdb4cEZ2i-2kndasSt1xxRM0mlDISOoWBMaE6KK8ymlVOhxucDztzX22LkFa2vMq3WGLNEAkIZ5P_Rrb1cWnVjcRjpY2DSrOJa4SrrJ3edYXmXQX7iCiwKyhctF0S9VVUk2gD_Wlw7hJhP6oUzCfd0_U1b8w_Fh5wsECOXijcb1Z3gNR1r4YF2GwJmbBBLbas9qnsemI05Ps7zkxIJSzvoOK6Vhm5WawPlGu9EUuSl3g9g5t2YTuODjHe-C8J9kqq6DA9AP7O8bA6RE3ZADq2VW3AZClvBgDwKGa9rXuqFqFaZ_3Ge7r70fqqQmB6W9LIPIyTMtQn6zysPuDWlAXoqn94dqMI5Potrm-M_zl9RjfXTWT9y_ZukV9Q_pVE9rQQgRgiPfVF4LvwiKmcyi5t3VNXPL_ut_EIkmW25g83PYK6FreVeGK9VDIy7SgWeeohKgXaxediiN3WkM7s_wVyNSupYFbS8hXmZBgCTmk7SrztUPZ3zWuaUi2LT60Y1kPYXLve6YsCux-LvUomD4MXlbdz-CI9hyVJHoATQZ-Ea1dTGkbdKWhdQY1pDIhtYElzlydONhGOO5YsP5N-bYX-75_iXC5cB0tnvB3Wvlmc9eZfgSL7u88wVxd52_uA1BPjXAibLmMQqjcYPdTPCzp0XbES6DE8buYUzBQpA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F107 0
0 190ms
178ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307110101&jk=2452838901357345&bg=!9vWl9aHNAAa3SiIRl0o7ADkAdvg8WpCETvV0aNqZUYtUoLBVk0jIEn1PijNiBGNyivRk47q1iFWxGndrlyGYqMV2fRyvHtvJwmcCAAAFelIAAALzaAEHmQLHKueGRnGhr7YWyiptraCkhvi8EMfaKtAZFic0pCg7-qnuzUyPqfSzs6cPXHBqJAm7BrdJh-w-bgc9WwHvgIeHZ32jSU9obm-f90rlQ5jFsF84I5Nai98WMsO_ZzRC9gxAZcg87wya7dbv5gshxem5fhs_dnhmpfXxqjHdy6h8UdLY3ftPoHSeHGrH5GAQPao6BxbmSfO3nVD25_xntp4WdolqLBdB7swkh-6DwV_4lTrxBM6jLQrmLW8cFCUZ9n5iDBlNQkFuRS1fVo2tuSAw71AxlyXbfHISDACy-7VHxmBB6-Fx24hIw4x1GrtNm5YKSdEiBbbvPGYUfFcl9qzlbKuZC3eoLVDsLKhlMYoPn_xaHYAUiFgAkFEtHHKi5RyLVMdb37SW8KO1FMkoKXfs_5bgPRycMN0g7Svmx7eMX61DocUtr23uWBLC0Pw8ZdlfcTAX3YblRSJpQXOYZqgY_qqvISmqUPfubuIUM57XQHtlDKawCk6VRFlLqszvyb-lFBYxRhvAIfrcXb2qqOzFQSBlWvbqhHg9ggZjlFUDlvt10p2-9AB5cLpAPk16a9o2Zx1Gc58Dqb0WJUkZ8cMZj66VeyUIt_VGNQW4EVUVa6qVqP8DlszSNm_BGnaWRQFt5wbEYKxZhicUYn5P5rB5hlt0b4zlxgBcboUX_Bm75uQC3z5J51llQ2hd0NyS2Aj_WJQP0OJiEjye8AuGGtdGVz9DNFd38_ldC3EEuJCZH62rlp_roj2s66qdPg-SvGlNX83AJ2g7B0yntFZ2EMGPvvN3D9nQqAUXB9pXy512NGGYvQCEkAvg7dXYry0aoKBchqJYP62yCuGmFJAq4TZxYHM4Ie0kvcDDR-GsklPm7BHgyZMOdkZ02W1ZSnrcCH2yxXwZ_I1Jej_KCLSL4sVFmKIu5KwjSgCElT0j7YSm37H5Cv1ImSny
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame DEB0 0
0 170ms
126ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307120101&jk=2456436762176039&bg=!kZKlksbNAAa3SiIRl0o7ADkAdvg8WqIAst32QwYrqj7qpSWNZ4RRQTpsdMqsi27D7scxpB6YcP3BgNtouw7TCB8lcLHunvlu_csCAAAGSFIAAAGgaAEHmQK5lyRjV2FlPMJAP53GLTqp9w4F5Vg1Aj1f6lW-Jc205pAdSk4uAEnGlrx5GqNDveYOnFRgRxdOkqbFxNrKLJGRfx7ip6y8TjRZfvwlM8SMfofZXYDTavSnOHERpgpJosxNwL7_mWTMRs4EB5ERWAJuNegaANbSTDZQKHYSaauDL9AEq6STnCcMxURD_SUuvP-SjnxtjYux2VFZYz5PSuAzSotlW6RTpTSODche6xscVM1-RmHIV-VH95nvh6Y2QTsc5uUWQNAkBvBwwMWP3oBccLjZ_zIv9h85WgYzMoVXndWbC4j5ZMhOuz_SRoY_iuItRchM3JUEXypwlYCOA0a8TnQ7N7gN1J4dKC5Jdpr6NQzEXHebOk3rJQ3ylfNZ1UxL0x8NUuB7RM3fdrV6D2-gR5s6-Ae8M_m4CI9t37z39oxfLu8FD-bLKFgZ08O5faXZuGHhVr330csq3mTd3x-CwcAfSfrwlkPizSM0Ps7Ci7h57426vMiekuKAwNCaO2objRuAWGU8T4W8yaDJ8SMa6tHsizYruzy2AqrGWw8UdYQlYbEIlp3JbuGio_oI4qSqJz8ky7LYUHKlG1rimVQEK86wVxhxMJtQE0lT5b-FqSh1165dBFPD8QlJAsIRIZe_8fRafqVuFwEbcBF9d4PmvOMi2qDFh9iFx06fxfpIIot5ceBIeDSPK-Ckki_CGo8RHlUBEx3Hd98X-r5-ml7W5uboOoUVNNZj2-NqfzwB8Z5-y6xLPG-qW9vNSx3NeA3qzYX_aFHlq6UHkFD5r973vO5RaeSZY6ftkBClUq8MJ8NLcMvhIWizw5p3lOKcXaFr0LpMPWMjfP54kyZrHaEGTypvx5ivcl2Kap2nFefbKaD8m6Q20Javct9lsYILMywgEjw2APA3Eq30a8RHTMSzad8VY4bFtDGG-A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A3D2 13 KB
5 KB 120ms
85ms Document
text/html 172.217.23.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 1588
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jul 2023 09:15:44 GMT
expires: Wed, 17 Jul 2024 09:15:44 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1CB5 783 B
737 B 139ms
107ms Document
text/html 172.217.18.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f4.1e100.net

Software

GSE /

Resource Hash

6e823c7621b0d6e7ffbeb85154df3f87310b493abf3f9ce5b20be65081c5828e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-BrsV8QjKSDJBotOmQuOGAg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-BrsV8QjKSDJBotOmQuOGAg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jul 2023 09:42:12 GMT
expires: Tue, 18 Jul 2023 09:42:12 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7485 0
0 157ms
126ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230713&jk=4320294866366381&bg=!GhmlGU3NAAa3SiIRl0o7ADkAdvg8WqQQ9Q2TydeWIA3Y5juZGCOYWnf-d3H6WEfkK6xD3Lk6YV-gUIkLLTXfjRT7a35njAL904kCAAAFe1IAAAJNaAEHmQKrv7vWS3XH8Y0Iv7g4L2i3XQI-0UXjOfJn4M-s19kV6r-gtDPVuB61AYomDUbg7ioIAzJiT77vZwk5oyynMl7qdf4CIUdBIGdoX_bWw7HjjZzV23UOw9jgLwU2SGW40RTupd1IIBEkdSsuqsu27R5VrjAOgg24Fn-hHNFGLmnF4x4UXX34Wj-fiiu76Ob17hvaxBtNW9VJoRoHhoIdr9XbP5otr-u5tgeMSzGZBUJFY9gcKJT_7G8_XRL70fJTRh3vNCYiDv-kOxGpUaBQAgN8nbBb8BbFqiaLpWXvqN9tlY1qPBwZLbDlfhYkD-bjhFdKqHzffZyHzc76kZXfV96Ffer6dpOT_EVDYvX-2Vqpn4prNNbUzpq2aMwOVbczEc9SUyn2jK1VZfjBaDLPu1ypfNZuMelwGqK0jyvbbKCUDOerrWQHJjQ-4fgng9bsgsPl5OyN1tMB83KOvbrxXuZ-kxxJyuy7KSHQAQ1G4Nr4WbYR8jc4e_JnXJalJbL6qkjkwonGZ9A3agDHXCyEF8075E8ga95V-b6PFoAHTgQRgKLWHPXln_bxSbp0cHgGJKV_Zo_aPjjDiXkpM5E46ULaSqQ5BbYl0tTDB1KO8OG0tXinSxsmT5glNVQ3lDiR5_lbSWnqTc4llkmmf9kiYmbzJU8PAZySqNqJmTyGLMDjjv-hop0nIgLgJKrbwKUd35AQh_TB0vS3WyLg5YXA2mOT_d0ubV8Yi4fcipe_dWFrxgJqbE19yD7E29JsCevLzcRR37vDo-NqpctNXHGyeAWORcfbuH1P_dOueBr2bUwCOuU4P_rGlUNX6_K_TQ39wfWGc-DL76RFNih-AMOqx3AgRl8zWMVZumEUadPXP4g_eqx1OBu4JEIXpObOGkjBm63EEbC4TQ-ZgStp6kY
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 native.js Show response
s.yimg.com/dy/ads/ Frame F2C6 80 KB
30 KB 312ms
90ms Script
application/javascript 87.248.119.251
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/dy/ads/native.js

Requested by

Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_bg3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.251 Dublin, Ireland, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

e1-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

fe397926b9153eef1ff4b993c12314dee516648b4b9eb17398b3e4252c0b61fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:40:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: MVJ1HSCA75CMGWKH
age: 89
x-amz-server-side-encryption: AES256
x-amz-id-2: DaAVPK1iluKsLeox1NUrK/EvoQjZzc1zdhV+IeW8FpSnX0jtrk/0m3tPsSLmSdSsIRy2mYmeSH8=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 09 Feb 2023 17:58:02 GMT
server: ATS
etag: "1ec4e10d0dddd5bd001bd7317afd4f4c-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
accept-ranges: bytes

GET
DATA 200
OK truncated
/ Frame F2C6 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bca8fdfee310fcbdd351101da070fd837f9be15e7e443ebf73c76772964fadd3

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 native.js Show response
s.yimg.com/dy/ads/ Frame CA0D 80 KB
30 KB 274ms
146ms Script
application/javascript 87.248.119.251
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/dy/ads/native.js

Requested by

Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_bg3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.119.251 Dublin, Ireland, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

e1-bmr.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

fe397926b9153eef1ff4b993c12314dee516648b4b9eb17398b3e4252c0b61fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:40:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: MVJ1HSCA75CMGWKH
age: 89
x-amz-server-side-encryption: AES256
x-amz-id-2: DaAVPK1iluKsLeox1NUrK/EvoQjZzc1zdhV+IeW8FpSnX0jtrk/0m3tPsSLmSdSsIRy2mYmeSH8=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 09 Feb 2023 17:58:02 GMT
server: ATS
etag: "1ec4e10d0dddd5bd001bd7317afd4f4c-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
accept-ranges: bytes

GET
DATA 200
OK truncated
/ Frame CA0D 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a05661fc8d80e02231e3db45dc1b6ed0e1bdafc33f163ffebf0d1687b21587f3

Request headers

accept-language: pt-PT,pt;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9202 0
0 149ms
145ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307110101&jk=1068971970009795&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1CB5 0
0 147ms
143ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307110101&jk=271996496966966&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 z4IayZfX88ZX2_EYt94GdYIPN7RJq1GGqWNWESymoNs.js Show response
pagead2.googlesyndication.com/bg/ Frame 01DC 37 KB
14 KB 116ms
112ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/z4IayZfX88ZX2_EYt94GdYIPN7RJq1GGqWNWESymoNs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

cf821ac997d7f3c657dbf118b7de0675820f37b449ab5186a96356112ca6a0db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 08:17:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5093
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14789
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Jul 2024 08:17:20 GMT

GET
H3 200 z4IayZfX88ZX2_EYt94GdYIPN7RJq1GGqWNWESymoNs.js Show response
pagead2.googlesyndication.com/bg/ Frame A3D2 37 KB
14 KB 137ms
133ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/z4IayZfX88ZX2_EYt94GdYIPN7RJq1GGqWNWESymoNs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

cf821ac997d7f3c657dbf118b7de0675820f37b449ab5186a96356112ca6a0db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 08:17:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5093
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14789
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Jul 2024 08:17:20 GMT

GET
H2 200 getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ Frame F2C6 290 B
623 B 507ms
110ms Script
application/javascript 87.248.100.136
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?agentVersion=205&adTrackingEnabled=true&locale=en&adUnitCode=bcca64ee-253d-4aef-a886-21cefca8d05d&apiKey=SXG6B5X3FQVQPXFZFMVG&gpp=&gppSid=&usp=&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Frisu.io%2F&caps=16&cb=jsonpCallback0

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.100.136 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

o1.ycpi.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

6227e2f11efa93c7eb0ea38ed73a866426f7080d40f3a34a6670bff550656d0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
date: Tue, 18 Jul 2023 09:42:13 GMT
server: ATS
age: 0
x-content-type-options: nosniff
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
x-envoy-upstream-service-time: 10
x-xss-protection: 1; mode=block
x-request-id: b933da31-7fc8-4efb-96fa-5a6a0e972010

GET
H2 200 b
geo.yahoo.com/ Frame F2C6 43 B
96 B 315ms
94ms Image
image/gif 188.125.72.139
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://geo.yahoo.com/b?t=xhkd7&9sdk8454

Requested by

Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.125.72.139 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

media-router-brb71.prod.media.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jul 2023 09:42:13 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 1
content-length: 43

GET
H2 200 b
geo.yahoo.com/ Frame CA0D 43 B
366 B 232ms
93ms Image
image/gif 188.125.72.139
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://geo.yahoo.com/b?t=xhkd7&9sdk8454

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.125.72.139 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

media-router-brb71.prod.media.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jul 2023 09:42:13 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 0
content-length: 43

GET
H2 200 getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ Frame CA0D 290 B
366 B 467ms
154ms Script
application/javascript 87.248.100.136
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.100.136 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

o1.ycpi.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

6227e2f11efa93c7eb0ea38ed73a866426f7080d40f3a34a6670bff550656d0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
date: Tue, 18 Jul 2023 09:42:13 GMT
server: ATS
age: 0
x-content-type-options: nosniff
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
x-envoy-upstream-service-time: 14
x-xss-protection: 1; mode=block
x-request-id: 008489a4-2d17-4b0c-88a2-57a7c0a79c42

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 104ms
103ms Ping
text/plain 142.250.185.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je37c0&_p=1873&cid=791826794.1689673328&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=2&sid=1689673328&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fmai-xin-che-sha-gou-xian-ji-gou-shi-mo-che-shen-sa-hei-gou-xie-bao-xing-che-ping-an.html&dt=%E8%B2%B7%E6%96%B0%E8%BB%8A%E3%80%8C%E6%AE%BA%E7%8B%97%E7%8D%BB%E7%A5%AD%E3%80%8D%E3%80%80%E7%8B%97%E5%B1%8D%E6%8A%B9%E8%BB%8A%E8%BA%AB%E3%80%8C%E7%81%91%E9%BB%91%E7%8B%97%E8%A1%80%E3%80%8D%E4%BF%9D%E8%A1%8C%E8%BB%8A%E5%B9%B3%E5%AE%89%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_failed&_et=5
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s52-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jul 2023 09:42:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 VideoBidRequestHandlerServlet Show response
am-wf.taboola.com/ 1 KB
785 B 230ms
223ms XHR
application/json 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1689673333564&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1533&pt=-1666768528&tz=0&viewable=true&ddast=V8yisCLAaQ1u3p1ZvivhIgrdvTqzfFfS0AAABgYID-AEmNJrbNZrda6xbO3Vo0WgzXyonNtBbNXCbnwjRyjIwLIyCp0cS22exWa93CuVuLRovhWjmxmdaimcvkXJhGjpFxYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZtaDodPte9Xvf73SU-z1zj9yv8aofTLXza3Rqjy605Otw6v-stfDrsbqnTrfO73pqj0632uzVGl1tzdNndmodb6HK6dX7XW_h0uSUOv1v4tPvcGqPLLXjafW6F3S40vc12AAAAAPDg____HwIAAABABAAAAAAJAAAAABQCKvxbELgAAAAAgOH___9fA8AqBwN2ei5-uz8AAAAAgAAAAAAgAYCAflgCIMZ478T_________f4wB-swbGf____83DHoAPPgAeBACAAAANKQK7LozDyjbg0iBbBFGAAAAAIY98QWOTNIJKhZV_v__-60AXAEACEhEA7PuyqI7KPEWBgAAQGDMAj0sfr_ZYdf43S7z_________2_m_8w_GiGN-uE0wRKPXGp-AQEA1vwCAgCwUTcAAG8C4AQdglYMBqsTELMDAAAAcOf___9fD8gNBoPFbLaZWVyr3WpjG86cu9Vi5HB4fCvXYmPbHnbUj2ynayuPPhvCMvt9BwXl9PSYXQYZy2UyiA8ahuVkEMzPhC1Gq8lksxzOlovJYDgajkb7I4DLAZqIwXI5mSwmu9VoNdoMd6PZYIEEYjBBFC0aTFaj0WQxGa5Gk9VsudjtNoiiVavZaDMYrmaT2W63Gg6Gy9EITdhitJpMNsvhbLmYDIaj4Wg0RDAxHIyWE4txrXCsFm7RYrdZKzwbz1q2mKyck8XGNZuM3KLXx3Rx2FyelceLBAPq9iJ5WqQT0cpkMw4nk8XItPIshyPXcrQaTkye5Waz8K1cm4lYojlZpBPZZd8bDAaL2Wwzs7hWu9XGNpw5d6vFyOHw-Fauxca2bwwHo-XEYlwrHKuFW7TYbdYKz8azli0mK-dksXHNJiO36PUxXRw2l2fl8Tdmw-Vst9lMRvvGbLic7TabyWjfoTN8V5-zUVlWST4m8_Iz7nltToPCZbB4n9-LNLQz2ow-zVdiUT3FOc_EKvT7_X6_3-_3-_3ejdngMRgMM492mxi7_JrNT3nUeA8GRSwRXKQTwcPsdphebonPs_FbxBKl6SKd6BV-tcPpFj7tbo3R5dYcHW6d3_UWPh12t9Tp1vldb83R6Vb73Rqjy605uuxuzcMtdDndOr_rLXy63BKH3y182n1ujdHlFjztPrfCbhea3maLWCI4XaQT0ct4uqj_qCGWq7liNZxLRsO5ZJUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28CsZi4_____3EAAABk5NADAACg3weUBQAAAAAAwG-gVYP9A1Ah1mq1ut1Yq9UC!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=dupplfs1_vB!ll411_vB!nonrv_vA!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.0/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: c5a4caa084e7fd9e1b25d7923cc10c8b7410898f2e6a4b8736cba167b7855ecc

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Tue, 18 Jul 2023 09:42:13 GMT
content-encoding: gzip
server: nginx
machineid: 1417
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 01DC 0
10 B 134ms
131ms Image
text/plain 172.217.23.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?VkBJdw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.23.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s45-in-f1.1e100.net
Software: /
Resource Hash

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:42:13 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A3D2 0
10 B 129ms
128ms Image
text/plain 172.217.23.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?71kS_Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.23.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s45-in-f1.1e100.net
Software: /
Resource Hash

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:42:13 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/ Frame F2C6
Redirect Chain

https://agent.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

52ms
52ms

Script
application/octet-stream

104.26.4.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol: H3
Server: 104.26.4.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:42:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9299
alt-svc: h3=":443"; ma=86400
content-length: 40181
last-modified: Tue, 20 Jun 2023 03:04:26 GMT
server: cloudflare
etag: "6491173a-9cf5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G%2Fb885ZIw9bLxu6hpi0q%2BntE0PyAr1aVjpbkJYQi5rR1p5zXss%2FmFvHTk6a3lsOrsNIGHK7Qewu9geRIeRJIIc2YU0TStV6AAGIHEoktUTFu6b%2BXPpyCk1fR6KrLOyofxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7e89c6038b2148a9-LIS

Redirect headers

location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
connection: close
content-length: 0

GET
H3

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/ Frame CA0D
Redirect Chain

https://agent.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

59ms
58ms

Script
application/octet-stream

104.26.4.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol: H3
Server: 104.26.4.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:42:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9299
alt-svc: h3=":443"; ma=86400
content-length: 40181
last-modified: Tue, 20 Jun 2023 03:04:26 GMT
server: cloudflare
etag: "6491173a-9cf5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HmBFC821m2sYkhTPQmo6Vm1Gj%2BtlGPBaCwCH31U5rOiHP%2FZslrJsE732EiRxy4QI2B8iC8Y6b78R06usHDNB8j1%2B1uor8NTLLcX3NRGjOEtukLM%2BtKYh0YfzEg4g2wVS5w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7e89c603cb4d48a9-LIS

Redirect headers

location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
connection: close
content-length: 0

GET
H3 200 ucfad-formats.css
cdn.aralego.net/css/dev/ Frame F2C6 975 B
745 B 73ms
73ms Stylesheet
text/css 104.26.4.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.4.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:42:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9298
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cbWAUHXGUkrTNGnvMK0bcB2VmxLxZRKf7GLtWh6KLAs0GbiEwsMxFeJ%2B1NXVIn7O1py3RGFuAqQSaQPziqE1uEukX8pocRTLEJSv2X3jlAVvcpqXQkTsZByGUO90dym0Eg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7e89c603eb7248a9-LIS

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ Frame F2C6 638 B
1 KB 540ms
228ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=adx.holmesmind.com&u=https%3A%2F%2Fwww.bg3.co%2F&adid=ad-47BD2AED499228741372878ADE27B2E&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=undefined&cb=0.8493716090731191&ao=https%3A%2F%2Fwww.bg3.co&uaMobile=%3F0
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 66d027e66c78d7572ee27c513433b6e7bf711e6033a564cae04397c713e79bb9

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 18 Jul 2023 09:42:14 GMT
X-Width: 300
X-Height: 250
X-AdStyle: banner
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://adx.holmesmind.com
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-AdSource: PSA
X-SspId: 93074214-e49a-3af9-b83d-9bbf357fd927
X-Adtype: html
Connection: close
Content-Length: 638

GET
H3 200 ucfad-formats.css
cdn.aralego.net/css/dev/ Frame CA0D 975 B
750 B 55ms
53ms Stylesheet
text/css 104.26.4.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.4.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:42:14 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9298
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2VW2AL2zpz52ScqI5FoiJ%2FZOABc%2BAlkp%2FRdceHIFSzOiYny28Giug5RgHBOnCM4%2FVzGZ2kcBW5KiJn4%2BWintsCsvlVJvdzmmZdH1R5KofG6BxBG9ydNtkZg80xAsUhd%2BPw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7e89c6052c9a48a9-LIS

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F2C6 0
0 293ms
124ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuPKfUtqDH57TTXWYzV5uwuUSfpY8g8FFm_VP_Uye5tiQZ5h2vbWQAF1LWBjVJGz9T5WY4SO9CXDrHrsHI7XwkoCDCGWFcMecmvFe4tGkSdJNkgLq56kjNNXXlyP0i5VWqdgcOz-_h7IXVrRlM-7VeN9VYwcul6ePJ2ZsmpdjKSNPo2LVorqsy5ZfQ3Y-hJlovPXmKG6GWOyyVHgssUY5STiwitP0WnoignNItcEVq7NDA0Pz0alWbMSRZZuYUOMVobKyo37jRzA7bYslw8fa-CAp1N8NegyUcRJJMoIBoe79F9KFOUXN1YxNR6oTZslWLQN1MrNnXej92cxKc&sai=AMfl-YSi5iCCzraHWTUq1pPjEYpF1bbkNNbxbosJTzHOjo5cD2tRr8s8NUQh669yZrC3Voz-9i-bxG8Ek3SKZ5_AzzW1kqa4t156K5GoxA&sig=Cg0ArKJSzHnwRkjMCZAcEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:42:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 18 Jul 2023 09:42:14 GMT

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ Frame CA0D 638 B
1 KB 488ms
187ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=adx.holmesmind.com&u=https%3A%2F%2Fwww.bg3.co%2F&adid=ad-47BD2AED499228741372878ADE27B2E&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=undefined&cb=0.33899290796887294&ao=https%3A%2F%2Fwww.bg3.co&uaMobile=%3F0
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 66d027e66c78d7572ee27c513433b6e7bf711e6033a564cae04397c713e79bb9

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 18 Jul 2023 09:42:15 GMT
X-Width: 300
X-Height: 250
X-AdStyle: banner
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://adx.holmesmind.com
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-AdSource: PSA
X-SspId: 93074214-e49a-3af9-b83d-9bbf357fd927
X-Adtype: html
Connection: close
Content-Length: 638

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame CA0D 0
0 270ms
129ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuM_zg72foz3bZad9nWt8PcNvpu41BgloXl03HCb8yYF2sCtRuAfC438wmn7VZuWAkXBAJiH6K94X4S3MZC-En64sQn27VEyjI2HGd4UzSrzX-UeAF41kc14LLU3EtV7RDa53bDhMDEfmgmJQdvy_9HRkj_AyKivxj6sxMo4m4LhzIO_5hBkxrhx80Fs5fNnbFoxCF10fugz4t303Uad667lo9z6_TPuaXB8h5MOA2RiLLjxSsne_oHgcEPm7ml-upNW2fb3igOKSbp_QqW-jn78t2KtHWSebldLTCi9AsaTqaoRa1fWULRsey1_ClpHRlOaGA_C2xE5YUdBeU&sai=AMfl-YRmefWzGs9ZX_mozl_I29ozDt5-t5ZHfsw2BDztO-T16HJqE94WOU8NDVN2oDf4HmdOIEU9j5it-rIHjBhWtG07dL0kvdJYxer5tQ&sig=Cg0ArKJSzO8T31yYof5MEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:42:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 18 Jul 2023 09:42:14 GMT

POST
H2 204 visible Show response
trc.taboola.com/palmate-bg3co/log/3/ 0
124 B 157ms
157ms XHR
image/gif 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-bg3co/log/3/visible?route=AM%3AIL%3AV&lti=deflated
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230717-4-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 112
date: Tue, 18 Jul 2023 09:42:14 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 98182
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-lis1490043-LIS
pragma: no-cache
server: nginx
x-timer: S1689673335.839658,VS0,VE112
content-type: image/gif
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 48F1 0
0 115ms
114ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307110101&jk=1068971970009795&bg=!Hh2lHUnNAAa3SiIRl0o7ADkAdvg8WtQjsw-qZNcww1n6UwMIvWO2iePW9JRrG4oo3sj9nVvqQMVBzQMxTQQzDGLmp9BhWUDpSpoCAAACu1IAAAG5aAEHCgCEOn_dVrO9b76XRkQnU819AVWCE9QDPKAlO5o49noOEHC3E0Jxdazk5ByM95dYIbjfNbo36xMRWJ86IMimIY4EG60hTbtpYX-76YgeZqdNQxEsgvNqqGSbVdIJud0dPTr-42fzo1ESwOsCuKRdPi9UkJYS0mg41OARbacnrGbvf7BjolWmmQL7irGULISL1oVzDquGoHCZj1mRGMlHGkoMK4k8bnf1OqLdXcEkFRGtV3VZsrJHDj1yTTjFZ0Y1WoDDJEZyELlIAiXrW-49rVuoGUFvoTl67iGvDSILum3IylEwQyCOHuOQs2zRV0cNrwHrVOyX5Mx9B3p2wDbVDUbVFZRwmpmaCwFwh1NVmPklXxLqZcHKK4gy-68HCS1jdw4jg9mk25YeJ8IeAd97AHPFhKg4GisqE-EWoIFEVR_5i9eeWqkavph9hnD_MWATA2Jols8ww84uuHXJznHXqIBRjTos1i8GJVQdNEH_x4SpR2eCBYk_FQ2fPvZicwqOvl6nXmLpcNpRuA-yuTCWvkKBXiFC02veKsb4tXSe0QsyvzZsMwRATHq4QDr7ckQ2IVIC-GaV4_DUTwBG04SRgBGKNaw6IcCb08cw3VZ6Z0VWIWHBOehMgBC2SSpQdP79huQh2jz_m4P6M0VlFURxBfObL_vtLe6AN7JED5HF0LdoVf_17jz0D9HVVJuAh5opR0UNg09q8ztcUamAxygSpWjn4YYPahlo0uuGyjzLy08fnaNE1lCc01PM5eS9Gwmv1QbhPrbdgo2tKESM1b2TUTjA12afbUubOMaReHr4jASDWdRufU-BIcxE4ymv9-0QQ6nalV0JAUpTo7yi14f8AYLEjn7htDlTlkLmwGZtWd8eOp5B1oHoSt2wRKL5dHbRRpMoNbZSnSVkQC0qTn1yVoaSpDz8QKdJmgvjsMKpjuijBDCNDT942Cy2hUGcwhjaCIa8emTvja4LYGvh2pvepcAnU5u9I9OYwmg3Pq9kJ3MKes4fh2BRjnnx3AUJpuFuKfPfOwNmto0Yn0e4JAvcXnNOdiAjWRR8yr5XIYHmSDaMCYQHPM7MLE8oSgZMViTh0-IVgc7_xOzMMtXMJTif_FEDZ_MYbiP3fjCwsLVKP3VoGS9tTINEjBSYJIG2HpeLK1Gelv8bflsZv3QItRSkrOwj0NtE0mQWzU_gZSEyZOVd5lhwig
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E940 0
0 117ms
115ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307110101&jk=271996496966966&bg=!j4yljNjNAAa3SiIRl0o7ADkAdvg8Wo8MRGMPJbaEC8Kb8XjlDfEAkHdP-Rbl1gDVpQAq2_D1NKlqPWkHxD6DcmSmu4Y6fI7bMcwCAAAC4FIAAAGBaAEHmQL1_e07QStAGN6yGZhW3OyH1Cl5mrePHS8ZWCKgWGc1Bw1mfShCgwdKctg5D4IsU3peMLsf1HwG_9QVvhRCevuAi3BGtbIVpmRIlMTUHNuUhaL_c3LW5ksd_QAbFt_qW_8BGpFkxd4Pg3Cpua1bqeYVyo_X-LPPgfFpt6Wx38t2n2DzxN6DvqFnLj3GgKV8y_N5XL4Otkl7FZvzbTpYolIFBK8ltFhMWLUHXUshMRWuKXHyy3RRU6sXNiFnkTAmpMMwB9FN7xXi-bqgwe9udGAwc5BGwND33wlp0hEQ3cyC_OXJad0olKiFlFFwL9MIgeCDrqr6BvFri2CjkMEH6226Zt7Y7fDEtk2RyX_F9NXaltCYMfAEBIw6QUCr_r1G7cxzSPBSKnGhLlnka24u0dy6CbDXvX09uI8QkZvDF6wA8jQHf55dqp-_wQd25b7p2RHhh-EekXjyI2103k7FUM006mEv0K7-jAcynCn955MvKmfEhK3Im8CEdJru_pBffsp6DhFuBa4tTPEd04qKntQDeTu_V1SN4TCi2VJweFXWpZ6v-UstyFNP6D5d-WRWK8NuGnhaLXY8IiHp5H197W7yjWmXgcQOegb5v6cMgvhuoubHWSpLlAUAHV6-I6BRrfvxmyxHfanmC0AonqpvUrfgoSrnwZLZG0XO4wje98TCgFShPXoEhwQXavIiMPYMHEHzg6XnBE0ges9FxOaoVQDxMKnN8Oy4hClxxbGsPMPIwt4ZVFj8czEXJE0Nw443BkdDo7caqdK1qkpvtJA2E-rx5SRCHL4j4UD3BHkUekrsQly5YY63HHtGr_VZef0fmK6Zi3Es_6v9q3tJKnWoHUWe3noXQzmPB2157Oe8l5JCelITYEC5V8ZRmxaa9Vd2b8YLwLagOMpHB7uic032FvuK1HCjrqABougmQ-5PGJtETdmtUnh9tkAuhzrmPjcKDmh4tXtlTajdU6KHoxxuVIuSIh1Bf3_Byn7dqdsJADFbFKl2bC7ARA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 443F 144 KB
49 KB 150ms
150ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5961800537962381

Requested by

Host: agent.aralego.com
URL: https://agent.aralego.com/sdk

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

d80a93a307dcb4cfefbf3f85335c71928b3c072a7087a234dfd0f21cc4ac4c01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Origin: https://adx.holmesmind.com
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:42:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50491
x-xss-protection: 0
server: cafe
etag: 4354626914260690200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 18 Jul 2023 09:42:15 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame E79D 144 KB
49 KB 150ms
148ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5961800537962381

Requested by

Host: agent.aralego.com
URL: https://agent.aralego.com/sdk

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

8c97d4d25c5521fc38c7cd0f24beedf0f24b7771bff74b9cba199712c58e5c02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Origin: https://adx.holmesmind.com
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:42:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50547
x-xss-protection: 0
server: cafe
etag: 2335481326862581109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 18 Jul 2023 09:42:15 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307120102/ Frame 443F 357 KB
123 KB 168ms
167ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307120102/show_ads_impl_fy2021.js?bust=31076133

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5961800537962381

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

83d6511371d0fae800801df33b51720b8038ba01f6e11a6f8f8829e06889940b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:42:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125683
x-xss-protection: 0
server: cafe
etag: 6847961332411822626
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Jul 2023 09:42:15 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230713/r20190131/ Frame 27B0 10 KB
5 KB 148ms
98ms Document
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230713/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5961800537962381

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

age: 17952
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jul 2023 04:43:03 GMT
etag: 12368291122986407432
expires: Tue, 01 Aug 2023 04:43:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 443F 0
20 B 161ms
138ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=new_abg_tag&value=true&host_v=false&frequency=0.01&eid=44759926%2C44759837%2C44759875%2C31075813%2C31076010%2C31076133%2C44788441%2C44796826

Requested by

Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jul 2023 09:42:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F2C6 42 B
64 B 146ms
146ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvSAJN50edwEzeHYbaXPtdsyxpDRswBN4HwOXHHkM3TUz8XoDW3kuKVQh_-jBNn5mxr1iR2-MwGDBu1kwlD1YVBpaVHC1j-k8vKBlM1xqsZuza08e-6&sig=Cg0ArKJSzOY0NRLkPvsGEAE&id=lidar2&mcvt=1015&p=0,0,250,300&mtos=1015,1015,1015,1015,1015&tos=1015,0,0,0,0&v=20230717&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=1911528252&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1689673332252&rpt=2365&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jul 2023 09:42:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307170101/ Frame E79D 359 KB
123 KB 154ms
153ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307170101/show_ads_impl_fy2021.js?bust=31076187

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5961800537962381

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

5cda24bc9ff17a7e2a002bc0cf8c73f2fa72fe16547a8e36aa126ca1c3c0b8d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:42:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126074
x-xss-protection: 0
server: cafe
etag: 6016625263745071344
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Jul 2023 09:42:15 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 443F 0
20 B 128ms
127ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=afc_etu&etus=2&sig=3&tms=200&eid=44759926%2C44759837%2C44759875%2C31075813%2C31076010%2C31076133%2C44788441%2C44796826

Requested by

Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jul 2023 09:42:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 443F 0
20 B 114ms
113ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=afc_etu&etus=2&sig=2&tms=200&eid=44759926%2C44759837%2C44759875%2C31075813%2C31076010%2C31076133%2C44788441%2C44796826

Requested by

Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jul 2023 09:42:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 443F 107 B
122 B 98ms
97ms Script
application/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=adx.holmesmind.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307120102/show_ads_impl_fy2021.js?bust=31076133

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:42:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A2C4 603 B
66 B 261ms
259ms Document
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961800537962381&output=html&adk=1812271804&adf=376782693&lmt=1689673335&plat=1%3A66056%2C2%3A66056%2C3%3A2163200%2C4%3A2163200%2C8%3A66048%2C9%3A66056%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A66048%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689673335261&bpp=25&bdt=892&idt=688&shv=r20230713&mjsv=m202307120102&ptt=9&saldr=aa&nras=1&correlator=2468301889196&frm=8&ife=4&pv=2&ga_vid=1078365856.1689673336&ga_sid=1689673336&ga_hid=1708366869&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=1366830207&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759837%2C44759875%2C31075813%2C31076010%2C31076133%2C44788441%2C44796826&oid=2&pvsid=2048057344609669&tmod=2040897003&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.wpflkwaiqizc&fsb=1&dtd=748

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307120102/show_ads_impl_fy2021.js?bust=31076133

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jul 2023 09:42:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 443F 15 KB
12 KB 153ms
153ms XHR
application/json 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230713&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307120102/show_ads_impl_fy2021.js?bust=31076133

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

13bcf20b945b85065d2b380349a5736ed4a0a049fb6ff0cf6765c5eaedfeefa1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:42:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11954
x-xss-protection: 0

GET
H3 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C361 603 B
66 B 258ms
253ms Document
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961800537962381&output=html&h=250&slotname=9099904862&adk=3685774430&adf=712771307&pi=t.ma~as.9099904862&w=300&lmt=1689673336&format=300x250&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689673335261&bpp=28&bdt=892&idt=708&shv=r20230713&mjsv=m202307120102&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2468301889196&frm=8&ife=4&pv=1&ga_vid=1078365856.1689673336&ga_sid=1689673336&ga_hid=1708366869&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=1366830207&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759837%2C44759875%2C31075813%2C31076010%2C31076133%2C44788441%2C44796826&oid=2&pvsid=2048057344609669&tmod=2040897003&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.a45ul0ye84lk&fsb=1&dtd=771

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307120102/show_ads_impl_fy2021.js?bust=31076133

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jul 2023 09:42:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 443F 17 KB
6 KB 113ms
109ms Script
text/javascript 172.217.23.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307120102/show_ads_impl_fy2021.js?bust=31076133

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:42:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 18 Jul 2023 09:42:16 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame E79D 107 B
122 B 90ms
90ms Script
application/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=adx.holmesmind.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307170101/show_ads_impl_fy2021.js?bust=31076187

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:42:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8619 603 B
66 B 297ms
296ms Document
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961800537962381&output=html&adk=1812271804&adf=376782690&lmt=1689673336&plat=1%3A66056%2C2%3A66056%2C3%3A2163200%2C4%3A2163200%2C8%3A66048%2C9%3A66056%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A66048%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689673335913&bpp=8&bdt=1345&idt=307&shv=r20230713&mjsv=m202307170101&ptt=9&saldr=aa&nras=1&correlator=2813576500077&frm=8&ife=4&pv=2&ga_vid=1638357825.1689673336&ga_sid=1689673336&ga_hid=1239706904&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3065304276&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31076162%2C31076187%2C44788441%2C44789818&oid=2&pvsid=1992270276722123&tmod=918775823&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.j0p9eqmrxvyf&fsb=1&dtd=410

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307170101/show_ads_impl_fy2021.js?bust=31076187

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jul 2023 09:42:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame E79D 15 KB
12 KB 138ms
138ms XHR
application/json 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230713&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307170101/show_ads_impl_fy2021.js?bust=31076187

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

0973c61c97de648676ca229ceba0f668c6c178b356342acd386c7007a0ba5967

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:42:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11911
x-xss-protection: 0

GET
H3 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5397 603 B
66 B 279ms
279ms Document
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961800537962381&output=html&h=250&slotname=9099904862&adk=3685774430&adf=712771304&pi=t.ma~as.9099904862&w=300&lmt=1689673336&format=300x250&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689673335913&bpp=3&bdt=1345&idt=324&shv=r20230713&mjsv=m202307170101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2813576500077&frm=8&ife=4&pv=1&ga_vid=1638357825.1689673336&ga_sid=1689673336&ga_hid=1239706904&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3065304276&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31076162%2C31076187%2C44788441%2C44789818&oid=2&pvsid=1992270276722123&tmod=918775823&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.ajuf6l8yddxf&fsb=1&dtd=529

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307170101/show_ads_impl_fy2021.js?bust=31076187

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jul 2023 09:42:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5757 13 KB
5 KB 191ms
99ms Document
text/html 172.217.23.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 1592
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jul 2023 09:15:44 GMT
expires: Wed, 17 Jul 2024 09:15:44 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1405 783 B
534 B 207ms
118ms Document
text/html 172.217.18.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f4.1e100.net

Software

GSE /

Resource Hash

c71047b55b33f236dab7d204d32b4ea9a58226c58ee6012792a91d7461766555

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-c49InUdLPxIw2JiiiQ6lFQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-c49InUdLPxIw2JiiiQ6lFQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jul 2023 09:42:16 GMT
expires: Tue, 18 Jul 2023 09:42:16 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame E79D 17 KB
6 KB 240ms
155ms Script
text/javascript 172.217.23.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307170101/show_ads_impl_fy2021.js?bust=31076187

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:42:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 18 Jul 2023 09:42:16 GMT

POST
H2 200 VideoBidRequestHandlerServlet Show response
am-wf.taboola.com/ 1 KB
785 B 191ms
118ms XHR
application/json 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1689673336671&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=4&pv=1533&pt=-1666768528&tz=0&viewable=true&ddast=V8yisCLAaQ1u3p1ZvivhIgrdvTqzfFfS0AAABgYID-AEmNJrbNZrda6xbO3Vo0WgzXyonNtBbNXCbnwjRyjIwLIyCp0cS22exWa93CuVuLRovhWjmxmdaimcvkXJhGjpFxYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZtaDodPte9Xvf73SU-z1zj9yv8aofTLXza3Rqjy605Otw6v-stfDrsbqnTrfO73pqj0632uzVGl1tzdNndmodb6HK6dX7XW_h0uSUOv1v4tPvcGqPLLXjafW6F3S40vc12AAAAAPDg____HwIAAABABAAAAAAJAAAAABQCKvxbELgAAAAAgOH___9fA8AqBwN2ei5-uz8AAAAAgAAAAAAgAYCAflgCIMZ478T_________f4wB-swbGf____83DHoAPPgAeBACAAAANKQK7LozDyjbg0iBbBFGAAAAAIY98QWOTNIJKhZV_v__-60AXAEACEhEA7PuyqI7KPEWBgAAQGDMAj0sfr_ZYdf43S7z_________2_m_8w_GiGN-uE0wRKPXGp-AQEA1vwCAgCwUTcAAG8C4AQdglYMBqsTELMDAAAAcOf___9fD8gNBoPFbLaZWVyr3WpjG86cu9Vi5HB4fCvXYmPbHnbUj2ynayuPPhvCMvt9BwXl9PSYXQYZy2UyiA8ahuVkEMzPhC1Gq8lksxzOlovJYDgajkb7I4DLAZqIwXI5mSwmu9VoNdoMd6PZYIEEYjBBFC0aTFaj0WQxGa5Gk9VsudjtNoiiVavZaDMYrmaT2W63Gg6Gy9EITdhitJpMNsvhbLmYDIaj4Wg0RDAxHIyWE4txrXCsFm7RYrdZKzwbz1q2mKyck8XGNZuM3KLXx3Rx2FyelceLBAPq9iJ5WqQT0cpkMw4nk8XItPIshyPXcrQaTkye5Waz8K1cm4lYojlZpBPZZd8bDAaL2Wwzs7hWu9XGNpw5d6vFyOHw-Fauxca2bwwHo-XEYlwrHKuFW7TYbdYKz8azli0mK-dksXHNJiO36PUxXRw2l2fl8Tdmw-Vst9lMRvvGbLic7TabyWjfoTN8V5-zUVlWST4m8_Iz7nltToPCZbB4n9-LNLQz2ow-zVdiUT3FOc_EKvT7_X6_3-_3-_3ejdngMRgMM492mxi7_JrNT3nUeA8GRSwRXKQTwcPsdphebonPs_FbxBKl6SKd6BV-tcPpFj7tbo3R5dYcHW6d3_UWPh12t9Tp1vldb83R6Vb73Rqjy605uuxuzcMtdDndOr_rLXy63BKH3y182n1ujdHlFjztPrfCbhea3maLWCI4XaQT0ct4uqj_qCGWq7liNZxLRsO5ZJUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28CsZi4_____3EAAABk5NADAACg3weUBQAAAAAAwG-gVYP9A1Ah1mq1ut1Yq9UC!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=dupplfs1_vB!ll411_vB!nonrv_vA!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.0/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: c5a4caa084e7fd9e1b25d7923cc10c8b7410898f2e6a4b8736cba167b7855ecc

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Tue, 18 Jul 2023 09:42:16 GMT
content-encoding: gzip
server: nginx
machineid: 1470
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 82FE 13 KB
5 KB 255ms
143ms Document
text/html 172.217.23.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

accept-ranges: bytes
age: 1593
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jul 2023 09:15:44 GMT
expires: Wed, 17 Jul 2024 09:15:44 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0567 783 B
533 B 201ms
140ms Document
text/html 172.217.18.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f4.1e100.net

Software

GSE /

Resource Hash

e545d9fc8a2cb7e1464af6906006c64cf24cbfd6b9a4511f660df1deba1cbf9d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-XCmtUds6EtRTt6EY6u6emg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: pt-PT,pt;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-XCmtUds6EtRTt6EY6u6emg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jul 2023 09:42:17 GMT
expires: Tue, 18 Jul 2023 09:42:17 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1405 0
0 195ms
136ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230713&jk=2048057344609669&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 z4IayZfX88ZX2_EYt94GdYIPN7RJq1GGqWNWESymoNs.js Show response
pagead2.googlesyndication.com/bg/ Frame 5757 37 KB
14 KB 185ms
124ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/z4IayZfX88ZX2_EYt94GdYIPN7RJq1GGqWNWESymoNs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

cf821ac997d7f3c657dbf118b7de0675820f37b449ab5186a96356112ca6a0db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 08:17:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5097
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14789
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Jul 2024 08:17:20 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0567 0
0 127ms
126ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230713&jk=1992270276722123&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 z4IayZfX88ZX2_EYt94GdYIPN7RJq1GGqWNWESymoNs.js Show response
pagead2.googlesyndication.com/bg/ Frame 82FE 37 KB
14 KB 158ms
147ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/z4IayZfX88ZX2_EYt94GdYIPN7RJq1GGqWNWESymoNs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

cf821ac997d7f3c657dbf118b7de0675820f37b449ab5186a96356112ca6a0db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 08:17:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5097
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14789
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Jul 2024 08:17:20 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5757 0
10 B 83ms
82ms Image
text/plain 172.217.23.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?u2snpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.23.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s45-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:42:18 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 82FE 0
10 B 94ms
87ms Image
text/plain 172.217.23.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?rIcUgA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.23.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s45-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 09:42:18 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 443F 0
0 123ms
118ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230713&jk=2048057344609669&bg=!1dal1oLNAAa3SiIRl0o7ADkAdvg8Whgpw3F3t7VQ-2otXFBlt_36P9rh-9iE37UzFfHO_-HACnGmNL21EX-jcgtNnbxswakPnYYCAAAECVIAAAAnaAEHmQMmd-9rIHMz8B3i1loTlJOtAVbDFsgCI-PxB7cxXvN7bV-JEj8WNn5X1awpUOtCjEZTS6S5RvYYFMu97eu5u_CoN1SvYnCJpk0fORsDIcxwq8klJhSSnuoAN7uUfwAv3mcm24yk5chCNpJ-Jy-x9hwtMgv4V6CKOBZ1kGQFLogzdxmPYxLnxSbWJzi5M0WTFDqnW9au9CvgGmI129Ob-uwegIq3t5NcBop9Ffyz0AlOJUSkQEy41wsl1-9eu3btYI0Nn-PXYuU9G6AtngrQXwNQcH0Wn4boi0pLcHxgFst7xvFOrLJdKs3eywcanj1m-DuuPubkTlJ34y-a9VyZWjStUCBcdLeL7K81mobF1Ihn41HGfyzE1jwbe37DHKFrcB2o1NNx6454_RHLzirT8ICqqLBmc9VxMRr0FB-cFk_QSW5X25FdZONZI57tQtjNtl9woGwX7ziTXPOk-lAQv_nc2-YQTYmKQzPA6mNKqavNB00n4evKMqeE4UMqiFp8eDevhgYi0S9Lelf4BVqhUNil3tXaNGJULo3tf24Cz8R8Ma2knoeBxWnyXcHHE9Aa_ox_0S2Rel5pXEBjmfkY927gVzb-TapPdZ4frARjj5WKj2kC0GXP_Nqak-zm1m2al7etBr5Ekp_S8xJzHfxYFMtfnE99DnRa_ebBdZikENn0Mys2RHLZrEX9cyPSxMv-y78NkK5TAYiOE2Aa0kZSKXNRxQsUFdsY9hysFyekiE6oZmceW0H5EF2ydj2v6xsrWR62MWAlbJssC_q8W9WA-IHKGOOigIyt4XYx77QVMivH1ZyBVWv_3HFZFOQ6QDhD_TqvYSSm1BKGLfE_5B9aT_V1veRkKTRE3GVeX3PWhcQu_1fDm1kBh8C5v9AAIvWkJgo3XO4vur36H0lbKOYMZwdRSPtmGZPwcf8ZdB1k_mNfIYEz8w5U6gmZg7n8zV4Tx6nTXNdKpbYuAmQYfzdMHVjX9HyedAQPu8vvQi-aMSoiNTg9GkXEk5KssyckyTl0o8GSL4CU2AMuqdx03g5mGC9Na6X5okq1bPx6G-violteohBUz1t1RR4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E79D 0
0 114ms
114ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230713&jk=1992270276722123&bg=!BgWlBVHNAAa3SiIRl0o7ADkAdvg8WsqlxmH1cUam200mwaZhb8cKvj_fDu88Qs4yUlzcIjauObc5Qe8QAjqQGjAHaHXqwMD6tKMCAAAERVIAAAAxaAEHmQM1KqidxssfMlBEPu1uxE40euWoOhvX9kYMfasgTal3Hx7oYej7535i1zlM982x_Ig8kh0m3wTA21AGk__FIrQUIEbiDRhhJZV0-NZnsQywAEfkRGxfCWqHq_Knke-iNmULxvJtFHyDWXDDz93woZLo1cp0VWnoYaO1979cK-c4lNdNDk9xzlYCsM7b4tmnerDAHli9Ct8w1oubDSihLAJsSGTscKUhSik5fxX4LFhmFkF0mTUBkx3Fyzt-lXjJtTSQqpCk6131eN9bfl9nLo3oHUi3btiWOSW9J0_ezrj9PFu-ndWzmnNLClLcrnCkUClOmKyOsUDsZBw8ffsnwVB3XR4f40I8BDoCHDjn0oyLutQ0oEENiKApG1yzlgi3ERjh7cfWDlsJSeA4Zmhrz9zwlIrw_uzN2ybmXcXh4XH8BFrw-WiOAi4-G8OErjoVSAvxwz7IdCNda5HRjYcuORGi9diTHNQNMzdNiuGUWCzx86fq6s8xPz0uzbVJK9kVlWkHTIOiDB-k15EekPHn00oCpr3I8H8WTTOYupQ0-QYQ_nQ5q1ziWzoAy-6BdanGBwZ9jWkNTYRyojoRIbZukU53DhcKXAGVzfAUUoGuSpLav2SfTk1Xai_E2I4vP_oR3MpfxZ97VxI1nojrVvHRI-r-hQ8kAfIZD4MH4QBoDVHG_qfFeiyXpielvlU8rxYjdHCE3lK8KLRcoBxkE75cIECYHu9FHc1BWYSYlW_1WpcNtvKDkohNPlIEryYbPjhcL4XFyRs5szl1XIUcu2iYQMQMp-E_uKHxvDJjCbx8cYSbf1-uvr4qvwKx58WbOXltpeYGV4MhyruPSnv1x3wIWzNClSQ9dXY169ARAA_KL6mGiJrqHox-b9kd6fFCvW2Yy4v6vL_NKD4ZAH6NN8T7ZeQdLISFrCTVUozKwzJs9w2CYByKlSepzTSosibOqxDAwJ6-h2IafppD8EUg71gIiJB6GQUk65ntMnDgKpSQbkf12pKTxI4S_s8lZk8CkMACNAt0FUsy0vYNii60J7uKQZIFz6wHxMQoTsB6gqKzCi5mICZcGRyetOKGSAEQMh46VFFeiA7suz4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pt-PT,pt;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

POST
H2 200 VideoBidRequestHandlerServlet Show response
am-wf.taboola.com/ 2 KB
784 B 118ms
118ms XHR
application/json 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1689673339554&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=5&pv=1533&pt=-1666768528&tz=0&viewable=true&ddast=V8yisCLAaQ1u3p1ZvivhIgrdvTqzfFfS0AAABgYID-AEmNJrbNZrda6xbO3Vo0WgzXyonNtBbNXCbnwjRyjIwLIyCp0cS22exWa93CuVuLRovhWjmxmdaimcvkXJhGjpFxYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZtaDodPte9Xvf73SU-z1zj9yv8aofTLXza3Rqjy605Otw6v-stfDrsbqnTrfO73pqj0632uzVGl1tzdNndmodb6HK6dX7XW_h0uSUOv1v4tPvcGqPLLXjafW6F3S40vc12AAAAAPDg____HwIAAABABAAAAAAJAAAAABQCKvxbELgAAAAAgOH___9fA8AqBwN2ei5-uz8AAAAAgAAAAAAgAYCAflgCIMZ478T_________f4wB-swbGf____83DHoAPPgAeBACAAAANKQK7LozDyjbg0iBbBFGAAAAAIY98QWOTNIJKhZV_v__-60AXAEACEhEA7PuyqI7KPEWBgAAQGDMAj0sfr_ZYdf43S7z_________2_m_8w_GiGN-uE0wRKPXGp-AQEA1vwCAgCwUTcAAG8C4AQdglYMBqsTELMDAAAAcOf___9fD8gNBoPFbLaZWVyr3WpjG86cu9Vi5HB4fCvXYmPbHnbUj2ynayuPPhvCMvt9BwXl9PSYXQYZy2UyiA8ahuVkEMzPhC1Gq8lksxzOlovJYDgajkb7I4DLAZqIwXI5mSwmu9VoNdoMd6PZYIEEYjBBFC0aTFaj0WQxGa5Gk9VsudjtNoiiVavZaDMYrmaT2W63Gg6Gy9EITdhitJpMNsvhbLmYDIaj4Wg0RDAxHIyWE4txrXCsFm7RYrdZKzwbz1q2mKyck8XGNZuM3KLXx3Rx2FyelceLBAPq9iJ5WqQT0cpkMw4nk8XItPIshyPXcrQaTkye5Waz8K1cm4lYojlZpBPZZd8bDAaL2Wwzs7hWu9XGNpw5d6vFyOHw-Fauxca2bwwHo-XEYlwrHKuFW7TYbdYKz8azli0mK-dksXHNJiO36PUxXRw2l2fl8Tdmw-Vst9lMRvvGbLic7TabyWjfoTN8V5-zUVlWST4m8_Iz7nltToPCZbB4n9-LNLQz2ow-zVdiUT3FOc_EKvT7_X6_3-_3-_3ejdngMRgMM492mxi7_JrNT3nUeA8GRSwRXKQTwcPsdphebonPs_FbxBKl6SKd6BV-tcPpFj7tbo3R5dYcHW6d3_UWPh12t9Tp1vldb83R6Vb73Rqjy605uuxuzcMtdDndOr_rLXy63BKH3y182n1ujdHlFjztPrfCbhea3maLWCI4XaQT0ct4uqj_qCGWq7liNZxLRsO5ZJUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28CsZi4_____3EAAABk5NADAACg3weUBQAAAAAAwG-gVYP9A1Ah1mq1ut1Yq9UC!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=dupplfs1_vB!ll411_vB!nonrv_vA!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.0/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 394498f935272797b1683f43bef6d876bdd4ee30870ca63b5888bb4df55d0aa8

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Tue, 18 Jul 2023 09:42:19 GMT
content-encoding: gzip
server: nginx
machineid: 1474
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 VideoBidRequestHandlerServlet Show response
am-wf.taboola.com/ 1 KB
785 B 118ms
117ms XHR
application/json 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1689673342561&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=6&pv=1533&pt=-1666768528&tz=0&viewable=true&ddast=V8yisCLAaQ1u3p1ZvivhIgrdvTqzfFfS0AAABgYID-AEmNJrbNZrda6xbO3Vo0WgzXyonNtBbNXCbnwjRyjIwLIyCp0cS22exWa93CuVuLRovhWjmxmdaimcvkXJhGjpFxYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZtaDodPte9Xvf73SU-z1zj9yv8aofTLXza3Rqjy605Otw6v-stfDrsbqnTrfO73pqj0632uzVGl1tzdNndmodb6HK6dX7XW_h0uSUOv1v4tPvcGqPLLXjafW6F3S40vc12AAAAAPDg____HwIAAABABAAAAAAJAAAAABQCKvxbELgAAAAAgOH___9fA8AqBwN2ei5-uz8AAAAAgAAAAAAgAYCAflgCIMZ478T_________f4wB-swbGf____83DHoAPPgAeBACAAAANKQK7LozDyjbg0iBbBFGAAAAAIY98QWOTNIJKhZV_v__-60AXAEACEhEA7PuyqI7KPEWBgAAQGDMAj0sfr_ZYdf43S7z_________2_m_8w_GiGN-uE0wRKPXGp-AQEA1vwCAgCwUTcAAG8C4AQdglYMBqsTELMDAAAAcOf___9fD8gNBoPFbLaZWVyr3WpjG86cu9Vi5HB4fCvXYmPbHnbUj2ynayuPPhvCMvt9BwXl9PSYXQYZy2UyiA8ahuVkEMzPhC1Gq8lksxzOlovJYDgajkb7I4DLAZqIwXI5mSwmu9VoNdoMd6PZYIEEYjBBFC0aTFaj0WQxGa5Gk9VsudjtNoiiVavZaDMYrmaT2W63Gg6Gy9EITdhitJpMNsvhbLmYDIaj4Wg0RDAxHIyWE4txrXCsFm7RYrdZKzwbz1q2mKyck8XGNZuM3KLXx3Rx2FyelceLBAPq9iJ5WqQT0cpkMw4nk8XItPIshyPXcrQaTkye5Waz8K1cm4lYojlZpBPZZd8bDAaL2Wwzs7hWu9XGNpw5d6vFyOHw-Fauxca2bwwHo-XEYlwrHKuFW7TYbdYKz8azli0mK-dksXHNJiO36PUxXRw2l2fl8Tdmw-Vst9lMRvvGbLic7TabyWjfoTN8V5-zUVlWST4m8_Iz7nltToPCZbB4n9-LNLQz2ow-zVdiUT3FOc_EKvT7_X6_3-_3-_3ejdngMRgMM492mxi7_JrNT3nUeA8GRSwRXKQTwcPsdphebonPs_FbxBKl6SKd6BV-tcPpFj7tbo3R5dYcHW6d3_UWPh12t9Tp1vldb83R6Vb73Rqjy605uuxuzcMtdDndOr_rLXy63BKH3y182n1ujdHlFjztPrfCbhea3maLWCI4XaQT0ct4uqj_qCGWq7liNZxLRsO5ZJUAAAAAAAAAACzBNNNNAAAAAJwMargZLlbrdDCT2WSwWy0XwEVQli5gEAAAAAAAgGKNPdYAD7PbYXq5JT7Pxm9lABLMecw2-4wg1mq1rAEAAAhgAwAACOCmG28CsZi4_____3EAAABk5NADAACg3weUBQAAAAAAwG-gVYP9A1Ah1mq1ut1Yq9UC!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=dupplfs1_vB!ll411_vB!nonrv_vA!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.0/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: c5a4caa084e7fd9e1b25d7923cc10c8b7410898f2e6a4b8736cba167b7855ecc

Request headers

Referer: https://www.bg3.co/
accept-language: pt-PT,pt;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Tue, 18 Jul 2023 09:42:22 GMT
content-encoding: gzip
server: nginx
machineid: 1471
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
expires: Sat, 26 Jul 1997 05:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/16e13167ef5fb6653a9690eb7330820f.jpg

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202201/5b74d4a4edd55797af9096fd1258efc2.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/edce7d91255a0c3e264393d73a6608d0.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202203/7ef474d0efd277a8eda6b7b7fd5aaf45.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/46b68dbdfa5d9e8ac31dac2eceda873b.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/41081485efbf02a4e47f3a8069256678.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/3b5ef5f186da2165771f211fa87688a7.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202107/1a39184c5bc4efb9c8b41207f4702994.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/56a4fc859e17f15c3e1c5b62f69475a9.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/c6ee0e5a1e78dd85dd8957906f01b836.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/2f3bc35b415ec3352a8b1a9823425336.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202205/0058612b87888cce9b44acce649ef960.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/2268997d83891daa8e6c49265fd3033c.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/742aef3f788db837fb2cdb5fc7d000dd.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/7ebdad95f85c484b25bfbeaab18f9193.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/f5442d4cb7e33006808c3fe7c1b6b946.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/9e2e6e204892f4a5d13c61ccb52bc35c.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/f4e9062126afded7623ed5249d1790fa.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202106/1f46bc152018d2ec8745b3535d1ebfba.jpg?w=150&h=100&q=100

Verdicts & Comments Add Verdict or Comment

138 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.aralego.com/	1970-01-20 22:06:49	Name: sspid Value: 93074214-e49a-3af9-b83d-9bbf357fd927
.aralego.com/	1970-01-20 22:06:49	Name: euconsent-v2 Value:
.aralego.com/	1970-01-20 22:06:49	Name: gdpr Value: 1
www.bg3.co/	1970-01-20 22:06:49	Name: trc_cookie_storage Value: taboola%2520global%253Auser-id%3D18049bb8-a15a-4173-a3c3-612e921c562d-tuctbafe3ec
.www.bg3.co/	1970-01-20 14:04:25	Name: _im_vid Value: 01H5M61PT4NBWRTR3JQ3DMXN9J
.quantserve.com/	1970-01-20 22:51:27	Name: mc Value: 64b65e6f-63de0-6d8f9-62ae3
.bg3.co/	1970-01-20 22:45:42	Name: __qca Value: P0-13850394-1689673325806
.adsby.bidtheatre.com/	1970-01-20 13:31:18	Name: __kuid Value: 913a00ac-e2b0-44a5-be70-3cbcb3d20dde.458887327
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0MTI2NjM3MjEyMjQzNjI1NBfiM9S1SA4tyKp0j_AOzs4GAMKszGwlAAAA
.rfihub.com/	1970-01-20 22:42:49	Name: eud Value: H4sIAAAAAAAA_1vFyGtoZmFpZm5sbGRuaWwOAIh0SGIQAAAA
.rfihub.com/	1970-01-20 22:42:49	Name: rud Value: H4sIAAAAAAAA_-MSNjU0MTI2NjM3MjEyMjQzNjI1NBfiM9S1SA4tyKp0j_AOzs4GAMKszGwlAAAA
.bg3.co/	1970-01-20 22:42:49	Name: __gads Value: ID=955c16d0c9c797c3-2269c0edbfe200e4:T=1689673327:RT=1689673327:S=ALNI_MZ2r0qQqhMQs9ljCQVtztjh8nWBrg
.bg3.co/	1970-01-20 22:42:49	Name: __gpi Value: UID=00000c3ecafb29eb:T=1689673327:RT=1689673327:S=ALNI_Mb08usQwakiU3iZYJx2F-SJn3fB7w
.doubleclick.net/	1970-01-20 22:57:13	Name: IDE Value: AHWqTUlvtCbpgcYWKH6v1fH12fGPQJl6TotKo-r4zrZvizg2O-M6h-oLm0s3AMVvHGg
.bg3.co/	1970-01-20 22:57:13	Name: _ga Value: GA1.1.791826794.1689673328
.bg3.co/	1970-01-20 22:57:13	Name: _ga_Z0TZ7TDHS1 Value: GS1.1.1689673328.1.0.1689673328.0.0.0
.amazon-adsystem.com/	1970-01-20 19:32:44	Name: ad-id Value: A33c4zCfBUvkqUj1NNOLB4M
.amazon-adsystem.com/	1970-01-20 22:57:13	Name: ad-privacy Value: 0

24 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://static.bg3.co/imgs/202105/16e13167ef5fb6653a9690eb7330820f.jpg Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/46b68dbdfa5d9e8ac31dac2eceda873b.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/41081485efbf02a4e47f3a8069256678.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202201/5b74d4a4edd55797af9096fd1258efc2.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202203/7ef474d0efd277a8eda6b7b7fd5aaf45.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202107/1a39184c5bc4efb9c8b41207f4702994.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/3b5ef5f186da2165771f211fa87688a7.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/edce7d91255a0c3e264393d73a6608d0.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/56a4fc859e17f15c3e1c5b62f69475a9.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/c6ee0e5a1e78dd85dd8957906f01b836.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/2f3bc35b415ec3352a8b1a9823425336.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/f4e9062126afded7623ed5249d1790fa.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/7ebdad95f85c484b25bfbeaab18f9193.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202106/1f46bc152018d2ec8745b3535d1ebfba.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/742aef3f788db837fb2cdb5fc7d000dd.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/f5442d4cb7e33006808c3fe7c1b6b946.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202205/0058612b87888cce9b44acce649ef960.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/9e2e6e204892f4a5d13c61ccb52bc35c.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/2268997d83891daa8e6c49265fd3033c.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://cdn.adpushup.com/42753/L2EvbWFpLXhpbi1jaGUtc2hhLWdvdS14aWFuLWppLWdvdS1zaGktbW8tY2hlLXNoZW4tc2EtaGVpLWdvdS14aWUtYmFvLXhpbmctY2hlLXBpbmctYW4uaHRtbA==.json Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961800537962381&output=html&adk=1812271804&adf=376782693&lmt=1689673335&plat=1%3A66056%2C2%3A66056%2C3%3A2163200%2C4%3A2163200%2C8%3A66048%2C9%3A66056%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A66048%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689673335261&bpp=25&bdt=892&idt=688&shv=r20230713&mjsv=m202307120102&ptt=9&saldr=aa&nras=1&correlator=2468301889196&frm=8&ife=4&pv=2&ga_vid=1078365856.1689673336&ga_sid=1689673336&ga_hid=1708366869&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=1366830207&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759837%2C44759875%2C31075813%2C31076010%2C31076133%2C44788441%2C44796826&oid=2&pvsid=2048057344609669&tmod=2040897003&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.wpflkwaiqizc&fsb=1&dtd=748 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961800537962381&output=html&h=250&slotname=9099904862&adk=3685774430&adf=712771307&pi=t.ma~as.9099904862&w=300&lmt=1689673336&format=300x250&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689673335261&bpp=28&bdt=892&idt=708&shv=r20230713&mjsv=m202307120102&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2468301889196&frm=8&ife=4&pv=1&ga_vid=1078365856.1689673336&ga_sid=1689673336&ga_hid=1708366869&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=1366830207&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759837%2C44759875%2C31075813%2C31076010%2C31076133%2C44788441%2C44796826&oid=2&pvsid=2048057344609669&tmod=2040897003&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.a45ul0ye84lk&fsb=1&dtd=771 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961800537962381&output=html&adk=1812271804&adf=376782690&lmt=1689673336&plat=1%3A66056%2C2%3A66056%2C3%3A2163200%2C4%3A2163200%2C8%3A66048%2C9%3A66056%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A66048%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689673335913&bpp=8&bdt=1345&idt=307&shv=r20230713&mjsv=m202307170101&ptt=9&saldr=aa&nras=1&correlator=2813576500077&frm=8&ife=4&pv=2&ga_vid=1638357825.1689673336&ga_sid=1689673336&ga_hid=1239706904&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3065304276&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31076162%2C31076187%2C44788441%2C44789818&oid=2&pvsid=1992270276722123&tmod=918775823&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.j0p9eqmrxvyf&fsb=1&dtd=410 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961800537962381&output=html&h=250&slotname=9099904862&adk=3685774430&adf=712771304&pi=t.ma~as.9099904862&w=300&lmt=1689673336&format=300x250&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1689673335913&bpp=3&bdt=1345&idt=324&shv=r20230713&mjsv=m202307170101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2813576500077&frm=8&ife=4&pv=1&ga_vid=1638357825.1689673336&ga_sid=1689673336&ga_hid=1239706904&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3065304276&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31076162%2C31076187%2C44788441%2C44789818&oid=2&pvsid=1992270276722123&tmod=918775823&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.ajuf6l8yddxf&fsb=1&dtd=529 Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0a9c77ec73b57b67966354804facfdfd.safeframe.googlesyndication.com
1d7b474b70eb67bcb6923a03ca70b886.safeframe.googlesyndication.com
38b6432ed8425dc66a05270e66c3b4b3.safeframe.googlesyndication.com
a0020eb1a4c717861f6a21fdc8f4cd9d.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
ad.sitemaji.com
ads.aralego.com
ads.yap.yahoo.com
adservice.google.com
adx.holmesmind.com
agent.aralego.com
am-match.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
amp.analytics-debugger.com
audiencedata.im-apps.net
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.taboola.com
cds.taboola.com
cm.g.doubleclick.net
code.jquery.com
d-18319306701138821320.ampproject.net
delivery.adrecover.com
dmp.im-apps.net
e3.adpushup.com
eus.rubiconproject.com
fonts.googleapis.com
fundingchoicesmessages.google.com
geo.yahoo.com
googleads.g.doubleclick.net
gum.criteo.com
http-intake.logs.datadoghq.com
il-trc-events.taboola.com
images.taboola.com
imprammp.taboola.com
l.logly.co.jp
match.adsby.bidtheatre.com
match.adsrvr.org
nt.compass-fit.jp
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pips.taboola.com
pixel-us-east.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
rubiconcm.digitaleast.mobi
rules.quantcount.com
s.amazon-adsystem.com
s.yimg.com
secure-assets.rubiconproject.com
secure.quantserve.com
securepubads.g.doubleclick.net
static.bg3.co
stats.g.doubleclick.net
sync.aralego.com
sync.logly.co.jp
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
vidstat.taboola.com
vidstatb.taboola.com
wf.taboola.com
www.bg3.co
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
static.bg3.co
103.231.174.251
104.26.4.103
108.156.60.96
108.177.15.155
13.114.150.222
141.226.224.32
141.226.228.48
142.250.184.234
142.250.185.136
142.250.185.194
142.250.185.206
142.250.185.227
142.250.185.66
142.250.186.33
142.250.186.34
142.250.186.66
151.101.193.44
151.101.65.44
162.210.196.208
172.217.18.100
172.217.23.110
172.217.23.97
172.64.136.31
178.250.7.13
18.66.122.127
18.66.97.52
185.106.33.48
188.125.72.139
192.96.203.13
193.0.160.131
2.16.202.121
2.23.209.46
216.58.212.130
216.58.212.162
23.218.164.71
23.53.40.242
23.97.225.52
3.233.145.251
34.120.96.193
34.241.131.206
34.95.81.168
35.186.215.140
35.71.131.137
52.46.130.91
52.95.115.196
54.249.104.171
54.93.152.109
64.227.64.62
69.16.175.10
69.173.144.165
69.173.151.100
87.248.100.136
87.248.119.251
91.228.74.159
95.101.149.233
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
01afc9d74eca107f9dba9bc329542d6c54ac97538196b2f38d8c5593f3180598
01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
0469a166341589dcdcce75a1ca717f923f264d964802e4211d6396a8c38bc5d1
060dbeeec45d3877f648acff05e866d0fe3bee5347a9e107db6aba41426a61cf
064622a2cb814cda1595c65e6747736773aae930ee40afcfcabb0fa729a632e1
0681b7df71cbec317e983cfe7ee669cb93e3bbfa8001c56d74fba078f70e2d5b
0973c61c97de648676ca229ceba0f668c6c178b356342acd386c7007a0ba5967
09a0b785293fb6455314ac00ab81bfecc39c435f37b5653dcf93a612edb3c93e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cdc1d09aac29df4b32648b075b088d83174193624fe3c219cfd777692c9ba81
0d95f2a890dc3411bd88d2edf2503bba5f4f287948fe8961f134200c2f7681c4
0e6b5bbca42157b97d47e0c70980d08d309762466caf6a0dcb8822a60580ca2a
10183d5a68f7bc154fc847bf06ffa7eab682922e435794c3581717d749242113
1100c82f6a65084db37c7d6ec16c37136199b898bdac3bf0522841cdbfdf6ebb
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1
13bcf20b945b85065d2b380349a5736ed4a0a049fb6ff0cf6765c5eaedfeefa1
13d5c0f2451f0a14104098f72c6f3334114a68927e50beb4779a0bf98966d9f5
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
1bc5c1253bf61376d888d0f55afd4630abb3ffc8ee3c0b6be00e16585c172316
1bd9747d89536ff38e153383ebd96c96899946be1969af036d88323c371a62bc
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1f62002f80dafa3a5e9cae8792c5500d0fb847f479752fa3f1eb2607495f7901
2125a0368b75a7586c5106cbcc2411e82ea97e5177841cfed169c004223f1aab
220b8755839d4a62c052b987d8ed0cc7061d3eed236ef0a959a41745cfbca5a1
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
287077b1aeaca25ca5387fa4bccd16aa0f098f48ab4630152689426db2d97470
2aec7a278e6dcbc6fe1215aa393f819226b5ce4c8e0490f7ff1e263f29b07f89
2b0e93786481f17c19375c1d144311330f37905a8471af93dccb746be3e7c92e
2cc0037e1a4737627c4c2c8f1a3a14398329c1ec88b76eb98c1357dc2359e1ca
2d03cf7a30869074694017384f91d778711d030d3b18914bc24183626e904ab2
311d28a7744f147d36746147ac2b7c091f1efe1992ec61160fff9f6ce3a7b30e
31a1c0d06015f78dbc83b2e0848a1e0a7eb2ed4060c6e85aebf4b622c24735b6
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6
36eb7db7a1ae79db82ff786cbcbbacfdd7057c144f85e4927ab6d93fc01c13d3
394498f935272797b1683f43bef6d876bdd4ee30870ca63b5888bb4df55d0aa8
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3b0dc1f1f3d6e6edd3a8200f35354f0103c0d01c443ab469ea8a05d8e9755f98
3d095b131085a70278cddd03374bb730826241d99fb18df5aa94a213e67a21ca
3d4238cf67c7de99232ebec7c1be094ddccfc643f47655059875422c5d70520b
3d860ba6769f8f51f4f456a8746bc51d24333fb72f50b69e6dfb80b239f7f22f
3dc4250b258106839b24e88e25a3fb976674b95d467b7add6761dfba6eb14c4a
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46942117c2cea12066fca7e1898475f6f762559ee52d2fce1e08f12d7fe2c700
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4ba2a5f2d74cd9941d09d0da725f620af02aabea20a8f489391240df67552615
4cd122d5d5fd1d51de4b006bb6a25db3e9002146289dc8ffe2d56f313508e82a
4fcde06d3963713e552d9d46936109ce6d3d389318c4c053217dd0a8b12e7b85
520e3268ae5db11cef295f493721ed450e1d9666bc2d24235ef4e3b2837337de
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5598d6ff50f77584df138197b258d8f0c8ed1133a1ee872014d3db224effe852
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5962135eb2e88f4889b9bf417b0ecebfee05ca1ed67211649ccf9f65a3d34d12
5a42323e0b1c4e0d4d08124e092838d317dec3536cedfeb797380f02c1ebc132
5aa49f0af3e388fdd29408e87eba4ea66280dc6023105732c233ebc6924784b9
5cda24bc9ff17a7e2a002bc0cf8c73f2fa72fe16547a8e36aa126ca1c3c0b8d2
60df759810846b32f0ec6e3a502130ea2618b3673e1bbb3de4f6cb867d974c3b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6227e2f11efa93c7eb0ea38ed73a866426f7080d40f3a34a6670bff550656d0a
63ba84abe31d88779e7453e08095a9255e91d4550ae230bb3756acd66c4a3439
6692d8a5a14b43ea79f4f2c831f0efacf19cdc9915516dc0a4d883457ce89cb4
66d027e66c78d7572ee27c513433b6e7bf711e6033a564cae04397c713e79bb9
690964dc7677739af15182f897b06197652f5c4a99510925314f7ec1e7886f5a
692b334fbff1c2f43bbd07c46f2ec5fc6ea19346adf9885c41ce6d0e48b5d251
69fa4215009a4325ef2d8ed36a318853ec8597bfa8fc52197de529582b85a965
6ad596ed16a501242fa0fdf511aab6298ab68b9412ed830a27a795455e79a780
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
6e823c7621b0d6e7ffbeb85154df3f87310b493abf3f9ce5b20be65081c5828e
74d147083935eff827ac2e4ed54fc2e7dd254cab52095a0e4aa6159d8ffb470f
7bf169808c7dca78ab9148d52fb3fd8aeccb95f9685289053bb848b058d16c3f
7e9a0eee24552685c01e4a0226727549b596c7a3cce9250aea58bcfd2f628600
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030
8065f98a0c313ee69495c3c529c6d093e08c980c4419bdf2c9c7318925056ead
80d67d1eb8f1a8b45d9693c879292a7776fc68f19fb21584c3daa54fdbc96401
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83d6511371d0fae800801df33b51720b8038ba01f6e11a6f8f8829e06889940b
85bc8c2064c97cb08fd7e7a287e0d472c13a0d2a58a8b324064ce9b441a07f4f
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
8c97d4d25c5521fc38c7cd0f24beedf0f24b7771bff74b9cba199712c58e5c02
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e51089d22c99aa4d9196e60c2d527a2352b8a139fb3ca86e89cc9fa2c1b7a36
90749ff55eef5ddcfb2a33f1844851df55d8dd94e11459574592b980378c1ff8
9153ee7b70130ab16562030738889cf8229edf0a38a7cdeca3c45ce1c63ff558
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
93ec65638143248137b048a42ea6e690fef07cfbd4032cb5eab43812076f51a6
957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8
9b6759f743c5b103f7872b7f7d44d5a4da400665dadfbe42cadb58e83c75461c
9c6b55a00b28947bff02f240888a216be90be1082298cf5d9c6d6cc3994ddf75
a05661fc8d80e02231e3db45dc1b6ed0e1bdafc33f163ffebf0d1687b21587f3
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a278d9459c8a7c717423ad4989df1b5097095b847a9c1a4549d1cd5dac3aca15
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
a4833c55f15f0f887c178e35b9582fd2e22ef417ee206e7c81af346ba4f4f0a9
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
abeb202ca0eb08d7c9190ea9edc89ea1a192c0b6a8516ed056c38d0ace783b3d
b065acdf513599d47661cb09ebad8758310db063a785c16b3401c083436c6c05
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b176f8262e8f01581fe97aff65ffd0aef832e4285f5fb575c567e6657566e748
b29b68988feff019de3d41852456ce8d2e0b55a09d5cc350cfe9ac7e1bc3b26a
b393065f31b0140779aab2af150e1e39c75cddd31a0ef18a72d6274c6d6a06a5
b39ed304e6d8272a15859e8b5529a7ca383beb8ae3e0cafc34a37b72af1f9aeb
b54317c30226c1f7f8dcdce527c10de0989837ccab76570cdb49db7c9a0d5845
b6229c6faf2f603177d9e9e0fc95bd2e8da58f659a97415518ddcdc9f5f99b0f
b7516493a830098b2e7835ec2a3f1696be0447d28a5be516c0f005eb20f4d7cb
b751c7ef24b8a91a3ed44c775ad011332e5b399eb0faa4a3da5b15fa99e70ef4
b9fa38a4a4fc46d86399d8cde257e9ab91d9a08ef31d24bab62f57df92a674b2
bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336
bb7427fcba6d2ea8377b45f697df70ebd883ca592f178e3cc0a69a89ec9485da
bc45774beb951bd61e0281013afc3619583f9e59b00f47f709fcd06b82fa70eb
bca22b8906a0fcf316d42d0a0e41aa2291afce21ba6c8e41b7c5e6e6da0d480c
bca8fdfee310fcbdd351101da070fd837f9be15e7e443ebf73c76772964fadd3
c0288cc6634e8931c1e32db97d1b23ec27c9df5638610625d53ac04972bc16b9
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c5a4caa084e7fd9e1b25d7923cc10c8b7410898f2e6a4b8736cba167b7855ecc
c71047b55b33f236dab7d204d32b4ea9a58226c58ee6012792a91d7461766555
c7957cb5d31c5fe5776a6265fb232b4e6d389e7640555fb4274e7d4e8b4169e5
c7acc881e9cf06986917157dec024e7ece426958d682a62c69d73bd0068c03ed
cd270c1fd09babb8b13e6edfcfe334bf353bfe953dca73e5d938a8951db8adae
cf821ac997d7f3c657dbf118b7de0675820f37b449ab5186a96356112ca6a0db
cf90fafe87467629de54d30ad2a7aa91d751f4aa2e734d20c0f4d5211455fcba
d16b7e791947e153bd624220a710934e78b687ddb2ff2315adf78da32a953431
d39550a78e4e3a4052864d787da808fef03341acd261a610002cc68cc9c6dda2
d5656ba3004db4c16838167fc60c65845406d9c28331483afc80840a1f07acf8
d80a93a307dcb4cfefbf3f85335c71928b3c072a7087a234dfd0f21cc4ac4c01
d87c2fedac29b7103d7b6b3cba3f23547ae3fdb319eded5937d23c10154dacc1
d9ceebf892c9a6b44db2158869110bb36e2ea529b4630fac1003e0626996db10
ddf8ed50c8e98fd5487859d7b60442e342e76496191eaecca316ffdffa437a5d
deb428f7b8dc8e920a46777cd7f0d271923623abedb2e7bdf397a3f76fc2f43a
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e1a56d876538cdf66ae578f226857855caa19e371e0f4eb0cadee535206f5fe5
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e545d9fc8a2cb7e1464af6906006c64cf24cbfd6b9a4511f660df1deba1cbf9d
e763ae6619d2ac1bc90c7092d781922dc2116ea3a1e0deed7886f18c0a665152
eae438576c20d429574bb39337c98179423e0ec301675c2ba564e15fd2e0ae0c
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef74bcb1232541f20d664d9aaa42000fefdf195a3698d18182bc3c1048b8ebeb
f63cd5b08dc57ade5c364b9487df44c395945f72963cd4f36f6d50bbf969e21c
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f76a147cbe130718d6c2e85d94d52d1e9334b6539b63ba1e5a25975d99ea8db3
f8812c7f4caf660eb00f1d5301c8777f53df14ae2814cb43396eafa4e9398033
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fe397926b9153eef1ff4b993c12314dee516648b4b9eb17398b3e4252c0b61fe
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

www.bg3.co Open in urlscan Pro 103.231.174.251 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

311 Requests

90 %HTTPS

0 %IPv6

36 Domains

72 Subdomains

52 IPs

9 Countries

4313 kBTransfer

12157 kBSize

18 Cookies

13 Outgoing links

Redirected requests

311 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.bg3.co Open in urlscan Pro
103.231.174.251 Public Scan

Screenshot
Live screenshot

Full Image

311
Requests

90 %
HTTPS

0 %
IPv6

36
Domains

72
Subdomains

52
IPs

9
Countries

4313 kB
Transfer

12157 kB
Size

18
Cookies

311 HTTP transactions
3 data transactions