urlscan.io logo urlscan.io
SecurityTrails logo

www.app.bigonline.top.enquetebbb.com.br Open in urlscan Pro
67.225.224.10  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Submission: On January 02 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 67 IPs in 2 countries across 76 domains to perform 372 HTTP transactions. The main IP is 67.225.224.10, located in United States and belongs to LIQUIDWEB, US. The main domain is www.app.bigonline.top.enquetebbb.com.br.
TLS certificate: Issued by *.enquetebbb.com.br on May 22nd 2018. Valid for: a year.
This is the only time www.app.bigonline.top.enquetebbb.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 67.225.224.10 32244 (LIQUIDWEB)
11 2607:f8b0:400... 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
12 2607:f8b0:400... 15169 (GOOGLE)
109 3.162.103.34 16509 (AMAZON-02)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 19 2607:f8b0:400... 15169 (GOOGLE)
6 2607:f8b0:400... 15169 (GOOGLE)
6 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
15 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
5 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
13 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2602:803:c002... 26667 (RUBICONPR...)
2 2a02:6b8::90 13238 (YANDEX)
2 174.129.160.16 14618 (AMAZON-AES)
2 34.120.63.153 396982 (GOOGLE-CL...)
2 2620:100:a001... 19750 (AS-CRITEO)
2 7 68.67.179.155 29990 (ASN-APPNEX)
1 34.96.105.8 396982 (GOOGLE-CL...)
1 1 35.190.0.66 15169 (GOOGLE)
10 25 172.253.63.154 15169 (GOOGLE)
1 1 20.253.86.149 8075 (MICROSOFT...)
3 4 74.119.119.150 19750 (AS-CRITEO)
4 4 50.31.142.63 23352 (SERVERCEN...)
1 2 23.209.57.154 16625 (AKAMAI-AS)
1 1 23.222.12.11 20940 (AKAMAI-ASN1)
2 142.251.111.155 15169 (GOOGLE)
2 2a03:2880:f00... 32934 (FACEBOOK)
2 2620:100:a001::4 19750 (AS-CRITEO)
1 2 2620:100:a001::c 19750 (AS-CRITEO)
2 74.119.119.139 19750 (AS-CRITEO)
9 23.41.168.23 16625 (AKAMAI-AS)
1 23.200.0.22 20940 (AKAMAI-ASN1)
18 23.55.204.22 16625 (AKAMAI-AS)
2 23.46.156.31 20940 (AKAMAI-ASN1)
4 4 52.5.107.83 14618 (AMAZON-AES)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 35.227.252.103 15169 (GOOGLE)
1 1 54.146.141.15 14618 (AMAZON-AES)
3 3 35.207.24.140 15169 (GOOGLE)
8 8 35.211.178.172 15169 (GOOGLE)
7 34.111.96.116 396982 (GOOGLE-CL...)
1 2600:1901:0:c... 396982 (GOOGLE-CL...)
6 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 23.55.204.206 16625 (AKAMAI-AS)
4 5 34.200.65.202 14618 (AMAZON-AES)
1 151.101.193.108 ()
4 23.55.205.215 ()
2 11 52.223.22.214 ()
6 6 3.33.220.150 ()
2 13.107.42.14 ()
2 3 50.17.250.107 ()
2 2 35.211.233.246 ()
1 1 23.73.244.44 ()
2 2 199.38.167.130 ()
2 23.41.168.202 ()
1 1 69.166.1.35 ()
2 2 34.98.64.218 ()
4 4 69.194.240.13 ()
2 2 50.116.194.21 ()
1 1 131.153.148.2 ()
14 21 69.173.151.100 ()
1 8.28.7.81 ()
3 6 52.46.128.147 ()
1 38.91.45.7 ()
2 14 8.28.7.83 ()
1 2 151.101.66.49 ()
2 2 173.231.178.83 ()
1 1 192.184.68.254 ()
7 162.248.18.37 ()
1 1 100.24.202.120 ()
1 1 54.225.192.239 ()
1 2 3.232.179.229 ()
1 1 82.145.213.8 ()
1 1 69.90.254.78 ()
2 4 34.111.113.62 ()
1 40.76.134.238 ()
1 1 34.150.170.96 ()
1 8.28.7.84 ()
2 2 52.45.111.235 ()
2 2 159.127.42.236 ()
1 2 204.2.226.29 ()
1 34.198.133.245 ()
2 2 207.198.113.203 ()
2 2 185.167.164.49 ()
2 3 67.220.226.234 ()
2 2 52.73.64.253 ()
1 23.204.152.232 ()
1 2 172.64.146.152 ()
1 2 63.251.86.51 ()
1 1 52.85.151.4 ()
1 2 52.85.132.4 ()
372 67
2    67.225.224.10 (United States)

ASN32244 (LIQUIDWEB, US)
PTR: host04.mezzor.com.br
www.app.bigonline.top.enquetebbb.com.br
11    2607:f8b0:4004:c17::9a (Washington, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
4    2607:f8b0:4004:c1b::61 (Washington, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
12    2607:f8b0:4004:c1b::9c (Washington, United States)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
www.googletagservices.com
109    3.162.103.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-103-34.iad61.r.cloudfront.net
cdn6.votarenquete.com.br
3    2606:4700::6812:d63b (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
2    2606:4700:20::681a:f79 (United States)

ASN13335 (CLOUDFLARENET, US)
tags.premiumads.com.br
19    2607:f8b0:4004:c07::9a (Washington, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
6    2607:f8b0:4004:c07::8b (Washington, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
6    2607:f8b0:4004:c09::8b (Ashburn, United States)

ASN15169 (GOOGLE, US)
analytics.google.com
2    2607:f8b0:4004:c19::9a (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
15    2607:f8b0:4004:c08::68 (Ashburn, United States)

ASN15169 (GOOGLE, US)
www.google.com
3    2607:f8b0:4004:c0b::5f (Ashburn, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    2607:f8b0:4004:c07::5e (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2607:f8b0:4004:c1d::84 (Washington, United States)

ASN15169 (GOOGLE, US)
73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com
13    2607:f8b0:4004:c19::84 (Washington, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2607:f8b0:4004:c06::5e (Washington, United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2606:4700:10::6814:e280 (United States)

ASN13335 (CLOUDFLARENET, US)
id.navegg.com
2    2602:803:c002:200::32 (United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
2    2a02:6b8::90 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
bs.yandex.ru
2    174.129.160.16 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-174-129-160-16.compute-1.amazonaws.com
tlx.3lift.com
2    34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com
prebid.media.net
2    2620:100:a001::18 (United States)

ASN19750 (AS-CRITEO, US)
bidder.criteo.com
7    68.67.179.155 (North Bergen, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
1    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
1    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
25    172.253.63.154 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f154.1e100.net
cm.g.doubleclick.net
1    20.253.86.149 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
mweb.ck.inmobi.com
4    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
4    50.31.142.63 (Chicago, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
2    23.209.57.154 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-209-57-154.deploy.static.akamaitechnologies.com
sync.teads.tv
1    23.222.12.11 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-222-12-11.deploy.static.akamaitechnologies.com
analytics.pangle-ads.com
2    142.251.111.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f155.1e100.net
www.googleadservices.com
2    2a03:2880:f003:c0e:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
2    2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
2    74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)
mug.criteo.com
gum.criteo.com
9    23.41.168.23 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-41-168-23.deploy.static.akamaitechnologies.com
hblg.media.net
warp.media.net
lg3.media.net
cs.media.net
1    23.200.0.22 (Edison, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-200-0-22.deploy.static.akamaitechnologies.com
qsearch-a.akamaihd.net
18    23.55.204.22 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-55-204-22.deploy.static.akamaitechnologies.com
contextual.media.net
2    23.46.156.31 (Edison, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-46-156-31.deploy.static.akamaitechnologies.com
pxlclnmdecom-a.akamaihd.net
4    52.5.107.83 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-107-83.compute-1.amazonaws.com
pm.w55c.net
2    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
1    54.146.141.15 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-146-141-15.compute-1.amazonaws.com
cc.adingo.jp
3    35.207.24.140 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com
rtb.mfadsrvr.com
8    35.211.178.172 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
7    34.111.96.116 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 116.96.111.34.bc.googleusercontent.com
dts.clnmde.com
1    2600:1901:0:cba2:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
dts6.clnmde.com
6    2606:4700::6810:ef3 (United States)

ASN13335 (CLOUDFLARENET, US)
tag.navdmp.com
usr.navdmp.com
cdn.navdmp.com
sync2.navdmp.com
sync.navdmp.com
1    23.55.204.206 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-55-204-206.deploy.static.akamaitechnologies.com
pixel.mathtag.com
5    34.200.65.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-65-202.compute-1.amazonaws.com
cms.analytics.yahoo.com
ups.analytics.yahoo.com
1    151.101.193.108 (None, )

ASN- ()
acdn.adnxs.com
4    23.55.205.215 (None, )

ASN- ()
eus.rubiconproject.com
11    52.223.22.214 (None, )

ASN- ()
eb2.3lift.com
6    3.33.220.150 (None, )

ASN- ()
match.adsrvr.org
2    13.107.42.14 (None, )

ASN- ()
px.ads.linkedin.com
3    50.17.250.107 (None, )

ASN- ()
pr-bh.ybp.yahoo.com
2    35.211.233.246 (None, )

ASN- ()
a.sportradarserving.com
1    23.73.244.44 (None, )

ASN- ()
secure-assets.rubiconproject.com
2    199.38.167.130 (None, )

ASN- ()
p.rfihub.com
2    23.41.168.202 (None, )

ASN- ()
ads.pubmatic.com
1    69.166.1.35 (None, )

ASN- ()
sync.go.sonobi.com
2    34.98.64.218 (None, )

ASN- ()
us-u.openx.net
4    69.194.240.13 (None, )

ASN- ()
sync.1rx.io
sync.targeting.unrulymedia.com
2    50.116.194.21 (None, )

ASN- ()
ad.turn.com
1    131.153.148.2 (None, )

ASN- ()
server.cpmstar.com
21    69.173.151.100 (None, )

ASN- ()
token.rubiconproject.com
pixel.rubiconproject.com
1    8.28.7.81 (None, )

ASN- ()
image6.pubmatic.com
6    52.46.128.147 (None, )

ASN- ()
s.amazon-adsystem.com
1    38.91.45.7 (None, )

ASN- ()
match.deepintent.com
14    8.28.7.83 (None, )

ASN- ()
simage2.pubmatic.com
2    151.101.66.49 (None, )

ASN- ()
sync-tm.everesttech.net
2    173.231.178.83 (None, )

ASN- ()
cm.adgrx.com
1    192.184.68.254 (None, )

ASN- ()
cms.quantserve.com
7    162.248.18.37 (None, )

ASN- ()
image2.pubmatic.com
1    100.24.202.120 (None, )

ASN- ()
sonata-notifications.taptapnetworks.com
1    54.225.192.239 (None, )

ASN- ()
sync.srv.stackadapt.com
2    3.232.179.229 (None, )

ASN- ()
beacon.lynx.cognitivlabs.com
1    82.145.213.8 (None, )

ASN- ()
t.adx.opera.com
1    69.90.254.78 (None, )

ASN- ()
ums.acuityplatform.com
4    34.111.113.62 (None, )

ASN- ()
pixel.tapad.com
1    40.76.134.238 (None, )

ASN- ()
us01.z.antigena.com
1    34.150.170.96 (None, )

ASN- ()
um.simpli.fi
1    8.28.7.84 (None, )

ASN- ()
image4.pubmatic.com
2    52.45.111.235 (None, )

ASN- ()
sync.ipredictive.com
2    159.127.42.236 (None, )

ASN- ()
pubmatic-match.dotomi.com
2    204.2.226.29 (None, )

ASN- ()
pmp.mxptint.net
1    34.198.133.245 (None, )

ASN- ()
rtb.adentifi.com
2    207.198.113.203 (None, )

ASN- ()
pixel-sync.sitescout.com
2    185.167.164.49 (None, )

ASN- ()
c1.adform.net
3    67.220.226.234 (None, )

ASN- ()
aax-eu.amazon-adsystem.com
2    52.73.64.253 (None, )

ASN- ()
match.prod.bidr.io
1    23.204.152.232 (None, )

ASN- ()
hb.yahoo.net
2    172.64.146.152 (None, )

ASN- ()
capi.connatix.com
2    63.251.86.51 (None, )

ASN- ()
ce.lijit.com
1    52.85.151.4 (None, )

ASN- ()
live.primis.tech
2    52.85.132.4 (None, )

ASN- ()
sync.intentiq.com
sync1.intentiq.com
Apex Domain
Subdomains		 Transfer
109 votarenquete.com.br
cdn6.votarenquete.com.br
2 MB
55 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269
googleads.g.doubleclick.net — Cisco Umbrella Rank: 68
stats.g.doubleclick.net — Cisco Umbrella Rank: 184
cm.g.doubleclick.net — Cisco Umbrella Rank: 338
301 KB
29 media.net
prebid.media.net — Cisco Umbrella Rank: 1682
hblg.media.net — Cisco Umbrella Rank: 2922
contextual.media.net — Cisco Umbrella Rank: 1093
warp.media.net — Cisco Umbrella Rank: 3492
lg3.media.net — Cisco Umbrella Rank: 7860
cs.media.net — Cisco Umbrella Rank: 1972
173 KB
28 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 791
eus.rubiconproject.com
secure-assets.rubiconproject.com
token.rubiconproject.com
pixel.rubiconproject.com
45 KB
26 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 140
73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 185
337 KB
25 pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
simage2.pubmatic.com
image2.pubmatic.com
image4.pubmatic.com
33 KB
21 google.com
analytics.google.com — Cisco Umbrella Rank: 266
www.google.com — Cisco Umbrella Rank: 6
2 KB
13 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 991
eb2.3lift.com
7 KB
10 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 878
dis.criteo.com — Cisco Umbrella Rank: 943
gum.criteo.com — Cisco Umbrella Rank: 597
mug.criteo.com — Cisco Umbrella Rank: 1867
10 KB
9 amazon-adsystem.com
s.amazon-adsystem.com
aax-eu.amazon-adsystem.com
6 KB
8 yahoo.com
cms.analytics.yahoo.com — Cisco Umbrella Rank: 2418
ups.analytics.yahoo.com — Cisco Umbrella Rank: 505
pr-bh.ybp.yahoo.com
3 KB
8 clnmde.com
dts.clnmde.com — Cisco Umbrella Rank: 26911
dts6.clnmde.com — Cisco Umbrella Rank: 33353
2 KB
8 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 590
4 KB
8 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 356
acdn.adnxs.com
34 KB
6 adsrvr.org
match.adsrvr.org
2 KB
6 navdmp.com
tag.navdmp.com — Cisco Umbrella Rank: 45211
usr.navdmp.com — Cisco Umbrella Rank: 50426
cdn.navdmp.com — Cisco Umbrella Rank: 33736
sync2.navdmp.com — Cisco Umbrella Rank: 78647
sync.navdmp.com
6 KB
6 gstatic.com
fonts.gstatic.com
www.gstatic.com
128 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 101
21 KB
4 tapad.com
pixel.tapad.com
1 KB
4 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1007
us-u.openx.net
1 KB
4 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1620
3 KB
4 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 994
2 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
292 KB
3 1rx.io
sync.1rx.io
2 KB
3 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 1932
1 KB
3 akamaihd.net
qsearch-a.akamaihd.net — Cisco Umbrella Rank: 3016
pxlclnmdecom-a.akamaihd.net — Cisco Umbrella Rank: 25250
47 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 271
184 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 115
5 KB
3 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 4237
onesignal.com — Cisco Umbrella Rank: 1212
73 KB
2 intentiq.com
sync.intentiq.com
sync1.intentiq.com
2 KB
2 lijit.com
ce.lijit.com
1 KB
2 connatix.com
capi.connatix.com
523 B
2 bidr.io
match.prod.bidr.io
1 KB
2 adform.net
c1.adform.net
1 KB
2 sitescout.com
pixel-sync.sitescout.com
938 B
2 mxptint.net
pmp.mxptint.net
967 B
2 dotomi.com
pubmatic-match.dotomi.com
744 B
2 ipredictive.com
sync.ipredictive.com
1 KB
2 cognitivlabs.com
beacon.lynx.cognitivlabs.com
835 B
2 adgrx.com
cm.adgrx.com
1008 B
2 everesttech.net
sync-tm.everesttech.net
766 B
2 turn.com
ad.turn.com
952 B
2 rfihub.com
p.rfihub.com
1 KB
2 sportradarserving.com
a.sportradarserving.com
966 B
2 linkedin.com
px.ads.linkedin.com
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 1559
s.tribalfusion.com — Cisco Umbrella Rank: 3590
1 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 894
60 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 240
89 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 173
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 2019
603 B
2 yandex.ru
bs.yandex.ru — Cisco Umbrella Rank: 7983
691 B
2 premiumads.com.br
tags.premiumads.com.br — Cisco Umbrella Rank: 404064
146 KB
2 enquetebbb.com.br
www.app.bigonline.top.enquetebbb.com.br
16 KB
1 primis.tech
live.primis.tech
556 B
1 yahoo.net
hb.yahoo.net
650 B
1 adentifi.com
rtb.adentifi.com
285 B
1 simpli.fi
um.simpli.fi
658 B
1 antigena.com
us01.z.antigena.com
1 acuityplatform.com
ums.acuityplatform.com
674 B
1 opera.com
t.adx.opera.com
552 B
1 stackadapt.com
sync.srv.stackadapt.com
1 KB
1 taptapnetworks.com
sonata-notifications.taptapnetworks.com
346 B
1 quantserve.com
cms.quantserve.com
591 B
1 deepintent.com
match.deepintent.com
338 B
1 cpmstar.com
server.cpmstar.com
608 B
1 unrulymedia.com
sync.targeting.unrulymedia.com
562 B
1 sonobi.com
sync.go.sonobi.com
721 B
1 mathtag.com
pixel.mathtag.com — Cisco Umbrella Rank: 3160
623 B
1 adingo.jp
cc.adingo.jp — Cisco Umbrella Rank: 11414
420 B
1 pangle-ads.com
analytics.pangle-ads.com — Cisco Umbrella Rank: 2641
936 B
1 inmobi.com
mweb.ck.inmobi.com — Cisco Umbrella Rank: 7777
463 B
1 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 8834
551 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 2809
173 B
1 navegg.com
id.navegg.com — Cisco Umbrella Rank: 413337
303 B
0 loopme.me Failed
csync.loopme.me Failed
0 smartadserver.com Failed
rtb-csync.smartadserver.com Failed
372 76
Domain Requested by
109 cdn6.votarenquete.com.br www.app.bigonline.top.enquetebbb.com.br
cdn6.votarenquete.com.br
25 cm.g.doubleclick.net 10 redirects googleads.g.doubleclick.net
73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com
eb2.3lift.com
19 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
www.googletagmanager.com
18 contextual.media.net 73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com
contextual.media.net
tags.premiumads.com.br
ads.pubmatic.com
15 www.google.com www.app.bigonline.top.enquetebbb.com.br
googleads.g.doubleclick.net
securepubads.g.doubleclick.net
tpc.googlesyndication.com
73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com
14 simage2.pubmatic.com 2 redirects ads.pubmatic.com
13 pixel.rubiconproject.com 8 redirects
13 tpc.googlesyndication.com googleads.g.doubleclick.net
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com
11 eb2.3lift.com 2 redirects tags.premiumads.com.br
eb2.3lift.com
ads.pubmatic.com
11 pagead2.googlesyndication.com www.app.bigonline.top.enquetebbb.com.br
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com
9 securepubads.g.doubleclick.net www.app.bigonline.top.enquetebbb.com.br
securepubads.g.doubleclick.net
tags.premiumads.com.br
www.googletagservices.com
8 token.rubiconproject.com 6 redirects eus.rubiconproject.com
8 x.bidswitch.net 8 redirects
7 image2.pubmatic.com ads.pubmatic.com
7 dts.clnmde.com pxlclnmdecom-a.akamaihd.net
73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com
7 ib.adnxs.com 2 redirects tags.premiumads.com.br
acdn.adnxs.com
eb2.3lift.com
6 s.amazon-adsystem.com 3 redirects ads.pubmatic.com
6 match.adsrvr.org 6 redirects
6 analytics.google.com www.googletagmanager.com
6 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.app.bigonline.top.enquetebbb.com.br
5 fonts.gstatic.com fonts.googleapis.com
4 pixel.tapad.com 2 redirects ads.pubmatic.com
4 eus.rubiconproject.com tags.premiumads.com.br
eus.rubiconproject.com
contextual.media.net
4 ups.analytics.yahoo.com 3 redirects
4 pm.w55c.net 4 redirects
4 b1sync.zemanta.com 4 redirects
4 dis.criteo.com 3 redirects googleads.g.doubleclick.net
4 www.googletagmanager.com www.app.bigonline.top.enquetebbb.com.br
www.googletagmanager.com
3 aax-eu.amazon-adsystem.com 2 redirects
3 sync.1rx.io 3 redirects
3 pr-bh.ybp.yahoo.com 2 redirects ads.pubmatic.com
3 rtb.mfadsrvr.com 3 redirects
3 lg3.media.net 73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com
contextual.media.net
3 hblg.media.net www.app.bigonline.top.enquetebbb.com.br
73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com
3 gum.criteo.com 1 redirects static.criteo.net
tags.premiumads.com.br
contextual.media.net
3 www.googletagservices.com googleads.g.doubleclick.net
securepubads.g.doubleclick.net
73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com
3 fonts.googleapis.com cdn6.votarenquete.com.br
googleads.g.doubleclick.net
2 ce.lijit.com 1 redirects
2 capi.connatix.com 1 redirects
2 match.prod.bidr.io 2 redirects
2 c1.adform.net 2 redirects
2 pixel-sync.sitescout.com 2 redirects
2 pmp.mxptint.net 1 redirects ads.pubmatic.com
2 pubmatic-match.dotomi.com 2 redirects
2 sync.ipredictive.com 2 redirects
2 beacon.lynx.cognitivlabs.com 1 redirects ads.pubmatic.com
2 cm.adgrx.com 2 redirects
2 sync-tm.everesttech.net 1 redirects ads.pubmatic.com
2 ad.turn.com 2 redirects
2 us-u.openx.net 2 redirects
2 ads.pubmatic.com contextual.media.net
ads.pubmatic.com
2 p.rfihub.com 2 redirects
2 a.sportradarserving.com 2 redirects
2 px.ads.linkedin.com eb2.3lift.com
2 tag.navdmp.com tags.premiumads.com.br
tag.navdmp.com
2 cs.media.net contextual.media.net
2 rtb.openx.net 2 redirects
2 pxlclnmdecom-a.akamaihd.net contextual.media.net
pxlclnmdecom-a.akamaihd.net
2 static.criteo.net tags.premiumads.com.br
static.criteo.net
2 connect.facebook.net www.app.bigonline.top.enquetebbb.com.br
connect.facebook.net
2 www.googleadservices.com
2 sync.teads.tv 1 redirects
2 bidder.criteo.com tags.premiumads.com.br
2 prebid.media.net tags.premiumads.com.br
2 tlx.3lift.com tags.premiumads.com.br
2 bs.yandex.ru tags.premiumads.com.br
2 fastlane.rubiconproject.com tags.premiumads.com.br
2 73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 tags.premiumads.com.br www.app.bigonline.top.enquetebbb.com.br
tags.premiumads.com.br
2 cdn.onesignal.com www.app.bigonline.top.enquetebbb.com.br
cdn.onesignal.com
2 www.app.bigonline.top.enquetebbb.com.br www.app.bigonline.top.enquetebbb.com.br
1 sync1.intentiq.com
1 sync.intentiq.com 1 redirects
1 live.primis.tech 1 redirects
1 hb.yahoo.net
1 rtb.adentifi.com ads.pubmatic.com
1 image4.pubmatic.com ads.pubmatic.com
1 um.simpli.fi 1 redirects
1 us01.z.antigena.com ads.pubmatic.com
1 ums.acuityplatform.com 1 redirects
1 t.adx.opera.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 sonata-notifications.taptapnetworks.com 1 redirects
1 cms.quantserve.com 1 redirects
1 match.deepintent.com ads.pubmatic.com
1 image6.pubmatic.com ads.pubmatic.com
1 server.cpmstar.com 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 sync.go.sonobi.com 1 redirects
1 secure-assets.rubiconproject.com 1 redirects
1 acdn.adnxs.com tags.premiumads.com.br
1 cms.analytics.yahoo.com 1 redirects
1 sync.navdmp.com
1 pixel.mathtag.com 1 redirects
1 sync2.navdmp.com
1 cdn.navdmp.com tag.navdmp.com
1 usr.navdmp.com tag.navdmp.com
1 dts6.clnmde.com 73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com
1 cc.adingo.jp 1 redirects
1 s.tribalfusion.com 73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com
1 a.tribalfusion.com 1 redirects ads.pubmatic.com
1 warp.media.net 73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com
1 qsearch-a.akamaihd.net www.app.bigonline.top.enquetebbb.com.br
1 mug.criteo.com
1 analytics.pangle-ads.com 1 redirects
1 mweb.ck.inmobi.com 1 redirects
1 ads.travelaudience.com 1 redirects
1 tr.blismedia.com googleads.g.doubleclick.net
1 id.navegg.com tags.premiumads.com.br
1 onesignal.com cdn.onesignal.com
1 www.gstatic.com googleads.g.doubleclick.net
0 csync.loopme.me Failed ads.pubmatic.com
0 rtb-csync.smartadserver.com Failed ads.pubmatic.com
372 114
Subject Issuer Validity Valid
*.enquetebbb.com.br
*.enquetebbb.com.br		 2018-05-22 -
2019-05-22		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.votarenquete.com.br
Amazon RSA 2048 M01		 2023-01-24 -
2024-02-23		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-03 -
2024-05-02		 a year crt.sh
premiumads.com.br
Cloudflare Inc ECC CA-3		 2023-04-07 -
2024-04-06		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
bs.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2023-09-24 -
2024-03-24		 6 months crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
prebid.media.net
GTS CA 1D4		 2023-12-24 -
2024-03-23		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2023-12-02 -
2024-03-01		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-10-11 -
2024-01-09		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-15 -
2024-03-10		 3 months crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-05-16 -
2024-05-15		 a year crt.sh
dts.clnmde.com
GTS CA 1D4		 2023-12-28 -
2024-03-27		 3 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2023-11-03 -
2024-05-03		 6 months crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-11-26 -
2024-11-26		 a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2024-01-01 -
2024-12-21		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2023-12-01 -
2025-01-01		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
beacon.lynx.cognitivlabs.com
Amazon RSA 2048 M02		 2023-03-31 -
2024-04-28		 a year crt.sh
*.z.antigena.com
Sectigo ECC Domain Validation Secure Server CA		 2023-04-03 -
2024-04-02		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
adentifi.com
Amazon RSA 2048 M01		 2023-07-06 -
2024-08-03		 a year crt.sh

This page contains 46 frames:

Primary Page: https://www.app.bigonline.top.enquetebbb.com.br/
Frame ID: 4E7EBB6AEAC80F68603C917075D17AFB
Requests: 199 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Frame ID: 44A36F844A96EFAD27A95D64783E2478
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6330018069195839&output=html&adk=1812271804&adf=3025194257&lmt=1704208213&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.app.bigonline.top.enquetebbb.com.br%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704208213325&bpp=4&bdt=143&idt=557&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7012497238303&frm=20&pv=2&ga_vid=943506077.1704208213&ga_sid=1704208214&ga_hid=1936286099&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320869%2C95320884&oid=2&pvsid=2604598953066762&tmod=1515207609&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=629
Frame ID: 7D66999255E3258D18C805A3FA1F20AE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6330018069195839&output=html&h=280&slotname=3146450979&adk=597137813&adf=3932325209&pi=t.ma~as.3146450979&w=1170&fwrn=4&fwrnh=100&lmt=1704208214&rafmt=1&format=1170x280&url=https%3A%2F%2Fwww.app.bigonline.top.enquetebbb.com.br%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704208214225&bpp=27&bdt=1043&idt=27&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7012497238303&frm=20&pv=1&ga_vid=943506077.1704208213&ga_sid=1704208214&ga_hid=1936286099&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320869%2C95320884&oid=2&pvsid=2604598953066762&tmod=1515207609&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=37
Frame ID: 2FDEA20234112D26693A4F8656041560
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6330018069195839&output=html&h=250&slotname=2120920013&adk=2552748265&adf=288130833&pi=t.ma~as.2120920013&w=300&lmt=1704208214&format=300x250&url=https%3A%2F%2Fwww.app.bigonline.top.enquetebbb.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704208214299&bpp=20&bdt=1117&idt=20&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280&nras=1&correlator=7012497238303&frm=20&pv=1&ga_vid=943506077.1704208213&ga_sid=1704208214&ga_hid=1936286099&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1115&ady=1687&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320869%2C95320884&oid=2&pvsid=2604598953066762&tmod=1515207609&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=28
Frame ID: B4A1A20B2735AF7878A93A2A5DA5EA0C
Requests: 1 HTTP requests in this frame

Frame: https://73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2ACD266D2074E2A02EC34EAF931D7110
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6330018069195839&output=html&h=212&slotname=1184555942&adk=2187097866&adf=3548294649&pi=t.ma~as.1184555942&w=850&lmt=1704208214&rafmt=11&format=850x212&url=https%3A%2F%2Fwww.app.bigonline.top.enquetebbb.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704208214473&bpp=16&bdt=1291&idt=16&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280%2C300x250&nras=1&correlator=7012497238303&frm=20&pv=1&ga_vid=943506077.1704208213&ga_sid=1704208214&ga_hid=1936286099&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=3721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320869%2C95320884&oid=2&pvsid=2604598953066762&tmod=1515207609&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=23
Frame ID: 2DA9F6C123DC3470AFFD8A68DD92D49E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6330018069195839&output=html&h=250&slotname=2120920013&adk=2552748265&adf=685434138&pi=t.ma~as.2120920013&w=300&lmt=1704208214&format=300x250&url=https%3A%2F%2Fwww.app.bigonline.top.enquetebbb.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704208214522&bpp=2&bdt=1340&idt=2&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280%2C300x250%2C850x212&nras=1&correlator=7012497238303&frm=20&pv=1&ga_vid=943506077.1704208213&ga_sid=1704208214&ga_hid=1936286099&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1115&ady=3423&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320869%2C95320884&oid=2&pvsid=2604598953066762&tmod=1515207609&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=3&fsb=1&dtd=7
Frame ID: 546C8135AC1049BF6C6218A4BEE91C1F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6330018069195839&output=html&h=928&slotname=9391698467&adk=3839019563&adf=3537906732&pi=t.ma~as.9391698467&w=270&cr_col=1&cr_row=13&fwrn=2&lmt=1704208214&rafmt=9&format=270x928&url=https%3A%2F%2Fwww.app.bigonline.top.enquetebbb.com.br%2F&ea=0&crui=image_sidebyside&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704208214544&bpp=1&bdt=1361&idt=1&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280%2C300x250%2C850x212%2C300x250&nras=1&correlator=7012497238303&frm=20&pv=1&ga_vid=943506077.1704208213&ga_sid=1704208214&ga_hid=1936286099&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1115&ady=3779&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320869%2C95320884&oid=2&pvsid=2604598953066762&tmod=1515207609&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=4&fsb=1&dtd=13
Frame ID: EDF37D28D9CBDD5E29BD6A2224B3D3D4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6330018069195839&output=html&h=212&slotname=1184555942&adk=2187097866&adf=316346021&pi=t.ma~as.1184555942&w=850&lmt=1704208214&rafmt=11&format=850x212&url=https%3A%2F%2Fwww.app.bigonline.top.enquetebbb.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704208214517&bpp=4&bdt=1335&idt=4&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280%2C300x250%2C850x212%2C300x250%2C270x928&nras=1&correlator=7012497238303&frm=20&pv=1&ga_vid=943506077.1704208213&ga_sid=1704208214&ga_hid=1936286099&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4582&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320869%2C95320884&oid=2&pvsid=2604598953066762&tmod=1515207609&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1152&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=5&fsb=1&dtd=281
Frame ID: EDB221D4771E5556F010CE3FE8454E6E
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst9XCLdBwHFqALewJqbX8kE31wr7wQuver4GZc5pPig-nN_JxBDNvID68yr99KepWdr1cTekqW6d1c6wp1LyYMmwLjjmw3wJl5fi1I1dUpLqCmSSpyGi6p_knMAtoBcpFee4hCzWD-8H2ZtyEOa4cXGBwlSPAQdUrtXj0HsUOZzoLV7IEFbqLcReU3SrfV5BrVl3bqeSvRatHReFJ4ueFi3GjW-24sMR8I0OFVJG3DEoXWp4CS_uw998LHTed5TwQbS34Fzjeafv1ijH1i6Fo02Rat_v6EKknGo2UP_qp6QQnnLhgPl3rLPznQcOCyt3NwpN_jE16gjwA6dn5kWVr6822CpkDVeZc4wOO2cUXuGywhbba08EZuh9I7ormWmYwju2jTonzry86HA9nyt0W4&sai=AMfl-YRNNrPlqXPoOHfpH5E2LSPKW9oPxahXGrVnmNzjsO9GLIC4QpYvAOHwK4v2LZ6npHSfnYjR15FmhGak0rDvaXgJ3syQ8aym8JWK_AFOvpmgHOnUA1badQ_krC4P1A&sig=Cg0ArKJSzHWSLzoPUW8aEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 988C20A65AFEF1D4505EB4E051009690
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0DC449C3B56316B1A42B71C6EBE71EF2
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Frame ID: 143129F4097569CDF67AEFBDECF76AC5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6B45CA1BE35EE05B9FBA0125526FD3A3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 16018382AC7C1E2FDB377AA4AD00286C
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.app.bigonline.top.enquetebbb.com.br
Frame ID: 550E4F3F38ED17A51B224052381CA815
Requests: 2 HTTP requests in this frame

Frame: https://73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 85102F82282B290F4179951D12F09791
Requests: 25 HTTP requests in this frame

Frame: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=3457&&kkdd=A*%7C3%7CnH9*A&22=MG&7T=HwKFhKQhHQhQnnFmF33&k(by=K&~obU=K&2(7=HHFH&eo2I=5Smm&2T(=QvMgEmHEm&2b2(=zFrWT5BFNupFsTV3C_q4ba%3D%3D&2yT(=QFHHSwSHn&oT_I=whQ43K&o2=sf&2B9~=sXtGg8OgNxf&bT(=QVXYmKRSh&ebT(=glnFmG3&Beebo=H&yyy=e_8iB520i5tKaYqGVM~iM8lUzn.KFWsYIaRw(Qz24(tJT3DqYIeExXvC3fz0Kc6fihY.8ROts5z%3D&9oI=n&0*=H&qk(=F&U(eH=QvMYFhSnp&U(eh=3m3FhQnSh&u(UeU=o(h%3D9q00)Tqy0t0%3DHK)LkIyb~%3DK1KF)(L~tu%3DK1nH)o2(%3D9D)yUI%3DK%2CK)(L~t0%3DhK)70hyto(%3DhKhFKHKhKS)Tqy0tu%3DmwF1Qm)qy0te!2%3DK)qy0tyhUtu%3DK)oe(%3DhFFKQH33Hn)yUe%3DK1KKK%2CK)Tb%3DHB05Gvq8UnbBnzGDPNFeVT)cuu%3DK)yTTbqU%3DFm%2CFm)y2%3Dh%2CH3KK)yToqT(%3DK%2CK)yboto(%3DhKhFKHKHhH)yU(7%3DK1KKK%2CK)qy0tu%3DH1hQ)70hytqy0tu%3DK)o~~t*y%3DHK1FwFn)qy0t0%3DHK)o07%3DHS1nw)k2Ue%3DiHK)uu%3DH3m)o~~t~q0%3DH1Hh)Iyb~%3DK1KF)70hytqy0t!2%3DKNK)boTt2%3DhS%2CS%2CK%2CK%2CK%2CK%2CK%2CK)u~%3DH)boTt(%3DSmFK)y!I%3DK%2CK)USbtu%3DH1FS%2CFm1HS)o(%3DH)qT(%3Dh-Ux0Dy3K-XnPgcccB)270hytu%3DK13m)ue(%3DmwH3SKhQF3h3nKKhK3H3hhnmnFKmFnFSw3HH3SHSHQhQ3KSmSwQnHFHwwmwQSmwF3KSQQhwSFFKmFHwFnwH3S3QQ3Qmm3KFFHKnmhnm)qT~%3DK)y!e%3DK1KKK%2CK)Lk(hbtu%3DK13Q)oo%3DsO)22%3DMG)!ut(0%3Dbe)qT*%3DiH)2I%3DK)y27%3DFh)v-%3DSKwQ)!utq2%3DH)9eo%3Dh)!utq0%3Dbe)!ut22!o%3DK)2e%3D9I*%20DLy!)uootPg.%3DsO%2CsO)uUoToh%3DH3m)u(e%3DHwKFhKQhHQ)uUoToH%3DH3m)!utee%3DH)(2%3DQ)70hytu%3DH1hh)ee%3DHhHh)7*tI42%3DK1Qn)7Toto(%3DFw)yct29e%3DH)qy0tybotu%3D31hH)(2h%3DH)7tUo9%3D3KK3)0Uoe%3D)27Lk%3DK13m)7Totqy0tu%3DK1wQ)70hytTto(%3DhKhFKHKhKS)7Totqy0t0%3DSK)(o9u%3DFhK)Ie%3DFQ)70hytTtu%3DK1KH)7Totu%3Dw3K1HF)70hytqy0t7T%3DHNiHm)qy0te7T%3DK)77%3DK)270hyto(%3DFw)yc7%3DFh)0hytu%3DHKKK)o~~to(%3DhKhFKHKhK3)yU(b%3DK1KKK%2CK)oT(%3DQFHHSwSHn)qy0tybot!2%3DK)!utoy2%3D!uu)7*q%3DK1Qn)(hbt0%3DHK)270h%3DK13m)Sb2c%3DHKKK1hS)Lkt~oB%3DK1KF)(~~toeyk%3D9LtoeyUeIkD)(hbtu%3DK13Q)ybotu%3DFm1HS)qy0toybotu%3D31hH)y!*b%3DK1KKK%2CK)y!*(%3DK1KKK%2CK)To8Ic%3DK)ToTc%3DK)qy0tyb2tu%3DK)uT(%3DK1Kn)!utbe%3DJL~IbUkI)qy0tyboty7%3DK)2u(b%3DK1KnK)o(%3DH)TeDbItT(%3DHw)oI00IyteUktT(%3DhFFKQH33Hn)oqbb0DteUktT(%3D)(IeI2eI(teUktT(%3D)7TI*UuT0TeD%3DK1Qn)bLo%3DS)U2teDbI%3DH)U(u0!%3DhFFKQH33Hn)yIct29e%3DH)U~b%3DH)LkuT(%3DK1KnK)uc0y%3DK1KFK)oqT(%3DvONGNlN2.!37kxXCJBMx(nuP0IK)(e2%3DIUoeto2)(~~tIyb~%3DcU0oI)(~~%3D9LtoeyUeIkD)u(b2Ub(%3DK)(U0k%3D9LtoeyUeIkD)oLub%3D)4T(%3DOCEibquiSmH3KFnQQwHQwKSH)Be~0%3DH)(2qe%3DH)(Lku%3DKiH)I2btqoI(%3DrHK)I2btbKn%3DK1Kn)I2btbHK%3DK1Kn)I2btbHn%3DK1KnmFwnH3FKwHKFwmFm)I2btbhK%3DK1KQHhQHnKnwnmSFw3m)I2btbhn%3DK1HKFQhKQmShmmKHwwQ)I2btbSK%3DK1HSSK33FmKSwHmh3SF)I2btbSn%3DK1HmhQwFQwFFhSKh3nm)I2btbFK%3DK1H3nQSQ3hHQmSKmHHQ)I2btbFn%3DK1hhwnwmFQwFFKKmmHw)I2btbnK%3DK1hmnnnhmSFwFSFSQF)I2btbnn%3DK1SHhHFHFmSm3wHQFwm)I2btbmK%3DK1SmHnmShKnn3KQ3nF)I2btbmn%3DK1FHwwwShQwKnnFhnQ)I2btbwK%3DK1FQnwKHQn3QwhFQK3S)I2btbwn%3DK1nwFmh3QQ3hhKSQhn)I2btbQK%3DK1m3SwKHHmnQnQ33HH)I2btbQn%3DK1QnFQQm3KFmSwFwH3)I2btb3K%3DH1Hh3QHnKmnhhHnQwn)I2btb3n%3DH1mFQmmQhFwShmmnSh)I2btb33%3DF1hHmw3mwHmhmShwn)Tu2%3DH)9o_%3Dh)eko%3DwhQ43K%7C3wK43K)uou%3DK)uob%3DK)e~4%3DhFw&9e7=K&~~~=UzvQvk3FFU*6Kp.DfwaGKx93B2O50LMp5_Hso4xfm5*%3D&T*=whQ&T9-cy=H&u(y-(=FmK&uT(=SF3KmS&~2c=wmn3h&D(oby=H&uUI=p4IskIrkpr)p4IskIrrpr)FII&!UebyI=H&2U(L~UT9=e_8iB520i5iJGBsFhiqqc(9nXEBhTvKsmr(ShDF-G2WRXJWt!DWL_k%3D%3D&Db0b=H&ToT(=n&U(7=-97IoeLy%20YL2qo&oo~2yt7Iy=n&bkT(=bHHKn3QQFQQhehKhFKHKhHnHK&oo0(=%7B%22ooTb%22%3A%22hUK(%3AnmKK%3AKKhF%3AKKKK%3AKKKK%3AKKKK%3AKKKK%3AKKKK%22%2C%22oo22%22%3A%22MG%22%2C%22ooo2%22%3A%22sf%22%2C%22oo2eD%22%3A%22sI*%20fLy!%22%7D&Be~0oy2=H&sflct=8828251&ure=1
Frame ID: E48C446E060D25305FAD76C7451B552D
Requests: 8 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUF4235B&prvid=99%2C77%2C20000%2C294%2C262%2C460%2C461%2C462%2C4%2C313%2C10000%2C459%2C229%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Frame ID: 1C761E9CAA02BBB6253C900818204FB4
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 68652C0B5AED0AF70A11E91042513435
Requests: 9 HTTP requests in this frame

Frame: https://pxlclnmdecom-a.akamaihd.net/javascripts/bfp_ssn.js?templateId=3
Frame ID: 3F537F7E58539B97A9A4D9739A09F5F9
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUM45834&prvid=2012%2C2034%2C2033%2C2055%2C2031%2C2030%2C3020%2C251%2C175%2C450%2C2009%2C550%2C178%2C233%2C2028%2C3018%2C2027%2C3017%2C214%2C236%2C237%2C117%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C2022%2C3012%2C3010%2C141%2C262%2C461%2C222%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C10000%2C404%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: FC22D541B45DD36D71D0F9B39BCEB578
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 6FB63B8CB3C648CDB0B29203607F67CE
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: CCB437BF92F131628908A98F099CC9FD
Requests: 19 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: F298B458F189B57622B9F7196FCCC8ED
Requests: 11 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=medianet
Frame ID: 1614DA48B899FAD25BC50A1436D12E78
Requests: 4 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=8&vsid=3472098190813231000V10&type=rkt&refUrl=&vid=42082214993472098190813231000V10&axid_e=&ovsid=978758894682368887
Frame ID: 51FD8443C05A0B727DC83784C3A62311
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472098190813231000V10%26type%3Dpba%26refUrl%3D%26vid%3D42082214993472098190813231000V10%26axid_e%3D%26ovsid%3DPM_UID
Frame ID: 3F3F3BF1678E0E3F3BCF62629A7D4CF6
Requests: 19 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=35E1EA24-50D0-4671-87F2-3C38672EF919&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 9652DCB42E25CBD27BD6E55BAAFFB5FE
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: A49B220A67699DA0BDA38A17CE0DFB90
Requests: 1 HTTP requests in this frame

Frame: https://rtb-csync.smartadserver.com/redir?partneruserid=AAG8307LKE8AABNCGP5LBw&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4%26userid%3DSMART_USER_ID&gdpr=0
Frame ID: 1F6206ACEA37A6FCB366E8758B6B95B8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6332561323996420897&gdpr=0&gdpr_consent=
Frame ID: 452C0803ABEFF076ADDC434C03F5D293
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZZQnXgALbPhVDwAM
Frame ID: CB967A96B68E8F39FB76B64D8E75E616
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=0c7a8128-a981-11ee-b025-3aa31ae7699e
Frame ID: A657D1C70FC7E3A071296AC320FDF35A
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=eo9omX6NZMhhiTTIftt8nXSPZMth2GWefo_OOAyS
Frame ID: AB4CE50FEB486399FFBB92FB0231B768
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=93bfb436-344b-4360-95ad-06e591cc36fa&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Frame ID: A3EB64EDC3876D15A49C2FB1B876F006
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=dISjD0srWlVGuKnQKPQfawW16oQ&gdpr=0&gdpr_consent=
Frame ID: 141F5D39F6E45C2B93FA9E2C558559CE
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:I9tIXYa11RkGpl5&gdpr=0&gdpr_consent=
Frame ID: DF24849DA3593D2CF128F4E19BD38D6B
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=968062845345747366
Frame ID: BB0E75EE00D88E6E3B54480B1CAB4BB5
Requests: 1 HTTP requests in this frame

Frame: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=35E1EA24-50D0-4671-87F2-3C38672EF919
Frame ID: 284C85AE1FDF257F21116ACCF2216240
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 593FA2B56CAF269349205E4C6B6DB096
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 81A3A2554E826053D21B77C0911D732D
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUa2c4f5affb9542f5a5edfa8e79a3daf5
Frame ID: 2D54993556CBEA9CDE416FC98F00FE50
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=871933295840
Frame ID: FAE6F2CFF6D6E1F08BDBA9CE7D704599
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
Frame ID: 3559B2E3740AB69736142A9C33680374
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.php?cs=8&vsid=3472098190813231000V10&type=pba&refUrl=&vid=42082214993472098190813231000V10&axid_e=&ovsid=35E1EA24-50D0-4671-87F2-3C38672EF919
Frame ID: 3AD2B5F154A00018BF07B9CE3D292353
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Enquete BBB - Votar BBB 23

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • tag\.navdmp\.com
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • sweet(?:-)?alert(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • swiper(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

372
Requests

80 %
HTTPS

26 %
IPv6

76
Domains

114
Subdomains

67
IPs

2
Countries

3760 kB
Transfer

7629 kB
Size

50
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 202
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEN5-lD9LMbAsqEPi5gYLi-Q&google_cver=1&google_push=AXcoOmRfK3_b3AgfmXq107P1Jm9aUv7FaYgn6VEMQLSk9cSsc0L4UB7Ejk8c4IhdoCsqrbWdKc9ioElX42lH5nbplFWoz7_VSdo77FM HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=qZQvkVZyQ4wBddhkhWtLKQ&google_push=AXcoOmRfK3_b3AgfmXq107P1Jm9aUv7FaYgn6VEMQLSk9cSsc0L4UB7Ejk8c4IhdoCsqrbWdKc9ioElX42lH5nbplFWoz7_VSdo77FM
Request Chain 203
  • https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESENvy83m9hhER0nv04uogoqM&google_cver=1&google_push=AXcoOmSSsWlLq9U7Gbfz9Pr_4bAV1jYS3cywMa-pNNXq03iVZxchMPvqqv5FwIUySplkuecH1QWZUhObQTIDn88pRvu19CpXGza-kDjo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=Y2Q0MGJjNDMtYTU5Yi00M2EwLWFhNjgtYzJjY2ZlYzkxNWE2&google_gid=CAESENvy83m9hhER0nv04uogoqM&google_cver=1&google_push=AXcoOmSSsWlLq9U7Gbfz9Pr_4bAV1jYS3cywMa-pNNXq03iVZxchMPvqqv5FwIUySplkuecH1QWZUhObQTIDn88pRvu19CpXGza-kDjo
Request Chain 205
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEF5-67gz14pQA1O0Abxs6nU&google_cver=1&google_push=AXcoOmTKQRIlqZG6OatjvZV9H--wRvURA0luJSRMqsWMpgXE3ZFBG3bBdUYdFluzCn6bQHBgzGTSGmC34AXh6wfdXvym6bh400uXaCAq HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEF5-67gz14pQA1O0Abxs6nU&google_push=AXcoOmTKQRIlqZG6OatjvZV9H--wRvURA0luJSRMqsWMpgXE3ZFBG3bBdUYdFluzCn6bQHBgzGTSGmC34AXh6wfdXvym6bh400uXaCAq&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmTKQRIlqZG6OatjvZV9H--wRvURA0luJSRMqsWMpgXE3ZFBG3bBdUYdFluzCn6bQHBgzGTSGmC34AXh6wfdXvym6bh400uXaCAq&google_hm=cUpJb19MNnVvUVk5OG5VazFzS2I=
Request Chain 206
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEK0JN6qbgdQ7_pdQFV-1bRU&google_cver=1&google_push=AXcoOmSxrHUtMPE3NcNMwgA5gs8j8jhsB0LWLfX_d0cicLEpkWCJQj1Pr7fIRE2Ns6yog0jJBtQA90fKcTmSDYelqmcmRSFc9tqQiIEu HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=MDI4MWVhNmMtMmI3NS00MDk5LTlkNmMtYTFhN2ViMWMwZTBm&google_push=AXcoOmSxrHUtMPE3NcNMwgA5gs8j8jhsB0LWLfX_d0cicLEpkWCJQj1Pr7fIRE2Ns6yog0jJBtQA90fKcTmSDYelqmcmRSFc9tqQiIEu HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 207
  • https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEO7Y1tqLTHejoAdotbzcA7k&google_cver=1&google_push=AXcoOmR6N4iGWjR1JpwqkZnmy4jYPN9MHw4kmUQFkTM76i3e29FnJQdvdIFcE_zI-xrrQVrHCY_c2tEHfM9FWo24edq8dXetQ1x5DNJVWw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmR6N4iGWjR1JpwqkZnmy4jYPN9MHw4kmUQFkTM76i3e29FnJQdvdIFcE_zI-xrrQVrHCY_c2tEHfM9FWo24edq8dXetQ1x5DNJVWw
Request Chain 211
  • https://googleads.g.doubleclick.net/pagead/adview?ai=Cs_24VieUZanKEqSpoPMPpu6pkAn_pefUWorvzrXuCvjohsCRGRABIOemhGNgycapi8Ck2A-gAdCez_4DyAEJqQKDw1EVf3ayPqgDAcgDywSqBP0BT9AYFKzoHDoq3lIDDsUV3UPuJtLcmIdV_jUAvM_WhFalV9lGnFXgVANJkNh2p0lTYo1j27oCllvCX4GzdopTIbbcvbXqQVBgMQc_p6x0Cpt4Myoyoy1wn7-9OpUQ88-aN_dvwCgNoB6xSzmVwk2io7vI0q6w6N98SNasZJBYQfKwSqAesqvBbFfsXK93Tj_fz2DIqlQxdA23IUzPL0SxWHz3JY_n3Cuufixtt_gi9Epz365Ehw6cnYyc0HOARPsQvz1WLqp9B_yptjbkoTzXk49uCaCU4HW1jqz_kuU11f8DjZJY90UWj5Tt-UFS9yE41HFxDOPBZKc0C96tZcAEienZlcwCiAWYn_ThH5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAeY4bABqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQrssH0ggfCIBhEAEYHzICigI6BIBAgEBIvf3BOlj5rfKp_r6DA5oJGWh0dHBzOi8vbG9jYWxvZmZpY2UyNC5ubC-ACgHICwGiDCAqHgoc5LSxAu61sQK1uLECrLqxAuS0sQLutbECu7uxAtoMEQoLEMDwyqyTwZK5wQESAgED2BMNiBQC0BUBgBcBshccChoIABIUcHViLTYzMzAwMTgwNjkxOTU4MzkYAA&sigh=89SJpxRqoY4&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSPAAvHhf_LnWF2K8BhinzIL1cjFkBOPhY0Gnz9sytepmyOW9r8UzXtDXB2Un3i06eHcqBjo6Uk7qqjAT_PRgB&template_id=5000&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x69001c92f8b62720000000000000000%22,%222%22:%220x9d8bd323d81e44360000000000000000%22,%223%22:%220x88395e689bcafc820000000000000000%22,%224%22:%220xcd0f04a78c3c611c0000000000000000%22,%225%22:%220xd54ded041d0bb16d0000000000000000%22},%22debug_key%22:%225010685143751368907%22,%22debug_reporting%22:true,%22destination%22:%22https://localoffice24.nl%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221070845776%22],%2222%22:[%22true%22],%224%22:[%2201-02%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22225291056484623361%22}&andc=true
Request Chain 237
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=enquetebbb.com.br&sn=ChromeSyncframe&so=0&topUrl=www.app.bigonline.top.enquetebbb.com.br&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=U5OPsnxNSkdTL0pEMEg2RG5PdEpWUGNDWVUyUnpwajJxTXdsZXY4SDh2a2ZzTVQzbnBRMXY0TWc3MjAyQ3h3cmN2VG9zSnNZNVREWk1lNFdsc2ZtYjZORjh2WEZ4S1Z3RXQ3ODc1MUNibW5BcFVQUSt4TW93bXl3aHlWOHB3b1R6cHAwRDk0aUEyeGxnQ3FGYjkvUS9nOGlaTEQvcVd1eldvVXp1NXhWb2tmZVdwWTQvOWxJZ1YxY0h4Smo4YXkrUVFqV0dDbjljb0t2Y3BLMGVVWG9CUHV3d2pETHBBMlRoM0dJQTJBQ1hUSHdVSzBMaEdxUUlxOGZHSnZ1MkVPa2ZJN1BabUxYVDl0QzZ2WGNZQkZ5U0hWMWtMK2ZxdnVHbW1Zc2hVbTRRNXFudzI5UT18&cppv=2
Request Chain 257
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEP2n5SL6bES-NTVjvojCyK0&google_cver=1&google_push=AXcoOmQxqowQ2ZMhqt115DpjymZEnXlI_VsWGXn7OykIjKHnWVuMHrQXpDOk0XvcQ_vaRaoq0-GSJhQ47t_KvurTzlJyqxet9W4 HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEP2n5SL6bES-NTVjvojCyK0&google_cver=1&google_push=AXcoOmQxqowQ2ZMhqt115DpjymZEnXlI_VsWGXn7OykIjKHnWVuMHrQXpDOk0XvcQ_vaRaoq0-GSJhQ47t_KvurTzlJyqxet9W4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=STl0SVhZYTExUmtHcGw1&google_gid=CAESEP2n5SL6bES-NTVjvojCyK0&google_cver=1&google_push=AXcoOmQxqowQ2ZMhqt115DpjymZEnXlI_VsWGXn7OykIjKHnWVuMHrQXpDOk0XvcQ_vaRaoq0-GSJhQ47t_KvurTzlJyqxet9W4
Request Chain 258
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESENtgT5E0uCOi8YQzhcSFh_0&google_cver=1&google_push=AXcoOmQyjgodwE6t5WJKxAaDPAT4Do7EbizQV84ihzE06CR4tmhW9GBBJFcwcK0LQaPuzv827Oyx4avttRpYqY3R55P5W5F4C9o&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQyjgodwE6t5WJKxAaDPAT4Do7EbizQV84ihzE06CR4tmhW9GBBJFcwcK0LQaPuzv827Oyx4avttRpYqY3R55P5W5F4C9o%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENtgT5E0uCOi8YQzhcSFh_0&google_cver=1&google_push=AXcoOmQyjgodwE6t5WJKxAaDPAT4Do7EbizQV84ihzE06CR4tmhW9GBBJFcwcK0LQaPuzv827Oyx4avttRpYqY3R55P5W5F4C9o&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQyjgodwE6t5WJKxAaDPAT4Do7EbizQV84ihzE06CR4tmhW9GBBJFcwcK0LQaPuzv827Oyx4avttRpYqY3R55P5W5F4C9o%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 259
  • https://rtb.openx.net/sync/dds?google_gid=CAESEOd_8AjU_E_yQmpeDL4uuvA&google_cver=1&google_push=AXcoOmRmX9-no2qQ4O32unfJNtZUDAdKkKfqkWwqi6jUQ9di-Lxrc1Gx3p8hFpuHtv4u0BXi7ed33fMTqn2NTYKXJJLujR75h5So HTTP 302
  • https://rtb.openx.net/sync/dds?google_cver=1&google_gid=CAESEOd_8AjU_E_yQmpeDL4uuvA&google_push=AXcoOmRmX9-no2qQ4O32unfJNtZUDAdKkKfqkWwqi6jUQ9di-Lxrc1Gx3p8hFpuHtv4u0BXi7ed33fMTqn2NTYKXJJLujR75h5So&ox_sc=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmRmX9-no2qQ4O32unfJNtZUDAdKkKfqkWwqi6jUQ9di-Lxrc1Gx3p8hFpuHtv4u0BXi7ed33fMTqn2NTYKXJJLujR75h5So&google_hm=hnRcSP5swRAZcsVyWjNfxg==
Request Chain 260
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEF5-67gz14pQA1O0Abxs6nU&google_cver=1&google_push=AXcoOmSxLbmygm1XJBVkikwFyIzXilvgBq6aU8y4FgUygFvfkU-4N7atscx-GG9TfyQ7o2q1HQ2t50j0znCGBmJ6KWfc4FfY9lg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmSxLbmygm1XJBVkikwFyIzXilvgBq6aU8y4FgUygFvfkU-4N7atscx-GG9TfyQ7o2q1HQ2t50j0znCGBmJ6KWfc4FfY9lg&google_hm=cUpJb19MNnVvUVk5OG5VazFzS2I=
Request Chain 261
  • https://cc.adingo.jp/adx/push/?google_gid=CAESEFuloszeI2YnhAMmM46GyHk&google_cver=1&google_push=AXcoOmTXwb7dlUx60pMAlT2lKjUQvxmz3hUxuOUG2BP9gkHUBZcUBB8pbBHB9qQNwiGEsS1jjAIfcLWikBq4ianUJLNn4PfHc4yM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AXcoOmTXwb7dlUx60pMAlT2lKjUQvxmz3hUxuOUG2BP9gkHUBZcUBB8pbBHB9qQNwiGEsS1jjAIfcLWikBq4ianUJLNn4PfHc4yM&google_hm=686c4656f8f7e8ac286054e44f681ef4
Request Chain 262
  • https://rtb.mfadsrvr.com/sync?ssp=google&ssp_init=step1&google_gid=CAESEAf51NUp46jIFjrh4f5ad9k&google_cver=1&google_push=AXcoOmQnRkWPvaBAyXkV9bl5MdlrfzVq9SNIwT558ThGZD-SCIig1Rd6z8ULKg1UAKBCYxFMUKRwSwlGucBWL-AeLKoid-Z3w_JO HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=google&ssp_init=step1&google_gid=CAESEAf51NUp46jIFjrh4f5ad9k&google_cver=1&google_push=AXcoOmQnRkWPvaBAyXkV9bl5MdlrfzVq9SNIwT558ThGZD-SCIig1Rd6z8ULKg1UAKBCYxFMUKRwSwlGucBWL-AeLKoid-Z3w_JO HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=LtsqzItuRyG5oq3SvH3OKQ==&no_redirect=1&google_push=AXcoOmQnRkWPvaBAyXkV9bl5MdlrfzVq9SNIwT558ThGZD-SCIig1Rd6z8ULKg1UAKBCYxFMUKRwSwlGucBWL-AeLKoid-Z3w_JO
Request Chain 263
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEAxGYbETuObl7-mQ1tOdaAQ&google_cver=1&google_push=AXcoOmQtD3UhxpBJThbIK7GkSSajPSgGFrvwC21n13BYMA-ipPricnMznPv3qNLon3wBJmILj9nOPxQ-SWbMSsBnOLZN8Jq82jL2 HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEAxGYbETuObl7-mQ1tOdaAQ&google_cver=1&google_push=AXcoOmQtD3UhxpBJThbIK7GkSSajPSgGFrvwC21n13BYMA-ipPricnMznPv3qNLon3wBJmILj9nOPxQ-SWbMSsBnOLZN8Jq82jL2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=93bfb436-344b-4360-95ad-06e591cc36fa&%%GOOGLE_PUSH_PAIR%%
Request Chain 271
  • https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzQ3MjA5ODE5MDgxMzIyOTAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESENxkVdxal073RXHB9El1Avo&google_cver=1
Request Chain 284
  • https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=85518036300 HTTP 302
  • https://sync2.navdmp.com/sync?prtid=2&id=85518036300&google_gid=CAESEBBjlHL3mMgcSWsGvEEiMnY&google_cver=1
Request Chain 285
  • https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D HTTP 302
  • https://sync.navdmp.com/sync?img=1&mdia=67366594-275c-4500-817e-47d30d29f553
Request Chain 286
  • https://cms.analytics.yahoo.com/cms?partner_id=NAVEG HTTP 302
  • https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG
Request Chain 297
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=4d7ab853-5158-4b62-987f-d38cb76dc1f6&dongle=0cfd&gdpr=0&gdpr_consent=
Request Chain 298
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjIwMjg5NTIyOTQ5MDAxNTgwODAyMA%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 299
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEIAGovYdsXXaLUqWB_br8yQ&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 300
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjIwMjg5NTIyOTQ5MDAxNTgwODAyMA%3D%3D
Request Chain 302
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/2202895229490015808020?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-3yPWqKxE2oRqmqZ30aysPaRrll9BO08hT5s.tt9JAQ--~A&dongle=0883
Request Chain 303
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=2202895229490015808020&gdpr=0&gdpr_consent=${GDPR_CONSENT} HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=ff4e1e93-9c9c-49e8-81f6-f7e440d5b1be&ssp=triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=93bfb436-344b-4360-95ad-06e591cc36fa&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 304
  • https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40%40CRITEO_USERID%40%40%26dongle%3D013b HTTP 302
  • https://eb2.3lift.com/xuid?mid=2711&xuid=69aff782-32d0-43f9-95df-a79b64081b6b&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 305
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=6332561323996420897&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 309
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=medianet
Request Chain 310
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3472098190813231000V10%26type%3Drkt%26refUrl%3D%26vid%3D42082214993472098190813231000V10%26axid_e%3D%26ovsid%3D%7Buserid%7D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3472098190813231000V10&type=rkt&refUrl=&vid=42082214993472098190813231000V10&axid_e=&ovsid=978758894682368887
Request Chain 312
  • https://sync.go.sonobi.com/us?https://contextual.media.net/cksync.php?cs=8&vsid=3472098190813231000V10&type=son&refUrl=&vid=42082214993472098190813231000V10&axid_e=&ovsid=[UID] HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3472098190813231000V10&type=son&refUrl=&vid=42082214993472098190813231000V10&axid_e=&ovsid=1d65d899-d350-4b66-b9e5-2c328cdf37bf
Request Chain 313
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3472098190813231000V10%26type%3Dopx%26refUrl%3D%26vid%3D42082214993472098190813231000V10%26axid_e%3D%26ovsid%3D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3472098190813231000V10%26type%3Dopx%26refUrl%3D%26vid%3D42082214993472098190813231000V10%26axid_e%3D%26ovsid%3D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3472098190813231000V10&type=opx&refUrl=&vid=42082214993472098190813231000V10&axid_e=&ovsid=20c252a1-c4ea-008e-3701-846c2a60d4a1
Request Chain 314
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472098190813231000V10%26type%3Dr1%26refUrl%3D%26vid%3D42082214993472098190813231000V10%26axid_e%3D%26ovsid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&zcc=1&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472098190813231000V10%26type%3Dr1%26refUrl%3D%26vid%3D42082214993472098190813231000V10%26axid_e%3D%26ovsid%3D%5BRX_UUID%5D&cb=1704208221611 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=6355620383 HTTP 302
  • https://sync.1rx.io/usersync/turn/3816208842254621055?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-4fdc1d16-84e6-4521-8c38-c4e3c9f4d635-005?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472098190813231000V10%26type%3Dr1%26refUrl%3D%26vid%3D42082214993472098190813231000V10%26axid_e%3D%26ovsid%3DRX-4fdc1d16-84e6-4521-8c38-c4e3c9f4d635-005 HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3472098190813231000V10&type=r1&refUrl=&vid=42082214993472098190813231000V10&axid_e=&ovsid=RX-4fdc1d16-84e6-4521-8c38-c4e3c9f4d635-005
Request Chain 315
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472098190813231000V10%26type%3Ddxu%26refUrl%3D%26vid%3D42082214993472098190813231000V10%26axid_e%3D%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3472098190813231000V10&type=dxu&refUrl=&vid=42082214993472098190813231000V10&axid_e=&ovsid=I9tIXYa11RkGpl5
Request Chain 316
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=69aff782-32d0-43f9-95df-a79b64081b6b&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 317
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://server.cpmstar.com/usersync.aspx?bsw_custom_parameter=93bfb436-344b-4360-95ad-06e591cc36fa&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D440%26ssp%3Dmedianet%26user_id%3D%24UID HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=440&ssp=medianet&user_id=KcnOq21T7oqh8t7QKVrK0 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=93bfb436-344b-4360-95ad-06e591cc36fa&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 318
  • https://b1sync.zemanta.com/usersync/medianet/?puid=${VSID}&cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__ HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=zem&ovsid=qJIo_L6uoQY98nUk1sKb
Request Chain 319
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3472098190813231000V10 HTTP 302
  • https://contextual.media.net/cksync.php?type=mf&ovsid=2edb2acc-8b6e-4721-b9a2-add2bc7dce29&cs=1
Request Chain 320
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=4d7ab853-5158-4b62-987f-d38cb76dc1f6
Request Chain 325
  • https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=35E1EA24-50D0-4671-87F2-3C38672EF919&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=35E1EA24-50D0-4671-87F2-3C38672EF919&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 327
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEMk1rN0xLRThBQUJhQnVBSUd0dw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csyn%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csyn%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AAG8307LKE8AABNCGP5LBw&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsyn%252Csas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=syn%2Csas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAG8307LKE8AABNCGP5LBw&pid=558502&do=add&gdpr=0 HTTP 303
  • https://sync.technoratimedia.com/services?uid=AAG8307LKE8AABNCGP5LBw&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 307
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191740&cb=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26nuid%3D0F51F0D8D7A04E5A9956C24A7C9B8FD0%26att%3D1%26pid%3D82%26cb%3Dhttps%253A%252F%252Fmatch.prod.bidr.io%252Fcookie-sync%253Fgdpr%253D0%2526gdpr%253D0%2526bee_sync_partners%253Dsas%25252Cpm%2526bee_sync_current_partner%253Dsyn%2526bee_sync_initiator%253Dadx%2526bee_sync_hop_count%253D3%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26nuid%3D0F51F0D8D7A04E5A9956C24A7C9B8FD0%26att%3D1%26pid%3D82%26cb%3Dhttps%253A%252F%252Fmatch.prod.bidr.io%252Fcookie-sync%253Fgdpr%253D0%2526gdpr%253D0%2526bee_sync_partners%253Dsas%25252Cpm%2526bee_sync_current_partner%253Dsyn%2526bee_sync_initiator%253Dadx%2526bee_sync_hop_count%253D3%26uid%3D&s=191740&C=1 HTTP 302
  • https://sync.technoratimedia.com/services?srv=cs&nuid=0F51F0D8D7A04E5A9956C24A7C9B8FD0&att=1&pid=82&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&uid=ZZQnXllbmqYpQkjxQ1CzmQAA%26486 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=3 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAG8307LKE8AABNCGP5LBw&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4%26userid%3DSMART_USER_ID&gdpr=0
Request Chain 328
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6332561323996420897&gdpr=0&gdpr_consent=
Request Chain 329
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZZQnXgALbPhVDwAM
Request Chain 330
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=0c7a8128-a981-11ee-b025-3aa31ae7699e
Request Chain 331
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=eo9omX6NZMhhiTTIftt8nXSPZMth2GWefo_OOAyS
Request Chain 332
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=93bfb436-344b-4360-95ad-06e591cc36fa&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_74a2899f-faff-4b16-8443-c37c471059fa&bsw_param=93bfb436-344b-4360-95ad-06e591cc36fa&expires=10&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=93bfb436-344b-4360-95ad-06e591cc36fa&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 333
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=dISjD0srWlVGuKnQKPQfawW16oQ&gdpr=0&gdpr_consent=
Request Chain 334
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:I9tIXYa11RkGpl5&gdpr=0&gdpr_consent=
Request Chain 335
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=968062845345747366
Request Chain 336
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=1f2cbe04-e350-4a1b-bfe3-e8bf6e1bd91a&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID} HTTP 302
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=35E1EA24-50D0-4671-87F2-3C38672EF919
Request Chain 338
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 339
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUa2c4f5affb9542f5a5edfa8e79a3daf5
Request Chain 340
  • https://ums.acuityplatform.com/tum?umid=6 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=871933295840
Request Chain 343
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=NeHqJFDQRnGH8jw4Zy75GQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 344
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=35E1EA24-50D0-4671-87F2-3C38672EF919 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=35E1EA24-50D0-4671-87F2-3C38672EF919 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=db5ba070-3deb-4b92-b31a-f5682e9566ca%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=4d7ab853-5158-4b62-987f-d38cb76dc1f6&ttd_puid=db5ba070-3deb-4b92-b31a-f5682e9566ca%2C%2C
Request Chain 347
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MzVFMUVBMjQtNTBEMC00NjcxLTg3RjItM0MzODY3MkVGOTE5&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 348
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECC1rpmclmVZp-RAejYm9qA&google_cver=1
Request Chain 349
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:567BC08123CD485C8973D889F7E7AB94
Request Chain 350
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=4d7ab853-5158-4b62-987f-d38cb76dc1f6&gdpr=0&gdpr_consent=
Request Chain 352
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=35E1EA24-50D0-4671-87F2-3C38672EF919&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-STZHgNNE2uV9yKUz.YvLNi1z2WLNtC0-~A&gdpr=0
Request Chain 353
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=bd847c17-7e2d-48e8-9b18-025969320754&gdpr=0&gdpr_consent=
Request Chain 354
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=35E1EA24-50D0-4671-87F2-3C38672EF919&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=64cf5b5e059410b7&is_secure=true&networkId=17100&version=1&nuid=35E1EA24-50D0-4671-87F2-3C38672EF919&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGnZrV6UcdHQNGH7rUAAAAAAA&expiration=1704294622&nuid=35E1EA24-50D0-4671-87F2-3C38672EF919&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 355
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R33646_10EA9CF04_36ED3793&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
  • https://pmp.mxptint.net/sn.ashx?ak=1
Request Chain 357
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4032381624368404863&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 358
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=12530211-b7d9-41fc-ac8b-877bd98f51b4-6594275e-5553&gdpr=0&gdpr_consent=
Request Chain 359
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1715222514944240407
Request Chain 360
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=LQWHKIXZ-1S-K9UW HTTP 302
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=LQWHKIXZ-1S-K9UW
Request Chain 361
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODJiOGQ0NzU4MTA1YWE1ZWE1OWM3OGM0M2M2ZDVkZGExODc3MjAxZg
Request Chain 362
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=4d7ab853-5158-4b62-987f-d38cb76dc1f6&gdpr=0&gdpr_consent=&expires=30
Request Chain 363
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/5y1yfIRFBqUjFq9OgU_t4cn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-YMNXvq1E2oLRDWUf3BqmMoxOyoy8VzR0u7kTiQ--~A
Request Chain 364
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=M8R9yD6OQrinKUWezOni9g&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=M8R9yD6OQrinKUWezOni9g
Request Chain 365
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=iaykGq6hQzWQtoXf1aOg0Q&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=iaykGq6hQzWQtoXf1aOg0Q
Request Chain 366
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHk9GIz6w9VbtQg-n1Gnq1I&google_cver=1
Request Chain 367
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFFXSEtJWFotMVMtSzlVVw== HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEF-zZ41QIkSVXn5DKmkvsHU&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFXSEtJWFotMVMtSzlVVw==&google_push=
Request Chain 368
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LQWHKIXZ-1S-K9UW&ex=d-rubiconproject.com&status=ok
Request Chain 369
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQWHKIXZ-1S-K9UW
Request Chain 370
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp HTTP 303
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1 HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAG8307LKE8AABNCGP5LBw&expires=30
Request Chain 371
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=61b749d6-64df-4351-a127-8c44ff4dcb8e&expires=30
Request Chain 372
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LQWHKIXZ-1S-K9UW&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LQWHKIXZ-1S-K9UW&redir=true HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1URFcwVXN4RTJ1SHYwZnhZZTMwbFJ6dkNQR2s1Y2NYNX5B&ovsid=LQWHKIXZ-1S-K9UW&dpid=58160
Request Chain 373
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564 HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LQWHKIXZ-1S-K9UW&pId=11&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LQWHKIXZ-1S-K9UW&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
Request Chain 374
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LQWHKIXZ-1S-K9UW HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LQWHKIXZ-1S-K9UW&dnr=1
Request Chain 375
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LQWHKIXZ-1S-K9UW HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQWHKIXZ-1S-K9UW HTTP 302
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQWHKIXZ-1S-K9UW&ckls=true&ci=T8c6bYP4Ni&nc=false&trid=-2114266178
Request Chain 376
  • https://token.rubiconproject.com/token?pid=37556&a=1 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LQWHKIXZ-1S-K9UW

372 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.app.bigonline.top.enquetebbb.com.br/ 		88 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.225.224.10 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host04.mezzor.com.br
Software
Apache /
Resource Hash
b9585022f7134cf14cb8be94fdf0c1229322e0d0e5b497dc1d43156203150a6c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-length
11985
content-type
text/html; charset=UTF-8
date
Tue, 02 Jan 2024 15:10:12 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
Apache
vary
Accept-Encoding,User-Agent
x-content-type-options
nosniff
x-ua-compatible
IE=edge
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6330018069195839
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
39e3ef73ff0b59272612c80d063080bcbf58779356cc481a831e1c7117ecabb1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.app.bigonline.top.enquetebbb.com.br/
Origin
https://www.app.bigonline.top.enquetebbb.com.br
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 15:10:13 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51306
x-xss-protection
0
server
cafe
etag
781087827242942016
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 02 Jan 2024 15:10:13 GMT
js
www.googletagmanager.com/gtag/ 		186 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-112625574-1
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8c3ad591c818cf9f05c1fe47f4184f4f82b017100848a33afdd640b2b8b6f9e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 15:10:13 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
68972
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 02 Jan 2024 15:10:13 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5bdcf678abb8a73759456ff6fb7dabb881747700dc5232ab3a1ea86821fc5219
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 15:10:13 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29084
x-xss-protection
0
server
cafe
etag
679 / 19724 / 31080057 / config-hash: 12947993814115561758
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 02 Jan 2024 15:10:13 GMT
bootstrap.min.css
cdn6.votarenquete.com.br/css/ 		119 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn6.votarenquete.com.br/css/bootstrap.min.css
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
d9a2b1472c2611f0f39e2965d7faee82d99717c347f5c7e52aa9c5f27e0174d6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 03:18:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD61-P1
age
7645922
x-cache
Hit from cloudfront
content-length
20131
last-modified
Tue, 26 Feb 2019 14:58:52 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pc0wHWBTe7Ua%2FqXN7Fr6YqZ%2Fa8YFocxttPE5mE6QbswL2%2FlXsE5L3%2FGJBa2XzlESgqWc4AWQKEy7eubWL%2FHcfHVHUtD537wFkoJFKvwjB%2FybFl2%2FeLrveE4C79BAMpHqMsIavyQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
811ac172ba543944-IAD
x-amz-cf-id
572h3TiRnYyLYvDbgiCWIzMcu8h7RzH_vY63cXN0rMhcO_YwRsR3cg==
expires
Sat, 05 Oct 2024 03:18:11 GMT
font-awesome.min.css
cdn6.votarenquete.com.br/css/ 		27 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn6.votarenquete.com.br/css/font-awesome.min.css
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 03:38:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD61-P1
age
4879889
x-cache
Hit from cloudfront
content-length
6243
last-modified
Tue, 26 Feb 2019 14:58:52 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dz1wVYSKgKo5FKXlk%2FM%2BbCs2%2Flcr7Kgk2abHp%2F0zcmMpAcHRF0YfKUhKjXutMHnaqd2TS1epyeBELhyCQvZvMDEE4Cj3ToFVm4pVhZ2gBNJlDZlpD422znpU8dVuZBSsX2F03vA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
82228b8cadf982ab-IAD
x-amz-cf-id
EKJA_ILpKGKe-WS5IXVKjdGe2WdlBFRau42tvZ3E7jZPUaWng1hPyA==
expires
Wed, 06 Nov 2024 03:38:44 GMT
swiper.min.css
cdn6.votarenquete.com.br/vendors/swipper/ 		17 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn6.votarenquete.com.br/vendors/swipper/swiper.min.css
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
47b0e7129add982c0e394f0dfa8d9621e6c9e4126859b26e1ad25c18def0d812
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 06:24:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD61-P1
age
4265138
x-cache
Hit from cloudfront
content-length
2868
last-modified
Tue, 26 Feb 2019 15:23:40 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YER440r53iL0jNsZsKV4Vq03baTXw154YEqw7vDXYCk9yQF6Z5YSwo8xD5JRvKd1Mnewp6ZPQzQztyDlCNNAaESIVEfVhkK4Vo%2B3tjh1rpQQWvWc%2BGxesFyQYdpFxOeCTYgOE4A%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
825d2c206a8d241d-IAD
x-amz-cf-id
ySVD9_LmdEsJmaCL2M3fi2dI5qpWTbNpsvmBsypqcAqdJzsy_5tRow==
expires
Wed, 13 Nov 2024 06:24:35 GMT
linearicons.css
cdn6.votarenquete.com.br/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn6.votarenquete.com.br/css/linearicons.css
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
d0c2360a26fd57ed8e7537ec6a2cb580ddc4701192d80a772420f12014f6f178
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 03:38:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD61-P1
age
4879889
x-cache
Hit from cloudfront
content-length
1623
last-modified
Tue, 26 Feb 2019 14:58:52 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nfJRv6dmZdcxLVwCxEGAsSfHYEyUezUtZt6th9otJWOgmPIhO93ZQMqsSQu%2BACt3Kh2oRj3iitPbJcJPpXNFipvEJwWjnh6a1k%2FEXfTJB8S54zNZF4PR%2FiOY4r91wTrU7kk3hPg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
82228b8c8f77f88d-IAD
x-amz-cf-id
IEE9sHguPI50abDRC9pdii_9Qgw8yYrqx9JDTp_uYAymwA2-XsAsKA==
expires
Wed, 06 Nov 2024 03:38:44 GMT
owl.carousel.min.css
cdn6.votarenquete.com.br/vendors/owl-carousel/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn6.votarenquete.com.br/vendors/owl-carousel/owl.carousel.min.css
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
c5987c529814bca758deb15c889113e35e87d0fc6fe4788202c326da2dc3559c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 00:36:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD61-P1
age
5063636
x-cache
Hit from cloudfront
content-length
953
last-modified
Tue, 26 Feb 2019 15:23:40 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WAw2yYUAPvZ7jx971sVO7IqF0A7Tpt%2BPour5ech64LQxjRn8GZRTZ4QHbehSIGcVfYXhjUqbyqb1WWrR8953VJrA2K8QyPBRKLmDMRtOWueUM9QT81KybLTebhVeLp95FqVj4Kg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
821105881bef2d18-IAD
x-amz-cf-id
fgjtGFIRq-A71GiljEglQHtzAcwNH-1Za9CsvCNMb6RsR1fVDMCTuw==
expires
Mon, 04 Nov 2024 00:36:17 GMT
style.css
cdn6.votarenquete.com.br/css/ 		88 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn6.votarenquete.com.br/css/style.css
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
a31579de079ace0a7e4bec7f0c489c4a4ddc7e8afc2b9828bbb6896d455e6676
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 06:24:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD61-P1
age
4265137
x-cache
Hit from cloudfront
content-length
13850
last-modified
Tue, 26 Feb 2019 14:58:52 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tylzlLRw8l8HZtk7d%2Fbr7B%2FJiq7%2F9iYCpNGbl%2B2DWETNGnw75MkYQUm26UzeTqwH37pzNlClokbDJdM8L%2BpEltell%2BR6VqgK3RPUwGVUy2WR9wOgmK1usGT7JjB5yw5S71Zxk%2F4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
825d2c213ede8224-IAD
x-amz-cf-id
sNlLLg5uj45Ypd9qDt3ApK1BqEDG46JT4FW8W3UDs3ddOKMZlouLfA==
expires
Wed, 13 Nov 2024 06:24:36 GMT
responsive.css
cdn6.votarenquete.com.br/css/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn6.votarenquete.com.br/css/responsive.css
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
fc6f580810c33b1b5df1510b9d222429adb6d1f2ac5bf810a4c6ed7ead3cf061
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 28 Oct 2023 18:05:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD61-P1
age
5691865
x-cache
Hit from cloudfront
content-length
2701
last-modified
Tue, 26 Feb 2019 14:58:52 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eMQnw1fZvcNjwEAD6uzCzfHDxuWwNme%2BFqGcVKnFXYjVqdNyzqwnoEnfN0eDvs7hbmHpc5K6jf4TvX0C2AqvpAsRXlAwjSi29P6orWES3l3KAGsFQcaKNgC2YHvA9d3gMxmDl5E%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
81d51be76b143967-IAD
x-amz-cf-id
-NnT5EiJrPZSUC5MOw97yM7-QcBjcJqiTU7bzqIuhCEIl0DaI7RAfQ==
expires
Sun, 27 Oct 2024 18:05:48 GMT
smart-app-banner.css
cdn6.votarenquete.com.br/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn6.votarenquete.com.br/css/smart-app-banner.css
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
c979be3ca2ea19a41e656e1372c36f4677da11ace44f40c27c2c48bfe5a33cca
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 03:18:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD61-P1
age
7645922
x-cache
Hit from cloudfront
content-length
1297
last-modified
Tue, 26 Feb 2019 14:58:52 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fSNmwu%2FNYRpyOvldNND3pscAU8aeNZ0XfKan7XydvR%2BpuAZRW6fnZy1Wz%2B5vmOiAonCBOmvVvY78z%2BjzyFiglC5Zh3qoXm7QTBb91jS4yFre59cuaeH6NU7bel3i6WF3tpt02tc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
811ac172cd8a1ffd-IAD
x-amz-cf-id
5dsvnqQGyeXdiinCrHRN_sPFa9ib_EuPSFkAZnMymNOnMS24C0olcg==
expires
Sat, 05 Oct 2024 03:18:11 GMT
config.css
cdn6.votarenquete.com.br/css/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn6.votarenquete.com.br/css/config.css?v=5
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
d40285f61cf97c481d61f0ccbe1ae23b47ef63cca6822d90eb37f4922cd56f81
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 03:18:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD61-P1
age
7645922
x-cache
Hit from cloudfront
content-length
2795
last-modified
Tue, 26 Feb 2019 14:58:52 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dnPVsB7n0YBcW6Jlf6B2wPV1LjIeeqtcj1EXB0gwySW68OKtus%2FpfAb97VrVtRrGsumRk1hU3ohx7JjVrWK1VAi4dkiLTf19UgRrGcSDUYRjPjepexBNFs7u859tUWnTizpAWbM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
811ac1732c7220b1-IAD
x-amz-cf-id
QwAFG_5m1ZzaN6HkJ6hgfUHyKSjCtQC2WNPvrSKlp9k5mzrN2yMh5A==
expires
Sat, 05 Oct 2024 03:18:11 GMT
jquery-3.2.1.min.js
cdn6.votarenquete.com.br/js/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn6.votarenquete.com.br/js/jquery-3.2.1.min.js
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 15:16:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD61-P1
age
4837997
x-cache
Hit from cloudfront
content-length
30138
last-modified
Tue, 26 Feb 2019 14:59:22 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D5lkonuIdMMa1JNHlLzjyqUMoMpRcRJDJpfQdy3NH3Yce1JgLDztIZ5X8e6dCAUMVifA4B38caC90xbwTDM3yBBc%2F2hKrjaConNUBJ00q7kmM0%2B4DhJsmNeN38Q5RmD6eWgYxXs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
82268a4c6869094d-IAD
x-amz-cf-id
3hfiGR6Cn8cHumtV8WKBh4GuxG-Hi9TrSXBsrCuc1zpIBEG3-XMJNQ==
expires
Wed, 06 Nov 2024 15:16:56 GMT
new-logo4.png
cdn6.votarenquete.com.br/image/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image/new-logo4.png
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
fda9ef9d3fda898fc315283504eb0aeb8ada64df1bda7e2e11165f28f59c1fb6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 03:35:33 GMT
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD61-P1
age
4742692
x-cache
Hit from cloudfront
content-length
3613
last-modified
Wed, 27 Feb 2019 02:22:58 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HjNNtlrXFYY1D0CMr2pBXd5u7X1W%2BnIOPO3OOpkSgsxyk4wRO%2BW7roZDdnajmYCMZ6obMbwOrPzOhK%2FSObZU5WS8OmKVyXF67Ru3yT6AMBSFqicNMFoJ7IuLiR4ofZX5uelxmyE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
823301a2db3405fb-IAD
x-amz-cf-id
o8WAQsWexyDOd0WvubUD0lqEsV5-mKpM6bGfx2YBquY8p5vLYia3Yw==
expires
Fri, 08 Dec 2023 17:45:21 GMT
new-logo2.png
cdn6.votarenquete.com.br/image/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image/new-logo2.png
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
e714c04bd8303c2cb34fb0e9004d63bb2b3def0e8d69995808b7043dcd5792ed
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 21:52:42 GMT
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD61-P1
age
4727851
x-cache
Hit from cloudfront
content-length
6370
last-modified
Wed, 27 Feb 2019 02:22:58 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ciV8lsGhNGwtGGXiy0fNKUAQ3MmbrrixlIwh6O%2BLvWqqqi1z3QfIDqXE9vxNFqXJg%2BUJbKFL3WW%2F7SvXEuOjG8W0U9%2BA%2FoZSB59hxIhgoVib%2FW0U2xRnBPwhZa94aS0x3Nkheco%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
82310b699de86ff7-IAD
x-amz-cf-id
OIfs8hRgla761LbjVq36L6sG_VnhCkUvYQqozaUcZEKuVpRQjYzZ4A==
expires
Fri, 08 Dec 2023 21:52:42 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=300&h=343&q=1&src=image/participantes/alicia-x-paiol-a-fazenda-15-P.jpg
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
66459edfc739be4f517ce02992bde40cdc3fa3e93a5496d36c12a128c4e76e1c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 03:35:02 GMT
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD61-P1
age
992111
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Fri, 22 Dec 2023 03:35:02 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GWXkmM8qZ2PxgZbk5IBuQPR4kfNTyCb0fWMHRkjizawlcLUxD7C4RiVGrbyfgWjxMOWHZOiNmZ7AI%2BLbbSf4P4vBOOSMOZw42tTo7TMx9PfRqbsh0URyfriw75t%2B%2FRyjHp%2FO9qM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
83954fff2d4a28a8-IAD
x-amz-cf-id
ob7hgh79EadC3-py7F1Jmd7xk5443298IUqc1HybZt3dSG4Nut4ygg==
expires
Mon, 01 Jan 2024 03:35:02 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=300&h=343&q=1&src=image/participantes/andre-goncalves-a-fazenda-15-P.jpg
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
32b0d2b1ef56d48131221c07e77ee1f9b15708a7e5c4f2c610114d51bca8c42f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 03:13:19 GMT
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD61-P1
age
2807814
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Fri, 01 Dec 2023 03:13:19 GMT
server
cloudflare
cf-railgun
direct (waiting for pending WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ItWcd1Z3jaJSErYUiMC3Vkz6IcuGP1Sl8wgSM1Sa3XZbLIXNWtb5t397AcmOAXlhhiBru9Mc3MVEDgx%2Fq2P372pJngYGkjYTFfpiyStvkLyHSqvl2MrXP8%2FOlHDY4Z8o%2Fv6m1IU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
82e8274fff2312b8-IAD
x-amz-cf-id
KqrIBd4zagIRy3SaC3HD01Zznatydk2Wz38aNCygl7qvq7R6FnOEbg==
expires
Mon, 11 Dec 2023 03:13:19 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=300&h=343&q=1&src=image/participantes/cariucha-a-fazenda-15-P.jpg
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
aaf10a29a6e9369fd99a81c3ff0bb8de76316a621a659bade750eb27a980d33e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 03:35:02 GMT
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD61-P1
age
992111
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Fri, 22 Dec 2023 03:35:02 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2BFQKXTWrjbiWtivzfUeqoFtG6LVpEV%2Bk2v04v9tmaYV1sW1qYPHV7oxxdprrEO6u7xMlmTySZMLh2UQkC%2Fy72r1ofUgmDJZxrDE%2FPX71knmE7MVPX86Vv73vigxPvChfx0F0rk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
83954ffeddfc1fe0-IAD
x-amz-cf-id
pGmSU8Mh0PDVqF8oxh-M7d48S0b1EoJtVTsXIZkirtejllz6bLpAGA==
expires
Mon, 01 Jan 2024 03:35:02 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=300&h=343&q=1&src=image/participantes/cezar-black-paiol-a-fazenda-15-P.jpg
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
2e1808ad68a7f5f4999f152886b4963a9e640f59392f73360af73860cc6a71bf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 03:35:02 GMT
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD61-P1
age
992111
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Fri, 22 Dec 2023 03:35:02 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i4xjnI3%2Frw4sHdiNRnpAaCX2cFn%2F9H%2BvgNR1Ib8Un%2FeaaTJHgJtJYOiJ9YLON9gTW7rn6P5IgURtO%2BmtHdwGlNJvlf8cc6C6HTlH5BY0Fprf6cmXhqLvVe0BZMbcYNsfBQvsxKI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
83954ffe691a3974-IAD
x-amz-cf-id
u0HuT-qnA2FypL03x19jiU0CYEAopTICRrXlFVxkz2wx9lATUn9OLQ==
expires
Mon, 01 Jan 2024 03:35:02 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=300&h=343&q=1&src=image/participantes/darlan-cunha-a-fazenda-15-P.jpg
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
4f4149b0e07b9b44d0160db3863ddf0a1e998b7f7d581975d836436b4b4eca49
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 03:36:07 GMT
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD61-P1
age
992046
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Fri, 22 Dec 2023 03:36:07 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CUnL7x9oheYc0ooPgTqByF1y76TWxtMnDvZ6%2BXHgNIsbcsQP8YYjdFN5BzEOUJt%2BkFt39IJGaSs0cj%2BLBbAJs%2Fib%2BPrMler4oUVL0XT8xCtJPJBXIqfvzBvcPsaunykG2p4ZHR4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
839551978aa607cc-IAD
x-amz-cf-id
vyR8reJFFMhFr0h5SRBPXVBEajCkxwpptpk0x4cVoYlAKJGQOjpg9g==
expires
Mon, 01 Jan 2024 03:36:07 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=300&h=343&q=1&src=image/participantes/henrique-martins-a-fazenda-15-P.jpg
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
5f15ce32c4d4615fd46480fa919b2bdd7ccfeeb07ddfa43a2bd61c2b1b5483fa
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 03:35:02 GMT
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD61-P1
age
992111
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Fri, 22 Dec 2023 03:35:02 GMT
server
cloudflare
cf-railgun
direct (waiting for pending WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aMT5iCBh2P6clD7BbD3kYGwZzK8ISYAfVwF7NjtXZACGMBD7hoauKpKKtzxS1v%2F%2BeBC2ARHR5D3momwk6aKoaqGzFWnd%2BrHwhPKgCMq3DWPjnn%2BxNr05QL5AsKq3rpGPVRNMA0Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
83954ffdfe1a9c7c-IAD
x-amz-cf-id
CGAJO7KAfXUwaXtBvHZyQJv2Nnz2SasVFOlL86vhi0ogc7uAYEM93A==
expires
Mon, 01 Jan 2024 03:35:02 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=300&h=343&q=1&src=image/participantes/jaquelline-grohalski-a-fazenda-15-P.jpg
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
a70770556b3feb3c4a79ddfbb99768e58a262e5a2c744e922d65fc4612a04e61
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 11:18:56 GMT
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD61-P1
age
5889077
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Thu, 26 Oct 2023 11:18:56 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yJKpZX7%2FDsEjyRjRdH5atN%2FPFRSJ1shTaBj1kPGNC9J0KaL3t17cu5j%2FQ%2FF%2ByMLxyQMzFgQeDQZzID8iSJKVpPeMW7x%2BkRbg6%2BV85b7RvERf3vHCtFk3iO4aEWt2dM706umCjxE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
81c24d2b5f982d20-IAD
x-amz-cf-id
9utJVWJ99kcka_mtCFagcjWE4iuc6Ns-TcuIM7ArF9V51BBivhipQw==
expires
Sun, 05 Nov 2023 11:18:56 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=300&h=343&q=1&src=image/participantes/jenny-miranda-a-fazenda-15-P.jpg
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
fe19a0337cbb7bd0b7a2bbc41cae76c2df3b9b1e8942589b6652bdbc3ff12db0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 03:35:02 GMT
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD61-P1
age
992111
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Fri, 22 Dec 2023 03:35:02 GMT
server
cloudflare
cf-railgun
direct (waiting for pending WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HAqTTzttxaUp4bBONUNjOLd3QUIlelsrIirbMRxl%2B1z3ik1tTaZuyrM8qMHnWAOVOUON7v0brdhTMDWfTf9IDpmBX3PIZLQ6Y5zyCK6iewZU2dWbOyyT3MYlscp%2BjkrUx0PvoYM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
83954ffe4c0a28a8-IAD
x-amz-cf-id
W8OXdJr-lvlUoPjFfFwqaGTQyeQrTm0H3oTMkPPDUYoypvTo5DI0zQ==
expires
Mon, 01 Jan 2024 03:35:02 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=300&h=343&q=1&src=image/participantes/kally-fonseca-a-fazenda-15-P.jpg
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
9963f6e3cc68a9488f258ee3814be17f6e48d37176ee74cb864a554eaa0abecb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 15:20:46 GMT
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD61-P1
age
1208967
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Tue, 19 Dec 2023 15:20:46 GMT
server
cloudflare
cf-railgun
direct (waiting for pending WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cPoUkXTLDsXD7emJdCqaRuCOI7v6EYwF76qIo9%2BhT14nx86cXm5nB4vym2cWVZXJRZivzA1OuRSa%2F2YF4JgErSe3nt%2F%2FoWiTcMfLI8efE51%2BtLxl7R4Xm%2FBo7ANbGN%2BSFMpxUEM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
8380a1ab9daf57d3-IAD
x-amz-cf-id
zbCTELLr81jTWGNepaeerM-sIg6mFEqYkRnJ3xJxGt2Y-HZVnNJS4Q==
expires
Fri, 29 Dec 2023 15:20:46 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=300&h=343&q=1&src=image/participantes/kamila-simioni-a-fazenda-15-P.jpg
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
5abe8d796c549abaa421b31ab43cd327c756bab9695e8bbce0f31e56eaade7a8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 03:35:02 GMT
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD61-P1
age
992111
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Fri, 22 Dec 2023 03:35:02 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9CZ1yl8Iv%2F9GzrwLUbjKVdcMvyBYqPyihFsoY2qF4B642PZVQGCm1LpTmklmnOusHoQ5leOSuh1bhBazqPwthtG4zrRcS5lTn2iQqACJqUJVPPJW%2BiGjoBauIWN0Mp9rk1OPrho%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
83954ffe69d09c3c-IAD
x-amz-cf-id
Yk_Qx7XVpcwdTw1LyY-vIvBKm1O5awYtNOhdRY7tYVFnzLxDfR8jhw==
expires
Mon, 01 Jan 2024 03:35:02 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=300&h=343&q=1&src=image/participantes/lily-nobre-a-fazenda-15-P.jpg
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
003413439cb5fa037d219b2635432a0488e406bd27a20ffc71543973b22ca10c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 03:09:23 GMT
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD61-P1
age
1598450
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Fri, 15 Dec 2023 03:09:23 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KiilpoCIjRErGqJ%2FxxSoqRNABJ8dyuFKRlqytFar3DQOxK%2Fh0uvqHYF50A%2B1uwKntPW93w8YHfDDZ60wAqPsByZPW5HRrTluEzNNZnrcC5K52yH%2FXWlzbgOhJ5W3qQ5fpDgbf%2Fw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
835b7ccd2cde57f7-IAD
x-amz-cf-id
bnjdJJ4ccPnd3d076qAW_cj_dTvRSlNJBjxLvohFxGcMMkZZsyfjpg==
expires
Mon, 25 Dec 2023 03:09:23 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=300&h=343&q=1&src=image/participantes/lucas-souza-a-fazenda-15-P.jpg
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
a3cf2d367d36c4f207c93ef1207dd71b196fbffb8f50b78b47bae495ee266ba7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 03:35:02 GMT
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD61-P1
age
992111
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Fri, 22 Dec 2023 03:35:02 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hOYLo1wvpZ04j9EH8qzfEPpp3BwXTGEkWmcFXPQzxIxs31BdGivaVRNQCnJgI%2Bk3KsKXhknQ9yKxF3AAdR%2FYu1Phl6RDVBWyxld6aRjAPGjwTVoBCdKNQaP8IG06vC8dx%2FKL0ec%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
83954ffe6949084e-IAD
x-amz-cf-id
W4AT7NRkJtj9QgOM2okz9qerv_xQUhwLST8RzOqTzDeZqhq5Q7t25w==
expires
Mon, 01 Jan 2024 03:35:02 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=300&h=343&q=1&src=image/participantes/marcia-fu-a-fazenda-15-P.jpg
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
8df2c7fec3541500a38d4273e9ea7495225fe2ab86431503df5d866f351f4ca4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 03:09:23 GMT
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD61-P1
age
1598450
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Fri, 15 Dec 2023 03:09:23 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZPKXRuCogm46dSF88KUDPAOCE3Gh2IgNsa7CGSaykx9rL9w4hCM6ICG0alkKFQlH14Yy9nuddiWUfWALZ3IM%2FhO1jY6M8SWGwKU%2BbOwvGRi9hz%2FHWrsVjgh5Yhawxyq10sg3M2Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
835b7ccce95b3928-IAD
x-amz-cf-id
sCC1FLtc9dbCsIPdkwYya6AlEBoLfGFqS7W1QoMrWMiBTX40XDoMzg==
expires
Mon, 25 Dec 2023 03:09:23 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=300&h=343&q=1&src=image/participantes/nadja-pessoa-paiol-a-fazenda-15-P.jpg
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
7713dffabca932ae870e1aad59653270cdfd64f186851dcc0e89774b76ee6ce7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 03:35:02 GMT
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD61-P1
age
992111
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Fri, 22 Dec 2023 03:35:02 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p3dA7FfK6%2BuL3Zk6dhqiTUbhdYw3TAVRo7pkDFFZrw8MIrcH6MlXZA7htUOpckrcBGAERDxSfSKpKywOWlgQMpjNAjG75JvGeIWKlvllL7NNuThyWzJbDusFew12AJU7GWS4ub4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
83954ffe789382d5-IAD
x-amz-cf-id
OoCXC0l9p-O4yvd_D4PpBR2p6Xc80dbGgNZ8WnUwzvJ3lppjIKpdjQ==
expires
Mon, 01 Jan 2024 03:35:02 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=300&h=343&q=1&src=image/participantes/nathalia-valente-a-fazenda-15-P.jpg
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
847b69fb54fbe7de0bf6efb3af9d1f458d8632ca866588c4d93e640e115efec2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 03:36:07 GMT
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD61-P1
age
992046
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Fri, 22 Dec 2023 03:36:07 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4nnKzEzblEj%2Faiy4O37p1aGeWouFMsTEJ%2BjS9h7oIjps3UGY1fIZ%2Fh8KzT8wHEBnsFsBideOwQi%2BwBmpMA8BW8xaR6mtpbAjubk7DdHFjtz5sOXVR%2Fu73ltqyrSvnLj%2BKdJpQMY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
839551982ddf57f7-IAD
x-amz-cf-id
cZusg9AX7EU03lWaoQwy2xYbFKkS_OrFuNOWcPAXyU34vAEzR7R-vQ==
expires
Mon, 01 Jan 2024 03:36:07 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=300&h=343&q=1&src=image/participantes/rachel-sheherazade-a-fazenda-15-P.jpg
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
b4a6f10015f3f06e90821d3cb9d527a67c51341f52b029cfb034a00d27d2aa32
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 03:35:02 GMT
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD61-P1
age
992111
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Fri, 22 Dec 2023 03:35:02 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oHmOfTTIV8uIMqEsrjatBtFFwlxjXUBBUK%2FaMwazQOlEZSvVAd%2BYtjyBamj1O8iySDflI0ZAfyFMiL1eCHB6VGkUe5qZTipfVOiDcPMXJ0OCUM3JR1mlfoSfeLzhbVq%2FJ1wMBuk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
83954ffe7c6a57ae-IAD
x-amz-cf-id
Zrm5XemmYSdkFdzD7qufTUSvukWzn7no4xfzYBOp2lQ6QAq4_ZWymQ==
expires
Mon, 01 Jan 2024 03:35:02 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=300&h=343&q=1&src=image/participantes/radames-martins-a-fazenda-15-P.jpg
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
ed721a3c888082587ba404d93a3b7ef77547c78b1e87b8410bbd8d9576fc1505
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 03:35:02 GMT
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD61-P1
age
992111
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Fri, 22 Dec 2023 03:35:02 GMT
server
cloudflare
cf-railgun
direct (waiting for pending WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jM85DeUFmJ0lRbrG8PulPdHORL%2Bg%2FLE%2FCb4%2BybwZF2Yt%2BUl%2BaYfRJPXzyxtcwhYkOewBd3QdUgd6JbtyOWZ6O8v3G3zLKvJ3qqsBJ7577ZjLUWoaCFzeinPYTzAn3mWHRm9netM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
83954ffe7fd80947-IAD
x-amz-cf-id
xBZUrb4C0SiL2hNd2hdIKOPKbDr3GzuSGnyfPkKLmMKOCIrvZf1Wqg==
expires
Mon, 01 Jan 2024 03:35:02 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=300&h=343&q=1&src=image/participantes/sander-mecca-a-fazenda-15-P.jpg
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
42df22c7b1ffc073e52506eeaa1c4e96a1d2530a90dc6aec4737c24a4cfd6498
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 03:35:02 GMT
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD61-P1
age
992111
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Fri, 22 Dec 2023 03:35:02 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U3OM4J%2FYW4eJLtfDRlCYsM%2Biifplm0eFKfAXVyIIsrzoDvUgRBNmA2MUZCawsMXIsNp4t%2FEPmHxMC78rvCCtqDk9jm4OYHTGM%2BW7p48dWpjxxSj%2BJEP0MrOUzIsGGT2V%2By%2Bv8NQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
83954ffe899b5985-IAD
x-amz-cf-id
gL2gnZIBhZhZCS0_gGWQz9p6h66OanAccrec9iUIuEDZxX3Y3IDr0A==
expires
Mon, 01 Jan 2024 03:35:02 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=300&h=343&q=1&src=image/participantes/shayan-paiol-a-fazenda-15-P.jpg
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
01f0ead0b5f2aba10c679daeed7f18e6070d8cfaa8255423c9da22a893285e1d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 06:03:32 GMT
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD61-P1
age
983201
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Fri, 22 Dec 2023 06:03:32 GMT
server
cloudflare
cf-railgun
direct (waiting for pending WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KGbMf0zStVNpSxwXE%2F7N1IS0sw1C1zPILJAddiN9XiBMIEOIldocHOewXFOosL4AM4x4vbzst3yjVWfDlUOXaJhCnVcZHlQWPcYGimG%2Fg01YddZmKeCsYSRrucvCsT1LYHm7eeU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
83962988dec628a2-IAD
x-amz-cf-id
QlTu1r0VBHdfoPOzBvbNT3OhPfL27nmGsMXiLOZxQV5Z5gU2K1UXHw==
expires
Mon, 01 Jan 2024 06:03:32 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=300&h=343&q=1&src=image/participantes/tonzao-chagas-a-fazenda-15-P.jpg
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
ff1f876993a9e941440a6173852028b3432f19be1df5a2ebdbd7d6131a8b1604
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 11:18:57 GMT
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD61-P1
age
5889076
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Thu, 26 Oct 2023 11:18:57 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jehDrgUyMJ5f9GKMKLoLz5uuy3kHDmH5WWFWBJ0ztODpP%2Fekh7isfcBcdghzU92y0iVJ0nDFe1q5HhS0j%2FwTL31ioiueWuW7cs2cMuMbzN8V3gYDOSXlq%2BYsS8AugGaB8m69drg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
81c24d2e391481c4-IAD
x-amz-cf-id
RMC9_IqogjPshrXGdMdbCcOy0MTS2PIdCU9jM0nQOJS0w1wa4RXgJA==
expires
Sun, 05 Nov 2023 11:18:57 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=300&h=343&q=1&src=image/participantes/wl-guimaraes-a-fazenda-15-P.jpg
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
9c379e4510fbb454d5eefc35758f83750f1824e9cffb24e14fe813d8afbffd9d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 03:17:56 GMT
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD61-P1
age
2548337
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Mon, 04 Dec 2023 03:17:56 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iHc%2BWFAKNEdpMqteZc43qVbMmXjIn5rU20Hi67RMJPiluR24GM8rYrues0c0ELpI8jD%2FD8mFCGAYuAnzXWLD8BcY7exODNh7x1c%2F41TIYZW7tZISe4f%2Fk05q%2FgApNRoW0tCP1g8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
8300e633b9b90813-IAD
x-amz-cf-id
liPHCNr_7qbBFo7lzv95WsKQrjZqQDR6auyiaz0aHTbUmnCpgv362A==
expires
Thu, 14 Dec 2023 03:17:56 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=300&h=343&q=1&src=image/participantes/yuri-meirelles-a-fazenda-15-P.jpg
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
62373de6691128ad6c9e5f24fb08d0b8f479fd129412823d1d4d2bfff1e2302b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 16:55:07 GMT
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD61-P1
age
1635306
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Thu, 14 Dec 2023 16:55:07 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qqqrMG0imS2wyvGIsD2Yg5eJPcCPj2MNQuZDjiFd8mY%2F9YFRsrnOFB6bghrLYDu35XaqfJOPsUymR4i%2F8RiivGHaXXuZ1KxdO0m%2BK2FfEqObmPpNNdivbO7wNF62U34r2RmC1sA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
8357f901de5c82e0-IAD
x-amz-cf-id
TibID0F7EO6T0l8UoPciRQPWICopkwM1dRFhouRYH8Jy3Jr-e-1WGg==
expires
Sun, 24 Dec 2023 16:55:07 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=355&h=220&q=1&src=image/enquetes/quem-foi-seu-favorito-bbb23.jpg
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
9cdb163d229f2eb24fc0db41c72a849104b89d480512570030afbeef56fc2f09
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 19:44:46 GMT
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD61-P1
age
2575527
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Sun, 03 Dec 2023 19:44:46 GMT
server
cloudflare
cf-railgun
direct (waiting for pending WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AikQ2rewgU1wm1M%2B8pxNDPck5ta505ASV34%2FG8XhDmnFTxhwEJuVIJX6ZEumAUE8PREwTSeVisUeWTxqobXSfdOL0h3i34WYVKDF%2FMKPzFc5GeFYSvV6J4aL2g%2Bj0miJQrVfhRE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
82fe4e5ffcdd38fb-IAD
x-amz-cf-id
a70vkp8YWyBoohaRSPY3sWyAwAnHSW_e708eQWzbzO9Yx4IFI7fb_g==
expires
Wed, 13 Dec 2023 19:44:46 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=355&h=220&q=1&src=image/enquetes/ex-realities-quem-voce-gostaria-de-ver-no-bbb-24.jpg
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
f4beba437d39a47ef09fcffdc403a170792ffe77b3bd716a0538999895d17ba5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 18:36:57 GMT
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD61-P1
age
1715596
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Wed, 13 Dec 2023 18:36:57 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6ABpi4VXI2UqjLXQxozcOJMQFqSUNATrm7nCd9ghispTuk8KC6AUefD25iYhct9wQzfmOdbyTZ1hEg75MflvN5SsS9FR86MyujgQ%2FsqFUD9IoCKnNMZsWvJRQnCxez3IgjWq2n0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
835050ccc9062d1f-IAD
x-amz-cf-id
iCx9IWnsy65H3X02Cfa2snXEuubCBPHgGwNURf0LUsOsSicwREG_oQ==
expires
Sat, 23 Dec 2023 18:36:57 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=400&h=600&q=1&src=image/participantes/aline-wirley-bbb23.jpg
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
7bc7f37f61c6e04925175ad3bae04e63dc87643550c96bced48b217cde40a99e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 07:25:26 GMT
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD61-P1
age
2015087
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Sun, 10 Dec 2023 07:25:26 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hoCUg%2BNN881zOUlKIMU1QOChSAHd2kF1nPtmkhwdLVqIuSZKkLsZRsqE9GrApiG7eTj20ko22pBPWZnFAG%2FlwXPOdD20D%2BaaOtYHIqxGY5WzvA5y65hRSrEFFfKAoteZ9hRo0xI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
8333c1001dd62024-IAD
x-amz-cf-id
qdvSJQgMywvla0TfdpVeBNbtVs1qexKVUUl3blrnGvB1OJmJLQLW0Q==
expires
Wed, 20 Dec 2023 07:25:26 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=400&h=600&q=1&src=image/participantes/amanda-bbb23.jpg
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
8ff4a30392a3966fe5af95652920fef78fbceaa1f6a8c9f474c28af36de5cc08
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 03:31:37 GMT
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD61-P1
age
7645116
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Fri, 06 Oct 2023 03:31:37 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DoW6su938hTMiwBkEsW7kK7kNwL1OIMX0XcbInFcCVKDwSCOrzKFMGl7iaCSzqjWuPWCUS151bWiX1MdXJjdfv5bzYMJR7XdMsCchlQIThn%2B5eO%2F1gYNKQ%2BWvn2FoDBXSqn7UAY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
811ad51ec9bd585a-IAD
x-amz-cf-id
p7-HQkJQLd0F596PJ6ZVGBOjO0Dss3bK1vFkNeg2tE_Zfx9J-5l2fw==
expires
Mon, 16 Oct 2023 03:31:37 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=400&h=600&q=1&src=image/participantes/bruna-griphao-bbb23.jpg
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
db5f08f71cb73a6d0b162b0e1e87d59d269e83b2ef414c2b1688ad7831340469
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 09:56:04 GMT
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD61-P1
age
2610849
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Sun, 03 Dec 2023 09:56:04 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D%2BHaaIkUrNPsuSetBlQMT7E%2ByQIBYfBBNkw85kF1PkNavyftfQTVNJ5AJGXKmDROsB%2FoyulGmxHh6oVunGhaeSJA8YJKQ2VW55COo1AUHJI3MYyw%2Bt58PgprehwaaHYO5gju3o8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
82faf008eaa620c0-IAD
x-amz-cf-id
zvXncYZMB_sxGEAuts8JvE1xD_w4hFVQetyShXjx0CC9J5mF0ZKB0g==
expires
Wed, 13 Dec 2023 09:56:04 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=400&h=600&q=1&src=image/participantes/bruno-bbb23.jpg
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
3f0286b191e52b5e7af22af3a3056958fa411c8a7861ec57eb4d5c96d39314d6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 03:31:37 GMT
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD61-P1
age
7645116
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Fri, 06 Oct 2023 03:31:37 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bTiPCkNYb5m8DD6XpBLWTLJ%2BMmm6ReXHxZG%2Bkd2u5juW1Gz%2BkkNMBQgCf8%2BQpmQsQJCT8ofFu0T4vpiiWUqYRyKpJto0qSGBLZEC6X78tAxjFe2g1%2FlJfOCYdFCfk%2BtAVMBDsf4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
811ad51ecbef81dc-IAD
x-amz-cf-id
jam0kmJwNDju6PaeO2cBLs5AMGixKncCBNgdP0o-wmAz9-EzBNacLw==
expires
Mon, 16 Oct 2023 03:31:37 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=400&h=600&q=1&src=image/participantes/antonio-cara-de-sapato-jr-bbb23.jpg
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
24e9ed9eab09216ff15ca9714caf4c6334d318b0997bcac6e72c5029d1d93f43
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 03:31:53 GMT
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD61-P1
age
1683500
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Thu, 14 Dec 2023 03:31:53 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m7E71Lz4XHa6RkSKmZdWpuEfGRNh48MbVzO6rDE%2BNfjnXFBbXb8QAhAwj36Ecp1Ts9oU8rp9%2B7stYPA2v832n%2FlGb2PMMTnMBmoK27UOWe8hlDke5DM4BGOR4GtPCGrk%2B3O8OHQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
83536060bada5806-IAD
x-amz-cf-id
yxIYwDBMPgiBo7_rvoVhnG6d0d0VtgLsppR4Hhc18wXMfDnEqJpFuw==
expires
Sun, 24 Dec 2023 03:31:53 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=400&h=600&q=1&src=image/participantes/cezar-bbb23.jpg
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
fcb980cc482294d0f1928229f4fc4a4856efa5bee2c87fdd339bc2c59a81e71f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 03:31:53 GMT
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD61-P1
age
1683500
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Thu, 14 Dec 2023 03:31:53 GMT
server
cloudflare
cf-railgun
direct (waiting for pending WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L7aSWpsNlw2Az%2F8gJyPC4XC2xxuxvoo4YeB8F2cBmnZA9KgLr7%2Fdqkc9TsVt7FdgfkT0B9g9NbbWpHxhfGqhiiJDyp%2Bx6DINC%2B2T8o1gj2VMbc0TLJ%2BvUWLBuj7jcNMRyC7Q0m4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
83536060c9772094-IAD
x-amz-cf-id
PI7bnDtdTukrirZBh_TALdd_1NZox3TPptCz_snNDhdNdJedXvSmrQ==
expires
Sun, 24 Dec 2023 03:31:53 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=400&h=600&q=1&src=image/participantes/cristian-bbb23.jpg
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
f23c245ea5a38f63022aa074a4ccfe104df9a690d376460dc2562d63dde4b820
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 03:31:37 GMT
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD61-P1
age
7645116
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Fri, 06 Oct 2023 03:31:37 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AnyO8IG%2BOeTYhzpiSN1ZQUsW84PTJAR50zjPx2D7H4o%2FRMkS8ndbZcn53fSyJBbuEHfKCdUv%2Bu8tIhaHYQO%2Bqh1y7lLzP7T0yeJzLsJBrGLVvxomrD36leeC3XdUF%2Bv4Gi8Usy4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
811ad51f9cde3b1e-IAD
x-amz-cf-id
MH7hBDT8EDaZT6iYjqSePe2a7v2q2o42fOCPQK4jIAPifeFyEHkRQg==
expires
Mon, 16 Oct 2023 03:31:37 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=400&h=600&q=1&src=image/participantes/domitilab-barros-bbb23.jpg
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
b4557d023216781e0a1d45405ca1017817151a258e852f439f870ad6a9a8ac17
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 17:13:45 GMT
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD61-P1
age
4571788
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Fri, 10 Nov 2023 17:13:45 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LP1J407wmqJ0XlhcTY7kVKwOPtUl7Dt2Wexx47j4d31ObCnjKOinBNa85cmsrEBGMeJrj%2FnJ61Twnra672QCvRvxriyA4KS3tT0uhrq71TXvsqqWqkrOZE2ALLkpsg6y5QV7vNs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
823fed892a882d13-IAD
x-amz-cf-id
SAVLtsAQqp_7qJFeUssPuEbfj0S1MzntbzlGDD-K9eBq5ifapR_Chw==
expires
Mon, 20 Nov 2023 17:13:45 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=400&h=600&q=1&src=image/participantes/fred-bbb23.jpg
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
94971ea51716e2fb012fa588c909d8c8794be579262c28dd668a1dc326e5768d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 03:31:37 GMT
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD61-P1
age
7645116
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Fri, 06 Oct 2023 03:31:37 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p4kCBLXPtX5ni1vflzfPz21fExBT8oc84ujw8K4cXAHbeRecB0w9Sam3s7i%2BpyK%2F12Jh%2BWfrFVAoRj4LJCMArv6HS9Jys0zhgz3vmAD6H5JFxP31D%2Fyyjv%2BEtdFTnNwGxrOQuX0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
811ad5206d8781dc-IAD
x-amz-cf-id
k9ov-XGFr0maukM51SLj_S10qVgIOAzye2SD6Cx0_11KjTuFCwKnVA==
expires
Mon, 16 Oct 2023 03:31:37 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=400&h=600&q=1&src=image/participantes/fred-nicacio-bbb23.jpg
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
2f256611f838d74f92a96fe6469e05ff8dd9151e38a12d784cdcc7511f3938e0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 03:31:37 GMT
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD61-P1
age
7645116
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Fri, 06 Oct 2023 03:31:37 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=04NqhNTWbGdNNmzhW86To3XghmdmtvvYiu9xa2J5O0pWuFerIwaUmUkYOuKu%2BwLXXF4%2F3X6qKruz5%2Bat%2BwSPmfGie4bu9hloPOp6oeyi%2BfpeZooUum08pFQh1aMFHu84saZSZoc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
811ad51f5ab5073d-IAD
x-amz-cf-id
qvPsNzlGtFWK29tQZSP9mMwEiBRSFnbJWG6URv3Jvtemcf5DgGwoNQ==
expires
Mon, 16 Oct 2023 03:31:37 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=400&h=600&q=1&src=image/participantes/gabriel-casa-de-vidro-bbb23.jpg
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
64493b7677f4b236fbcbed15196c5ad541766733376b49b2d737a08869a07704
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 19:44:47 GMT
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD61-P1
age
2575526
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Sun, 03 Dec 2023 19:44:47 GMT
server
cloudflare
cf-railgun
direct (waiting for pending WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zXGXimGfQPoqLKKLBqF74MNVtgSLk5nMwI0wibFU90Nh8rnw3yHtyMLNNityeVo3avNlF815IZ%2FzvDloh3hj2PZTRfhrSFrpyEmf2IGYk3TnsoEr0StYDfus%2BrfXYtvUaIsFC4U%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
82fe4e660ae52f24-IAD
x-amz-cf-id
C5u8ktEXcoftYVWSg_bh87w-YirOqUsiE_5SeCDrjU4ZUPPjCt57pw==
expires
Wed, 13 Dec 2023 19:44:47 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=400&h=600&q=1&src=image/participantes/gtabriel-santana-bbb23.jpg
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
34419ecac23d0389a78f87d82543d68177399ad204ea5f0fdf677ee51cd1ef1a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 19:44:47 GMT
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD61-P1
age
2575526
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Sun, 03 Dec 2023 19:44:47 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l2wmj4hDvdXAabw3lpzFhiMVAdcij4qpioa2p66hVwGSeEspgRnL5Q%2F2SAdS%2BLx9hMahoZNr3ZXhJxom09%2BqS9ReyY9vcy%2FkX9kn8mcfKdZu0QNpklwGwKm%2F1fyoKyg51Lud1Nk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
82fe4e6738ec823c-IAD
x-amz-cf-id
qjDPhGpcPf__W94398jsp_k5hFZQ3TJQIzI9eT_H_CwXcsg2d4cbKw==
expires
Wed, 13 Dec 2023 19:44:47 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=400&h=600&q=1&src=image/participantes/giovanna-casa-de-vidro-bbb23.jpg
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
86acc3626551a828f13f30863d1bf5a88038ba81eecf5425d8f5e30e24702005
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 23:28:12 GMT
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD61-P1
age
5326921
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Wed, 01 Nov 2023 23:28:12 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V0tpFJxUEx59z5i4cvin39%2FCdEq9OEyjAkmdQYJ03VJuo0lguq4yCCiK9awFfCcRleRwNOqkeNxDGlRoTAW%2BMKhMkYwQiylZD2Y2aFrcfPOQQLvCKxKZXi9qRKZDVQSKWnTuUbg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
81f7e9ad9f0429b2-IAD
x-amz-cf-id
Q4Oc7YAFZLwPdQkCRvIsArYoQ7tcV4zaldWpX0uJeYBBovRnL3o3zg==
expires
Sat, 11 Nov 2023 23:28:12 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=400&h=600&q=1&src=image/participantes/gustavo-bbb23.jpg
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
2f1e52f6d470035f5c81553858e7581636a3079bd9e85a6107737af4badec51a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 03:31:37 GMT
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD61-P1
age
7645116
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Fri, 06 Oct 2023 03:31:37 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FeIn6GNW%2FcWE4GExboU3ebWd59pmwkCIjAW34w9Lu%2Fr4F6n9PgUpMvZLBnOqOk9URSJ1WFaEa77Bkg%2FBxkYtxng0vZRdu0ytsD7utAAyCxwp0dxXf56341ReFOw0kLBrUzxP%2BBk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
811ad51fa8760956-IAD
x-amz-cf-id
D_9CpfyBBg_ddnrgbkGZajreVR-S-3sJcplotaJUZnrouXLuf3eMIg==
expires
Mon, 16 Oct 2023 03:31:37 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=400&h=600&q=1&src=image/participantes/key-alves-bbb23.jpg
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
4601a643331e142e3a4952eb54b66cf953f1dfad9b13574c5b5d47a069d949b3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 05:47:41 GMT
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD61-P1
age
2539352
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Mon, 04 Dec 2023 05:47:41 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v62ikgMWVThwVC5OJX7PaEFwJ1Fjoa4fDj%2F7jrp0Y2LAA%2BAZdPwvs4TymJMm2%2BVv7cyJN4jJa1xNRJApgTSrjG%2BUQ1j4nlzSntj055XQuvGmQy5lG3cSXENYbkxCDVRQ0YJMOac%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
8301c1926c1f202e-IAD
x-amz-cf-id
ox5UznGf5Mf0_P6E0nKCqwwsHAnrbZvSsGN2EbXsEryLeNYeH7GnpA==
expires
Thu, 14 Dec 2023 05:47:41 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=400&h=600&q=1&src=image/participantes/larissa-bbb23.jpg
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
9a03568e65e089a8d0141da6371d935d35b6ea13a8c5af029d9e4e32c6233f3f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 03:31:37 GMT
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD61-P1
age
7645116
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Fri, 06 Oct 2023 03:31:37 GMT
server
cloudflare
cf-railgun
direct (waiting for pending WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N7VlbF6CMeuu69Ui5bJFlAKl%2Bkt%2BapsUDMXK2XPX7F2QUQL8TazDAGIablGrdJ1wuHA77JpuG%2F8VrRf5p5eqcwKqaDBPCTvYBo%2FvwIzThWPexjqAFs0ekPNWLdKHfZuoY9KZCbc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
811ad51efc638242-IAD
x-amz-cf-id
5VCYUArf5jb_wsHHzmkRr8MRC-XF581UMk3U9KD5Cw3tYNkXMJsC1w==
expires
Mon, 16 Oct 2023 03:31:37 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=400&h=600&q=1&src=image/participantes/manoel-casa-de-vidro-bbb23.jpg
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
763621a0d305c29ece369ed561eaf469c8b517172996290c6afe2c29838ffae3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 03:31:53 GMT
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD61-P1
age
1683500
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Thu, 14 Dec 2023 03:31:53 GMT
server
cloudflare
cf-railgun
direct (waiting for pending WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GCG7mAzacd9YzTVqQh362ubGUnlzTgHKmcQZRTQSznSCBU9caRNzh6heUACJI%2Fpld5MbPzV7Ytfr8%2BY5xTxtpS6rziPBwVQP3qkhn5Eptq2Hm1iJmtp%2FvSHmKLM8AqsTRn2vEWg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
83536060ce796fbc-IAD
x-amz-cf-id
72gz82lgm5wMQ53Wcb2lNLj_4dZQrzsel19MuDjBQJg2wrrvcwO6jg==
expires
Sun, 24 Dec 2023 03:31:53 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=400&h=600&q=1&src=image/participantes/marilia-bbb23.jpg
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
dce806794f0ab48ebc35bfec3556e08e2835d052e96a759b4b7b8140da78b7ae
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 23:28:12 GMT
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD61-P1
age
5326921
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Wed, 01 Nov 2023 23:28:12 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xjCjEmFWK%2FwF2vUgcvUxsF1wBj9lKNHW6AXhYyjimR8vOnRm8K4qHysEekTOgOpNChIMu7LVqF6OuKsIN%2FWajZdgfd%2Bcm5g70STrvx8oiVoCfaHGYpuUY2L%2FRuzKtnSrS7jM9OY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
81f7e9ad8be75afe-IAD
x-amz-cf-id
0FxSfhySh4nUkgNRl2XSUK4-muc02gGCyERDr7LJxV32KQmtgv2ZwA==
expires
Sat, 11 Nov 2023 23:28:12 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=400&h=600&q=1&src=image/participantes/marvvila-bbb23.jpg
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
de4451c6eb4c78b702515388d134d0ba0ad41aa18e3388f1a592b87cd9cb4f46
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 05:47:41 GMT
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD61-P1
age
2539352
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Mon, 04 Dec 2023 05:47:41 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NJPMkU88%2Fc63n1JasQXzbmUDJC%2F%2BMtF8ZZGra2q0NRGj4yq6WJn85sFYtuBSDbQuZtxAKQHduTlgrAnkbnAbb7gcRlwIi2jRmFflUZVbZOJj8Bdv6Y5ziqdid45ozt1tqFH7%2BlA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
8301c191d90a5872-IAD
x-amz-cf-id
tdWAMl5sTuwKDM07n_tmZW6Y4PM0gDf-LnW_MJrMqkM2gsLPtd234g==
expires
Thu, 14 Dec 2023 05:47:41 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=400&h=600&q=1&src=image/participantes/mc-guime-bbb23.jpg
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
beecff1ab9cca2203c9e18df18f3146c174efdcc8ecebe6a5995a9a3039e973e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 00:19:48 GMT
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD61-P1
age
5064625
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Sun, 05 Nov 2023 00:19:48 GMT
server
cloudflare
cf-railgun
direct (waiting for pending WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PB8SH22vD0wPBt8XjBOShtucHk70unP83bak%2FHPLaXVwZQaBq4KbKcqzFSbppmK09pZiREDJTYT494wKZcVuhzQ300TB79hfWZGIGzSLQmFazm8d9pYl%2Bhs85cYluWrwKj%2Bj75k%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
8210ed64ace8819f-IAD
x-amz-cf-id
ZqqjZruwPcNnOV0nC0p7pprp2yfnjvEfbidsojfVSSj4mXwJd-TFsQ==
expires
Wed, 15 Nov 2023 00:19:48 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=400&h=600&q=1&src=image/participantes/paula-casa-de-vidro-bbb23.jpg
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
347c1aa4c3fc3dfe7f611d1f237b919e6e500e0c5e582920d380d8d5b5787e4e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 09:56:04 GMT
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD61-P1
age
2610849
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Sun, 03 Dec 2023 09:56:04 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k%2FThiwEWlgWtcrOwnwXSYb6%2F81E5g3qZzMNSRfjpC%2FWJZrYOI0oJSCm7VR4uq9QS%2BDzKko7SbHANbu%2BkfYN%2BXz2Z0XEIcUbOsEb2scX8EKcU0rVwflQoGeC76OEFcqQYT2MQdB8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
82faf00889642060-IAD
x-amz-cf-id
I_tDIfKUF_0t-24Rk6FLj7kSLMU0Xktsy2u97KH51VGRIHsUFtfPWQ==
expires
Wed, 13 Dec 2023 09:56:04 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=400&h=600&q=1&src=image/participantes/ricardo-bbb23.jpg
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
3de9f5231882b16bddccb492d140b88a3b7b2fd80d36c3f9d382b821779515c2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 09:56:04 GMT
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD61-P1
age
2610849
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Sun, 03 Dec 2023 09:56:04 GMT
server
cloudflare
cf-railgun
direct (waiting for pending WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eVo7R%2FUDg8kd1%2FEX2rZasKKE8Qcx%2F1JUPB%2BEStqhDumAG6BZ82tYh1R3qIg6O%2By6n6BlLHe98i6C3Ulq4lWlzCHonggN0m15LzOItvjsMYMvcCBMuiLCEHFqREC7W0ymYlkR8Zk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
82faf008ae6e20d5-IAD
x-amz-cf-id
9Snk6g8dHoYDWwN-LJfDWFqlJHYkapRdKKwP0BCCzANInEtSIkhHKA==
expires
Wed, 13 Dec 2023 09:56:04 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=400&h=600&q=1&src=image/participantes/sarah-aline-bbb23.jpg
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
59ba03a159f5d0adaf5cc34aa67bd34884b8fab72a1e351b296fb2308f77de58
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 23:28:12 GMT
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD61-P1
age
5326921
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Wed, 01 Nov 2023 23:28:12 GMT
server
cloudflare
cf-railgun
direct (waiting for pending WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ux4xDtn3NBjw95Y5mLsW2qGxSC0s3J5MKgW2jeNCuodhFuF4Zne5%2FSO1bw6pTW68td9dR4QnaucdKuF%2FoV4VWq1t8YVgYD08aR20w%2BKON%2FWPhoHi%2F4kNF5cyi9Hv4Cz581f7M%2FY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
81f7e9ae5d2a8221-IAD
x-amz-cf-id
HvsfwtChfg2yjwrzACbovFrszkXupli7v675fGZxxph6v-uVpmMtbQ==
expires
Sat, 11 Nov 2023 23:28:12 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=400&h=600&q=1&src=image/participantes/tina-bbb23.jpg
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
9dd5584140f2ec5ed5c5f39b20ba0800c742c6a60b621c97d972b4239fc6b1fa
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 10:33:46 GMT
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD61-P1
age
4768587
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Wed, 08 Nov 2023 10:33:46 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RtuzqxXszgED408NsIf4TPlsEM0%2FZts8m2%2B%2B2Oavtua%2B6J41GCutXxJN5k8Aq4sFshSVAV%2Bh2DGookdeDHkiEqkWpI1Rjgf0PzVp6AlRGwqWYCjC%2FsM2L3FOYLby%2BpjuuD8Zfqc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
822d28e0cf64818b-IAD
x-amz-cf-id
yaoAxcmpJox0KGP7bLYuI8WWiVnrC-qfQri9icsmJHi3ttWzPQgAAw==
expires
Sat, 18 Nov 2023 10:33:46 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		334 KB
335 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=355&h=240&q=1&src=image/novidades/afazenda15-confira-os-famosos-cotados-para-o-camarote-do-bbb-.jpg
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
8947dad051b2d1e94e13b891490a267a7921292ec30e3c718dc7fe6359df5155
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 07:13:53 GMT
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD61-P1
age
1756580
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Wed, 13 Dec 2023 07:13:53 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wFrrmXy6dRl%2BVrhBcp0gDDk68qtXNLV0qBkWIee7aApCOw%2BxFQpJxEhwDpnaBTxBQ8ke3LVaKT50jF7r43u27AvaWDfknwhC3M6xwa6JSnm6fwbbAT65AASBCr04iCJoFD6pLN4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
834c68336e9a6905-IAD
x-amz-cf-id
mxpJi3G-5dnDNDaBd4BKQZ5cFXfbv7Yxlq03GA1c2cN-eRrYKDN7Gw==
expires
Sat, 23 Dec 2023 07:13:53 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		334 KB
335 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=355&h=240&q=1&src=image/novidades/enquetebbb-bbb24-ja-comecou-saiba-todos-os-spoilers-do-programa.jpg
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
d596ca97514cd5cf329cf62a215ee08a23e52bdcbf7880be0b2d453c9c28e4fc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 03:31:53 GMT
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD61-P1
age
1683500
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Thu, 14 Dec 2023 03:31:53 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m5yZKuota2TfFXZQBE%2Bio%2Fm60cv4ZwkpqD6br6AFo%2BAzYcfHGWRzOsiq%2BdyRDSxwWKd4me3uEaO1MWEppGEmNBK368E2A8A9T9G2U89xnJnJPIPzswtHVsL2FhTfWBFfohYdoAA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
835360608d9456b6-IAD
x-amz-cf-id
-azMaGgzy1N8qtpK7hTyFaEnl8_-ZYxCIwWSNHtrOMkXYKH1l5h-WQ==
expires
Sun, 24 Dec 2023 03:31:53 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=355&h=240&q=1&src=image/novidades/enquete-bbb-reencontro-de-milhoes-domitila-barros-tadeu-schmidt-e-sarah-aline-posam-juntos-no-the-town-bbb23.jpg
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
cb1ca001c0178df972a6c5c5235a80208cf54d572682e042bae85456b5bef5cc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 03:31:53 GMT
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD61-P1
age
1683500
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Thu, 14 Dec 2023 03:31:53 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hwXBNmYtuF%2BQ8luoIgTr2aMgjvRz0aFAyzFUjeFJsSnq8%2FHll2jfhZ9AUVy4xXJSwVU4oQnRB57BTr%2BeMZZthNhbtMclepFU6656oqJFqTvCnVlo58ZY9YoEuZsHLpiBB%2FixK4A%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
83536060c8080828-IAD
x-amz-cf-id
IAoJWFmjHMdF85gL5dgAe9u4po-IRmG3ikweR0gtXJ3RYZV8dlcemA==
expires
Sun, 24 Dec 2023 03:31:53 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=355&h=240&q=1&src=image/novidades/enquete-bbb-domitila-barros-rouba-a-cena-com-tranca-ate-o-chao-de-170-cm-bbb23.jpg
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
12b9cd65f98d1ffaf02a4df14d27d10be674d9f5888cc2b4a89466ec0b45ac6e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 10:42:44 GMT
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD61-P1
age
2608049
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Sun, 03 Dec 2023 10:42:44 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BTmCc%2BQRQZektG2tsi%2FXayZ7m0NQI1KUqcXDhVvDZvvfTRspY1rms6UJRty3Fw8tEKTBEsqOZQ8HN5%2F2xo6BacSdwu32mfW6uImkty6W1SK9EFeVDaQa3JYTLQOF2ZCu1RRgqmY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
82fb34669cfb083e-IAD
x-amz-cf-id
E145kMxbnsw-MgdPixCxWDvMKClIN9yQuzVAtVySPAAbJL6xlVqoww==
expires
Wed, 13 Dec 2023 10:42:44 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=355&h=240&q=1&src=image/novidades/enquete-bbb-bbb-para-sempre-ex-participantes-do-reality-se-reencontram-no-the-town-bbb23.jpg
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
182083c2af568f88138fac088315f89acc4b94866b0c423ce78c04e21e14f857
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 19:44:48 GMT
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD61-P1
age
2575525
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Sun, 03 Dec 2023 19:44:48 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tdeG3HW20ulKDipqDXlcsIwlJT4%2BYHy4wtRJX%2Bf7kixQXIPnQmrPPFpLdUlM%2BuAmQvfgBhaZwFJjuiDi0YjACPaXIIAY22xZzqhy%2FBY%2B5%2BUfLxfI4rJriUHkbrkCaZQffZLz7%2Fc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
82fe4e6e78049c24-IAD
x-amz-cf-id
26PfGr5Dq6exCPivgHNfxC4g_eoylVI8PQKYNgSWNCQ3Y_J-yxF0bg==
expires
Wed, 13 Dec 2023 19:44:48 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=355&h=240&q=1&src=image/novidades/enquete-bbb-novas-dinamicas-na-votacao-do-big-brother-brasil-no-gshow-bbb23.jpg
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
890d5eaa10e9bd7b67de7279581e2fe6a2b1c57c37d7baf47b9ed9a73c111f88
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 10:26:08 GMT
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD61-P1
age
2004245
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Sun, 10 Dec 2023 10:26:08 GMT
server
cloudflare
cf-railgun
direct (waiting for pending WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0AE7vnby0eiFulqKD4QqIZYU2qlTsXYebf158VofDcjdbPeT8MQqxA%2Bq981s4YyAWNN8qNtw5Iprm51528JpWZa3qk7Et47WeXD%2FYkj%2FflEJNgK23hScjGXN80Aj44Qx9%2FuladA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
8334c9b08b0a0810-IAD
x-amz-cf-id
sAqLqU6Py_t1kD-1POv3CyWDq9cgRUA2vF46CyPl_q4gFY2Ls2sEQw==
expires
Wed, 20 Dec 2023 10:26:08 GMT
new-logo4.png
www.app.bigonline.top.enquetebbb.com.br/image/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.app.bigonline.top.enquetebbb.com.br/image/new-logo4.png
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.225.224.10 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host04.mezzor.com.br
Software
Apache /
Resource Hash
fda9ef9d3fda898fc315283504eb0aeb8ada64df1bda7e2e11165f28f59c1fb6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 15:10:13 GMT
x-content-type-options
nosniff
last-modified
Wed, 27 Feb 2019 02:22:58 GMT
server
Apache
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
3613
expires
Thu, 01 Feb 2024 15:10:13 GMT
bootstrap.min.js
cdn6.votarenquete.com.br/js/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn6.votarenquete.com.br/js/bootstrap.min.js
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
807e84e1168b4e2f461467a2d2b255f8947e8dadaa269e66bf561a7c0ff90bde
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 15:16:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD61-P1
age
4837997
x-cache
Hit from cloudfront
content-length
9922
last-modified
Tue, 26 Feb 2019 14:59:22 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eIrq580YcApz%2BysWW6PDxA32iew2P3ghVhF%2B%2FGiljO9h4N7Gr%2F5yXajtr%2FFsO%2B1iXz64POVDH%2BL%2B7Z84MmnrgMF%2FWDNDyWoLXOAwZFzZQsbJTJOHMxH8a%2B5zR2b6FZHs0y2ghLI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
82268a4beba382c6-IAD
x-amz-cf-id
8HcBW70v7i4ggBgcCOtCIDj1mkDxTMF-INxoVWK0-xhFrOi1nspzgw==
expires
Wed, 06 Nov 2024 15:16:56 GMT
sweetalert.min.js
cdn6.votarenquete.com.br/js/ 		40 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn6.votarenquete.com.br/js/sweetalert.min.js
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
15211e0be73438987ed05236dc4ce90962f7c46452427364446576505e66697b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 11:07:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD61-P1
age
6840174
x-cache
Hit from cloudfront
content-length
11868
last-modified
Tue, 26 Feb 2019 14:59:22 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i5MYW7DtVBiT8Md7p2Qq9108cBPk3W3rSwrwEmXyuy%2BNaiGgSn3y0MRE5B92%2Bg1pUAd%2FSRP1Av9xFLbivwgFEbwqVEMNLjx%2B0TbbOyLsnDy6MYKqYmJzXsJw0rrn%2BmE75OTABMs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
816799074950083c-IAD
x-amz-cf-id
GXf-K0cnbxAsS92QjJmmc_3f23DK8ntOQecQEutoj_pZIEO4HgEmxw==
expires
Mon, 14 Oct 2024 11:07:19 GMT
swiper.min.js
cdn6.votarenquete.com.br/vendors/swipper/ 		94 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn6.votarenquete.com.br/vendors/swipper/swiper.min.js
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
4a10219bee747aadeeda78f166d787adf32583f361f88d44b472f6f3da798083
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 15:16:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD61-P1
age
4837997
x-cache
Hit from cloudfront
content-length
23609
last-modified
Tue, 26 Feb 2019 15:23:40 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1iK9X0D5eD5XyG1hnX6mOexpUiogaeR756gvb5bEg85IAggfGylHdirx69soGRkxzAs123sBvGjB%2FWaSfwBrsnvjDR1PUKqvq1wRp3HMmD14nRHVSJBLcqBHET61RUPx5tDfpS4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
82268a4c0bb65722-IAD
x-amz-cf-id
Z_g0SQwomSM5h7uNMEOiv6GHE5941cvCqTQD6DLuxopdi8_W_KW-WQ==
expires
Wed, 06 Nov 2024 15:16:56 GMT
nav.js
cdn6.votarenquete.com.br/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn6.votarenquete.com.br/js/nav.js
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
732675cfccf977f7fab5b4cc351efb9fbc17a868da78114b484f80b0d53fc281
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 15:16:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD61-P1
age
4837997
x-cache
Hit from cloudfront
content-length
1160
last-modified
Tue, 26 Feb 2019 14:59:22 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ntdLjegJygmPiZ1VVkj1fbCy9h1ZrC%2F%2FlUhUWXqwHnC01nLYyhb%2BV7Z4h8w9EGQDpD2MYXOVpjd6XYWkZ37BEpFujIaixBZqvEcPI5c0SZhd2t%2FSYJi%2Br0OQ6s6ZhqgmTPUBJgI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
82268a4bfff17fb5-IAD
x-amz-cf-id
z0UG1zwyi7EgDrDv1oT3POwnzotkAoxyjFjiGC7W7PJ4q6cnw6Xohg==
expires
Wed, 06 Nov 2024 15:16:56 GMT
owl.carousel.min.js
cdn6.votarenquete.com.br/vendors/owl-carousel/ 		42 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn6.votarenquete.com.br/vendors/owl-carousel/owl.carousel.min.js
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
63c97e11ea143afafc4aa123fe04f28c16fc0aa86dac0e8653d3f8c81fb8d5c1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 03:18:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD61-P1
age
7645922
x-cache
Hit from cloudfront
content-length
10975
last-modified
Tue, 26 Feb 2019 15:23:40 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BABVv1Qdcc9Xb56l134pmGffVp8ttrkJJZQSN%2FzW12gurYuC6ppheDLp%2FxhTEj8etuNjurrjB2sHXC0HVxnpFbpM6DXfeytLC4IEJ1bjeu%2BrhpiogkE4IaYdGAkX8RDe3g5Q7aI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
811ac173ee575a10-IAD
x-amz-cf-id
kgETcrzeBeIaHtdQpuyPQ8qZ6U1pjEpaD6zs_MVusiZhrETe56Y12w==
expires
Sat, 05 Oct 2024 03:18:11 GMT
plugins.js
cdn6.votarenquete.com.br/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn6.votarenquete.com.br/js/plugins.js
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
46a0243b7af18e28661c127f50884b9ee8c27181051f62bd70d8b3fe67e207d2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 03:18:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD61-P1
age
7645922
x-cache
Hit from cloudfront
content-length
989
last-modified
Tue, 26 Feb 2019 14:59:22 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qiZgGSvxWH6RmiWX3lS88hROm443MnUf0ytXZx%2B3kzzzxs%2FfJdUNgmEaKEgQRDalQwgvYMdb%2BjfL0yTJvEN8mlnM6ziNa3Y5%2BVYeJ3R2geJT%2BuqsnbkSorLKw73mars81uOIhGk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
811ac173dd0a20b1-IAD
x-amz-cf-id
9CsgDoE8yz3uHDbgYbpJLy1JiQ__6KRL3KpCMaZBL5VuPjE5GtBkxQ==
expires
Sat, 05 Oct 2024 03:18:11 GMT
custom.js
cdn6.votarenquete.com.br/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn6.votarenquete.com.br/js/custom.js
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
b77e8da8c14b84a8c0b2a906b58c45f821bb7f25b5708a13b55758790cc8df35
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 22:34:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD61-P1
age
4811747
x-cache
Hit from cloudfront
content-length
1474
last-modified
Thu, 10 Oct 2019 19:41:55 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w2ZshOsi2IFNsiHsGd7GM0TmS1RqYVwfFcVkgZSwGkMUpsbHVllEzcn7FAX5emWl%2BH3qqLG5%2F3iPRdA3r%2FkUk6sLHTh11nxgAYwF3q6zopHP34%2FtwwqDgJbsliajCnD9NjW7mnI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
82290b2dfc047fb2-IAD
x-amz-cf-id
K0a776tISc3XDhp0T4CgjGjuIBoxKefd2-VGHqfITdSo--xpQfg4uQ==
expires
Wed, 06 Nov 2024 22:34:26 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 15:10:13 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
1311
etag
W/"a87c48d211877c49b878679b2e3cdab8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
83f3ed750b044396-EWR
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Fri, 05 Jan 2024 15:10:13 GMT
smart-app-banner.js
cdn6.votarenquete.com.br/js/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn6.votarenquete.com.br/js/smart-app-banner.js
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
b250ef39399eb55f93d850fe15561b82c2c296c7046e9d6690d7d2f95789caea
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 21:45:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD61-P1
age
6715484
x-cache
Hit from cloudfront
content-length
6722
last-modified
Tue, 27 Sep 2022 17:46:51 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bhtHmzNS2PKVEsizN5T0duSyK3587cF5VgisCelxrmxk4mkh2UTApWg1xv1hr2plJLoReM0fWPeU%2BYOCTRcSj0ntwfRIrmdQADA9elsF2vUzs93FzTUcXAwEcqywIluFWG1lJVQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
81737d39cfc93940-IAD
x-amz-cf-id
XD_m8YPDS1WH8bUvkdpyo5y35AdhlGo77lkeiTCt02VWjeFnfW16Qw==
expires
Tue, 15 Oct 2024 21:45:29 GMT
49fd207b-10c8-4894-9b57-08d90e6f6fd7
tags.premiumads.com.br/dfp/ 		84 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.premiumads.com.br/dfp/49fd207b-10c8-4894-9b57-08d90e6f6fd7
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:f79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
526afcbe3c762fd5a67f0ca4794db46f8894819f5058c5c8d4dd46bc3daa4d92
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 15:10:13 GMT
strict-transport-security
max-age=2592000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
229261
x-powered-by
ASP.NET
request-context
appId=cid-v1:7814785e-b65d-4def-8f8d-ccf729ea4107
cf-bgj
minify
last-modified
Sat, 30 Dec 2023 23:29:12 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=otD5B3JsMdnZGymrp1p9tUusK8NZO2mPohzBeEiYo9ivTtVwQRRSYtb1bi%2BmNiyo4nEzKLx9N%2Bt29JCnyWAv0vZJQkVPh0s8ovfUIawVKdn7zZAG3qoX%2BUSdoeBkCIRzSLVOjtYcAqXGkzAt3vm4eXkbsqQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=3600
cf-ray
83f3ed750b5642d2-EWR
lazyload.min.js
cdn6.votarenquete.com.br/js/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn6.votarenquete.com.br/js/lazyload.min.js
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
1e3bbf2a6d9503811213baca9f5e309618ca968136199ca532a0a5167c0b0f1c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 03:18:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD61-P1
age
7645922
x-cache
Hit from cloudfront
content-length
2145
last-modified
Wed, 09 Oct 2019 00:06:52 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S4hvjCnNcFAj%2B7TQ%2F%2FtU1QVH1FTh5KoxyhbbrPm%2FEjOAV%2BTM00B5KLEaX1sczzqaO9eMKlP3uruAdlpAZU4BaYwDcf8Jd6x3s0WjdCFrhWEXwo3AFmjV2Idt2Rl11N2QJZp1UNQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
811ac173090a0802-IAD
x-amz-cf-id
UJvX0Wpbhv0uj3iv9l5Sd0K-OFmT_O2c5WnCMg0B2o04t40XBkcuYQ==
expires
Sat, 05 Oct 2024 03:18:11 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 		399 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6330018069195839
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8f53a375130a9dcc33b79b95d8e58d5ec02d92e70aac3ef70e17083dda50a7d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 15:10:13 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137920
x-xss-protection
0
server
cafe
etag
5399571436788735572
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 02 Jan 2024 15:10:13 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame 44A3 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6330018069195839
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.app.bigonline.top.enquetebbb.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
24200
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4130
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 08:26:53 GMT
etag
5585625838579639069
expires
Tue, 16 Jan 2024 08:26:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/ 		238 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-RQSNYVQKT8&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-112625574-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
642163837ac4d8942998e53ec8397ec225564a757750e3c69369887840e71afe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 15:10:13 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
84217
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 02 Jan 2024 15:10:13 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-112625574-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 02 Jan 2024 13:49:35 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
4838
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 02 Jan 2024 15:49:35 GMT
js
www.googletagmanager.com/gtag/ 		194 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-787761210&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-112625574-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1b658ff8e4d433d039884a9ba7ea2f0c858dc3cb151ee16bdfda15dfb9d3c8a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 15:10:13 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
72439
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 02 Jan 2024 15:10:13 GMT
js
www.googletagmanager.com/gtag/ 		194 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-10985823641&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-112625574-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b2b3e5a8167eed53f147fbf29f1875c8da3d43ce5780d72016427c31f6a04041
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 15:10:13 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
72462
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 02 Jan 2024 15:10:13 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/ 		432 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080057
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
013fc39efb38a28d8eccab58189059646847bc5c54e1c4b637e874b6109ee0ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 03:38:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
41488
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138203
x-xss-protection
0
server
cafe
etag
14959461090202361603
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 01 Jan 2025 03:38:45 GMT
collect
www.google-analytics.com/j/ 		2 B
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1936286099&t=pageview&_s=1&dl=https%3A%2F%2Fwww.app.bigonline.top.enquetebbb.com.br%2F&ul=en-us&de=UTF-8&dt=Enquete%20BBB%20-%20Votar%20BBB%2023&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=393177055&gjid=1174272835&cid=943506077.1704208213&tid=UA-112625574-1&_gid=24468801.1704208213&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma=0&jsscut=1&z=1684073545
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.app.bigonline.top.enquetebbb.com.br/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 15:10:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.app.bigonline.top.enquetebbb.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
132 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1936286099&t=event&_s=2&dl=https%3A%2F%2Fwww.app.bigonline.top.enquetebbb.com.br%2F&ul=en-us&de=UTF-8&dt=Enquete%20BBB%20-%20Votar%20BBB%2023&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=URL&ea=www.app.bigonline.top.enquetebbb.com.br&_u=YEBAAUABAAAAACAAI~&jid=&gjid=&cid=943506077.1704208213&tid=UA-112625574-1&_gid=24468801.1704208213&gtm=457e3bt0&gcd=11l1l1l1l1&dma=0&jsscut=1&z=1939950737
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Jan 2024 16:58:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
79887
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1936286099&t=event&_s=3&dl=https%3A%2F%2Fwww.app.bigonline.top.enquetebbb.com.br%2F&ul=en-us&de=UTF-8&dt=Enquete%20BBB%20-%20Votar%20BBB%2023&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=protocolo&ea=https&_u=YEBAAUABAAAAACAAI~&jid=&gjid=&cid=943506077.1704208213&tid=UA-112625574-1&_gid=24468801.1704208213&gtm=457e3bt0&gcd=11l1l1l1l1&dma=0&jsscut=1&z=482770261
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Jan 2024 16:58:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
79887
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1936286099&t=event&_s=4&dl=https%3A%2F%2Fwww.app.bigonline.top.enquetebbb.com.br%2F&ul=en-us&de=UTF-8&dt=Enquete%20BBB%20-%20Votar%20BBB%2023&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=regiao&ea=local-novo&_u=YEBAAUABAAAAACAAI~&jid=&gjid=&cid=943506077.1704208213&tid=UA-112625574-1&_gid=24468801.1704208213&gtm=457e3bt0&gcd=11l1l1l1l1&dma=0&jsscut=1&z=1908202545
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Jan 2024 16:58:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
79887
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1936286099&t=event&_s=5&dl=https%3A%2F%2Fwww.app.bigonline.top.enquetebbb.com.br%2F&ul=en-us&de=UTF-8&dt=Enquete%20BBB%20-%20Votar%20BBB%2023&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=servidor&ea=67.225.224.10&_u=YEBAAUABAAAAACAAI~&jid=&gjid=&cid=943506077.1704208213&tid=UA-112625574-1&_gid=24468801.1704208213&gtm=457e3bt0&gcd=11l1l1l1l1&dma=0&jsscut=1&z=1845896609
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Jan 2024 16:58:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
79887
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
262 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-RQSNYVQKT8&_ono=1&gtm=45je3bt0v9135313823&_p=1704208213212&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=943506077.1704208213&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1704208213&sct=1&seg=0&dl=https%3A%2F%2Fwww.app.bigonline.top.enquetebbb.com.br%2F&dt=Enquete%20BBB%20-%20Votar%20BBB%2023&en=page_view&_fv=1&_ss=1&tfd=1657
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RQSNYVQKT8&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::8b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 15:10:13 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.app.bigonline.top.enquetebbb.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
47 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&_ono=1&tid=G-RQSNYVQKT8&cid=943506077.1704208213&gtm=45je3bt0v9135313823&aip=1&dma=0&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RQSNYVQKT8&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 15:10:13 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.app.bigonline.top.enquetebbb.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		2 B
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-112625574-1&cid=943506077.1704208213&jid=393177055&gjid=1174272835&_gid=24468801.1704208213&_u=YEBAAUAAAAAAACAAI~&z=616728300
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.app.bigonline.top.enquetebbb.com.br/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 02 Jan 2024 15:10:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.app.bigonline.top.enquetebbb.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/787761210/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/787761210/?random=1704208213604&cv=11&fst=1704208213604&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.app.bigonline.top.enquetebbb.com.br%2F&hn=www.googleadservices.com&frm=0&tiba=Enquete%20BBB%20-%20Votar%20BBB%2023&auid=535845015.1704208214&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-787761210&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
629a57f15e91bba3f69bbcdff3fcdca27d1fae96df4e4fdbcb11c4fbb53d3eb7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 15:10:13 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1252
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/787761210/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/787761210/?random=1704208213624&cv=11&fst=1704208213624&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.app.bigonline.top.enquetebbb.com.br%2F&hn=www.googleadservices.com&frm=0&tiba=Enquete%20BBB%20-%20Votar%20BBB%2023&auid=535845015.1704208214&uamb=0&uaw=0&data=event%3Dwww.app.bigonline.top.enquetebbb.com.br%3Bevent_category%3DURL&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-787761210&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f3c86eb7cff4e7fac774fe3cc8c3b2f38938226991c2a1338f5d1b4fefbf7b64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 15:10:13 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1268
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/787761210/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/787761210/?random=1704208213632&cv=11&fst=1704208213632&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.app.bigonline.top.enquetebbb.com.br%2F&hn=www.googleadservices.com&frm=0&tiba=Enquete%20BBB%20-%20Votar%20BBB%2023&auid=535845015.1704208214&uamb=0&uaw=0&data=event%3Dhttps%3Bevent_category%3Dprotocolo&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-787761210&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
610554458215a321f3626a2bb8c3d2c2043d243e9d91e6ececb655e0fc2db731
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 15:10:13 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1264
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/787761210/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/787761210/?random=1704208213637&cv=11&fst=1704208213637&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.app.bigonline.top.enquetebbb.com.br%2F&hn=www.googleadservices.com&frm=0&tiba=Enquete%20BBB%20-%20Votar%20BBB%2023&auid=535845015.1704208214&uamb=0&uaw=0&data=event%3Dlocal-novo%3Bevent_category%3Dregiao&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-787761210&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3a346f30e14e7c8487fa01587df5d007dfc8fd3142cc29616be900f727a476f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 15:10:13 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1270
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/787761210/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/787761210/?random=1704208213643&cv=11&fst=1704208213643&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.app.bigonline.top.enquetebbb.com.br%2F&hn=www.googleadservices.com&frm=0&tiba=Enquete%20BBB%20-%20Votar%20BBB%2023&auid=535845015.1704208214&uamb=0&uaw=0&data=event%3D67.225.224.10%3Bevent_category%3Dservidor&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-787761210&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c0265792c154013f2a4b984713dd64686d0d50c2810983b5fff6089e7ae2147b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 15:10:13 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1275
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/10985823641/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10985823641/?random=1704208213664&cv=11&fst=1704208213664&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.app.bigonline.top.enquetebbb.com.br%2F&hn=www.googleadservices.com&frm=0&tiba=Enquete%20BBB%20-%20Votar%20BBB%2023&auid=535845015.1704208214&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10985823641&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0db0816189f28073f4a681325637f06ae07bf131d6b57f33cfa0cbfac8ada663
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 15:10:13 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1274
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/10985823641/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10985823641/?random=1704208213681&cv=11&fst=1704208213681&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.app.bigonline.top.enquetebbb.com.br%2F&hn=www.googleadservices.com&frm=0&tiba=Enquete%20BBB%20-%20Votar%20BBB%2023&auid=535845015.1704208214&uamb=0&uaw=0&data=event%3Dwww.app.bigonline.top.enquetebbb.com.br%3Bevent_category%3DURL&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10985823641&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4681a04a6c7cd99ed9ca47bcffec8db68bbf574c1cfe687882cc3e3ed0c2948f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 15:10:13 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1283
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/10985823641/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10985823641/?random=1704208213691&cv=11&fst=1704208213691&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.app.bigonline.top.enquetebbb.com.br%2F&hn=www.googleadservices.com&frm=0&tiba=Enquete%20BBB%20-%20Votar%20BBB%2023&auid=535845015.1704208214&uamb=0&uaw=0&data=event%3Dhttps%3Bevent_category%3Dprotocolo&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10985823641&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
59939eae4e501705c72f26fd2f797e063d4786093438c8ceef7eccdae15e8e26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 15:10:13 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1282
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/10985823641/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10985823641/?random=1704208213700&cv=11&fst=1704208213700&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.app.bigonline.top.enquetebbb.com.br%2F&hn=www.googleadservices.com&frm=0&tiba=Enquete%20BBB%20-%20Votar%20BBB%2023&auid=535845015.1704208214&uamb=0&uaw=0&data=event%3Dlocal-novo%3Bevent_category%3Dregiao&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10985823641&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68a44c46b86abf326a6a6cdc7444fab6bee35be515caeebb1cd610a397423ae8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 15:10:13 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/10985823641/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10985823641/?random=1704208213715&cv=11&fst=1704208213715&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.app.bigonline.top.enquetebbb.com.br%2F&hn=www.googleadservices.com&frm=0&tiba=Enquete%20BBB%20-%20Votar%20BBB%2023&auid=535845015.1704208214&uamb=0&uaw=0&data=event%3D67.225.224.10%3Bevent_category%3Dservidor&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10985823641&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
540d6f08352356a2fa8295bba13480832cb09030e6801b320e74c64519824a86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 15:10:13 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1293
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-112625574-1&cid=943506077.1704208213&jid=393177055&_u=YEBAAUAAAAAAACAAI~&z=942665650
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::68 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 15:10:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 7D66 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6330018069195839&output=html&adk=1812271804&adf=3025194257&lmt=1704208213&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.app.bigonline.top.enquetebbb.com.br%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704208213325&bpp=4&bdt=143&idt=557&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7012497238303&frm=20&pv=2&ga_vid=943506077.1704208213&ga_sid=1704208214&ga_hid=1936286099&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320869%2C95320884&oid=2&pvsid=2604598953066762&tmod=1515207609&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=629
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fc4a95d2cbc89a9c73fcf53e64d285c68d8fc4569f1f4742036b9cf9fabed23d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.app.bigonline.top.enquetebbb.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
4442
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 15:10:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ 		17 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:300,400,500,600,700|Roboto:300,400,500,700
Requested by
Host: cdn6.votarenquete.com.br
URL: https://cdn6.votarenquete.com.br/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::5f Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ae64813d3c5cf8a1ae3304ab6fcc80b28a728296984e4289c64aa6d630e06bf5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn6.votarenquete.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 02 Jan 2024 15:10:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 15:01:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Jan 2024 15:10:14 GMT
css
fonts.googleapis.com/ 		22 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,700
Requested by
Host: cdn6.votarenquete.com.br
URL: https://cdn6.votarenquete.com.br/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::5f Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
69a8bbf88282d2cf6e4f975cf238fd71adec2a5c98195bfb7a9a86d888b80b79
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn6.votarenquete.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 02 Jan 2024 15:10:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 13:38:45 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Jan 2024 15:10:14 GMT
/
www.google.com/pagead/1p-user-list/787761210/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/787761210/?random=1704208213604&cv=11&fst=1704207600000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.app.bigonline.top.enquetebbb.com.br%2F&frm=0&tiba=Enquete%20BBB%20-%20Votar%20BBB%2023&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_QJeQSEy0pND1HZk9KJSiRPwgfOE8zg&random=2724938600&rmt_tld=0&ipr=y
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::68 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 15:10:14 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/787761210/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/787761210/?random=1704208213624&cv=11&fst=1704207600000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.app.bigonline.top.enquetebbb.com.br%2F&frm=0&tiba=Enquete%20BBB%20-%20Votar%20BBB%2023&data=event%3Dwww.app.bigonline.top.enquetebbb.com.br%3Bevent_category%3DURL&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_UzF7LRUK77qd2CC4CgJvXVjkycJWHw&random=2245972879&rmt_tld=0&ipr=y
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::68 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 15:10:14 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/787761210/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/787761210/?random=1704208213632&cv=11&fst=1704207600000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.app.bigonline.top.enquetebbb.com.br%2F&frm=0&tiba=Enquete%20BBB%20-%20Votar%20BBB%2023&data=event%3Dhttps%3Bevent_category%3Dprotocolo&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_T4gHY595QJoq4D9y9_qCzcuuXlU5SQ&random=1262583433&rmt_tld=0&ipr=y
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::68 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 15:10:14 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/787761210/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/787761210/?random=1704208213637&cv=11&fst=1704207600000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.app.bigonline.top.enquetebbb.com.br%2F&frm=0&tiba=Enquete%20BBB%20-%20Votar%20BBB%2023&data=event%3Dlocal-novo%3Bevent_category%3Dregiao&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_oOW9_byBHCOkVPugyFTqJ0hmZMg7Yg&random=2415767161&rmt_tld=0&ipr=y
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::68 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 15:10:14 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/787761210/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/787761210/?random=1704208213643&cv=11&fst=1704207600000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.app.bigonline.top.enquetebbb.com.br%2F&frm=0&tiba=Enquete%20BBB%20-%20Votar%20BBB%2023&data=event%3D67.225.224.10%3Bevent_category%3Dservidor&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_GGa0Gwr0XHy44pmRawB6UI-zJ1FaeQ&random=3213992599&rmt_tld=0&ipr=y
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::68 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 15:10:14 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/10985823641/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/10985823641/?random=1704208213664&cv=11&fst=1704207600000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.app.bigonline.top.enquetebbb.com.br%2F&frm=0&tiba=Enquete%20BBB%20-%20Votar%20BBB%2023&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_aRptp8tjd5Zw2iq3a530wugurO-GI059eqRlWi7QhVelyV_q&random=3862188945&rmt_tld=0&ipr=y
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::68 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 15:10:14 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/10985823641/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/10985823641/?random=1704208213681&cv=11&fst=1704207600000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.app.bigonline.top.enquetebbb.com.br%2F&frm=0&tiba=Enquete%20BBB%20-%20Votar%20BBB%2023&data=event%3Dwww.app.bigonline.top.enquetebbb.com.br%3Bevent_category%3DURL&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_p2gZIvl5GQp9JZABCAvJeeytm37d5MSi4SmNP8ghMCuOLm5z&random=697981280&rmt_tld=0&ipr=y
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::68 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 15:10:14 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/10985823641/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/10985823641/?random=1704208213691&cv=11&fst=1704207600000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.app.bigonline.top.enquetebbb.com.br%2F&frm=0&tiba=Enquete%20BBB%20-%20Votar%20BBB%2023&data=event%3Dhttps%3Bevent_category%3Dprotocolo&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_DHa3PrKEXLlNQDGvRLelNOVI_yJtEZMbTXYqXV08A_BBfe6l&random=1825064082&rmt_tld=0&ipr=y
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::68 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 15:10:14 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/10985823641/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/10985823641/?random=1704208213700&cv=11&fst=1704207600000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.app.bigonline.top.enquetebbb.com.br%2F&frm=0&tiba=Enquete%20BBB%20-%20Votar%20BBB%2023&data=event%3Dlocal-novo%3Bevent_category%3Dregiao&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_p4b8bXIE4XpcWhOByKwdsEyV1uXgufc3J_lH4h5LDMfK5ZJ6&random=3931823829&rmt_tld=0&ipr=y
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::68 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 15:10:14 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/10985823641/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/10985823641/?random=1704208213715&cv=11&fst=1704207600000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.app.bigonline.top.enquetebbb.com.br%2F&frm=0&tiba=Enquete%20BBB%20-%20Votar%20BBB%2023&data=event%3D67.225.224.10%3Bevent_category%3Dservidor&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_W-QFv_CIz74xLIusVzhFCzu1J8w3yrHIDf3_4NVg-J2eTBiq&random=3014415039&rmt_tld=0&ipr=y
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::68 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 15:10:14 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
home-4-shape.png
cdn6.votarenquete.com.br/image/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image/home-4-shape.png
Requested by
Host: cdn6.votarenquete.com.br
URL: https://cdn6.votarenquete.com.br/css/config.css?v=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
a358b26ef00f7e937fd9baf7269222496202ce0eb3f48614b40de678b3182c7b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn6.votarenquete.com.br/css/config.css?v=5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 03:17:14 GMT
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD61-P1
age
7645980
x-cache
Hit from cloudfront
content-length
6051
last-modified
Wed, 27 Feb 2019 02:22:58 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DQH9%2BmZGn7rXDbOivwEhZj7IzppflG41nlQnGdDutC0t6krDswL2N8NRTIaBpA56JQ3liuLQ88F0ybiCEddJJdxAoxQVCH2qIqzdDRwqn%2FRl7Q%2FFoBXtJvzCE%2FLqljyMq0xfqnc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
811ac00cbe202042-IAD
x-amz-cf-id
n_ubSj3ZSqzma6c3VSOJMto3jJGiicyH63jju5aUks5wNBC1xanfKQ==
expires
Sun, 05 Nov 2023 03:17:14 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,400,500,600,700|Roboto:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.app.bigonline.top.enquetebbb.com.br
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 18:10:49 GMT
x-content-type-options
nosniff
age
593965
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Dec 2024 18:10:49 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,400,500,600,700|Roboto:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.app.bigonline.top.enquetebbb.com.br
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 21:48:15 GMT
x-content-type-options
nosniff
age
62519
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 31 Dec 2024 21:48:15 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,400,500,600,700|Roboto:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.app.bigonline.top.enquetebbb.com.br
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 16:25:39 GMT
x-content-type-options
nosniff
age
254675
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 29 Dec 2024 16:25:39 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 2FDE 		136 KB
45 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6330018069195839&output=html&h=280&slotname=3146450979&adk=597137813&adf=3932325209&pi=t.ma~as.3146450979&w=1170&fwrn=4&fwrnh=100&lmt=1704208214&rafmt=1&format=1170x280&url=https%3A%2F%2Fwww.app.bigonline.top.enquetebbb.com.br%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704208214225&bpp=27&bdt=1043&idt=27&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7012497238303&frm=20&pv=1&ga_vid=943506077.1704208213&ga_sid=1704208214&ga_hid=1936286099&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320869%2C95320884&oid=2&pvsid=2604598953066762&tmod=1515207609&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=37
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7f1cb4da0a757ac3935055d6da817f069175f428f7510fba000da662260a1c81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.app.bigonline.top.enquetebbb.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
45583
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 15:10:14 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,400,500,600,700|Roboto:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.app.bigonline.top.enquetebbb.com.br
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 20:00:22 GMT
x-content-type-options
nosniff
age
68992
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 31 Dec 2024 20:00:22 GMT
fontawesome-webfont.woff2
cdn6.votarenquete.com.br/fonts/ 		65 KB
66 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn6.votarenquete.com.br/fonts/fontawesome-webfont.woff2?v=4.5.0
Requested by
Host: cdn6.votarenquete.com.br
URL: https://cdn6.votarenquete.com.br/css/font-awesome.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://cdn6.votarenquete.com.br/css/font-awesome.min.css
Origin
https://www.app.bigonline.top.enquetebbb.com.br
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 09:26:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 e4938fc434947f57a79af6b9b403df6e.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD61-P1
age
6241445
x-cache
Hit from cloudfront
last-modified
Tue, 26 Feb 2019 14:59:12 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lquRyBBXsrWLa30wt6iGvtYXFcNX2ANFiPoDPklku%2FeTedCpthxxgIX7b58M08P51uPELF7ePGzhIAAtXr18NYDYYzqLnK4gqParkYowUkWzFdTZMiTqmojRfKku95UsMD1o378%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=2592000
cf-ray
81a0b272196b07f9-IAD
x-amz-cf-id
XD_JD822ZolL--ZgndzOUjD3tsQsUbFkN3aEnbZJ-7Fu2xlwkJScfA==
expires
Tue, 21 Nov 2023 09:26:09 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame B4A1 		730 B
383 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6330018069195839&output=html&h=250&slotname=2120920013&adk=2552748265&adf=288130833&pi=t.ma~as.2120920013&w=300&lmt=1704208214&format=300x250&url=https%3A%2F%2Fwww.app.bigonline.top.enquetebbb.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704208214299&bpp=20&bdt=1117&idt=20&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280&nras=1&correlator=7012497238303&frm=20&pv=1&ga_vid=943506077.1704208213&ga_sid=1704208214&ga_hid=1936286099&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1115&ady=1687&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320869%2C95320884&oid=2&pvsid=2604598953066762&tmod=1515207609&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=28
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
59e8ad12b4bac2b2d58910f2a1e0a194b36426b0cf1905e29a7c5f801251880c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.app.bigonline.top.enquetebbb.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
362
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 15:10:14 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		46 KB
17 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2604598953066762&correlator=3723474887946868&eid=31079925%2C44809527%2C31079959%2C31080057&output=ldjh&gdfp_req=1&vrg=202312070101&ptt=17&impl=fifs&iu_parts=21757894217%2Cvotarenquete&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C970x90%7C468x60%7C320x50%7C728x90&fluid=height&ifi=4&didk=342360424&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1704208214386&lmt=1704208214&adxs=1130&adys=1976&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.app.bigonline.top.enquetebbb.com.br%2F&vis=1&psz=300x0&msz=300x0&fws=4&ohw=1600&ga_vid=943506077.1704208213&ga_sid=1704208214&ga_hid=1936286099&ga_fc=true&dlt=1704208213182&idt=554&adks=1592039126&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080057
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
73181e5e5e7e3a3c4588bf0dd9a1b94c5d7e82e7f6b7bc5d6ede575f802f179c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 15:10:14 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17580
x-xss-protection
0
google-lineitem-id
5187012887
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138289294253
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.app.bigonline.top.enquetebbb.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2ACD 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080057
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.app.bigonline.top.enquetebbb.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 15:10:14 GMT
expires
Wed, 01 Jan 2025 15:10:14 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 2DA9 		730 B
385 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6330018069195839&output=html&h=212&slotname=1184555942&adk=2187097866&adf=3548294649&pi=t.ma~as.1184555942&w=850&lmt=1704208214&rafmt=11&format=850x212&url=https%3A%2F%2Fwww.app.bigonline.top.enquetebbb.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704208214473&bpp=16&bdt=1291&idt=16&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280%2C300x250&nras=1&correlator=7012497238303&frm=20&pv=1&ga_vid=943506077.1704208213&ga_sid=1704208214&ga_hid=1936286099&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=3721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320869%2C95320884&oid=2&pvsid=2604598953066762&tmod=1515207609&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=23
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2c074ad617a3ea40210fbc130391b88b76a81a519f22bca1977d4739a87c6bfc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.app.bigonline.top.enquetebbb.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
364
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 15:10:14 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 546C 		730 B
384 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6330018069195839&output=html&h=250&slotname=2120920013&adk=2552748265&adf=685434138&pi=t.ma~as.2120920013&w=300&lmt=1704208214&format=300x250&url=https%3A%2F%2Fwww.app.bigonline.top.enquetebbb.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704208214522&bpp=2&bdt=1340&idt=2&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280%2C300x250%2C850x212&nras=1&correlator=7012497238303&frm=20&pv=1&ga_vid=943506077.1704208213&ga_sid=1704208214&ga_hid=1936286099&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1115&ady=3423&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320869%2C95320884&oid=2&pvsid=2604598953066762&tmod=1515207609&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=3&fsb=1&dtd=7
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0a240374189c0cfee648961e22170af4fc1f226d11b4d153a100910b635c5062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.app.bigonline.top.enquetebbb.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
363
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 15:10:14 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame EDF3 		730 B
384 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6330018069195839&output=html&h=928&slotname=9391698467&adk=3839019563&adf=3537906732&pi=t.ma~as.9391698467&w=270&cr_col=1&cr_row=13&fwrn=2&lmt=1704208214&rafmt=9&format=270x928&url=https%3A%2F%2Fwww.app.bigonline.top.enquetebbb.com.br%2F&ea=0&crui=image_sidebyside&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704208214544&bpp=1&bdt=1361&idt=1&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280%2C300x250%2C850x212%2C300x250&nras=1&correlator=7012497238303&frm=20&pv=1&ga_vid=943506077.1704208213&ga_sid=1704208214&ga_hid=1936286099&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1115&ady=3779&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320869%2C95320884&oid=2&pvsid=2604598953066762&tmod=1515207609&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=4&fsb=1&dtd=13
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
88aed517c658ae00737eca73c1a38f78e180765add89904118bedf520e76e010
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.app.bigonline.top.enquetebbb.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
363
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 15:10:14 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ping
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.app.bigonline.top.enquetebbb.com.br/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
image_resize.php
cdn6.votarenquete.com.br/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=400&h=600&q=1&src=image/participantes/aline-wirley-bbb23.jpg
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
7bc7f37f61c6e04925175ad3bae04e63dc87643550c96bced48b217cde40a99e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 07:25:26 GMT
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD61-P1
age
2015088
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Sun, 10 Dec 2023 07:25:26 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hoCUg%2BNN881zOUlKIMU1QOChSAHd2kF1nPtmkhwdLVqIuSZKkLsZRsqE9GrApiG7eTj20ko22pBPWZnFAG%2FlwXPOdD20D%2BaaOtYHIqxGY5WzvA5y65hRSrEFFfKAoteZ9hRo0xI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
8333c1001dd62024-IAD
x-amz-cf-id
qzl7jBu-ZhoTYBMpxc5TENMVWHDd4wNGNOi62HRYupqFf2K9yBi-RA==
expires
Wed, 20 Dec 2023 07:25:26 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=400&h=600&q=1&src=image/participantes/amanda-bbb23.jpg
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
8ff4a30392a3966fe5af95652920fef78fbceaa1f6a8c9f474c28af36de5cc08
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 03:31:37 GMT
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD61-P1
age
7645117
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Fri, 06 Oct 2023 03:31:37 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DoW6su938hTMiwBkEsW7kK7kNwL1OIMX0XcbInFcCVKDwSCOrzKFMGl7iaCSzqjWuPWCUS151bWiX1MdXJjdfv5bzYMJR7XdMsCchlQIThn%2B5eO%2F1gYNKQ%2BWvn2FoDBXSqn7UAY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
811ad51ec9bd585a-IAD
x-amz-cf-id
K9Yk3fbdDpXH5cZZ0-r6OSb_OLlxBHVnPwdMlyaEqLc0D9KD0e50_A==
expires
Mon, 16 Oct 2023 03:31:37 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=400&h=600&q=1&src=image/participantes/bruna-griphao-bbb23.jpg
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
db5f08f71cb73a6d0b162b0e1e87d59d269e83b2ef414c2b1688ad7831340469
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 09:56:04 GMT
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD61-P1
age
2610850
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Sun, 03 Dec 2023 09:56:04 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D%2BHaaIkUrNPsuSetBlQMT7E%2ByQIBYfBBNkw85kF1PkNavyftfQTVNJ5AJGXKmDROsB%2FoyulGmxHh6oVunGhaeSJA8YJKQ2VW55COo1AUHJI3MYyw%2Bt58PgprehwaaHYO5gju3o8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
82faf008eaa620c0-IAD
x-amz-cf-id
xuRHEfP9rA3cjQU2Y3vwM5xwDKzTegLYUG010Nr_dRvScHHyzz-DeQ==
expires
Wed, 13 Dec 2023 09:56:04 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=400&h=600&q=1&src=image/participantes/bruno-bbb23.jpg
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
3f0286b191e52b5e7af22af3a3056958fa411c8a7861ec57eb4d5c96d39314d6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 03:31:37 GMT
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD61-P1
age
7645117
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Fri, 06 Oct 2023 03:31:37 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bTiPCkNYb5m8DD6XpBLWTLJ%2BMmm6ReXHxZG%2Bkd2u5juW1Gz%2BkkNMBQgCf8%2BQpmQsQJCT8ofFu0T4vpiiWUqYRyKpJto0qSGBLZEC6X78tAxjFe2g1%2FlJfOCYdFCfk%2BtAVMBDsf4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
811ad51ecbef81dc-IAD
x-amz-cf-id
nKu8aNElMauD9gOFjoFJ_lwLqwRAJlE4vAeDKL9_079irpzPyIsy8g==
expires
Mon, 16 Oct 2023 03:31:37 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=400&h=600&q=1&src=image/participantes/antonio-cara-de-sapato-jr-bbb23.jpg
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
24e9ed9eab09216ff15ca9714caf4c6334d318b0997bcac6e72c5029d1d93f43
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 03:31:53 GMT
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD61-P1
age
1683501
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Thu, 14 Dec 2023 03:31:53 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m7E71Lz4XHa6RkSKmZdWpuEfGRNh48MbVzO6rDE%2BNfjnXFBbXb8QAhAwj36Ecp1Ts9oU8rp9%2B7stYPA2v832n%2FlGb2PMMTnMBmoK27UOWe8hlDke5DM4BGOR4GtPCGrk%2B3O8OHQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
83536060bada5806-IAD
x-amz-cf-id
84-INE-UPbB-ndB_nPFBGGiWEt5geN-8z0sHxXEgzoS9GgJN5joKdA==
expires
Sun, 24 Dec 2023 03:31:53 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=400&h=600&q=1&src=image/participantes/tina-bbb23.jpg
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
9dd5584140f2ec5ed5c5f39b20ba0800c742c6a60b621c97d972b4239fc6b1fa
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 10:33:46 GMT
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD61-P1
age
4768588
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Wed, 08 Nov 2023 10:33:46 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RtuzqxXszgED408NsIf4TPlsEM0%2FZts8m2%2B%2B2Oavtua%2B6J41GCutXxJN5k8Aq4sFshSVAV%2Bh2DGookdeDHkiEqkWpI1Rjgf0PzVp6AlRGwqWYCjC%2FsM2L3FOYLby%2BpjuuD8Zfqc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
822d28e0cf64818b-IAD
x-amz-cf-id
2s__d2HUUFK8VOma-zVls0wShfMg-8_uQdn-pXavmFPVjZ4aOEXviA==
expires
Sat, 18 Nov 2023 10:33:46 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=400&h=600&q=1&src=image/participantes/sarah-aline-bbb23.jpg
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
59ba03a159f5d0adaf5cc34aa67bd34884b8fab72a1e351b296fb2308f77de58
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 23:28:12 GMT
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD61-P1
age
5326922
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Wed, 01 Nov 2023 23:28:12 GMT
server
cloudflare
cf-railgun
direct (waiting for pending WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ux4xDtn3NBjw95Y5mLsW2qGxSC0s3J5MKgW2jeNCuodhFuF4Zne5%2FSO1bw6pTW68td9dR4QnaucdKuF%2FoV4VWq1t8YVgYD08aR20w%2BKON%2FWPhoHi%2F4kNF5cyi9Hv4Cz581f7M%2FY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
81f7e9ae5d2a8221-IAD
x-amz-cf-id
DqJkSLcyyMsjK2ZCm6jtOEj1AXgfQn-fqftM2cHCgWOpg84ZxPVuGg==
expires
Sat, 11 Nov 2023 23:28:12 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=400&h=600&q=1&src=image/participantes/ricardo-bbb23.jpg
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
3de9f5231882b16bddccb492d140b88a3b7b2fd80d36c3f9d382b821779515c2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 09:56:04 GMT
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD61-P1
age
2610850
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Sun, 03 Dec 2023 09:56:04 GMT
server
cloudflare
cf-railgun
direct (waiting for pending WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eVo7R%2FUDg8kd1%2FEX2rZasKKE8Qcx%2F1JUPB%2BEStqhDumAG6BZ82tYh1R3qIg6O%2By6n6BlLHe98i6C3Ulq4lWlzCHonggN0m15LzOItvjsMYMvcCBMuiLCEHFqREC7W0ymYlkR8Zk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
82faf008ae6e20d5-IAD
x-amz-cf-id
4ktVE4Bf_PpupJDJ4ZVzAPT25XkJn8jOiK6U_Q7AWNFxOXMRHmeniA==
expires
Wed, 13 Dec 2023 09:56:04 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=400&h=600&q=1&src=image/participantes/paula-casa-de-vidro-bbb23.jpg
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
347c1aa4c3fc3dfe7f611d1f237b919e6e500e0c5e582920d380d8d5b5787e4e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 09:56:04 GMT
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD61-P1
age
2610850
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Sun, 03 Dec 2023 09:56:04 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k%2FThiwEWlgWtcrOwnwXSYb6%2F81E5g3qZzMNSRfjpC%2FWJZrYOI0oJSCm7VR4uq9QS%2BDzKko7SbHANbu%2BkfYN%2BXz2Z0XEIcUbOsEb2scX8EKcU0rVwflQoGeC76OEFcqQYT2MQdB8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
82faf00889642060-IAD
x-amz-cf-id
jXeMc6caACQy9K4USRLZ2vxH4NnDeot_cxrhSZLn8aEpKx0c5HofUw==
expires
Wed, 13 Dec 2023 09:56:04 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=400&h=600&q=1&src=image/participantes/mc-guime-bbb23.jpg
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
beecff1ab9cca2203c9e18df18f3146c174efdcc8ecebe6a5995a9a3039e973e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 00:19:48 GMT
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD61-P1
age
5064626
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Sun, 05 Nov 2023 00:19:48 GMT
server
cloudflare
cf-railgun
direct (waiting for pending WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PB8SH22vD0wPBt8XjBOShtucHk70unP83bak%2FHPLaXVwZQaBq4KbKcqzFSbppmK09pZiREDJTYT494wKZcVuhzQ300TB79hfWZGIGzSLQmFazm8d9pYl%2Bhs85cYluWrwKj%2Bj75k%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
8210ed64ace8819f-IAD
x-amz-cf-id
gOr_yDrgN-56ZK9NImrOezQYe74Du3nHKKKdAcm-Mlp2EEbgDxy7nA==
expires
Wed, 15 Nov 2023 00:19:48 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame EDB2 		730 B
383 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6330018069195839&output=html&h=212&slotname=1184555942&adk=2187097866&adf=316346021&pi=t.ma~as.1184555942&w=850&lmt=1704208214&rafmt=11&format=850x212&url=https%3A%2F%2Fwww.app.bigonline.top.enquetebbb.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704208214517&bpp=4&bdt=1335&idt=4&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280%2C300x250%2C850x212%2C300x250%2C270x928&nras=1&correlator=7012497238303&frm=20&pv=1&ga_vid=943506077.1704208213&ga_sid=1704208214&ga_hid=1936286099&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4582&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320869%2C95320884&oid=2&pvsid=2604598953066762&tmod=1515207609&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1152&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=5&fsb=1&dtd=281
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9cf5bfb11685eb7915044939b4ae7c8a9dfd4f8ff521d56e442ee7b8774329cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.app.bigonline.top.enquetebbb.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
362
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 15:10:14 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		284 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 15:10:14 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
1730
etag
W/"e3be409ac3c100e2a5d3f264ec260551"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
83f3ed7ebffe4396-EWR
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Fri, 05 Jan 2024 15:10:14 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		90 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/dfp/49fd207b-10c8-4894-9b57-08d90e6f6fd7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
89c77d47c44dfa4ef63a1b3f6eede30f48983f2917fa080835e461c96cba5b02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 15:10:14 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29203
x-xss-protection
0
server
cafe
etag
818 / 19724 / m202312060101 / config-hash: 12947993814115561758
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 02 Jan 2024 15:10:14 GMT
pbjs-min.js
tags.premiumads.com.br/scripts/ 		394 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/dfp/49fd207b-10c8-4894-9b57-08d90e6f6fd7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:f79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
cf2e9bbdef32f1bd4e75dd8e1ecf2e7fa61697babb54f4d7e502445608b0d399
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 15:10:14 GMT
strict-transport-security
max-age=2592000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
16493
x-powered-by
ASP.NET
request-context
appId=cid-v1:7814785e-b65d-4def-8f8d-ccf729ea4107
last-modified
Thu, 30 Nov 2023 13:32:58 GMT
server
cloudflare
etag
W/"1da2391bb43c69d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RIxWLDzkVTJ95AQ28OCJKFtViq78BXzqDeDf4hNmOsRAl2bJ%2Fu81LG%2F1hJHPKsQ45N3c5ls%2B3ZcWhHx9sU%2B5jddt8T24NGS4afiYLgtwtUd14hdMMe1QefL59PWTy04vxuH3XxIbQyLKhf7PGS%2FQH%2B1tsqc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
public, max-age=31536000
cf-ray
83f3ed7f3feb42d2-EWR
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
25a5de68d390f7c0ee9384f03a6f087c66bc3b6eb37c37f7351735770183017f

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
css
fonts.googleapis.com/ Frame 2FDE 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6330018069195839&output=html&h=280&slotname=3146450979&adk=597137813&adf=3932325209&pi=t.ma~as.3146450979&w=1170&fwrn=4&fwrnh=100&lmt=1704208214&rafmt=1&format=1170x280&url=https%3A%2F%2Fwww.app.bigonline.top.enquetebbb.com.br%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704208214225&bpp=27&bdt=1043&idt=27&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7012497238303&frm=20&pv=1&ga_vid=943506077.1704208213&ga_sid=1704208214&ga_hid=1936286099&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320869%2C95320884&oid=2&pvsid=2604598953066762&tmod=1515207609&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=37
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::5f Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 02 Jan 2024 15:10:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 14:02:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Jan 2024 15:10:15 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 2FDE 		2 KB
903 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6330018069195839&output=html&h=280&slotname=3146450979&adk=597137813&adf=3932325209&pi=t.ma~as.3146450979&w=1170&fwrn=4&fwrnh=100&lmt=1704208214&rafmt=1&format=1170x280&url=https%3A%2F%2Fwww.app.bigonline.top.enquetebbb.com.br%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704208214225&bpp=27&bdt=1043&idt=27&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7012497238303&frm=20&pv=1&ga_vid=943506077.1704208213&ga_sid=1704208214&ga_hid=1936286099&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320869%2C95320884&oid=2&pvsid=2604598953066762&tmod=1515207609&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=37
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 11:44:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
12342
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 16 Jan 2024 11:44:33 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 2FDE 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6330018069195839&output=html&h=280&slotname=3146450979&adk=597137813&adf=3932325209&pi=t.ma~as.3146450979&w=1170&fwrn=4&fwrnh=100&lmt=1704208214&rafmt=1&format=1170x280&url=https%3A%2F%2Fwww.app.bigonline.top.enquetebbb.com.br%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704208214225&bpp=27&bdt=1043&idt=27&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7012497238303&frm=20&pv=1&ga_vid=943506077.1704208213&ga_sid=1704208214&ga_hid=1936286099&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320869%2C95320884&oid=2&pvsid=2604598953066762&tmod=1515207609&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=37
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 10:19:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
17446
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9269
x-xss-protection
0
server
cafe
etag
11706523405290302210
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 16 Jan 2024 10:19:29 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 2FDE 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6330018069195839&output=html&h=280&slotname=3146450979&adk=597137813&adf=3932325209&pi=t.ma~as.3146450979&w=1170&fwrn=4&fwrnh=100&lmt=1704208214&rafmt=1&format=1170x280&url=https%3A%2F%2Fwww.app.bigonline.top.enquetebbb.com.br%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704208214225&bpp=27&bdt=1043&idt=27&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7012497238303&frm=20&pv=1&ga_vid=943506077.1704208213&ga_sid=1704208214&ga_hid=1936286099&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320869%2C95320884&oid=2&pvsid=2604598953066762&tmod=1515207609&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=37
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:43:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
30433
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 16 Jan 2024 06:43:02 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 2FDE 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6330018069195839&output=html&h=280&slotname=3146450979&adk=597137813&adf=3932325209&pi=t.ma~as.3146450979&w=1170&fwrn=4&fwrnh=100&lmt=1704208214&rafmt=1&format=1170x280&url=https%3A%2F%2Fwww.app.bigonline.top.enquetebbb.com.br%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704208214225&bpp=27&bdt=1043&idt=27&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7012497238303&frm=20&pv=1&ga_vid=943506077.1704208213&ga_sid=1704208214&ga_hid=1936286099&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320869%2C95320884&oid=2&pvsid=2604598953066762&tmod=1515207609&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=37
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 15:34:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
84937
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 15 Jan 2024 15:34:38 GMT
l
www.google.com/ads/measurement/ Frame 2FDE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTaJzRXOKLvwY3Dx879wprjBdqDg1N0JMeK1poMiS4TM68cOMyM-AabRn-ahEtOz-V1ByDOX13v0w0dtTRo8igMIQIduw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6330018069195839&output=html&h=280&slotname=3146450979&adk=597137813&adf=3932325209&pi=t.ma~as.3146450979&w=1170&fwrn=4&fwrnh=100&lmt=1704208214&rafmt=1&format=1170x280&url=https%3A%2F%2Fwww.app.bigonline.top.enquetebbb.com.br%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704208214225&bpp=27&bdt=1043&idt=27&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7012497238303&frm=20&pv=1&ga_vid=943506077.1704208213&ga_sid=1704208214&ga_hid=1936286099&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320869%2C95320884&oid=2&pvsid=2604598953066762&tmod=1515207609&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=37
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::68 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2FDE 		194 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6330018069195839&output=html&h=280&slotname=3146450979&adk=597137813&adf=3932325209&pi=t.ma~as.3146450979&w=1170&fwrn=4&fwrnh=100&lmt=1704208214&rafmt=1&format=1170x280&url=https%3A%2F%2Fwww.app.bigonline.top.enquetebbb.com.br%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704208214225&bpp=27&bdt=1043&idt=27&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7012497238303&frm=20&pv=1&ga_vid=943506077.1704208213&ga_sid=1704208214&ga_hid=1936286099&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320869%2C95320884&oid=2&pvsid=2604598953066762&tmod=1515207609&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=37
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
976b1d446e9f000ebc33704968e386bdf9a1c80afa733825c1fb92006d1736ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 15:10:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62516
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 02 Jan 2024 15:10:15 GMT
f9d9b65dbd646119ce96bad0f484d579.js
www.gstatic.com/mysidia/ Frame 2FDE 		37 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6330018069195839&output=html&h=280&slotname=3146450979&adk=597137813&adf=3932325209&pi=t.ma~as.3146450979&w=1170&fwrn=4&fwrnh=100&lmt=1704208214&rafmt=1&format=1170x280&url=https%3A%2F%2Fwww.app.bigonline.top.enquetebbb.com.br%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704208214225&bpp=27&bdt=1043&idt=27&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7012497238303&frm=20&pv=1&ga_vid=943506077.1704208213&ga_sid=1704208214&ga_hid=1936286099&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320869%2C95320884&oid=2&pvsid=2604598953066762&tmod=1515207609&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=37
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 14:54:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
260124
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15460
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 29 Mar 2024 14:54:51 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=300&h=343&src=image/participantes/alicia-x-paiol-a-fazenda-15-P.jpg
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
e15550e747885311c9effdb1722fbfae193d29eba419ec65122678c4add2f3ea
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 03:17:17 GMT
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD61-P1
age
7645977
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Fri, 06 Oct 2023 03:17:17 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ScpKxwVQjEADO5aaZctndcGXCo2wOXB4zSHZHAvii9QXGA0I3xZgrGB4QybrxblaEO%2Bf0id0GvQxW3Vt6T73whFMCZ8OxRKjAh1%2BjP2eVVYhUpaGFBpQDi%2BHIHmMnvJpogPw2AE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
811ac0218cc482cf-IAD
x-amz-cf-id
v1d6dRRqo7Px0mpPJeURb-GI5fTVQXlYMiZtL0anq5ypWGKz8eXLsA==
expires
Mon, 16 Oct 2023 03:17:17 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=300&h=343&src=image/participantes/andre-goncalves-a-fazenda-15-P.jpg
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
40572fd0ffc5ae5e4b0c0a7d8d048532e7c149cc9511b78503965e795bed1f25
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 02:45:02 GMT
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD61-P1
age
6265513
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Sun, 22 Oct 2023 02:45:02 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PmjeJB7c1YULS9OmrnLVCMiD4nzypCIFcgjmVf%2BoF1Bn2lWkNX54dmUSN4S0zpAwbZ9UO%2BMwrPei6iKLz1tNyvIub78SGP7aVFhN8QMJo7FV186A%2F9gkuqCE2J6Hm67LBqbmg7E%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
819e66e4ee6b5a40-IAD
x-amz-cf-id
wdOqpk2QLLFXSQHnFsDZV61oU-4l4AvOl3i9Bx8rxA8ib3rOPWL6dQ==
expires
Wed, 01 Nov 2023 02:45:02 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=300&h=343&src=image/participantes/cariucha-a-fazenda-15-P.jpg
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
6d9778bc3f894f02e1907f4e2c4caae7f442521ccb76376958ea06ca7d3472af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 18:55:52 GMT
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD61-P1
age
1196063
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Tue, 19 Dec 2023 18:55:52 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KPe4V4R3uLKYh5SPT%2FC78VjcIvaCODvnks1AmvGrr7tVwHtT%2FD%2F%2BJdvRmeCWY9uyITk8zdf0oL%2FOUPNWcPWBtJ361HA%2FgQiBlz43R%2BCcA11gpbpa5RJQbCveggwKNc00rErokbM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
8381dcc2db2f07c5-IAD
x-amz-cf-id
Xp08MkN834mGL4Y6WQdu37Yb5O5VPvKhANXaEzN5y7wGmNVJ1Q0gFA==
expires
Fri, 29 Dec 2023 18:55:52 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=300&h=343&src=image/participantes/cezar-black-paiol-a-fazenda-15-P.jpg
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
d1384ae51e633ed5d189f6ef2383a0d23540c897cd21566cb70155ae8fb1e478
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 03:17:17 GMT
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD61-P1
age
7645978
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Fri, 06 Oct 2023 03:17:17 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XquNOBPtXb0AlnDRYa1R%2FA4wTaT4Gxa3rqU0AgImneA3exs0I8d2%2FXjFS3%2BpmTxnizinqu1%2BTYkdMBEkJzsmL0VUPVDOhzjYunguuzRKzQOtLZLWZ%2BGJGDJyOx1%2F%2F4f3BRA1tnA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
811ac0218e113975-IAD
x-amz-cf-id
t1CtKXa9aAiN3eHAJiQ8Oti0iSU55EVmlJ8Be1cKJJQ2Ea-jxxLR5Q==
expires
Mon, 16 Oct 2023 03:17:17 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=300&h=343&src=image/participantes/darlan-cunha-a-fazenda-15-P.jpg
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
3c31f594d2c133ec20aef3e2def5e3ab3f136c84d536972fe074040a3873933b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 02:44:31 GMT
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD61-P1
age
995144
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Fri, 22 Dec 2023 02:44:31 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=12yTVZQr%2FoUs2Hg09YXuniWlM8DoZOi3UVVAX6neqFZfUTYf4hpnA00tE39F4jMtBQ72lW%2FFzWOWc%2BCDrKXbgplhn5RBY7475crkSxkgyJHRxgsUvrttC6RE8DoKNqzzcfVZv28%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
83950600b867200a-IAD
x-amz-cf-id
nTxW000iuxuSOBIsa63w2tGY90OvoeSQZ1bz4R1sXMY3AVVpes3cmw==
expires
Mon, 01 Jan 2024 02:44:31 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=300&h=343&src=image/participantes/henrique-martins-a-fazenda-15-P.jpg
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
a5c2728e77ced2a8d93431b63c328adfd0900eb8364c82552870de9da43a2233
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 18 Dec 2023 03:43:45 GMT
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD61-P1
age
1337190
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Mon, 18 Dec 2023 03:43:45 GMT
server
cloudflare
cf-railgun
direct (waiting for pending WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oIS9P1c1PaBY5EZFqa2hLxvvbZMwxSqze6HfLWYpgNHrQPtiZqQDHBdAiLDP8QZYtSReafLI7G%2BQCOMTlo3y0TZgHq%2FebrdQHJJqqlDeUJod8RzMdqovG3x%2BbTLObsq%2FcHofnFg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
83746741fd6381f7-IAD
x-amz-cf-id
mCrqZAF7gj-FQxInDZJi83nbnu7HM1sjsTfSYOKbct3Av6ntUn10VA==
expires
Thu, 28 Dec 2023 03:43:45 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=300&h=343&src=image/participantes/jaquelline-grohalski-a-fazenda-15-P.jpg
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
d514665695568bb918c9c1265aa93e2542c9d3090ac1480dfee8468d2a2f8e68
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 23:42:47 GMT
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD61-P1
age
6708448
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Mon, 16 Oct 2023 23:42:47 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K1alf6Wtz88sIfB9B4NJxbal2dbXiuVbH9kURIJGV0PSVmSB87mJ0MVMM3QTfaWXfaZWZ087ZQAvUaKrZG1kOKbgrUy98B3wvc2YSUcclOMldn5wRTs%2Fu9ZunTfPoiIJhy26zFA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
8174290bab275a57-IAD
x-amz-cf-id
CkRhPjRY9EcEnm99P3x3kPVWGFnnhlp4XrMvvub3YG7TgsErMOo-hw==
expires
Thu, 26 Oct 2023 23:42:47 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=300&h=343&src=image/participantes/jenny-miranda-a-fazenda-15-P.jpg
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
ec35218519989e415ada36f932815d10628420e6d7c0bf2ac06d0e29ff980cab
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 14:47:01 GMT
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD61-P1
age
1038194
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Thu, 21 Dec 2023 14:47:01 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zuV%2FQ2Cipuu6q06RrMs1KvEiwp83s39lF049b5R35MzrvttGFWcAeXd08qtF%2BvaNqH1eNp%2BaToL%2FjS%2FIo0qJJmkjM5JtQzgANdyGIWoaQ5aAkQ38EvMzzypjicalKWec%2FDtzuKo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
8390eaf73fd75a21-IAD
x-amz-cf-id
P6GGKs3DBPT_D2VWtmv97ffUWEk-MceUoIwNuq7ZXZObuRi91-PgzQ==
expires
Sun, 31 Dec 2023 14:47:01 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=300&h=343&src=image/participantes/kally-fonseca-a-fazenda-15-P.jpg
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
601b37db618f94ca70bd1d16390d3fea996fe6c956bee4a2a93d817dfc255cbb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 13:52:34 GMT
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD61-P1
age
2251061
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Thu, 07 Dec 2023 13:52:34 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mwlopHi4KQI0iQts0caF4xsLf4NQtEaAvAoKL9Fk%2BpE%2F4chO%2BRCFz%2BqfdXa4JCh5HkYvhUsaqbyilb2YWF9Zx14oxACAL%2F7vhJ26GFXKEOcsAQDV8d6vS1DxoD7xWBsORtKqqyc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
831d3ff59bed7f9a-IAD
x-amz-cf-id
-E1zumJ_Tr5I8SqsD0ENWL6NpY6f9FByHaYwkydzLmFksm-u5HA7hg==
expires
Sun, 17 Dec 2023 13:52:34 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=300&h=343&src=image/participantes/kamila-simioni-a-fazenda-15-P.jpg
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
d2b62eac63a8beed205970c42627ef3fda865187eb074a15a22f9591bbc94b6c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 03:38:17 GMT
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD61-P1
age
2028718
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Sun, 10 Dec 2023 03:38:17 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rLup%2FFx2RQXcQZj%2B%2BKlQbf3sxwjDC0ibAKhau9vsSkLxW8ejoHLrX%2FOneDWaN%2F%2BoTe1wI99aArVOCksQLBiu3%2FZSON9VnHhzN84RcnX2%2Bne6tYAtbJb8xIzp1DtqWNNjdsrXRjA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
833274425df29c34-IAD
x-amz-cf-id
cYVdFf3x-zRafn-IDz6EhwiG9QNV-cdd_434hi1Nl9tCawFgnPDR6Q==
expires
Wed, 20 Dec 2023 03:38:17 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=300&h=343&src=image/participantes/lily-nobre-a-fazenda-15-P.jpg
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
a36c24ae7ba241bba601ac4e528f763966998f5b13e533f3288e5ef1272cdb43
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 03:31:32 GMT
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD61-P1
age
1683523
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Thu, 14 Dec 2023 03:31:32 GMT
server
cloudflare
cf-railgun
direct (waiting for pending WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LDAfK41MQjeUH5J2xhL8nu1QYFKiRLOPvCwKl4fP8gzBWxPcYGc15a9nnN7gfBqszBpYwtO%2BxmqFYLKyXhz2YvAKl4zLBpXayfcRafmQ5InSxlf6qNqQQpA0TE576RTUmNrqeTo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
83535fdf8a5c07d9-IAD
x-amz-cf-id
hRTLSrEVTI4hDyMYK2bmxkpDpVzNthPg9bLxZ0Q-_xccTMRgIS7Qog==
expires
Sun, 24 Dec 2023 03:31:32 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=300&h=343&src=image/participantes/lucas-souza-a-fazenda-15-P.jpg
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
087ac2cab95b209141be74e4b3a5adb057c721d2f2e77a4bbf0ad60a57d3ebb3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 06:53:07 GMT
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD61-P1
age
1239428
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Tue, 19 Dec 2023 06:53:07 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hL1hkb%2FosIkzmt7OPTJ1UpywLPxyq6HtH%2BI%2FZ0QiFprbJznnqdGmuxHVU7c1DKUT4CakMgcomMwumA9HeNYIuT5gwi8XgyrbNjS4MchUj1VK0e7FE73nkU0h29AIZeP0Hc83oGA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
837dba0679bb9c48-IAD
x-amz-cf-id
z662M0qI6JyR8vUiv6fPetCH2jVtjPkQ2rEZYkiKzInqZ4ILwurcHQ==
expires
Fri, 29 Dec 2023 06:53:07 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=300&h=343&src=image/participantes/marcia-fu-a-fazenda-15-P.jpg
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
9254ffe1310ecb839ed25a69e4cc751bd8e1ab74a964b4c91d67cf3964eae29b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 03:44:14 GMT
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD61-P1
age
1941961
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Mon, 11 Dec 2023 03:44:14 GMT
server
cloudflare
cf-railgun
direct (waiting for pending WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VUdd8FrLYsGYahSxtFVneOhQBXjURa14GsUJFAlTc4IsGVVli1FyrImqqf0ap6kcassCqPZV2t8gSz%2FNKdAOwNtzKWWLvxKQpJEa3M1pl5Xm6xsc1HsZ%2BVedwKvVxvdwLd2zQ2A%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
833aba5abbed2429-IAD
x-amz-cf-id
IvbmkaNtxiAuFuOPHEdY_fw2LeZTxMkmjyW-F1ZS8RmRYoeCv-WH7g==
expires
Thu, 21 Dec 2023 03:44:14 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=300&h=343&src=image/participantes/nadja-pessoa-paiol-a-fazenda-15-P.jpg
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
576868c925dedc43d47345bd0b908e1668e1c041a612cdbeecaf0d88d7a9c439
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 08:48:13 GMT
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD61-P1
age
4083722
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Thu, 16 Nov 2023 08:48:13 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5XIgilqO0FjAUcW0y7DDWbEr2J2rIa3rb9dIgYAovCwSG3HwsXK8HM1Tv%2Fa6vVQsN%2FcnlJL5a7efpZuNIoxlCsPHY%2FIWdE8%2BkGpDpn4H5btYs4yKxu5sj3973w9betAJYMh3fug%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
826e79464c9e81df-IAD
x-amz-cf-id
UQM2Vq6g5B3whzOTaj7BwnwR8R6MYlhR9h0GelN_G-qFOU6edo66wQ==
expires
Sun, 26 Nov 2023 08:48:13 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=300&h=343&src=image/participantes/nathalia-valente-a-fazenda-15-P.jpg
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
0c2bdea3699a8538b5e8cfa72687e278626ac46810f37efd8ee2ad9094fd7beb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 06:53:07 GMT
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD61-P1
age
1239428
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Tue, 19 Dec 2023 06:53:07 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HUVcj%2B8abDEJGeDHMX8GMUvl%2FuNKgAvff1ietS6or9mqDB0yvkxFlZWzuF2%2BD6KPJdXwkxXKrCHLsDNEzr4e7IetNVd%2Fx5lQKCWU8f4uDfHUvzDlNRAyF6AI7RPwfiElja9AX7c%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
837dba06a8413b95-IAD
x-amz-cf-id
8P3dr99KX2JLWlBLRRnflm6T4T-by8ElLNgQQ6vOWcWObovUwLCy_A==
expires
Fri, 29 Dec 2023 06:53:07 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=300&h=343&src=image/participantes/rachel-sheherazade-a-fazenda-15-P.jpg
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
25fdb817b24a548c69cd32f1420fb6a4e20a0aaf760b88c9a3179023a7432396
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 03:39:19 GMT
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD61-P1
age
991856
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Fri, 22 Dec 2023 03:39:19 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sMbXcn%2FQXsdOygBm7SBLqy8lPvNpuWjGnKgsGHsJfPeFjZRWBri5SlC3o2ss0AhU4L1TaNY4QBSfTecW7L1mVdchj%2FIMhDvb26a%2F3gmXZvoEjkJIgjkkCTevW%2BZiHr7b4Pba1%2BQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
83955648e8cc82ae-IAD
x-amz-cf-id
_UrZkDLyd0p2UVyVrNW8HQySENtkXG1YjK8Kf_oyvKQVQ2RGKSsw0A==
expires
Mon, 01 Jan 2024 03:39:19 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=300&h=343&src=image/participantes/radames-martins-a-fazenda-15-P.jpg
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
078fb63c950a96d87ef24f2e116dea03aca44344d7fd55a34d649086564c684a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 11:53:49 GMT
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD61-P1
age
4072586
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Thu, 16 Nov 2023 11:53:49 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LzYtCj1zeKF0cCA0weLSGAQeqpYLGW80pDwgtFvg05QR3lpAWcLFQgd2nlsUCfJGEW3tXxNcX%2FNrmWhB%2BPR%2FaRqetG5xIzLAWeBgXcJ3iybu2JNhcECcnlI%2BQhoSAhb8CrFFIE8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
826f89256f523af0-IAD
x-amz-cf-id
ZZVoP53rVO__VGJH7EMKVIbaRcZJQaszKHL0IIPpAKHLBEEJQUPA2Q==
expires
Sun, 26 Nov 2023 11:53:49 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=300&h=343&src=image/participantes/sander-mecca-a-fazenda-15-P.jpg
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
c6dbee1e15950de3f157c5074a3696c09914c4b31a7db5d5b8be692a17171046
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 01:31:52 GMT
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD61-P1
age
1258703
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Tue, 19 Dec 2023 01:31:52 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XqVh4ZEmLWgotcV2ilW3vwhmjeZtQZ1cyFsajONkbXOYVe9D4yUlSf0JOm0Scxq4u25Kt%2BHKrSby4IXT9x2cckwGM4qGeDOeATT00ostlTmYVow2scQZy2TqWp78y0AtoBEJaTg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
837be375b8232051-IAD
x-amz-cf-id
dpf0bbLznE7N4qTZZuN-KJbfVrko0uE1Dmbx_AONui3FEeJ5hr9Rjw==
expires
Fri, 29 Dec 2023 01:31:52 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=300&h=343&src=image/participantes/shayan-paiol-a-fazenda-15-P.jpg
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
c05e5b8993e3f1de70c94fb5864edd970728bc72422dd29878287881e1bf529d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 03:17:39 GMT
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD61-P1
age
7645956
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Fri, 06 Oct 2023 03:17:39 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2u0twUHRtDjEPKtFZB2DJAMtykR%2B1PCqbB%2FTltIRMWqAip%2FlxXu5hQFcs4E7GBVUD0MspfXEPpfrKEvSmYAs5vcZXA8Ln5w5pxajapKZEwhxMOp5j0ATiPwM%2FbmiYw52vPrDwZk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
811ac0aaac9b2015-IAD
x-amz-cf-id
SaZ9OHGcvFLLZXnGbxgQd6rQz2zHxHA0b0vex_sMFOEFGSTlopZRNg==
expires
Mon, 16 Oct 2023 03:17:39 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=300&h=343&src=image/participantes/tonzao-chagas-a-fazenda-15-P.jpg
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
2fda69f83698c870c477234b9495b934eae216985e3bf1568bcd689a7374d8f3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 03:17:39 GMT
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD61-P1
age
7645956
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Fri, 06 Oct 2023 03:17:39 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LRTuxnp0QYJ4%2BbIQhZaXG25V%2Fl%2FIMaSyo3hzH%2BScDekwcN0hFaxOC6NrF0E5GgNjcwbipQKMN2nGwonGaDXjSBE6QATVjobIO7cJM%2BNEku%2BusLinxRKr1SCFkf%2B4v7zIAx1zVX4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
811ac0a9c9042d0c-IAD
x-amz-cf-id
zFHEBLFUFwS3LSp-FpYmyPBodT1M4utlPhzGaU3xiDflZ4GYGN7nPw==
expires
Mon, 16 Oct 2023 03:17:39 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=300&h=343&src=image/participantes/wl-guimaraes-a-fazenda-15-P.jpg
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
e19c6f2ae2b4e3b5caf5a583f94d4eb9e95505c75be11fc528639c6e108f607d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 06:38:23 GMT
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD61-P1
age
4091512
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Thu, 16 Nov 2023 06:38:23 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U0go56BrzQsWusWJrK1%2B5y2HxINqB%2B5FPq32yUN%2Bu%2Bc%2B1Mz9R2Gb6Sgr9uESG%2FwoV1Y%2FhXAMslVB%2Bt2kQePf5ShFIw5JxZm270xDDJDxSLDZiVn2xEPYfYWM6kISZgx4hpzTJX8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
826dbb125ba113c7-IAD
x-amz-cf-id
URey8zYyh76oFPrtiNwAVZV1hNNgpSnfWiHaG_qnHuXRdvwvdovFFw==
expires
Sun, 26 Nov 2023 06:38:23 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=300&h=343&src=image/participantes/yuri-meirelles-a-fazenda-15-P.jpg
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.103.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-103-34.iad61.r.cloudfront.net
Software
cloudflare /
Resource Hash
bdfb63a8bc54a1f786116dd76df21fed408dff0ab65577958009741f9762680d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 03:39:19 GMT
via
1.1 2c36186b512068f67b05531ba050ed00.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD61-P1
age
991856
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Fri, 22 Dec 2023 03:39:19 GMT
server
cloudflare
cf-railgun
direct (waiting for pending WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z5jgUrvFg0L9wcFgXyP%2BfOtT08QKwbHNHXCWE%2Fq1XQGBrWvqUgeRHTst6%2BhZ%2Br0Qe1hZcFPx%2B%2BhqNmFLGzzTnmFvE2gNUNVKLIPQ2fgnbcNn%2BSAIyiHbjuUna5q%2FsKDOJ2mGW6E%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
83955648e9bd9c16-IAD
x-amz-cf-id
RC82Dh-GeAiiVFNH9-MrD97O-_06LlqcoUtp_ebOUgrI_9panA-beQ==
expires
Mon, 01 Jan 2024 03:39:19 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 988C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst9XCLdBwHFqALewJqbX8kE31wr7wQuver4GZc5pPig-nN_JxBDNvID68yr99KepWdr1cTekqW6d1c6wp1LyYMmwLjjmw3wJl5fi1I1dUpLqCmSSpyGi6p_knMAtoBcpFee4hCzWD-8H2ZtyEOa4cXGBwlSPAQdUrtXj0HsUOZzoLV7IEFbqLcReU3SrfV5BrVl3bqeSvRatHReFJ4ueFi3GjW-24sMR8I0OFVJG3DEoXWp4CS_uw998LHTed5TwQbS34Fzjeafv1ijH1i6Fo02Rat_v6EKknGo2UP_qp6QQnnLhgPl3rLPznQcOCyt3NwpN_jE16gjwA6dn5kWVr6822CpkDVeZc4wOO2cUXuGywhbba08EZuh9I7ormWmYwju2jTonzry86HA9nyt0W4&sai=AMfl-YRNNrPlqXPoOHfpH5E2LSPKW9oPxahXGrVnmNzjsO9GLIC4QpYvAOHwK4v2LZ6npHSfnYjR15FmhGak0rDvaXgJ3syQ8aym8JWK_AFOvpmgHOnUA1badQ_krC4P1A&sig=Cg0ArKJSzHWSLzoPUW8aEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 15:10:15 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 988C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080057
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:43:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
30433
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 16 Jan 2024 06:43:02 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 988C 		194 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080057
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
976b1d446e9f000ebc33704968e386bdf9a1c80afa733825c1fb92006d1736ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 15:10:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62516
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 02 Jan 2024 15:10:15 GMT
2074433347155045863
tpc.googlesyndication.com/simgad/ Frame 988C 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2074433347155045863
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080057
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
129276a00b127cbaeffb739b9a04904059a1368388f33cae90dc90385d1cbb23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons
true
date
Tue, 02 Jan 2024 15:10:15 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22892
x-xss-protection
0
last-modified
Mon, 30 Sep 2019 23:27:35 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 01 Jan 2025 15:10:15 GMT
l
www.google.com/ads/measurement/ Frame 988C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQqya7Ru9eDiUGk9Rc7wd3oJN3ZVXLQh7kyxqecw39_84hlK_KNgDl_ADXomXxRGdez8zt5AVo_u_zOydVIMxIl-cYtbQ
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080057
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::68 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
truncated
/ Frame 988C 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ba5e42adc547e443e055c39d421a8955f97c8cd4f726383ce0c87f09779134c4

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
collect
analytics.google.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-RQSNYVQKT8&_ono=1&gtm=45je3bt0v9135313823&_p=1704208213212&gcd=11l1l1l1l1&dma=0&cid=943506077.1704208213&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&sid=1704208213&sct=1&seg=0&dl=https%3A%2F%2Fwww.app.bigonline.top.enquetebbb.com.br%2F&dt=Enquete%20BBB%20-%20Votar%20BBB%2023&_s=2&tfd=3258
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RQSNYVQKT8&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::8b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.app.bigonline.top.enquetebbb.com.br/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 15:10:15 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.app.bigonline.top.enquetebbb.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
web
onesignal.com/api/v1/sync/189f3c55-1eac-49d0-ae7e-39bc97956f60/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/189f3c55-1eac-49d0-ae7e-39bc97956f60/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b846f992fafe62de5c30a2305e18015762c3ad534d21163546b616290c4d8209
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 15:10:15 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
EXPIRED
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
f2c7cdf3-e049-4aeb-9dfe-e82fcd3b31e3
x-runtime
0.030942
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"b846f992fafe62de5c30a2305e180157"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
83f3ed813be74396-EWR
access-control-allow-headers
SDK-Version
expires
Tue, 02 Jan 2024 16:10:15 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 0DC4 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6330018069195839&output=html&h=280&slotname=3146450979&adk=597137813&adf=3932325209&pi=t.ma~as.3146450979&w=1170&fwrn=4&fwrnh=100&lmt=1704208214&rafmt=1&format=1170x280&url=https%3A%2F%2Fwww.app.bigonline.top.enquetebbb.com.br%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704208214225&bpp=27&bdt=1043&idt=27&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7012497238303&frm=20&pv=1&ga_vid=943506077.1704208213&ga_sid=1704208214&ga_hid=1936286099&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320869%2C95320884&oid=2&pvsid=2604598953066762&tmod=1515207609&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=37
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
46401
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 02:16:54 GMT
etag
48472445140208031
expires
Wed, 03 Jan 2024 02:16:54 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
14763004658117789537
tpc.googlesyndication.com/simgad/2081322153405347884/ Frame 2FDE 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2081322153405347884/14763004658117789537?w=600&h=314&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6330018069195839&output=html&h=280&slotname=3146450979&adk=597137813&adf=3932325209&pi=t.ma~as.3146450979&w=1170&fwrn=4&fwrnh=100&lmt=1704208214&rafmt=1&format=1170x280&url=https%3A%2F%2Fwww.app.bigonline.top.enquetebbb.com.br%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704208214225&bpp=27&bdt=1043&idt=27&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7012497238303&frm=20&pv=1&ga_vid=943506077.1704208213&ga_sid=1704208214&ga_hid=1936286099&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320869%2C95320884&oid=2&pvsid=2604598953066762&tmod=1515207609&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=37
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dee4776e1767a62698c3a99a1c8c0319a0d1295f001996371fbb2998eb846f2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Wed, 01 Jan 2025 13:02:03 GMT
date
Tue, 02 Jan 2024 13:02:03 GMT
x-content-type-options
nosniff
age
7692
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27682
x-xss-protection
0
last-modified
Tue, 28 Jun 2022 13:00:16 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
truncated
/ Frame 2FDE 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 2FDE 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
id.navegg.com/uid/ 		16 B
303 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.navegg.com/uid/
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:e280 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
558ffc306fcfed53467bbf376f405a03f22c4b47a02c4a446d05a769852585dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.app.bigonline.top.enquetebbb.com.br/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 02 Jan 2024 15:10:15 GMT
x-content-type-options
nosniff
referrer-policy
same-origin
cf-cache-status
DYNAMIC
server
cloudflare
cross-origin-opener-policy
same-origin
vary
Accept
allow
OPTIONS, GET
content-type
application/json
access-control-allow-origin
*
x-frame-options
DENY
cf-ray
83f3ed830e15434f-EWR
access-control-allow-headers
*
content-length
16
access-control-allow-method
GET
fastlane.json
fastlane.rubiconproject.com/a/api/ 		463 B
1021 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15410&site_id=96324&zone_id=2050442&size_id=2&alt_size_ids=55&rp_schain=1.0,1!premiumads.com.br,c5f23a3b-3ee9-44b5-8574-4c24c1580399,1,,,&rf=https%3A%2F%2Fwww.app.bigonline.top.enquetebbb.com.br%2F&kw=bbb23%2Cbbb23%2Cbig23%2Cbbb2023%2Cbbb2023%2Cgshowbbb%2Cbbb23votar%2Cenquetebbb23%2Cenquetebbb23big2023%2Cbig23%2Cbbb2023%2Cbbb22%2Cbbb22%2Cbig22%2Cbbb2022%2Cbbb2022%2Cgshowbbb%2Cbbb22votar%2Cenquetebbb22%2Cenquetebbb22big2022%2Cbig22%2Cbbb2022%2Cbbb21%2Cbbb21%2Cbig21%2Cbbb2021%2Cbbb2021%2Cbig2021%2Cbig21%2Cbbb2021%2Cbbb%2Cenquete%2Cbbb18%2Cbigbrotherbrasil%2Ccasavigiada%2Cvotarbbb%2Cvoto%2Cvotar%2Cenquetebbb%2Cbbb18%2Cbig18%2Cbbb2018%2Cbbb2018%2Cbig2018%2Cvotarbbb%2Cenquetebbb%2Cenquetebb%2Cpared%C3%A3o%2Cvote%2Cbig18%2Cbbb2018%2Cfazenda%2Cafazenda%2Cafazenda15%2Cro%C3%A7a%2Crecord%2Cr7%2Cvotarfazenda%2Cvota%C3%A7%C3%A3obbb%2Cenquetebbb%2Cparcialbbb%2C&tg_i.domain=app.bigonline.top.enquetebbb.com.br&tg_i.page=https%3A%2F%2Fwww.app.bigonline.top.enquetebbb.com.br%2F&tg_i.pbadslot=%2F75894840%2C21757894217%2FENQUETE_BBB_HEADERSTICKY%23P_ENQUETE_BBB_HEADERSTICKY_0&tk_flint=pbjs_lite_v7.54.5&x_source.tid=0d8548bf-6051-4589-9a44-3fbd93d5eb68&l_pb_bid_id=2f229cedcad82a&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=0d8548bf-6051-4589-9a44-3fbd93d5eb68&rp_hard_floor=0.0619&rp_maxbids=1&p_gpid=%2F75894840%2C21757894217%2FENQUETE_BBB_HEADERSTICKY%23P_ENQUETE_BBB_HEADERSTICKY_0&slots=1&rand=0.6974181166938125
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
8d972d00f01af3599d734288860c80b46a626ec9eade36e3b6261ccfa0a20295

Request headers

Referer
https://www.app.bigonline.top.enquetebbb.com.br/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 15:10:15 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.app.bigonline.top.enquetebbb.com.br
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
463
expires
Wed, 17 Sep 1975 21:32:10 GMT
3946375
bs.yandex.ru/prebid/ 		0
456 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bs.yandex.ru/prebid/3946375?imp-id=1&target-ref=www.app.bigonline.top.enquetebbb.com.br&ssp-id=10500
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.app.bigonline.top.enquetebbb.com.br/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 15:10:16 GMT
last-modified
Tue, 02 Jan 2024 15:10:16 GMT
x-yandex-req-id
1704208216063998-669091724143938213800272-production-app-host-sas-pcode-212
uniformat
true
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://www.app.bigonline.top.enquetebbb.com.br
content-type
application/json; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
uniformat-product-type
None
expires
Tue, 02 Jan 2024 15:10:16 GMT
auction
tlx.3lift.com/header/ 		19 B
758 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.54.5&referrer=https%3A%2F%2Fwww.app.bigonline.top.enquetebbb.com.br%2F&tmax=2500
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
174.129.160.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-174-129-160-16.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.app.bigonline.top.enquetebbb.com.br/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 15:10:15 GMT
accept-ch
sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch
content-type
application/json; charset=utf-8
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.app.bigonline.top.enquetebbb.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
prebid.media.net/rtb/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUM45834
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
25e7647033be574917f1c7cbabd9a7904d2a86ffa207cbbf2a815bf222af8dd0

Request headers

Referer
https://www.app.bigonline.top.enquetebbb.com.br/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 15:10:15 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.app.bigonline.top.enquetebbb.com.br
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
20
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 02 Jan 2024 15:10:15 GMT
cdb
bidder.criteo.com/ 		0
218 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.5&cb=74140852241&lsavail=1
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.app.bigonline.top.enquetebbb.com.br/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.app.bigonline.top.enquetebbb.com.br
date
Tue, 02 Jan 2024 15:10:15 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
prebid
ib.adnxs.com/ut/v3/ 		13 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.155 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0a6dfa0d3738f6f7c8db76d2e046e54a1b1ea824a6527c750634a086be2d19e3
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.app.bigonline.top.enquetebbb.com.br/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 15:10:15 GMT
content-encoding
gzip
an-x-request-uuid
8b44e67e-563c-4a0e-a6d7-f92bb5ab3705
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.app.bigonline.top.enquetebbb.com.br
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
5.181.234.132; 5.181.234.132; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 988C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst7_uztVwyKNugmLEGxNMZ4M2Blvtj4agXQYcAiy_NjfeHdr9eYSUyBzMZ7-R-vpZTF4iw01XueVmKDt5mi1LIp5AN_KYRGyGvT9x4mClzU0L8yNj6hMKmnVFIfU0HoJss8lK98bRkw_nJiTD6n9VElcOkYyDF_6-2WhmNKzKyHkEUxa62G0vrYqs9fhiGao7oUW3yWyGUZybakL_eL5neiigSjdKbkw_g93E9sI_EgBM0m3BOhjY4kdIWLFAlgdw89oa_N4G6MhHWe-ICJUIPnQWOcKW7HYgudV2WOrcSpBw3yBTok1JaJIZZ5L45XsMW1ATbekIU3xlUA1h98L9Rj0xFgojk8sXfAGfaJp6GOp4tVh4e17S3m67IoluOQpLDgnry04LSPoEH8tGXCr-0Fsw&sai=AMfl-YQfLFgYjfiONT0OO98U2daLgolisBW2inA8GyGBMItN6j48Voehcra-M_wkFr5wAKZHW0HtWjvHUv4QJg7nJA2eA_ddirZdVowXzlO-CJwj6owSgKLYpG8S-N2Yjw&sig=Cg0ArKJSzDhWOJnXYQpgEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 15:10:15 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 02 Jan 2024 15:10:15 GMT
collect
analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-RQSNYVQKT8&_ono=1&gtm=45je3bt0v9135313823&_p=1704208213212&gcd=11l1l1l1l1&dma=0&cid=943506077.1704208213&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EEII&_s=3&sid=1704208213&sct=1&seg=0&dl=https%3A%2F%2Fwww.app.bigonline.top.enquetebbb.com.br%2F&dt=Enquete%20BBB%20-%20Votar%20BBB%2023&en=ad_impression&ep.query_id=CLrZ-qn-voMDFdDo4wcdWL0M2w&_et=1565&tfd=3596
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RQSNYVQKT8&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::8b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 15:10:15 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.app.bigonline.top.enquetebbb.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 2FDE 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dc2aa58159c56a5e60feea9cb95b6bc6110f8dc824cf6ddfcbae0f4f86199d5a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 0DC4 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEOI-cJuadE69Sn96gO6fIfY&google_cver=1&google_push=AXcoOmQcV-grvrZoDYU3zFgA3_U-uicdG3SJZoz_7X8hMRfpzU8MjdZ81VgpsdnQXjwYYKCONtyWH6jZPNSSNbsOlLwgvYf1OP9Jn-s
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6330018069195839&output=html&h=280&slotname=3146450979&adk=597137813&adf=3932325209&pi=t.ma~as.3146450979&w=1170&fwrn=4&fwrnh=100&lmt=1704208214&rafmt=1&format=1170x280&url=https%3A%2F%2Fwww.app.bigonline.top.enquetebbb.com.br%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704208214225&bpp=27&bdt=1043&idt=27&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7012497238303&frm=20&pv=1&ga_vid=943506077.1704208213&ga_sid=1704208214&ga_hid=1936286099&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320869%2C95320884&oid=2&pvsid=2604598953066762&tmod=1515207609&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=37
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 15:10:15 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame 0DC4
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEN5-lD9LMbAsqEPi5gYLi-Q&google_cver=1&google_push=AXcoOmRfK3_b3AgfmXq107P1Jm9aUv7FaYgn6VEMQLSk9cSsc0L4UB7Ejk8c4IhdoCsqrbWdKc9ioElX42lH5nbp...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=qZQvkVZyQ4wBddhkhWtLKQ&google_push=AXcoOmRfK3_b3AgfmXq107P1Jm9aUv7FaYgn6VEMQLSk9cSsc0L4UB7Ejk8c4IhdoCsqrbWdKc9ioElX42lH5nbplFWoz7_VSdo77FM
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=qZQvkVZyQ4wBddhkhWtLKQ&google_push=AXcoOmRfK3_b3AgfmXq107P1Jm9aUv7FaYgn6VEMQLSk9cSsc0L4UB7Ejk8c4IhdoCsqrbWdKc9ioElX42lH5nbplFWoz7_VSdo77FM
Protocol
H3
Server
172.253.63.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 15:10:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 02 Jan 2024 15:10:15 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=qZQvkVZyQ4wBddhkhWtLKQ&google_push=AXcoOmRfK3_b3AgfmXq107P1Jm9aUv7FaYgn6VEMQLSk9cSsc0L4UB7Ejk8c4IhdoCsqrbWdKc9ioElX42lH5nbplFWoz7_VSdo77FM
x-host
tde-deliveryengine-production-59dc4ccdb-nbf9b
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 0DC4
Redirect Chain
  • https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESENvy83m9hhER0nv04uogoqM&google_cver=...
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=Y2Q0MGJjNDMtYTU5Yi00M2EwLWFhNjgtYzJjY2ZlYzkxNWE2&google_gid=CAESENvy83m9hhER0nv04uogoqM&google_cver=1&google_push=AXcoOmSS...
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=Y2Q0MGJjNDMtYTU5Yi00M2EwLWFhNjgtYzJjY2ZlYzkxNWE2&google_gid=CAESENvy83m9hhER0nv04uogoqM&google_cver=1&google_push=AXcoOmSSsWlLq9U7Gbfz9Pr_4bAV1jYS3cywMa-pNNXq03iVZxchMPvqqv5FwIUySplkuecH1QWZUhObQTIDn88pRvu19CpXGza-kDjo
Protocol
H2
Server
172.253.63.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 15:10:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=Y2Q0MGJjNDMtYTU5Yi00M2EwLWFhNjgtYzJjY2ZlYzkxNWE2&google_gid=CAESENvy83m9hhER0nv04uogoqM&google_cver=1&google_push=AXcoOmSSsWlLq9U7Gbfz9Pr_4bAV1jYS3cywMa-pNNXq03iVZxchMPvqqv5FwIUySplkuecH1QWZUhObQTIDn88pRvu19CpXGza-kDjo
date
Tue, 02 Jan 2024 15:10:15 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
usersync.aspx
dis.criteo.com/dis/ Frame 0DC4 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTNI1yYk9iu0JoxiO6nXxbT-9P3OaP0ntHWunXQDnF86zAz96CJr7IaVe2wXzMBBC_061zIz4O6u4tVlySXOuh7kxDwWPiunSjO&google_gid=CAESEBDZHB6vUvFUejsp589W-r8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6330018069195839&output=html&h=280&slotname=3146450979&adk=597137813&adf=3932325209&pi=t.ma~as.3146450979&w=1170&fwrn=4&fwrnh=100&lmt=1704208214&rafmt=1&format=1170x280&url=https%3A%2F%2Fwww.app.bigonline.top.enquetebbb.com.br%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704208214225&bpp=27&bdt=1043&idt=27&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7012497238303&frm=20&pv=1&ga_vid=943506077.1704208213&ga_sid=1704208214&ga_hid=1936286099&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320869%2C95320884&oid=2&pvsid=2604598953066762&tmod=1515207609&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=37
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 15:10:14 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
164709
expires
Tue, 02 Jan 2024 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0DC4
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEF5-67gz14pQA1O0Abxs6nU&google_cver=1&google_push=AXcoOmTKQRIlqZG6OatjvZV9H--wRvURA0luJSRMqsWMpgXE3ZFBG3bBdUYdFluzCn6bQHBgzGTSGmC34AXh6...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEF5-67gz14pQA1O0Abxs6nU&google_push=AXcoOmTKQRIlqZG6OatjvZV9H--wRvURA0luJSRMqsWMpgXE3ZFBG3bBdUYdFluzCn6bQHBgzGTSGmC34AXh6...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmTKQRIlqZG6OatjvZV9H--wRvURA0luJSRMqsWMpgXE3ZFBG3bBdUYdFluzCn6bQHBgzGTSGmC34AXh6wfdXvym6bh400uXaCAq&google_hm=cUpJb19MNnVvUVk5...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmTKQRIlqZG6OatjvZV9H--wRvURA0luJSRMqsWMpgXE3ZFBG3bBdUYdFluzCn6bQHBgzGTSGmC34AXh6wfdXvym6bh400uXaCAq&google_hm=cUpJb19MNnVvUVk5OG5VazFzS2I=
Protocol
H3
Server
172.253.63.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 15:10:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 15:10:15 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmTKQRIlqZG6OatjvZV9H--wRvURA0luJSRMqsWMpgXE3ZFBG3bBdUYdFluzCn6bQHBgzGTSGmC34AXh6wfdXvym6bh400uXaCAq&google_hm=cUpJb19MNnVvUVk5OG5VazFzS2I=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
240
Expires
Thu, 01 Dec 1994 16:00:00 GMT
report
sync.teads.tv/um/ Frame 0DC4
Redirect Chain
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEK0JN6qbgdQ7...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=MDI4MWVhNmMtMmI3NS00MDk5LTlkNmMtYTFhN2ViMWMwZTBm&google_push=AXcoOmSxrHUtMPE3NcNMwgA5gs8j8jhsB0LWLfX_d0cicLEpkWCJQj1Pr7fIRE2Ns6yog...
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol
H2
Server
23.209.57.154 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-209-57-154.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Tue, 02 Jan 2024 15:10:15 GMT
pragma
no-cache
date
Tue, 02 Jan 2024 15:10:15 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 15:10:15 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0DC4
Redirect Chain
  • https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEO7Y1tqLTHejoAdotbzcA7k&google_cver=1&google_push=AXcoOmR6N4iGWjR1JpwqkZnmy4jYPN9MHw4kmUQFkTM76i3e29FnJQdvdIFcE_zI-xr...
  • https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmR6N4iGWjR1JpwqkZnmy4jYPN9MHw4kmUQFkTM76i3e29FnJQdvdIFcE_zI-xrrQVrHCY_c2tEHfM9FWo24edq8dXetQ1x5DNJVWw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmR6N4iGWjR1JpwqkZnmy4jYPN9MHw4kmUQFkTM76i3e29FnJQdvdIFcE_zI-xrrQVrHCY_c2tEHfM9FWo24edq8dXetQ1x5DNJVWw
Protocol
H3
Server
172.253.63.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 15:10:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-akamai-request-id
1df8debe
date
Tue, 02 Jan 2024 15:10:15 GMT
x-bytefaas-request-id
20240102151015D23006BEECC1B39B94C7
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240102151015D23006BEECC1B39B94C7-586F7794D8BA12CE-00
x-cache
TCP_MISS from a23-222-12-7.deploy.akamaitechnologies.com (AkamaiGHost/11.3.3-52668873) (-)
server-timing
inner; dur=101, cdn-cache; desc=MISS, edge; dur=1, origin; dur=103
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20240102151015D23006BEECC1B39B94C7
access-control-max-age
86400
access-control-allow-methods
*
location
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmR6N4iGWjR1JpwqkZnmy4jYPN9MHw4kmUQFkTM76i3e29FnJQdvdIFcE_zI-xrrQVrHCY_c2tEHfM9FWo24edq8dXetQ1x5DNJVWw
x-bytefaas-execution-duration
99.35
access-control-allow-origin
*
access-control-allow-credentials
true
x-gw-dst-psm
ad.union.pangle_web_traffic
x-tt-trace-host
0180e0563fd48d5bb1dbc36bedbaa7d7748c623e3a181ba50cb88f6aa2bcd5e704859dd690900619f33d91cf57a8a6ee9be83bf77b395b3762dc816857b71149095e425c0eb458523cfa038675f05a41fab75d765600dc9b38bb3761d01036b7f5
x-origin-response-time
103,23.222.12.7
cache-control
max-age=0, no-cache, no-store
access-control-allow-headers
*
expires
Tue, 02 Jan 2024 15:10:15 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 0DC4 		0
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IZ5Ey51rW7nrLbQ4oCL8NZz12xLW_4t_Gz5eDAQmKWbrgNDr3JTkkuWKQY-XnO018fwA00HKY
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6330018069195839&output=html&h=280&slotname=3146450979&adk=597137813&adf=3932325209&pi=t.ma~as.3146450979&w=1170&fwrn=4&fwrnh=100&lmt=1704208214&rafmt=1&format=1170x280&url=https%3A%2F%2Fwww.app.bigonline.top.enquetebbb.com.br%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704208214225&bpp=27&bdt=1043&idt=27&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7012497238303&frm=20&pv=1&ga_vid=943506077.1704208213&ga_sid=1704208214&ga_hid=1936286099&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320869%2C95320884&oid=2&pvsid=2604598953066762&tmod=1515207609&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=37
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 15:10:15 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
collect
analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-RQSNYVQKT8&_ono=1&gtm=45je3bt0v9135313823&_p=1704208213212&gcd=11l1l1l1l1&dma=0&cid=943506077.1704208213&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=kAAI&sid=1704208213&sct=1&seg=0&dl=https%3A%2F%2Fwww.app.bigonline.top.enquetebbb.com.br%2F&dt=Enquete%20BBB%20-%20Votar%20BBB%2023&_s=4&tfd=3728
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RQSNYVQKT8&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::8b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.app.bigonline.top.enquetebbb.com.br/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 15:10:15 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.app.bigonline.top.enquetebbb.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 2FDE 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 18:54:55 GMT
x-content-type-options
nosniff
age
504920
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 26 Dec 2024 18:54:55 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 2FDE
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=Cs_24VieUZanKEqSpoPMPpu6pkAn_pefUWorvzrXuCvjohsCRGRABIOemhGNgycapi8Ck2A-gAdCez_4DyAEJqQKDw1EVf3ayPqgDAcgDywSqBP0BT9AYFKzoHDoq3lIDDsUV3UPuJtLcmId...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x69001c92f8b62720000000000000000%22,%222%22:%220x9d8bd323d81e44360000000000000000%22,%223%22:%220x88395e6...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x69001c92f8b62720000000000000000%22,%222%22:%220x9d8bd323d81e44360000000000000000%22,%223%22:%220x88395e689bcafc820000000000000000%22,%224%22:%220xcd0f04a78c3c611c0000000000000000%22,%225%22:%220xd54ded041d0bb16d0000000000000000%22},%22debug_key%22:%225010685143751368907%22,%22debug_reporting%22:true,%22destination%22:%22https://localoffice24.nl%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221070845776%22],%2222%22:[%22true%22],%224%22:[%2201-02%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22225291056484623361%22}&andc=true
Protocol
H3
Server
142.251.111.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 15:10:16 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0x69001c92f8b62720000000000000000","2":"0x9d8bd323d81e44360000000000000000","3":"0x88395e689bcafc820000000000000000","4":"0xcd0f04a78c3c611c0000000000000000","5":"0xd54ded041d0bb16d0000000000000000"},"debug_key":"5010685143751368907","debug_reporting":true,"destination":"https://localoffice24.nl","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1070845776"],"22":["true"],"4":["01-02"],"6":["true"]},"priority":"500","source_event_id":"225291056484623361"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 02 Jan 2024 15:10:16 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 02 Jan 2024 15:10:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x69001c92f8b62720000000000000000","2":"0x9d8bd323d81e44360000000000000000","3":"0x88395e689bcafc820000000000000000","4":"0xcd0f04a78c3c611c0000000000000000","5":"0xd54ded041d0bb16d0000000000000000"},"debug_key":"5010685143751368907","debug_reporting":true,"destination":"https://localoffice24.nl","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1070845776"],"22":["true"],"4":["01-02"],"6":["true"]},"priority":"500","source_event_id":"225291056484623361"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
33ab8bb5e53bb6e27d876495d09f98a116cc192093ea383e627491c40b68a79a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 15:10:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12235
x-xss-protection
0
gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
pagead2.googlesyndication.com/bg/ Frame 1431 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6330018069195839&output=html&h=280&slotname=3146450979&adk=597137813&adf=3932325209&pi=t.ma~as.3146450979&w=1170&fwrn=4&fwrnh=100&lmt=1704208214&rafmt=1&format=1170x280&url=https%3A%2F%2Fwww.app.bigonline.top.enquetebbb.com.br%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704208214225&bpp=27&bdt=1043&idt=27&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7012497238303&frm=20&pv=1&ga_vid=943506077.1704208213&ga_sid=1704208214&ga_hid=1936286099&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C95320869%2C95320884&oid=2&pvsid=2604598953066762&tmod=1515207609&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=37
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:07:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
3754
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19632
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 01 Jan 2025 14:07:41 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 15:10:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 02 Jan 2024 15:10:15 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x69001c92f8b62720000000000000000%22,%222%22:%220x9d8bd323d81e44360000000000000000%22,%223%22:%220x88395e689bcafc820000000000000000%22,%224%22:%220xcd0f04a78c3c611c0000000000000000%22,%225%22:%220xd54ded041d0bb16d0000000000000000%22},%22debug_key%22:%225010685143751368907%22,%22debug_reporting%22:true,%22destination%22:%22https://localoffice24.nl%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221070845776%22],%2222%22:[%22true%22],%224%22:[%2201-02%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22225291056484623361%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 02 Jan 2024 15:10:16 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-RQSNYVQKT8&_ono=1&gtm=45je3bt0v9135313823&_p=1704208213212&gcd=11l1l1l1l1&dma=0&cid=943506077.1704208213&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EEII&_s=5&sid=1704208213&sct=1&seg=0&dl=https%3A%2F%2Fwww.app.bigonline.top.enquetebbb.com.br%2F&dt=Enquete%20BBB%20-%20Votar%20BBB%2023&en=ad_impression&ep.query_id=CKnN8qn-voMDFaQUaAgdJncKkg&_et=84&tfd=3979
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RQSNYVQKT8&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::8b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 15:10:15 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.app.bigonline.top.enquetebbb.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6B45 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.app.bigonline.top.enquetebbb.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
28530
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 07:14:45 GMT
expires
Wed, 01 Jan 2025 07:14:45 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 1601 		829 B
560 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::68 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
174c0e3c6a3d5d2c38065fe2beb7e10c00302808f851552540e8c856606524ad
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-XQfdB32F8Xz_ppd9nc2PJg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.app.bigonline.top.enquetebbb.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-XQfdB32F8Xz_ppd9nc2PJg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 15:10:16 GMT
expires
Tue, 02 Jan 2024 15:10:16 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame 1601 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=2604598953066762&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 6B45 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 14:51:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
1143
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 01 Jan 2025 14:51:13 GMT
generate_204
tpc.googlesyndication.com/ Frame 6B45 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?I8-1nw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 15:10:16 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ads
securepubads.g.doubleclick.net/gampad/ 		389 B
173 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2604598953066762&correlator=3723474887946868&eid=31079925%2C44809527%2C31079959%2C31080057&output=ldjh&gdfp_req=1&vrg=202312070101&ptt=17&impl=fifs&iu_parts=75894840%3A21757894217%2CENQUETE_BBB_HEADERSTICKY&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C728x90&ifi=10&didk=3492932515&sfv=1-0-40&fsbs=1&sc=1&cookie=ID%3D2c422f06042f1f3b%3AT%3D1704208214%3ART%3D1704208214%3AS%3DALNI_Mam5TtDo-sAkGCXPKTdMpk5MDgtzA&gpic=UID%3D00000db0485054bf%3AT%3D1704208214%3ART%3D1704208214%3AS%3DALNI_MZZ7NWDSiKb8PmYeDuSb2XWo6HCbA&abxe=1&dt=1704208216198&lmt=1704208216&adxs=315&adys=1245&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.app.bigonline.top.enquetebbb.com.br%2F&vis=1&psz=1000x-1&msz=1000x-1&fws=516&ohw=1600&ga_vid=943506077.1704208213&ga_sid=1704208214&ga_hid=1936286099&ga_fc=true&ga_cid=24468801.1704208213&dlt=1704208213182&idt=554&prev_scp=data_type%3Danchor%26pp_sticky%3Dbottom%26pp_loop%3D00%26pp_pb%3D0.30%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D728x90%26hb_pb%3D0.08%26hb_adid%3D13c0bacb9fff813%26hb_bidder%3Dappnexus&cust_params=url%3Denquetebbb.com.br%26categoria%3Dhome&adks=2440819915&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080057
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
30ad80a600b73262c78de8ec983ae03d362c526589332ad482353bc4306bd7d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 15:10:16 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
143
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.app.bigonline.top.enquetebbb.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 2FDE 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstOA7poCNpW5r_BT2hUuj5J-SLkjAZK-Pv0mjTp6ZMeUF_JbvO9-Jn77CRDNKoJA0pqcQHaxN1KOgwrM2eKKyWaNqyc3yxjp3w9ugzi6aWrIsnM2DCAMglqEHyYxlr0c37YhEfJgspAglxflv6Q4euIbwqO&sai=AMfl-YQ51_fcErApoWtsRt8gdSn1RKMQM9lZzcHjwGr8nzsuXhHMRR4fDPyL4rm00XRJarcmRg0KS0CNBKUm3w9b59BlD8MB4GfFmqIuBzp5bS_rpmozMkrqPEnWgJko&sig=Cg0ArKJSzNjdNFMy74TlEAE&cid=CAQSPAAvHhf_LnWF2K8BhinzIL1cjFkBOPhY0Gnz9sytepmyOW9r8UzXtDXB2Un3i06eHcqBjo6Uk7qqjAT_PRgB&id=lidar2&mcvt=1000&p=0,0,280,1170&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=597137813&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704208214276&rpt=1385&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 15:10:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=2604598953066762&bg=!V1SlVBvNAAY3kmNgF5I7ADQBe5WfOB2ZyAdFSw_EGqPUWe-1WYKgjT1XyIer0PxV0h4hE77btxEkaImwyQRG3tYXSU7xAgAAAMFSAAAABGgBBwoAUerXBlwbf-8pmEEC9J9q07X8lo-X3DtxS6k7tEZ2uxvlS9UeW3HgY77rvTOmWvOP-laGnCBKjK4sE4CKkZL6eEyT-vA3Jjpj0JoyKorBzYKsdJkDFRkQwIF2LFKNJNRcWzSqUVwKE2yumgApCD_91nIb1VTLn5cXVjS6f4Rwmb-LCzljPLs4N7xucFuxy3R26jfAhwyyVNLIfAZFuqQHiQVEYjlJZMWk0tQsttqUR_9s4EUtawwJwMKw31KE7Zqb9pE1Zolj-8hhnCvYiPIDnS04zeoZ7OVGy1ROEUIxtwvmF3R3H3OMh6NDMwWoWx0-Vo4Y7aZDIkcE-xf9Vh8AmAaAC6Wpw-PGKup77XIVgrxk6GnzZqO2V-GUWuECa3MAp1TW16wCZoaCywgS307jGKBcBBTwCerR5H_8qLwoS8DiZ4MTBs3xBiOlq-DM4Hkm5OSC3VgqaE9gOeW3JTUAbtSbkTSys_BGjogao3jgPmI4iuBODPWaQhlPou4nGDTK_1ZDgllNZRQcMJTQyyqn8XbtwezGCEzsggIQmFPRq89wB6Fh_iJM4qFmi7TQPnuZIte9Biz8RObBsZ1en28vpGB8NBS4XXDiJQmO1BbffZPFOnT3O3LQQnxd0l1tUjo7654_dmyZWs5BAZKsm9eqfb6dBWoFku7XYYoeH1bA_HW1PlJEWT696ECv6kbxEsEfGYFhsozcjDImun_JvA5t-fooSmPdDUPEJfGNBlLuJNM53U94j02SlkoY69eXugIIsclnTFlSQGDgdAI2e0liedxaZJ17jsH95wm1VDc49ZFvmdydtMYsVIdWzrk6W5V1swXPm2nlX9cmvaH6s3uA3-GYvMKqGEDqpk0sRsoDffX5LXw6rp8M5240jmDUEGCLJhFjcXUp_mt_db1q1Dn1V5dvB0e9-cg6rw9IE27XYsYJVS5UAngM4vSzvqDrcibBoMBwyGFPzjxhEQdqYoWsKyH97MLMEfCs2dPfPfQfF1NvZ_2lEY3MGuHBEk3rgcr7ypEOW945hjaRe9w8tcq4G04Kq_Qc0zGFmSLYRLgQK350asXyrc-AMCYVHczgkH489f_PCBPRphzk0idkJKDzBAj3FQK8RkFTEXmnFwgjyrGU34mXI0rKyEkGunBavtqevqynYCHrS7GCZQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
sdk.js
connect.facebook.net/pt_BR/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/pt_BR/sdk.js
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a6116a5a8278497c8cda48e4a8957ce035b6d09b47a79e7eea58c245e2b53ee9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 02 Jan 2024 15:10:17 GMT
content-md5
IOBu0Ao615wQRK4NyYl2IQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1685
reporting-endpoints
x-fb-debug
J5FenCuJhs/QNVHetnJpoFUfDtpDJRR3/m8xoXReY+1aFPbtttDWzAta2RN6w+b4UICRl8ex8T1enzCfq9X4tA==
x-fb-content-md5
223ba9b353aa01aba22ba983ff6c2836
cross-origin-opener-policy
same-origin-allow-popups
etag
"b6e712011656ff30accd8750787a5cd7"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
x-fb-optimizer
1
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Tue, 02 Jan 2024 15:17:33 GMT
sdk.js
connect.facebook.net/pt_BR/ 		302 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/pt_BR/sdk.js?hash=65f246afd1f00f0dceedba33bc53277c
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0fc9a044e1a485e8b096cb51e1df341b9894eaece7e01b1aeb15e3eab5da7806
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.app.bigonline.top.enquetebbb.com.br/
Origin
https://www.app.bigonline.top.enquetebbb.com.br
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 02 Jan 2024 15:10:17 GMT
content-md5
OC1MG6y3cjaLIvr4kJyocA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88335
reporting-endpoints
x-fb-debug
aq9SvmfjPO8GAkAHSg4ERlfIOu5idnZZJPdf9LOAwiJ26XdTqeEqd24ZvaMyKgO7RB9diZlLIvuvSJdutSLrDQ==
x-fb-content-md5
0f15429244a84c488e9bab3df66d9a7d
cross-origin-opener-policy
same-origin-allow-popups
etag
"4c6ef575a32f4772387bb733c463e527"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Wed, 01 Jan 2025 13:47:00 GMT
prebid
prebid.media.net/rtb/ 		1 KB
782 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUM45834
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
039d91176ca6763d27e628f8e20c7a4790d19c82cdefdec5047f3b891403cc83

Request headers

Referer
https://www.app.bigonline.top.enquetebbb.com.br/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 15:10:17 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.app.bigonline.top.enquetebbb.com.br
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
22
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 02 Jan 2024 15:10:17 GMT
3946375
bs.yandex.ru/prebid/ 		0
235 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bs.yandex.ru/prebid/3946375?imp-id=1&target-ref=www.app.bigonline.top.enquetebbb.com.br&ssp-id=10500
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.app.bigonline.top.enquetebbb.com.br/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 15:10:17 GMT
last-modified
Tue, 02 Jan 2024 15:10:17 GMT
x-yandex-req-id
1704208217784019-1227238137276627079800323-production-app-host-vla-pcode-66
uniformat
true
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://www.app.bigonline.top.enquetebbb.com.br
content-type
application/json; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
uniformat-product-type
None
expires
Tue, 02 Jan 2024 15:10:17 GMT
auction
tlx.3lift.com/header/ 		19 B
757 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.54.5&referrer=https%3A%2F%2Fwww.app.bigonline.top.enquetebbb.com.br%2F&tmax=2500
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
174.129.160.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-174-129-160-16.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.app.bigonline.top.enquetebbb.com.br/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 15:10:17 GMT
accept-ch
sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version
content-type
application/json; charset=utf-8
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.app.bigonline.top.enquetebbb.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		14 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.155 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
ba12e26b15ce7d61fbfa2735f4b66696c663249da878d557a28282389f75e475
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.app.bigonline.top.enquetebbb.com.br/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 15:10:18 GMT
content-encoding
gzip
an-x-request-uuid
e93597a3-53c5-4bc4-926d-279a691f9895
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.app.bigonline.top.enquetebbb.com.br
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
5.181.234.132; 5.181.234.132; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		463 B
520 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15410&site_id=96324&zone_id=2050442&size_id=2&alt_size_ids=55&rp_schain=1.0,1!premiumads.com.br,c5f23a3b-3ee9-44b5-8574-4c24c1580399,1,,,&rf=https%3A%2F%2Fwww.app.bigonline.top.enquetebbb.com.br%2F&kw=bbb23%2Cbbb23%2Cbig23%2Cbbb2023%2Cbbb2023%2Cgshowbbb%2Cbbb23votar%2Cenquetebbb23%2Cenquetebbb23big2023%2Cbig23%2Cbbb2023%2Cbbb22%2Cbbb22%2Cbig22%2Cbbb2022%2Cbbb2022%2Cgshowbbb%2Cbbb22votar%2Cenquetebbb22%2Cenquetebbb22big2022%2Cbig22%2Cbbb2022%2Cbbb21%2Cbbb21%2Cbig21%2Cbbb2021%2Cbbb2021%2Cbig2021%2Cbig21%2Cbbb2021%2Cbbb%2Cenquete%2Cbbb18%2Cbigbrotherbrasil%2Ccasavigiada%2Cvotarbbb%2Cvoto%2Cvotar%2Cenquetebbb%2Cbbb18%2Cbig18%2Cbbb2018%2Cbbb2018%2Cbig2018%2Cvotarbbb%2Cenquetebbb%2Cenquetebb%2Cpared%C3%A3o%2Cvote%2Cbig18%2Cbbb2018%2Cfazenda%2Cafazenda%2Cafazenda15%2Cro%C3%A7a%2Crecord%2Cr7%2Cvotarfazenda%2Cvota%C3%A7%C3%A3obbb%2Cenquetebbb%2Cparcialbbb%2C&tg_i.domain=app.bigonline.top.enquetebbb.com.br&tg_i.page=https%3A%2F%2Fwww.app.bigonline.top.enquetebbb.com.br%2F&tg_i.pbadslot=%2F75894840%2C21757894217%2FENQUETE_BBB_HEADERSTICKY%23P_ENQUETE_BBB_HEADERSTICKY_0&tk_flint=pbjs_lite_v7.54.5&x_source.tid=20280757-9bb0-437f-a427-568ccaf196a2&l_pb_bid_id=24a9111691ca2f9&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=20280757-9bb0-437f-a427-568ccaf196a2&rp_hard_floor=0.0619&rp_maxbids=1&p_gpid=%2F75894840%2C21757894217%2FENQUETE_BBB_HEADERSTICKY%23P_ENQUETE_BBB_HEADERSTICKY_0&slots=1&rand=0.4404818045762189
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
f89fd33e7fd7795621c2f0177221dbd60eba80b2760dbd7d0f67a954e0e37fc4

Request headers

Referer
https://www.app.bigonline.top.enquetebbb.com.br/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 15:10:17 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.app.bigonline.top.enquetebbb.com.br
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
463
expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ 		0
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.5&cb=71053365150&lsavail=1
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.app.bigonline.top.enquetebbb.com.br/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.app.bigonline.top.enquetebbb.com.br
date
Tue, 02 Jan 2024 15:10:16 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
publishertag.prebid.136.js
static.criteo.net/js/ld/ 		94 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.136.js
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 15:10:17 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 07 Nov 2023 09:08:30 GMT
server
nginx
etag
W/"6549fe8e-17704"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 03 Jan 2024 15:10:17 GMT
syncframe
gum.criteo.com/ Frame 550E 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.app.bigonline.top.enquetebbb.com.br
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
c9a726fb5e408c905af5fa916e23740a283b9ab6f8adfa955a0b3b40e7c6cdf9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.app.bigonline.top.enquetebbb.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 15:10:17 GMT
server
Kestrel
server-processing-duration-in-ticks
570527
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
publishertag.prebid.136.js
static.criteo.net/js/ld/ 		94 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.136.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 15:10:18 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 07 Nov 2023 09:08:30 GMT
server
nginx
etag
W/"6549fe8e-17704"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 03 Jan 2024 15:10:18 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		47 KB
19 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2604598953066762&correlator=1722839053178904&eid=31079925%2C44809527%2C31079959%2C31080057&output=ldjh&gdfp_req=1&vrg=202312070101&ptt=17&impl=fifs&iu_parts=75894840%3A21757894217%2CENQUETE_BBB_HEADERSTICKY&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C728x90&ifi=11&didk=3492932515&sfv=1-0-40&fsbs=1&rcs=1&eri=1&sc=1&cookie=ID%3D2c422f06042f1f3b%3AT%3D1704208214%3ART%3D1704208214%3AS%3DALNI_Mam5TtDo-sAkGCXPKTdMpk5MDgtzA&gpic=UID%3D00000db0485054bf%3AT%3D1704208214%3ART%3D1704208214%3AS%3DALNI_MZZ7NWDSiKb8PmYeDuSb2XWo6HCbA&abxe=1&dt=1704208218118&lmt=1704208218&adxs=315&adys=1245&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.app.bigonline.top.enquetebbb.com.br%2F&vis=1&psz=0x-1&msz=1000x-1&fws=644&ohw=1600&ga_vid=943506077.1704208213&ga_sid=1704208214&ga_hid=1936286099&ga_fc=true&ga_cid=24468801.1704208213&dlt=1704208213182&idt=554&prev_scp=data_type%3Danchor%26pp_sticky%3Dbottom%26pp_refresh%3Dtrue%26pp_loop%3D01%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D728x90%26hb_pb%3D0.28%26hb_adid%3D270b37b4a9ea305%26hb_bidder%3Dappnexus&cust_params=url%3Denquetebbb.com.br%26categoria%3Dhome&adks=2440819915&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080057
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a37529be22f4e05f3849b2056b102b8bb8f43a9d89210e12055ef07baeb88e9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 15:10:18 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19841
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.app.bigonline.top.enquetebbb.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sid
mug.criteo.com/ Frame 550E
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=enquetebbb.com.br&sn=ChromeSyncframe&so=0&topUrl=www.app.bigonline.top.enquetebbb.com.br&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=U5OPsnxNSkdTL0pEMEg2RG5PdEpWUGNDWVUyUnpwajJxTXdsZXY4SDh2a2ZzTVQzbnBRMXY0TWc3MjAyQ3h3cmN2VG9zSnNZNVREWk1lNFdsc2ZtYjZORjh2WEZ4S1Z3RXQ3ODc1MUNibW5BcFVQUSt4TW93bXl3aHlWOH...
465 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=U5OPsnxNSkdTL0pEMEg2RG5PdEpWUGNDWVUyUnpwajJxTXdsZXY4SDh2a2ZzTVQzbnBRMXY0TWc3MjAyQ3h3cmN2VG9zSnNZNVREWk1lNFdsc2ZtYjZORjh2WEZ4S1Z3RXQ3ODc1MUNibW5BcFVQUSt4TW93bXl3aHlWOHB3b1R6cHAwRDk0aUEyeGxnQ3FGYjkvUS9nOGlaTEQvcVd1eldvVXp1NXhWb2tmZVdwWTQvOWxJZ1YxY0h4Smo4YXkrUVFqV0dDbjljb0t2Y3BLMGVVWG9CUHV3d2pETHBBMlRoM0dJQTJBQ1hUSHdVSzBMaEdxUUlxOGZHSnZ1MkVPa2ZJN1BabUxYVDl0QzZ2WGNZQkZ5U0hWMWtMK2ZxdnVHbW1Zc2hVbTRRNXFudzI5UT18&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
5bde678aec4128d1b2a5b6259a78e64ea899428d477746daf23eae910d425507
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 15:10:17 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1790636
expires
0

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 15:10:17 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=U5OPsnxNSkdTL0pEMEg2RG5PdEpWUGNDWVUyUnpwajJxTXdsZXY4SDh2a2ZzTVQzbnBRMXY0TWc3MjAyQ3h3cmN2VG9zSnNZNVREWk1lNFdsc2ZtYjZORjh2WEZ4S1Z3RXQ3ODc1MUNibW5BcFVQUSt4TW93bXl3aHlWOHB3b1R6cHAwRDk0aUEyeGxnQ3FGYjkvUS9nOGlaTEQvcVd1eldvVXp1NXhWb2tmZVdwWTQvOWxJZ1YxY0h4Smo4YXkrUVFqV0dDbjljb0t2Y3BLMGVVWG9CUHV3d2pETHBBMlRoM0dJQTJBQ1hUSHdVSzBMaEdxUUlxOGZHSnZ1MkVPa2ZJN1BabUxYVDl0QzZ2WGNZQkZ5U0hWMWtMK2ZxdnVHbW1Zc2hVbTRRNXFudzI5UT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
407376
content-length
0
expires
0
container.html
73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8510 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js?cb=31080057
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.app.bigonline.top.enquetebbb.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 15:10:18 GMT
expires
Wed, 01 Jan 2025 15:10:18 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-RQSNYVQKT8&_ono=1&gtm=45je3bt0v9135313823&_p=1704208213212&gcd=11l1l1l1l1&dma=0&cid=943506077.1704208213&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=kAAI&sid=1704208213&sct=1&seg=0&dl=https%3A%2F%2Fwww.app.bigonline.top.enquetebbb.com.br%2F&dt=Enquete%20BBB%20-%20Votar%20BBB%2023&_s=6&tfd=6771
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RQSNYVQKT8&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::8b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.app.bigonline.top.enquetebbb.com.br/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 15:10:18 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.app.bigonline.top.enquetebbb.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 8510 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C-hg_WieUZY2cDKqZo9kPj_O08Aa-laSvbPfa0tOsDMCNtwEQASAAYMnGqYvApNgPggEXY2EtcHViLTM2MTkwNDU4ODcxODcwMzHIAQngAgCoAwHIAwKqBKYCT9AwCtpTLRFR3868ZbxSjVgEtMeET6ZcwidqJ2W6u8RiEMS2YNzIppcL77H2MA2klzahQsxUdydlsjKycu76CBb-75aJzmKbqn0t9WOtno0fwBxfh8NmUWSa903Y5c8P-a829TKgbHvwsXUvcxyAe5aLIIKeR96VAYScDBofOjjVxluZyudtXD4iyZbCTy1LqJFmpvm0PFPyjUy86TkvmMT4hk_DLXe5-Nr5VeH031MZ1YG6U8wXTpIbiRhDIPFVWCs_hfvRJJU5i_lBpDCSRuibQUtajMEVWMpq0fbmHc0gV0Xhoe02ddex255-Au3L6RWrnrZymVK2Vyd_bKYlO251gRQ11YqywgoVSO8xytEXtaXzSULIJn_mlShtw_0WZjI-h1Ns4AQBgAaH8a-Tq_iYozmgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYgJPdq_6-gwPyCBthZHgtc3Vic3luLTcwODE4NjgxODg2MzYxOTeACgP6CwIIAYAMAeINEwiXx92r_r6DAxWqzCgFHY85DW7QFQGAFwGyFxwKGhIUcHViLTM2MTkwNDU4ODcxODcwMzEYoMMc&sigh=F3wMZ50Eh6M&uach_m=%5BUACH%5D&cid=CAQSOwAvHhf_pZtedkPsIZrC6tvm0tJZsCL-LvdaIvm1eaDE2U12E8ak6BvY5i2QGi2q2BE0cL8iWkxYAfE0GAE
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
log
hblg.media.net/ Frame 8510 		35 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hblg.media.net/log?logid=kfke&evtid=plutol1&__q=AYYEIwKELwQCAAABAAAAAgAAAABAAAEABgAAQIABAAgAMNAATDE2OTM3NjQyNzY2OTIyXzM5Nzg3NDMxNV85Njk0Mjg1MzI0NjAxQGFjNTQzNTc0Y2FlNGZlYzhhNWZjNzJmYWVjYzJkMmI4mAeamZmZmZmpP15odHRwczovL3d3dy5hcHAuYmlnb25saW5lLnRvcC5lbnF1ZXRlYmJiLmNvbS5icgRVUwDoAU1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjEyOSBTYWZhcmkvNTM3LjM2RmFwcC5iaWdvbmxpbmUudG9wLmVucXVldGViYmIuY29tLmJyEjhDVUY0MjM1QggMNzI4eDkwCDAuMDUOZWFzdF9zYwZBRFgICG51cmwAAAAAAABAVUDi482rmWMCMgAAAAAAAPC_QHJ0Yi1hcHBuZXh1cy03ZmNjODY1YmY1LWc4NHJsLlNDPjE3MDAwODA4MDc2ODQwMDA3MjgwMDkwMDAwNTk1MDACEDhmYzlhMDhhAmQC
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.41.168.23 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-168-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 15:10:18 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Tue, 02 Jan 2024 15:10:18 GMT
log
qsearch-a.akamaihd.net/ Frame 8510 		35 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&acid=ac543574cae4fec8a5fc72faecc2d2b8&algo=no_strategy&bdp=0.0500&bidfp=0.0400&capd=0&cc=US&cid=8CUF4235B&crid=969428532&ct=New%20York&dc=east_sc&dfpbd=0.0500&dn=app.bigonline.top.enquetebbb.com.br&iwb=1&ogcbdp=0.0500&other_bids=0.05&other_prv=460&pbshr=100.0000&prdp=0.0500&requrl=app.bigonline.top.enquetebbb.com.br%2F&sat=1&sc=NY&sc_pvid=460&send_erpm=false&server=1&size=728x90&strg=no_strategy&totalTime=4192669&ugd=4&ver=9.6.4&cliIP=0&time_stamp=2024-01-02%2015%3A10%3A18&seat=BID_API&itype=adx&req_id=n8ixd_dGyvJV4fuKGydNVg&dim4=exploration&dfp_bucket=0.0&bdp_bucket=0.05&app_type=adx_test&br_id=265&o_id=101&ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F120.0.6099.129%20Safari%2F537.36&br_ver=120.0.6099.129&o_ver=NT%2010.0&second_bid=0.0&second_bidder=%2A&ogerpm=0.0400&ogerpm_used=false&rawbid=0.0500&totalTimeBucket=4&sub_bidder=196&current_day=2.0&current_hour=14&cut=0&floor_bucket=0.05&erpm_bucket=0.05&ogerpm_wd_bkt=0-1&visibility=2&viewability=0.8500&pvid_seat=460_BID_API&ckfl=0&mnckfl=0&sd=1&bdp_wider_bucket=1&adblk=2440819915&dim10=false&log_less=false&cut_bkt=1&advurl=related.investorfocus.net%2F&dmm_d10=0.0000&bdmm_m5=0.0000&bdmm_m6=0.0000&bdmm_m7=0.0000&bdmm_m12=0.0000&dmm_l=0.0000&dmm_r=0.0000&e_rpm=0.0000&bdr_typ=1&clisp=rtb-appnexus-7fcc865bf5-g84rl.SC&dmm_m1=2024-01-02%2015%3A10%3A18.355448272&bd_m1=0.0000&bd_m2=0.0000&bd_m3=0.0000&ss=NA&ss_d1=0&ss_d2=0&dmm_m22=0.0400&adtyp=0&gpid_sent=false&pst=EMS&bcrid=1700080807684000728009000059500&zone=d&rc=1&ecp_p50=0.2655526347434384&ecp_p75=0.5746298892203825&ecp_avg=0.05&ecp_status=Success&ecp_used=q10&ecp_rtime=2069.0&sfm_key=mowx_null&content_context=-1&video_mindur=-1&video_maxdur=-1&vskip=-1&ctr=-1.0&vcmplrt=-1.0&vplcmtt=-1&itype_id=17&wsip=mowx-lite-78f788cb9b-fbj9c&rel_cut_bkt=1&ecp_ver=multiquantile&djvm=9.5.8&ecp_p25=0.10482086326601778&ecp_p60=0.3615632055908954&ecp_p70=0.48570185987248093&ecp_p80=0.6937011658589911&ecp_p85=0.8548869046374719&ecp_p90=1.1298150652215875&ecp_p95=1.6486682473266532&ecp_p99=4.216796716263275
Requested by
Host: www.app.bigonline.top.enquetebbb.com.br
URL: https://www.app.bigonline.top.enquetebbb.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.200.0.22 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-200-0-22.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 15:10:18 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Tue, 02 Jan 2024 15:10:18 GMT
nmedianet.js
contextual.media.net/ Frame 8510 		97 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/nmedianet.js?cid=8CUTX61X6&ydspr=1
Requested by
Host: 73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com
URL: https://73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.204.22 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-55-204-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a6dcd5a1f417759619f6337dab53143957a1811a5919f73955ab3a7066312206
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-mnt-h
21-tp9r
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Tue, 02 Jan 2024 15:10:18 GMT
server
Apache
etag
"f1686c6b436d0bf6f06898d6da58ac3c"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
x-mnt-w
22-5h9m
timing-allow-origin
*
content-length
37533
expires
Tue, 02 Jan 2024 15:15:18 GMT
release-20231121-135-adperformance.js
warp.media.net/rtb/resources/ Frame 8510 		72 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warp.media.net/rtb/resources/release-20231121-135-adperformance.js
Requested by
Host: 73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com
URL: https://73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.41.168.23 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-168-23.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
1616c8cd083e6b17f6a75ab0695bd4a4573b31ae8398ffb43758288028f6a773
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
date
Tue, 02 Jan 2024 15:10:18 GMT
x-guploader-uploadid
ABPtcPrHbBlvEvxV9JZPdIuPUtSPCyDx2B_gprnpiJvmF4oXtmicvDd_rZM-PbNyxluXDNTlTynqrlmceQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
25147
server
UploadServer
etag
"841dabce0b477a93d9cf7379b9eb1368"
vary
Accept-Encoding
x-goog-hash
md5=hB2rzgtHepPZz3N5uesTaA==, crc32c=iBXD1A==
content-type
application/javascript
x-goog-generation
1700562102250666
cache-control
max-age=3600
x-goog-stored-content-length
73447
expires
Tue, 02 Jan 2024 16:10:18 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 8510 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: 73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com
URL: https://73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:43:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
30436
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 16 Jan 2024 06:43:02 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 8510 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com
URL: https://73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 15:34:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
84940
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 15 Jan 2024 15:34:38 GMT
l
www.google.com/ads/measurement/ Frame 8510 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTcNlLSfvmOvbI21-SH-EoUeoPFwADUyxAxuPoEBm7TcYS9yJI-KI5Qdkx34ZxEnOFMT_6lzWgOx7lsGQP-5nUaJAUU0Q
Requested by
Host: 73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com
URL: https://73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::68 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 8510 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com
URL: https://73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 12:29:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
96026
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 31 Dec 2024 12:29:52 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8510 		194 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com
URL: https://73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
976b1d446e9f000ebc33704968e386bdf9a1c80afa733825c1fb92006d1736ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 15:10:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62516
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 02 Jan 2024 15:10:18 GMT
browserfp.min.js
pxlclnmdecom-a.akamaihd.net/javascripts/ Frame 8510 		131 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CUTX61X6&noCookies=true
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CUTX61X6&ydspr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.46.156.31 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-46-156-31.deploy.static.akamaitechnologies.com
Software
/ Express
Resource Hash
71f12eea2915dc092e1d2221e5fbbb42946a7331f046d0ec20c29c0a314ff738

Request headers

accept-language
en-US,en;q=0.9
Referer
https://73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 15:10:19 GMT
Content-Encoding
gzip
x-powered-by
Express
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=300
Access-Control-Max-Age
1800
Connection
keep-alive, Transfer-Encoding
Transfer-Encoding
chunked
Expires
Tue, 02 Jan 2024 15:15:19 GMT
SAFEFRAME.html
contextual.media.net/sr/2722522032/ Frame E48C 		73 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=3457&&kkdd=A*%7C3%7CnH9*A&22=MG&7T=HwKFhKQhHQhQnnFmF33&k(by=K&~obU=K&2(7=HHFH&eo2I=5Smm&2T(=QvMgEmHEm&2b2(=zFrWT5BFNupFsTV3C_q4ba%3D%3D&2yT(=QFHHSwSHn&oT_I=whQ43K&o2=sf&2B9~=sXtGg8OgNxf&bT(=QVXYmKRSh&ebT(=glnFmG3&Beebo=H&yyy=e_8iB520i5tKaYqGVM~iM8lUzn.KFWsYIaRw(Qz24(tJT3DqYIeExXvC3fz0Kc6fihY.8ROts5z%3D&9oI=n&0*=H&qk(=F&U(eH=QvMYFhSnp&U(eh=3m3FhQnSh&u(UeU=o(h%3D9q00)Tqy0t0%3DHK)LkIyb~%3DK1KF)(L~tu%3DK1nH)o2(%3D9D)yUI%3DK%2CK)(L~t0%3DhK)70hyto(%3DhKhFKHKhKS)Tqy0tu%3DmwF1Qm)qy0te!2%3DK)qy0tyhUtu%3DK)oe(%3DhFFKQH33Hn)yUe%3DK1KKK%2CK)Tb%3DHB05Gvq8UnbBnzGDPNFeVT)cuu%3DK)yTTbqU%3DFm%2CFm)y2%3Dh%2CH3KK)yToqT(%3DK%2CK)yboto(%3DhKhFKHKHhH)yU(7%3DK1KKK%2CK)qy0tu%3DH1hQ)70hytqy0tu%3DK)o~~t*y%3DHK1FwFn)qy0t0%3DHK)o07%3DHS1nw)k2Ue%3DiHK)uu%3DH3m)o~~t~q0%3DH1Hh)Iyb~%3DK1KF)70hytqy0t!2%3DKNK)boTt2%3DhS%2CS%2CK%2CK%2CK%2CK%2CK%2CK)u~%3DH)boTt(%3DSmFK)y!I%3DK%2CK)USbtu%3DH1FS%2CFm1HS)o(%3DH)qT(%3Dh-Ux0Dy3K-XnPgcccB)270hytu%3DK13m)ue(%3DmwH3SKhQF3h3nKKhK3H3hhnmnFKmFnFSw3HH3SHSHQhQ3KSmSwQnHFHwwmwQSmwF3KSQQhwSFFKmFHwFnwH3S3QQ3Qmm3KFFHKnmhnm)qT~%3DK)y!e%3DK1KKK%2CK)Lk(hbtu%3DK13Q)oo%3DsO)22%3DMG)!ut(0%3Dbe)qT*%3DiH)2I%3DK)y27%3DFh)v-%3DSKwQ)!utq2%3DH)9eo%3Dh)!utq0%3Dbe)!ut22!o%3DK)2e%3D9I*%20DLy!)uootPg.%3DsO%2CsO)uUoToh%3DH3m)u(e%3DHwKFhKQhHQ)uUoToH%3DH3m)!utee%3DH)(2%3DQ)70hytu%3DH1hh)ee%3DHhHh)7*tI42%3DK1Qn)7Toto(%3DFw)yct29e%3DH)qy0tybotu%3D31hH)(2h%3DH)7tUo9%3D3KK3)0Uoe%3D)27Lk%3DK13m)7Totqy0tu%3DK1wQ)70hytTto(%3DhKhFKHKhKS)7Totqy0t0%3DSK)(o9u%3DFhK)Ie%3DFQ)70hytTtu%3DK1KH)7Totu%3Dw3K1HF)70hytqy0t7T%3DHNiHm)qy0te7T%3DK)77%3DK)270hyto(%3DFw)yc7%3DFh)0hytu%3DHKKK)o~~to(%3DhKhFKHKhK3)yU(b%3DK1KKK%2CK)oT(%3DQFHHSwSHn)qy0tybot!2%3DK)!utoy2%3D!uu)7*q%3DK1Qn)(hbt0%3DHK)270h%3DK13m)Sb2c%3DHKKK1hS)Lkt~oB%3DK1KF)(~~toeyk%3D9LtoeyUeIkD)(hbtu%3DK13Q)ybotu%3DFm1HS)qy0toybotu%3D31hH)y!*b%3DK1KKK%2CK)y!*(%3DK1KKK%2CK)To8Ic%3DK)ToTc%3DK)qy0tyb2tu%3DK)uT(%3DK1Kn)!utbe%3DJL~IbUkI)qy0tyboty7%3DK)2u(b%3DK1KnK)o(%3DH)TeDbItT(%3DHw)oI00IyteUktT(%3DhFFKQH33Hn)oqbb0DteUktT(%3D)(IeI2eI(teUktT(%3D)7TI*UuT0TeD%3DK1Qn)bLo%3DS)U2teDbI%3DH)U(u0!%3DhFFKQH33Hn)yIct29e%3DH)U~b%3DH)LkuT(%3DK1KnK)uc0y%3DK1KFK)oqT(%3DvONGNlN2.!37kxXCJBMx(nuP0IK)(e2%3DIUoeto2)(~~tIyb~%3DcU0oI)(~~%3D9LtoeyUeIkD)u(b2Ub(%3DK)(U0k%3D9LtoeyUeIkD)oLub%3D)4T(%3DOCEibquiSmH3KFnQQwHQwKSH)Be~0%3DH)(2qe%3DH)(Lku%3DKiH)I2btqoI(%3DrHK)I2btbKn%3DK1Kn)I2btbHK%3DK1Kn)I2btbHn%3DK1KnmFwnH3FKwHKFwmFm)I2btbhK%3DK1KQHhQHnKnwnmSFw3m)I2btbhn%3DK1HKFQhKQmShmmKHwwQ)I2btbSK%3DK1HSSK33FmKSwHmh3SF)I2btbSn%3DK1HmhQwFQwFFhSKh3nm)I2btbFK%3DK1H3nQSQ3hHQmSKmHHQ)I2btbFn%3DK1hhwnwmFQwFFKKmmHw)I2btbnK%3DK1hmnnnhmSFwFSFSQF)I2btbnn%3DK1SHhHFHFmSm3wHQFwm)I2btbmK%3DK1SmHnmShKnn3KQ3nF)I2btbmn%3DK1FHwwwShQwKnnFhnQ)I2btbwK%3DK1FQnwKHQn3QwhFQK3S)I2btbwn%3DK1nwFmh3QQ3hhKSQhn)I2btbQK%3DK1m3SwKHHmnQnQ33HH)I2btbQn%3DK1QnFQQm3KFmSwFwH3)I2btb3K%3DH1Hh3QHnKmnhhHnQwn)I2btb3n%3DH1mFQmmQhFwShmmnSh)I2btb33%3DF1hHmw3mwHmhmShwn)Tu2%3DH)9o_%3Dh)eko%3DwhQ43K%7C3wK43K)uou%3DK)uob%3DK)e~4%3DhFw&9e7=K&~~~=UzvQvk3FFU*6Kp.DfwaGKx93B2O50LMp5_Hso4xfm5*%3D&T*=whQ&T9-cy=H&u(y-(=FmK&uT(=SF3KmS&~2c=wmn3h&D(oby=H&uUI=p4IskIrkpr)p4IskIrrpr)FII&!UebyI=H&2U(L~UT9=e_8iB520i5iJGBsFhiqqc(9nXEBhTvKsmr(ShDF-G2WRXJWt!DWL_k%3D%3D&Db0b=H&ToT(=n&U(7=-97IoeLy%20YL2qo&oo~2yt7Iy=n&bkT(=bHHKn3QQFQQhehKhFKHKhHnHK&oo0(=%7B%22ooTb%22%3A%22hUK(%3AnmKK%3AKKhF%3AKKKK%3AKKKK%3AKKKK%3AKKKK%3AKKKK%22%2C%22oo22%22%3A%22MG%22%2C%22ooo2%22%3A%22sf%22%2C%22oo2eD%22%3A%22sI*%20fLy!%22%7D&Be~0oy2=H&sflct=8828251&ure=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CUTX61X6&ydspr=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.204.22 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-55-204-22.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ad5362c5d0eff8b06b4abe5b2148fdc53faf5961e5ba489e345d808ef2567a58
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
30884
content-type
text/html
date
Tue, 02 Jan 2024 15:10:19 GMT
expires
Tue, 02 Jan 2024 15:10:19 GMT
pragma
no-cache
strict-transport-security
max-age=31536000
timing-allow-origin
*
vary
Accept-Encoding
x-sc-h
21-fzgk
bping.php
lg3.media.net/ Frame 8510 		35 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?vgd_len=3166&&vgd_cdv=1141&vgd_cage=0&vgd_tsce=L366&vgd_mcf=76592&gdpr=0&mspa=0&prid=8PRVCXX19&cid=8CUTX61X6&crid=841137315&vi=1704208218285546499&ugd=4&lf=6&cc=US&sc=NY&lper=100&wsip=170785131&r=1704208218985&rrr=tzR-hLcl-L_0QFuSPUm-URJaM5W04jNFeQV7d8Mcxd_Hi9yuFetXGOCD9YMl0fZY-2FWRVA_NLM%3D&requrl=https%3A%2F%2Fwww.app.bigonline.top.enquetebbb.com.br%2F&vgde_bdata=QOfvzxjj~8xLjMjvu9~myJLEYv9.9H~OmYMGv9.Xu~QNOvz5~L1Jv9%2C9~OmYMjvf9~ejfLMQOvf9fH9u9f9A~8xLjMGvFhH.WF~xLjM7UNv9~xLjMLf1MGv9~Q7OvfHH9WuiiuX~L17v9.999%2C9~8EvuwjTb%3DxD1XEwXcb5C4H708~kGGv9~L88Ex1vHF%2CHF~LNvf%2Cui99~L8Qx8Ov9%2C9~LEQMQOvf9fH9u9ufu~L1Oev9.999%2C9~xLjMGvu.fW~ejfLMxLjMGv9~QYYMBLvu9.HhHX~xLjMjvu9~QjevuA.Xh~yN17vou9~GGvuiF~QYYMYxjvu.uf~JLEYv9.9H~ejfLMxLjMUNv949~EQ8MNvfA%2CA%2C9%2C9%2C9%2C9%2C9%2C9~GYvu~EQ8MOvAFH9~LUJv9%2C9~1AEMGvu.HA%2CHF.uA~QOvu~x8OvfV1Zj5Li9VaXC_kkkw~NejfLMGv9.iF~G7OvFhuiA9fWHifiX99f9iuiffXFXH9FHXHAhiuuiAuAuWfWi9AFAhWXuHuhhFhWAFhHi9AWWfhAHH9FHuhHXhuiAiWWiWFFi9HHu9XFfXF~x8Yv9~LU7v9.999%2C9~myOfEMGv9.iW~QQvIK~NNvPb~UGMOjvE7~x8Bvou~NJv9~LNevHf~%3DVvA9hW~UGMxNvu~z7Qvf~UGMxjvE7~UGMNNUQv9~N7vzJBn5mLU~GQQMC_pvIK%2CIK~G1Q8QfvuiF~GO7vuh9Hf9WfuW~G1Q8QuvuiF~UGM77vu~ONvW~ejfLMGvu.ff~77vufuf~eBMJ-Nv9.WX~e8QMQOvHh~LkMNz7vu~xLjMLEQMGvi.fu~ONfvu~eM1Qzvi99i~j1Q7v~Nemyv9.iF~e8QMxLjMGv9.hW~ejfLM8MQOvf9fH9u9f9A~e8QMxLjMjvA9~OQzGvHf9~J7vHW~ejfLM8MGv9.9u~e8QMGvhi9.uH~ejfLMxLjMe8vu4ouF~xLjM7e8v9~eev9~NejfLMQOvHh~LkevHf~jfLMGvu999~QYYMQOvf9fH9u9f9i~L1OEv9.999%2C9~Q8OvWHuuAhAuX~xLjMLEQMUNv9~UGMQLNvUGG~eBxv9.WX~OfEMjvu9~Nejfv9.iF~AENkvu999.fA~myMYQwv9.9H~OYYMQ7LyvzmMQ7L17Jy5~OfEMGv9.iW~LEQMGvHF.uA~xLjMQLEQMGvi.fu~LUBEv9.999%2C9~LUBOv9.999%2C9~8QDJkv9~8Q8kv9~xLjMLENMGv9~G8Ov9.9X~UGME7vqmYJE1yJ~xLjMLEQMLev9~NGOEv9.9X9~QOvu~875EJM8Ovuh~QJjjJLM71yM8OvfHH9WuiiuX~QxEEj5M71yM8Ov~OJ7JN7JOM71yM8Ov~e8JB1G8j875v9.WX~EmQvA~1NM75EJvu~1OGjUvfHH9WuiiuX~LJkMNz7vu~1YEvu~myG8Ov9.9X9~GkjLv9.9H9~Qx8Ov%3DK4b464NpUieyZarqwPZOXGCjJ9~O7NvJ1Q7MQN~OYYMJLEYvk1jQJ~OYYvzmMQ7L17Jy5~GOEN1EOv9~O1jyvzmMQ7L17Jy5~QmGEv~-8OvKrtoExGoAFui9HXWWhuWh9Au~w7Yjvu~ONx7vu~OmyGv9ou~JNEMxQJOv%20u9~JNEME9Xv9.9X~JNEMEu9v9.9X~JNEMEuXv9.9XFHhXuiH9hu9HhFHF~JNEMEf9v9.9WufWuX9XhXFAHhiF~JNEMEfXv9.u9HWf9WFAfFF9uhhW~JNEMEA9v9.uAA9iiHF9AhuFfiAH~JNEMEAXv9.uFfWhHWhHHfA9fiXF~JNEMEH9v9.uiXWAWifuWFA9FuuW~JNEMEHXv9.ffhXhFHWhHH99FFuh~JNEMEX9v9.fFXXXfFAHhHAHAWH~JNEMEXXv9.AufuHuHFAFihuWHhF~JNEMEF9v9.AFuXFAf9XXi9WiXH~JNEMEFXv9.HuhhhAfWh9XXHfXW~JNEMEh9v9.HWXh9uWXiWhfHW9iA~JNEMEhXv9.XhHFfiWWiff9AWfX~JNEMEW9v9.FiAh9uuFXWXWiiuu~JNEMEWXv9.WXHWWFi9HFAhHhui~JNEMEi9vu.ufiWuX9FXffuXWhX~JNEMEiXvu.FHWFFWfHhAfFFXAf~JNEMEiivH.fuFhiFhuFfFAfhX~8GNvu~zQlvf~7yQvhfW-i9%7Cih9-i9~GQGv9~GQEv9~7Y-vfHh&ssld=%7B%22QQ8E%22%3A%22f19O%3AXF99%3A99fH%3A9999%3A9999%3A9999%3A9999%3A9999%22%2C%22QQNN%22%3A%22Pb%22%2C%22QQQN%22%3A%22I3%22%2C%22QQN75%22%3A%22IJBn3mLU%22%7D&vgd_bid=349063&vgd_ydspr=1&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=9009&vgd_rakh=1704208218180464427&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CUF4235B&vgd_hb_audit_2=969428532&vgd_pgid=p11059884882t202401021510&vgd_pgids=1&vgd_uspa=0&vgda_l1btm=%5B%22SPAMPXL%22%5D&hvsid=00000170420821897900958081321343&gdpr=0&mspa=0&vgd_l2type=scs_newfl&vgd_end=2
Requested by
Host: 73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com
URL: https://73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.41.168.23 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-168-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-US,en;q=0.9
Referer
https://73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Tue, 02 Jan 2024 15:10:19 GMT
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Tue, 02 Jan 2024 15:10:19 GMT
checksync.php
contextual.media.net/ Frame 1C76 		27 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUF4235B&prvid=99%2C77%2C20000%2C294%2C262%2C460%2C461%2C462%2C4%2C313%2C10000%2C459%2C229%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Requested by
Host: 73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com
URL: https://73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.204.22 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-55-204-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6e1b8b583d4068489212557262d9735145414de6940f1a15460dcd2f8047d1c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
9651
content-type
text/html; charset=UTF-8
date
Tue, 02 Jan 2024 15:10:19 GMT
expires
Thu, 04 Jan 2024 15:10:19 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
clog
hblg.media.net/ Frame 8510 		35 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/clog?pixel_len_bucket=6739&logid=awlog&lper=1&itypeid=17&itype=ADX&cc=US&cid=8CUF4235B&reqid=n8ixd_dGyvJV4fuKGydNVg&vid=n8ixd_dGyvJV4fuKGydNVg&dn=app.bigonline.top.enquetebbb.com.br&rawDn=app.bigonline.top.enquetebbb.com.br&requrl_dn=app.bigonline.top.enquetebbb.com.br&pid=8PR113JGC&ugd=4&fleet=appnexus&requrl=https%3A%2F%2Fwww.app.bigonline.top.enquetebbb.com.br&cliIPV6=2a0d%3A5600%3A0024%3A0000%3A0000%3A0000%3A0000%3A0000&cliIPType=v6&coppa_enf=true&lmt_status=N&lmt_applied=N&lmt_enf=true&dnt_enf=false&geo_source=2&sc=NY&ct=New+York&zip=10013&pubid=pub-ADX-116310109131-pub-rep&tgtval=pub-ADX-116310109131-pub-rep&csip=rtb-appnexus-7fcc865bf5-g84rl.SC&dtc=east_sc&zone=d&sd=1&ptype=23&tmax=300&xtmax=300&gdpr=0&gpp_present=false&app=0&sat=1&device_id=4&asn=9009&sckfl=1&suid=CAESEJEcWk9vgGODHhUGd5bKle0&sckfl2=0&smbrid=adx-2&usp_status=0&usp_enf=1&mspa_enforced=true&gqid=AD8Fdm5qg4KzuZEY7bHkX98wrwmFSnu-35OIrBSTVQSRTSS2saCwWTaf8OBTUD9IMx2ei6ud&pexid=ADX-pub-3619045887187031&geoll=true&is_ortb=false&commit_id=8fc9a08a&ocurr=USD&omul=1.0&currsrc=API&currsrc_date=2023-12-29+00%3A00%3A00&schain_cmpl=1&schain_nodes_count=2&dummy_vsid=false&amptype=1&second_call=false&supply_cc=US&ipcc=US&is_msnnative_src=false&proxy=envoy&header_lang=false&rtttime=93&req_tid_present=false&pvid=460&prvAccId=841137315&prvApiId=8CUTX61X6&adj0=0.0&adj1=0.0&adj2=0.0&pst=0&crid=969428532&prspt=headerBid&prvReqId=16937642766922_397874315_9694285324601&size=728x90&chnl=NO_STRATEGY&bdp=0.050&bid_uuid=bd1516f53cc1241e914229611f7226a1&cbdp=0.05&og_cbdp=0.050&ogbdp=0.05&pv_adtype=0&res_mtype=0&mnet_ckfl=0&ckfl=0&be=0&advUrl=https%3A%2F%2Frelated.investorfocus.net&dfpBd=0.05&dsrc=-2&dp=0&dbf=1&epc=841137315&s=1&snm=SUCCESS&pcrid=8CUTX61X6-841137315-1-9&tpbTkn=false&exid=218&bidflr=0.040&pbidflr=0.040&opbidflr=0.040&spbf=0&viewability=85&sbdrid=196&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Ctpi%3D1%7Cfl_rl%3D1%7Cdbr%3D1%7Csfl%3Dfalse%7Cbfl%3D-100%7Ctpi%3D1&mnrf=0&ortbseat=BID_API&brsrclk=0&bidrestime=1704208218353&fpuReq=1&bfs=103&acsn=1&ybnca_erpm=0.04&dmm_erpm=false&dmm_ogerpm=false&bcrid=1700080807684000728009000059500&strg=NO_STRATEGY&vls=0&scrid=1700080807684000728009000059500&mang=1&pvdTmax=247&fpusp=false&ae=false&epcexp=false&moau=true&ucrid_ver=2&omid=0&mnet_static_share=0.0&dt=O&mx_svc_mode=http&incentive_type=0&aogbdp=0.0&spIvt=3&spSource=0&spTo=3&spIsReq=3&spFst=0&spCst=0&mx_sdr=false&mx_sbp=-10.0&mx_sua_cvg=1111111&mx_tid_sent=false&mx_epbc=8CUTX61X6&mx_SPRIG=2&mx_bsBucket=0&mx_ssProfile=0&mx_sua_os_n=Windows+NT&mx_lr=0&mx_TAS=1&mx_ep_sent%3C%3E=badv&mx_g_one_uid_sent=None&mx_uid_sent=0&mx_sua_os_v=10.0&mx_bsBucketRa=0&mx_sid=8CUF4235B&mx_SC=0&mx_lr_seg_deal=0&mx_aqcpl_crid=0&mx_nsz=2&mx_GCID=0&mx_maq_call=false&mx_aurt=0&mx_sua_model=x64&mx_bsBucketKtwRl=0&mx_tgs=728x90%7C970x90&mx_bsProfileRa=0&mx_IAB2=2&mx_bss_algos%3C%3E=0&mx_aurl_hc=0&mx_aabpc=0&mx_PC=1&mx_UCC=5&mx_isLossNtf=false&mx_bsWhitelistBucket=0&mx_bsProfileKtwRl=0&mx_bsProfile=0&mx_ssBucket=0&mx_TAF=3&mx_bsWhitelistAlgo=0&mx_gpid_sent=false&mx_commit_id=b29c8b4d64&mx_exp_tokens%3C%3E=IPBLOCK_DM%3AGCS%23%23ctx_canonical_exp%3Atrue%23%23launchexp%3Atoken1%23%23NedCkflWithData%3Aall_blk%23%23BF_store%3AGCS%23%23NedCkfl%3ALesBlk%23%23bsNed%3AvalidBid%23%23BssTgtMig%3Atgt%23%23prll_req%3Atrue&mx_isNed=1&acid=ac543574cae4fec8a5fc72faecc2d2b8&rtime=68.0&wsip=mowx-lite-78f788cb9b-fbj9c&ltime=79.0&act=headerBid&abs=0%7C0%7Cxtmax%3D300%7Cbrr%3D1&adtypes=0&adblk=2440819915&impId=1&reftime=15000&reftype=0&psrc=fail&mowxReqId=ac543574cae4fec8a5fc72faecc2d2b8_1&policy_enf=2&pub_blk_enf=1&req_size=970x90%7C728x90&renderer=0&ifst=0&iframingState=0&ifdp=0&slotVisibility=2&adpos=3&media=0&native_asset=0&req_mtype%3C%3E=0&ctr=-1.0&rfc=1&skadidfl=0&feedback_id=n8ixd_dGyvJV4fuKGydNVg_1&supplyTagId=2440819915&mnrfc=1&viewability_vendor=EXCHANGE&vcmplrt=-1.0&imp_tid_present=false&debug_ts=2024-01-02+15%3A10%3A18&__expireat=1704208818608&mview=1&lo_pvid=%5B460%5D&lo_dp=0&lo_bdp=0.050&lo_cbdp=0.05&actltime=80&rme=adm&bdata=sd2%3Dnull~iurl_l%3D10~ogerpm%3D0.04~dom_b%3D0.51~scd%3Dny~rae%3D0%2C0~dom_l%3D20~vl2r_sd%3D2024010203~iurl_b%3D674.86~url_tkc%3D0~url_r2a_b%3D0~std%3D2440819915~rat%3D0.000%2C0~ip%3D1hlLSCuRa5ph5MSyKE4tPi~fbb%3D0~riipua%3D46%2C46~rc%3D2%2C1900~risuid%3D0%2C0~rps_sd%3D2024010121~radv%3D0.000%2C0~url_b%3D1.28~vl2r_url_b%3D0~smm_wr%3D10.4745~url_l%3D10~slv%3D13.57~gcat%3D-10~bb%3D196~smm_mul%3D1.12~erpm%3D0.04~vl2r_url_kc%3D0E0~psi_c%3D23%2C3%2C0%2C0%2C0%2C0%2C0%2C0~bm%3D1~psi_d%3D3640~rke%3D0%2C0~a3p_b%3D1.43%2C46.13~sd%3D1~uid%3D2IaGlyr90IO5KTfffh~cvl2r_b%3D0.96~btd%3D6719302849295002091922565406454379119313182890363785141776783674903882734406417457193988986690441056256~uim%3D0~rkt%3D0.000%2C0~ogd2p_b%3D0.98~ss%3DNA~cc%3DUS~kb_dl%3Dpt~uiw%3D-1~ce%3D0~rcv%3D42~CI%3D3078~kb_uc%3D1~nts%3D2~kb_ul%3Dpt~kb_ccks%3D0~ct%3Dnew%20york~bss_KTW%3DNA%2CNA~basis2%3D196~bdt%3D1704208218~basis1%3D196~kb_tt%3D1~dc%3D8~vl2r_b%3D1.22~tt%3D1212~vw_exc%3D0.85~vis_sd%3D47~rf_cnt%3D1~url_rps_b%3D9.21~dc2%3D1~v_asn%3D9009~last%3D~cvog%3D0.96~vis_url_b%3D0.78~vl2r_i_sd%3D2024010203~vis_url_l%3D30~dsnb%3D420~et%3D48~vl2r_i_b%3D0.01~vis_b%3D790.14~vl2r_url_vi%3D1E-16~url_tvi%3D0~vv%3D0~cvl2r_sd%3D47~rfv%3D42~l2r_b%3D1000~smm_sd%3D2024010209~radp%3D0.000%2C0~sid%3D841137315~url_rps_kc%3D0~kb_src%3Dkbb~vwu%3D0.85~d2p_l%3D10~cvl2%3D0.96~3pcf%3D1000.23~og_msh%3D0.04~dmm_strg%3Dno_strategy~d2p_b%3D0.98~rps_b%3D46.13~url_srps_b%3D9.21~rkwp%3D0.000%2C0~rkwd%3D0.000%2C0~isRef%3D0~isif%3D0~url_rpc_b%3D0~bid%3D0.05~kb_pt%3DHomepage~url_rps_rv%3D0~cbdp%3D0.050%7Esd%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D2440819915%7Esupply_tag_id%3D%7Edetected_tag_id%3D%7Eviewability%3D0.85%7Epos%3D3%7Eac_type%3D1%7Eadblk%3D2440819915%7Eref_cnt%3D1%7Eamp%3D1%7Eogbid%3D0.050%7Ebflr%3D0.040%7Esuid%3DCAESEJEcWk9vgGODHhUGd5bKle0%7Edtc%3Deast_sc%7Edmm_erpm%3Dfalse%7Edmm%3Dno_strategy%7Ebdpcapd%3D0%7Edalg%3Dno_strategy%7Esobp%3D%7Exid%3DADX-pub-3619045887187031%7Ehtml%3D1%7Edcut%3D1%7Edogb%3D0-1%7Eecp_used%3Dq10%7Eecp_p05%3D0.05%7Eecp_p10%3D0.05%7Eecp_p15%3D0.056475194071047646%7Eecp_p20%3D0.08128150575634796%7Eecp_p25%3D0.10482086326601778%7Eecp_p30%3D0.13309946037162934%7Eecp_p35%3D0.16287487442302956%7Eecp_p40%3D0.19583892186306118%7Eecp_p45%3D0.22757648744006617%7Eecp_p50%3D0.2655526347434384%7Eecp_p55%3D0.31214146369718476%7Eecp_p60%3D0.3615632055908954%7Eecp_p65%3D0.4177732870554258%7Eecp_p70%3D0.48570185987248093%7Eecp_p75%3D0.5746298892203825%7Eecp_p80%3D0.6937011658589911%7Eecp_p85%3D0.8548869046374719%7Eecp_p90%3D1.1298150652215875%7Eecp_p95%3D1.6486682473266532%7Eecp_p99%3D4.216796716263275~ibc%3D1~nsz%3D2~tgs%3D728x90%7C970x90~bsb%3D0~bsp%3D0~tmx%3D247&utime=654&sf=0&cpr=0.015181042133258105
Requested by
Host: 73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com
URL: https://73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.41.168.23 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-168-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 15:10:19 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Tue, 02 Jan 2024 15:10:19 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 6865 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com
URL: https://73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
46405
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 02:16:54 GMT
etag
48472445140208031
expires
Wed, 03 Jan 2024 02:16:54 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 8510 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dae2de437b0de53ae4cd80d3d15bcf5f45fcdb384514eddb1522e782fd8115a7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 6865
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEP2n5SL6bES-NTVjvojCyK0&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEP2n5SL6bES-NTVjvojCyK0&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=STl0SVhZYTExUmtHcGw1&google_gid=CAESEP2n5SL6bES-NTVjvojCyK0&google_cver=1&google_push=AXcoOmQxqowQ2ZMhqt115DpjymZEnXlI_VsWGXn7OykIjKH...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=STl0SVhZYTExUmtHcGw1&google_gid=CAESEP2n5SL6bES-NTVjvojCyK0&google_cver=1&google_push=AXcoOmQxqowQ2ZMhqt115DpjymZEnXlI_VsWGXn7OykIjKHnWVuMHrQXpDOk0XvcQ_vaRaoq0-GSJhQ47t_KvurTzlJyqxet9W4
Requested by
Host: 73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com
URL: https://73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.253.63.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 15:10:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 15:10:18 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-075c2ed310ac109cf@us-east-1d@dxedge-app-us-east-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=STl0SVhZYTExUmtHcGw1&google_gid=CAESEP2n5SL6bES-NTVjvojCyK0&google_cver=1&google_push=AXcoOmQxqowQ2ZMhqt115DpjymZEnXlI_VsWGXn7OykIjKHnWVuMHrQXpDOk0XvcQ_vaRaoq0-GSJhQ47t_KvurTzlJyqxet9W4
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame 6865
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESENtgT5E0uCOi8YQzhcSFh_0&google_cver=1&google_push=AXcoOmQyjgodwE6t5WJKxAaDPAT4Do7EbizQV84ihzE06CR4tmhW9GBBJFcwcK0LQaPuzv827Oyx4avttRpYqY3R55P5W5F4C9o&r...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENtgT5E0uCOi8YQzhcSFh_0&google_cver=1&google_push=AXcoOmQyjgodwE6t5WJKxAaDPAT4Do7EbizQV84ihzE06CR4tmhW9GBBJFcwcK0LQaPuzv827Oyx4avttRpYqY3R55P5W5F4C9o...
43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENtgT5E0uCOi8YQzhcSFh_0&google_cver=1&google_push=AXcoOmQyjgodwE6t5WJKxAaDPAT4Do7EbizQV84ihzE06CR4tmhW9GBBJFcwcK0LQaPuzv827Oyx4avttRpYqY3R55P5W5F4C9o&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQyjgodwE6t5WJKxAaDPAT4Do7EbizQV84ihzE06CR4tmhW9GBBJFcwcK0LQaPuzv827Oyx4avttRpYqY3R55P5W5F4C9o%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com
URL: https://73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 15:10:19 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
83f3ed9a6ecc0cb4-EWR
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 15:10:19 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
654
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENtgT5E0uCOi8YQzhcSFh_0&google_cver=1&google_push=AXcoOmQyjgodwE6t5WJKxAaDPAT4Do7EbizQV84ihzE06CR4tmhW9GBBJFcwcK0LQaPuzv827Oyx4avttRpYqY3R55P5W5F4C9o&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQyjgodwE6t5WJKxAaDPAT4Do7EbizQV84ihzE06CR4tmhW9GBBJFcwcK0LQaPuzv827Oyx4avttRpYqY3R55P5W5F4C9o%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
83f3ed99adea0cb4-EWR
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6865
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEOd_8AjU_E_yQmpeDL4uuvA&google_cver=1&google_push=AXcoOmRmX9-no2qQ4O32unfJNtZUDAdKkKfqkWwqi6jUQ9di-Lxrc1Gx3p8hFpuHtv4u0BXi7ed33fMTqn2NTYKXJJLujR75h5So
  • https://rtb.openx.net/sync/dds?google_cver=1&google_gid=CAESEOd_8AjU_E_yQmpeDL4uuvA&google_push=AXcoOmRmX9-no2qQ4O32unfJNtZUDAdKkKfqkWwqi6jUQ9di-Lxrc1Gx3p8hFpuHtv4u0BXi7ed33fMTqn2NTYKXJJLujR75h5So&...
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmRmX9-no2qQ4O32unfJNtZUDAdKkKfqkWwqi6jUQ9di-Lxrc1Gx3p8hFpuHtv4u0BXi7ed33fMTqn2NTYKXJJLujR75h5So&google_hm=hnRcSP5swRAZcsVyWjNfxg==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmRmX9-no2qQ4O32unfJNtZUDAdKkKfqkWwqi6jUQ9di-Lxrc1Gx3p8hFpuHtv4u0BXi7ed33fMTqn2NTYKXJJLujR75h5So&google_hm=hnRcSP5swRAZcsVyWjNfxg==
Requested by
Host: 73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com
URL: https://73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.253.63.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 15:10:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 15:10:19 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmRmX9-no2qQ4O32unfJNtZUDAdKkKfqkWwqi6jUQ9di-Lxrc1Gx3p8hFpuHtv4u0BXi7ed33fMTqn2NTYKXJJLujR75h5So&google_hm=hnRcSP5swRAZcsVyWjNfxg==
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
229
pixel
cm.g.doubleclick.net/ Frame 6865
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEF5-67gz14pQA1O0Abxs6nU&google_cver=1&google_push=AXcoOmSxLbmygm1XJBVkikwFyIzXilvgBq6aU8y4FgUygFvfkU-4N7atscx-GG9TfyQ7o2q1HQ2t50j0znCGB...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmSxLbmygm1XJBVkikwFyIzXilvgBq6aU8y4FgUygFvfkU-4N7atscx-GG9TfyQ7o2q1HQ2t50j0znCGBmJ6KWfc4FfY9lg&google_hm=cUpJb19MNnVvUVk5OG5Va...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmSxLbmygm1XJBVkikwFyIzXilvgBq6aU8y4FgUygFvfkU-4N7atscx-GG9TfyQ7o2q1HQ2t50j0znCGBmJ6KWfc4FfY9lg&google_hm=cUpJb19MNnVvUVk5OG5VazFzS2I=
Requested by
Host: 73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com
URL: https://73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.253.63.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 15:10:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 15:10:19 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmSxLbmygm1XJBVkikwFyIzXilvgBq6aU8y4FgUygFvfkU-4N7atscx-GG9TfyQ7o2q1HQ2t50j0znCGBmJ6KWfc4FfY9lg&google_hm=cUpJb19MNnVvUVk5OG5VazFzS2I=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
235
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6865
Redirect Chain
  • https://cc.adingo.jp/adx/push/?google_gid=CAESEFuloszeI2YnhAMmM46GyHk&google_cver=1&google_push=AXcoOmTXwb7dlUx60pMAlT2lKjUQvxmz3hUxuOUG2BP9gkHUBZcUBB8pbBHB9qQNwiGEsS1jjAIfcLWikBq4ianUJLNn4PfHc4yM
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AXcoOmTXwb7dlUx60pMAlT2lKjUQvxmz3hUxuOUG2BP9gkHUBZcUBB8pbBHB9qQNwiGEsS1jjAIfcLWikBq4ianUJLNn4PfHc4yM&google_hm=686c4656f8f7e8ac286...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AXcoOmTXwb7dlUx60pMAlT2lKjUQvxmz3hUxuOUG2BP9gkHUBZcUBB8pbBHB9qQNwiGEsS1jjAIfcLWikBq4ianUJLNn4PfHc4yM&google_hm=686c4656f8f7e8ac286054e44f681ef4
Requested by
Host: 73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com
URL: https://73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.253.63.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 15:10:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AXcoOmTXwb7dlUx60pMAlT2lKjUQvxmz3hUxuOUG2BP9gkHUBZcUBB8pbBHB9qQNwiGEsS1jjAIfcLWikBq4ianUJLNn4PfHc4yM&google_hm=686c4656f8f7e8ac286054e44f681ef4
date
Tue, 02 Jan 2024 15:10:19 GMT
content-type
text/html; charset=UTF-8
server
nginx
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
pixel
cm.g.doubleclick.net/ Frame 6865
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=google&ssp_init=step1&google_gid=CAESEAf51NUp46jIFjrh4f5ad9k&google_cver=1&google_push=AXcoOmQnRkWPvaBAyXkV9bl5MdlrfzVq9SNIwT558ThGZD-SCIig1Rd6z8ULKg1UAKBCYxFMUKRw...
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=google&ssp_init=step1&google_gid=CAESEAf51NUp46jIFjrh4f5ad9k&google_cver=1&google_push=AXcoOmQnRkWPvaBAyXkV9bl5MdlrfzVq9SNIwT558ThGZD-SCIig1Rd6z8ULKg1UAKBCYx...
  • https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=LtsqzItuRyG5oq3SvH3OKQ==&no_redirect=1&google_push=AXcoOmQnRkWPvaBAyXkV9bl5MdlrfzVq9SNIwT558ThGZD-SCIig1R...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=LtsqzItuRyG5oq3SvH3OKQ==&no_redirect=1&google_push=AXcoOmQnRkWPvaBAyXkV9bl5MdlrfzVq9SNIwT558ThGZD-SCIig1Rd6z8ULKg1UAKBCYxFMUKRwSwlGucBWL-AeLKoid-Z3w_JO
Requested by
Host: 73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com
URL: https://73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.253.63.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 15:10:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=media_force_communications_2007_ltd&google_hm=LtsqzItuRyG5oq3SvH3OKQ==&no_redirect=1&google_push=AXcoOmQnRkWPvaBAyXkV9bl5MdlrfzVq9SNIwT558ThGZD-SCIig1Rd6z8ULKg1UAKBCYxFMUKRwSwlGucBWL-AeLKoid-Z3w_JO
date
Tue, 02 Jan 2024 15:10:19 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 6865
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEAxGYbETu...
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEAx...
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=93bfb436-344b-4360-95ad-06e591cc36fa&%%GOOGLE_PUSH_PAIR%%
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=93bfb436-344b-4360-95ad-06e591cc36fa&%%GOOGLE_PUSH_PAIR%%
Requested by
Host: 73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com
URL: https://73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.253.63.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 15:10:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=93bfb436-344b-4360-95ad-06e591cc36fa&%%GOOGLE_PUSH_PAIR%%
Date
Tue, 02 Jan 2024 15:10:19 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame 6865 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JcUeKiIpOygDxblAaOkaOUoDD_ZT-vhGTVN999oAeXK-0hq92T9u4cU4uszhYMDaEMF4OPnZM
Requested by
Host: 73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com
URL: https://73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 15:10:19 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
bfp_ssn.js
pxlclnmdecom-a.akamaihd.net/javascripts/ Frame 3F53 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pxlclnmdecom-a.akamaihd.net/javascripts/bfp_ssn.js?templateId=3
Requested by
Host: pxlclnmdecom-a.akamaihd.net
URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CUTX61X6&noCookies=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.46.156.31 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-46-156-31.deploy.static.akamaitechnologies.com
Software
/ Express
Resource Hash
7ec5561af74114c3b4b8e0a3e4e2d6f0718e60449f99d4266d8c026bfba8ddcc

Request headers

Referer
https://73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Access-Control-Max-Age
1800
Cache-Control
max-age=300
Connection
keep-alive
Content-Encoding
gzip
Content-Length
3751
Content-Type
text/html; charset=utf-8
Date
Tue, 02 Jan 2024 15:10:19 GMT
Expires
Tue, 02 Jan 2024 15:15:19 GMT
Vary
Accept-Encoding
x-powered-by
Express
ptmdP
dts.clnmde.com/ Frame 8510 		7 B
63 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://dts.clnmde.com/ptmdP
Requested by
Host: pxlclnmdecom-a.akamaihd.net
URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CUTX61X6&noCookies=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.96.116 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
116.96.111.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Request headers

Referer
https://73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 02 Jan 2024 15:10:19 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-powered-by
Express
etag
W/"7-Jgyp3YpFd/wAt71YECmAdg"
access-control-max-age
1800
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
content-length
7
alt-svc
clear
ptmdP
dts.clnmde.com/ Frame 8510 		7 B
357 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://dts.clnmde.com/ptmdP
Requested by
Host: pxlclnmdecom-a.akamaihd.net
URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CUTX61X6&noCookies=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.96.116 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
116.96.111.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Request headers

Referer
https://73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 02 Jan 2024 15:10:19 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-powered-by
Express
etag
W/"7-Jgyp3YpFd/wAt71YECmAdg"
access-control-max-age
1800
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
content-length
7
alt-svc
clear
ptmdDual
dts6.clnmde.com/ Frame 8510 		70 B
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dts6.clnmde.com/ptmdDual?t=%7B%22gh%22%3A%22170420821911933122256112%22%2C%22za%22%3A1%2C%22gcd%22%3A1704208219164%2C%22al%22%3A3%2C%22bcnd%22%3A1%7D
Requested by
Host: 73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com
URL: https://73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:cba2:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/ Express
Resource Hash
c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

accept-language
en-US,en;q=0.9
Referer
https://73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 15:10:19 GMT
via
1.1 google
x-powered-by
Express
access-control-max-age
1800
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
alt-svc
clear
ptmd
dts.clnmde.com/ Frame 8510 		70 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dts.clnmde.com/ptmd?t=170420821911933122256112_N4IgtgniBcDasEYA0AGJB2ATADlUgnCgLpFIgDuAjjLKeBAE410DGDYADjSAuigCyYU2TAhHYArBP4A2fvnwB9MAEMAlgDtFCEHRUAbAC41iZAM4B7GMhAsWACwDW3bPwQIAzOg8IJushxqACbGcCAo-iAMAKYAZgCqDEbckWYMLInJYfaGhhxmAKQeAIIFmABiZeXkNQB0KhwctQBGagDmFhr6mtG1hhZN0RqUAK7RhtHNU7UsFmAtDFWRAG5misGhsBoj+vp09qvrIdwop6e8AkIiYvjohCj4EtjCnqIe-B6RLCNmhkebIGwAGF4gAVAAaMgQkK+DGW3GAAB1AW5PN5fMjoEiQIYIBxopjkWwjsikMjlmoSTBkRdBMJROIpLJ5PhSciDmtgoTwmcULSrgzbvdHs9sK9PB9kQBfKWRDQqGiCfDyGRYORICXCPgefBICQeU6ubAGujyswwTC6kBqFRgEx0G3m6C4EC-FSGH40DxIfhIDze95+iR+mR+9B+3A6pCWugALwV0BsHDaMBA8LIbXsqf59IQ+Hc+H9CEwJYkUOLIDIq1TMlqKFqEiwlZABhg3pAsRYMAAtDZxmps3w6dd8M27EFU-EAMrN34p6BoV3OaA8IcCvOKVyyYvSISYdDN6JqLgriS1MQIWqYd7njyYZvLaJMFccBgWCdkaIjBM2EYDxOfss+g0KA8pgNEqatEEQRPkczZBO6CagFBMEMHBK6yBEVaUsEg6XLmjLSHICggDKSCgbaEErioLC4WQCGGEhLa0RO1EsNIHiNvwLAqNE-CxNELDYCoEidlgsS8XYmBBJgzTYA+OGsau+HXIRzIkTKdAcNWcB0GY+i-Hhw6iPmwjNvosTWGQzRZOqtg-H8uErsCYKQtCMgKehynGWIOBMsRo4Zl2iZrrm+AlpgZCUFRNixP+HhSkAA
Requested by
Host: 73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com
URL: https://73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.96.116 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
116.96.111.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

accept-language
en-US,en;q=0.9
Referer
https://73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 15:10:19 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-powered-by
Express
access-control-max-age
1800
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
alt-svc
clear
cenw.js
dts.clnmde.com/ Frame 3F53 		36 B
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dts.clnmde.com/cenw.js
Requested by
Host: pxlclnmdecom-a.akamaihd.net
URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/bfp_ssn.js?templateId=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.96.116 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
116.96.111.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
fce5168fa86077ca21a2e8c5d658b0abca8d19b1a46b2eb5beb76c3e79f9e142

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pxlclnmdecom-a.akamaihd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 15:10:19 GMT
via
1.1 google
etag
W/"24-IHlO7nDFBfh4jcgcHGgrlw"
x-powered-by
Express
access-control-max-age
1800
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
content-length
36
alt-svc
clear
cksync
cs.media.net/ Frame 1C76
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzQ3MjA5ODE5MDgxMzIyOTAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESENxkVdxal073RXHB9El1Avo&google_cver=1
57 B
448 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESENxkVdxal073RXHB9El1Avo&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUF4235B&prvid=99%2C77%2C20000%2C294%2C262%2C460%2C461%2C462%2C4%2C313%2C10000%2C459%2C229%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.41.168.23 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-168-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 15:10:19 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
57
x-mnet-hl2
E
expires
Tue, 02 Jan 2024 15:10:19 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 15:10:19 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESENxkVdxal073RXHB9El1Avo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
0b52df8e-5e93-42bb-92c6-b12711f99c4c.jpg
contextual.media.net/kimg/new/140x110/3/110/104/193/ Frame E48C 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/kimg/new/140x110/3/110/104/193/0b52df8e-5e93-42bb-92c6-b12711f99c4c.jpg?v=9
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=3457&&kkdd=A*%7C3%7CnH9*A&22=MG&7T=HwKFhKQhHQhQnnFmF33&k(by=K&~obU=K&2(7=HHFH&eo2I=5Smm&2T(=QvMgEmHEm&2b2(=zFrWT5BFNupFsTV3C_q4ba%3D%3D&2yT(=QFHHSwSHn&oT_I=whQ43K&o2=sf&2B9~=sXtGg8OgNxf&bT(=QVXYmKRSh&ebT(=glnFmG3&Beebo=H&yyy=e_8iB520i5tKaYqGVM~iM8lUzn.KFWsYIaRw(Qz24(tJT3DqYIeExXvC3fz0Kc6fihY.8ROts5z%3D&9oI=n&0*=H&qk(=F&U(eH=QvMYFhSnp&U(eh=3m3FhQnSh&u(UeU=o(h%3D9q00)Tqy0t0%3DHK)LkIyb~%3DK1KF)(L~tu%3DK1nH)o2(%3D9D)yUI%3DK%2CK)(L~t0%3DhK)70hyto(%3DhKhFKHKhKS)Tqy0tu%3DmwF1Qm)qy0te!2%3DK)qy0tyhUtu%3DK)oe(%3DhFFKQH33Hn)yUe%3DK1KKK%2CK)Tb%3DHB05Gvq8UnbBnzGDPNFeVT)cuu%3DK)yTTbqU%3DFm%2CFm)y2%3Dh%2CH3KK)yToqT(%3DK%2CK)yboto(%3DhKhFKHKHhH)yU(7%3DK1KKK%2CK)qy0tu%3DH1hQ)70hytqy0tu%3DK)o~~t*y%3DHK1FwFn)qy0t0%3DHK)o07%3DHS1nw)k2Ue%3DiHK)uu%3DH3m)o~~t~q0%3DH1Hh)Iyb~%3DK1KF)70hytqy0t!2%3DKNK)boTt2%3DhS%2CS%2CK%2CK%2CK%2CK%2CK%2CK)u~%3DH)boTt(%3DSmFK)y!I%3DK%2CK)USbtu%3DH1FS%2CFm1HS)o(%3DH)qT(%3Dh-Ux0Dy3K-XnPgcccB)270hytu%3DK13m)ue(%3DmwH3SKhQF3h3nKKhK3H3hhnmnFKmFnFSw3HH3SHSHQhQ3KSmSwQnHFHwwmwQSmwF3KSQQhwSFFKmFHwFnwH3S3QQ3Qmm3KFFHKnmhnm)qT~%3DK)y!e%3DK1KKK%2CK)Lk(hbtu%3DK13Q)oo%3DsO)22%3DMG)!ut(0%3Dbe)qT*%3DiH)2I%3DK)y27%3DFh)v-%3DSKwQ)!utq2%3DH)9eo%3Dh)!utq0%3Dbe)!ut22!o%3DK)2e%3D9I*%20DLy!)uootPg.%3DsO%2CsO)uUoToh%3DH3m)u(e%3DHwKFhKQhHQ)uUoToH%3DH3m)!utee%3DH)(2%3DQ)70hytu%3DH1hh)ee%3DHhHh)7*tI42%3DK1Qn)7Toto(%3DFw)yct29e%3DH)qy0tybotu%3D31hH)(2h%3DH)7tUo9%3D3KK3)0Uoe%3D)27Lk%3DK13m)7Totqy0tu%3DK1wQ)70hytTto(%3DhKhFKHKhKS)7Totqy0t0%3DSK)(o9u%3DFhK)Ie%3DFQ)70hytTtu%3DK1KH)7Totu%3Dw3K1HF)70hytqy0t7T%3DHNiHm)qy0te7T%3DK)77%3DK)270hyto(%3DFw)yc7%3DFh)0hytu%3DHKKK)o~~to(%3DhKhFKHKhK3)yU(b%3DK1KKK%2CK)oT(%3DQFHHSwSHn)qy0tybot!2%3DK)!utoy2%3D!uu)7*q%3DK1Qn)(hbt0%3DHK)270h%3DK13m)Sb2c%3DHKKK1hS)Lkt~oB%3DK1KF)(~~toeyk%3D9LtoeyUeIkD)(hbtu%3DK13Q)ybotu%3DFm1HS)qy0toybotu%3D31hH)y!*b%3DK1KKK%2CK)y!*(%3DK1KKK%2CK)To8Ic%3DK)ToTc%3DK)qy0tyb2tu%3DK)uT(%3DK1Kn)!utbe%3DJL~IbUkI)qy0tyboty7%3DK)2u(b%3DK1KnK)o(%3DH)TeDbItT(%3DHw)oI00IyteUktT(%3DhFFKQH33Hn)oqbb0DteUktT(%3D)(IeI2eI(teUktT(%3D)7TI*UuT0TeD%3DK1Qn)bLo%3DS)U2teDbI%3DH)U(u0!%3DhFFKQH33Hn)yIct29e%3DH)U~b%3DH)LkuT(%3DK1KnK)uc0y%3DK1KFK)oqT(%3DvONGNlN2.!37kxXCJBMx(nuP0IK)(e2%3DIUoeto2)(~~tIyb~%3DcU0oI)(~~%3D9LtoeyUeIkD)u(b2Ub(%3DK)(U0k%3D9LtoeyUeIkD)oLub%3D)4T(%3DOCEibquiSmH3KFnQQwHQwKSH)Be~0%3DH)(2qe%3DH)(Lku%3DKiH)I2btqoI(%3DrHK)I2btbKn%3DK1Kn)I2btbHK%3DK1Kn)I2btbHn%3DK1KnmFwnH3FKwHKFwmFm)I2btbhK%3DK1KQHhQHnKnwnmSFw3m)I2btbhn%3DK1HKFQhKQmShmmKHwwQ)I2btbSK%3DK1HSSK33FmKSwHmh3SF)I2btbSn%3DK1HmhQwFQwFFhSKh3nm)I2btbFK%3DK1H3nQSQ3hHQmSKmHHQ)I2btbFn%3DK1hhwnwmFQwFFKKmmHw)I2btbnK%3DK1hmnnnhmSFwFSFSQF)I2btbnn%3DK1SHhHFHFmSm3wHQFwm)I2btbmK%3DK1SmHnmShKnn3KQ3nF)I2btbmn%3DK1FHwwwShQwKnnFhnQ)I2btbwK%3DK1FQnwKHQn3QwhFQK3S)I2btbwn%3DK1nwFmh3QQ3hhKSQhn)I2btbQK%3DK1m3SwKHHmnQnQ33HH)I2btbQn%3DK1QnFQQm3KFmSwFwH3)I2btb3K%3DH1Hh3QHnKmnhhHnQwn)I2btb3n%3DH1mFQmmQhFwShmmnSh)I2btb33%3DF1hHmw3mwHmhmShwn)Tu2%3DH)9o_%3Dh)eko%3DwhQ43K%7C3wK43K)uou%3DK)uob%3DK)e~4%3DhFw&9e7=K&~~~=UzvQvk3FFU*6Kp.DfwaGKx93B2O50LMp5_Hso4xfm5*%3D&T*=whQ&T9-cy=H&u(y-(=FmK&uT(=SF3KmS&~2c=wmn3h&D(oby=H&uUI=p4IskIrkpr)p4IskIrrpr)FII&!UebyI=H&2U(L~UT9=e_8iB520i5iJGBsFhiqqc(9nXEBhTvKsmr(ShDF-G2WRXJWt!DWL_k%3D%3D&Db0b=H&ToT(=n&U(7=-97IoeLy%20YL2qo&oo~2yt7Iy=n&bkT(=bHHKn3QQFQQhehKhFKHKhHnHK&oo0(=%7B%22ooTb%22%3A%22hUK(%3AnmKK%3AKKhF%3AKKKK%3AKKKK%3AKKKK%3AKKKK%3AKKKK%22%2C%22oo22%22%3A%22MG%22%2C%22ooo2%22%3A%22sf%22%2C%22oo2eD%22%3A%22sI*%20fLy!%22%7D&Be~0oy2=H&sflct=8828251&ure=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.204.22 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-55-204-22.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
7b58dca8d2bca84efb6181b26258351c3f4d800c45078b105226d5796736d2c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=3457&&kkdd=A*%7C3%7CnH9*A&22=MG&7T=HwKFhKQhHQhQnnFmF33&k(by=K&~obU=K&2(7=HHFH&eo2I=5Smm&2T(=QvMgEmHEm&2b2(=zFrWT5BFNupFsTV3C_q4ba%3D%3D&2yT(=QFHHSwSHn&oT_I=whQ43K&o2=sf&2B9~=sXtGg8OgNxf&bT(=QVXYmKRSh&ebT(=glnFmG3&Beebo=H&yyy=e_8iB520i5tKaYqGVM~iM8lUzn.KFWsYIaRw(Qz24(tJT3DqYIeExXvC3fz0Kc6fihY.8ROts5z%3D&9oI=n&0*=H&qk(=F&U(eH=QvMYFhSnp&U(eh=3m3FhQnSh&u(UeU=o(h%3D9q00)Tqy0t0%3DHK)LkIyb~%3DK1KF)(L~tu%3DK1nH)o2(%3D9D)yUI%3DK%2CK)(L~t0%3DhK)70hyto(%3DhKhFKHKhKS)Tqy0tu%3DmwF1Qm)qy0te!2%3DK)qy0tyhUtu%3DK)oe(%3DhFFKQH33Hn)yUe%3DK1KKK%2CK)Tb%3DHB05Gvq8UnbBnzGDPNFeVT)cuu%3DK)yTTbqU%3DFm%2CFm)y2%3Dh%2CH3KK)yToqT(%3DK%2CK)yboto(%3DhKhFKHKHhH)yU(7%3DK1KKK%2CK)qy0tu%3DH1hQ)70hytqy0tu%3DK)o~~t*y%3DHK1FwFn)qy0t0%3DHK)o07%3DHS1nw)k2Ue%3DiHK)uu%3DH3m)o~~t~q0%3DH1Hh)Iyb~%3DK1KF)70hytqy0t!2%3DKNK)boTt2%3DhS%2CS%2CK%2CK%2CK%2CK%2CK%2CK)u~%3DH)boTt(%3DSmFK)y!I%3DK%2CK)USbtu%3DH1FS%2CFm1HS)o(%3DH)qT(%3Dh-Ux0Dy3K-XnPgcccB)270hytu%3DK13m)ue(%3DmwH3SKhQF3h3nKKhK3H3hhnmnFKmFnFSw3HH3SHSHQhQ3KSmSwQnHFHwwmwQSmwF3KSQQhwSFFKmFHwFnwH3S3QQ3Qmm3KFFHKnmhnm)qT~%3DK)y!e%3DK1KKK%2CK)Lk(hbtu%3DK13Q)oo%3DsO)22%3DMG)!ut(0%3Dbe)qT*%3DiH)2I%3DK)y27%3DFh)v-%3DSKwQ)!utq2%3DH)9eo%3Dh)!utq0%3Dbe)!ut22!o%3DK)2e%3D9I*%20DLy!)uootPg.%3DsO%2CsO)uUoToh%3DH3m)u(e%3DHwKFhKQhHQ)uUoToH%3DH3m)!utee%3DH)(2%3DQ)70hytu%3DH1hh)ee%3DHhHh)7*tI42%3DK1Qn)7Toto(%3DFw)yct29e%3DH)qy0tybotu%3D31hH)(2h%3DH)7tUo9%3D3KK3)0Uoe%3D)27Lk%3DK13m)7Totqy0tu%3DK1wQ)70hytTto(%3DhKhFKHKhKS)7Totqy0t0%3DSK)(o9u%3DFhK)Ie%3DFQ)70hytTtu%3DK1KH)7Totu%3Dw3K1HF)70hytqy0t7T%3DHNiHm)qy0te7T%3DK)77%3DK)270hyto(%3DFw)yc7%3DFh)0hytu%3DHKKK)o~~to(%3DhKhFKHKhK3)yU(b%3DK1KKK%2CK)oT(%3DQFHHSwSHn)qy0tybot!2%3DK)!utoy2%3D!uu)7*q%3DK1Qn)(hbt0%3DHK)270h%3DK13m)Sb2c%3DHKKK1hS)Lkt~oB%3DK1KF)(~~toeyk%3D9LtoeyUeIkD)(hbtu%3DK13Q)ybotu%3DFm1HS)qy0toybotu%3D31hH)y!*b%3DK1KKK%2CK)y!*(%3DK1KKK%2CK)To8Ic%3DK)ToTc%3DK)qy0tyb2tu%3DK)uT(%3DK1Kn)!utbe%3DJL~IbUkI)qy0tyboty7%3DK)2u(b%3DK1KnK)o(%3DH)TeDbItT(%3DHw)oI00IyteUktT(%3DhFFKQH33Hn)oqbb0DteUktT(%3D)(IeI2eI(teUktT(%3D)7TI*UuT0TeD%3DK1Qn)bLo%3DS)U2teDbI%3DH)U(u0!%3DhFFKQH33Hn)yIct29e%3DH)U~b%3DH)LkuT(%3DK1KnK)uc0y%3DK1KFK)oqT(%3DvONGNlN2.!37kxXCJBMx(nuP0IK)(e2%3DIUoeto2)(~~tIyb~%3DcU0oI)(~~%3D9LtoeyUeIkD)u(b2Ub(%3DK)(U0k%3D9LtoeyUeIkD)oLub%3D)4T(%3DOCEibquiSmH3KFnQQwHQwKSH)Be~0%3DH)(2qe%3DH)(Lku%3DKiH)I2btqoI(%3DrHK)I2btbKn%3DK1Kn)I2btbHK%3DK1Kn)I2btbHn%3DK1KnmFwnH3FKwHKFwmFm)I2btbhK%3DK1KQHhQHnKnwnmSFw3m)I2btbhn%3DK1HKFQhKQmShmmKHwwQ)I2btbSK%3DK1HSSK33FmKSwHmh3SF)I2btbSn%3DK1HmhQwFQwFFhSKh3nm)I2btbFK%3DK1H3nQSQ3hHQmSKmHHQ)I2btbFn%3DK1hhwnwmFQwFFKKmmHw)I2btbnK%3DK1hmnnnhmSFwFSFSQF)I2btbnn%3DK1SHhHFHFmSm3wHQFwm)I2btbmK%3DK1SmHnmShKnn3KQ3nF)I2btbmn%3DK1FHwwwShQwKnnFhnQ)I2btbwK%3DK1FQnwKHQn3QwhFQK3S)I2btbwn%3DK1nwFmh3QQ3hhKSQhn)I2btbQK%3DK1m3SwKHHmnQnQ33HH)I2btbQn%3DK1QnFQQm3KFmSwFwH3)I2btb3K%3DH1Hh3QHnKmnhhHnQwn)I2btb3n%3DH1mFQmmQhFwShmmnSh)I2btb33%3DF1hHmw3mwHmhmShwn)Tu2%3DH)9o_%3Dh)eko%3DwhQ43K%7C3wK43K)uou%3DK)uob%3DK)e~4%3DhFw&9e7=K&~~~=UzvQvk3FFU*6Kp.DfwaGKx93B2O50LMp5_Hso4xfm5*%3D&T*=whQ&T9-cy=H&u(y-(=FmK&uT(=SF3KmS&~2c=wmn3h&D(oby=H&uUI=p4IskIrkpr)p4IskIrrpr)FII&!UebyI=H&2U(L~UT9=e_8iB520i5iJGBsFhiqqc(9nXEBhTvKsmr(ShDF-G2WRXJWt!DWL_k%3D%3D&Db0b=H&ToT(=n&U(7=-97IoeLy%20YL2qo&oo~2yt7Iy=n&bkT(=bHHKn3QQFQQhehKhFKHKhHnHK&oo0(=%7B%22ooTb%22%3A%22hUK(%3AnmKK%3AKKhF%3AKKKK%3AKKKK%3AKKKK%3AKKKK%3AKKKK%22%2C%22oo22%22%3A%22MG%22%2C%22ooo2%22%3A%22sf%22%2C%22oo2eD%22%3A%22sI*%20fLy!%22%7D&Be~0oy2=H&sflct=8828251&ure=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 15:10:19 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 26 Feb 2018 10:18:16 GMT
server
nginx
etag
"5a93dee8-3aa4"
content-type
image/jpeg
accept-ranges
bytes
content-length
15012
truncated
/ Frame E48C 		107 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
726358b8-8709-4ed2-afed-8b2e7dfe3c1f.jpg
contextual.media.net/kimg/new/140x110/3/65/102/246/ Frame E48C 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/kimg/new/140x110/3/65/102/246/726358b8-8709-4ed2-afed-8b2e7dfe3c1f.jpg?v=9
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=3457&&kkdd=A*%7C3%7CnH9*A&22=MG&7T=HwKFhKQhHQhQnnFmF33&k(by=K&~obU=K&2(7=HHFH&eo2I=5Smm&2T(=QvMgEmHEm&2b2(=zFrWT5BFNupFsTV3C_q4ba%3D%3D&2yT(=QFHHSwSHn&oT_I=whQ43K&o2=sf&2B9~=sXtGg8OgNxf&bT(=QVXYmKRSh&ebT(=glnFmG3&Beebo=H&yyy=e_8iB520i5tKaYqGVM~iM8lUzn.KFWsYIaRw(Qz24(tJT3DqYIeExXvC3fz0Kc6fihY.8ROts5z%3D&9oI=n&0*=H&qk(=F&U(eH=QvMYFhSnp&U(eh=3m3FhQnSh&u(UeU=o(h%3D9q00)Tqy0t0%3DHK)LkIyb~%3DK1KF)(L~tu%3DK1nH)o2(%3D9D)yUI%3DK%2CK)(L~t0%3DhK)70hyto(%3DhKhFKHKhKS)Tqy0tu%3DmwF1Qm)qy0te!2%3DK)qy0tyhUtu%3DK)oe(%3DhFFKQH33Hn)yUe%3DK1KKK%2CK)Tb%3DHB05Gvq8UnbBnzGDPNFeVT)cuu%3DK)yTTbqU%3DFm%2CFm)y2%3Dh%2CH3KK)yToqT(%3DK%2CK)yboto(%3DhKhFKHKHhH)yU(7%3DK1KKK%2CK)qy0tu%3DH1hQ)70hytqy0tu%3DK)o~~t*y%3DHK1FwFn)qy0t0%3DHK)o07%3DHS1nw)k2Ue%3DiHK)uu%3DH3m)o~~t~q0%3DH1Hh)Iyb~%3DK1KF)70hytqy0t!2%3DKNK)boTt2%3DhS%2CS%2CK%2CK%2CK%2CK%2CK%2CK)u~%3DH)boTt(%3DSmFK)y!I%3DK%2CK)USbtu%3DH1FS%2CFm1HS)o(%3DH)qT(%3Dh-Ux0Dy3K-XnPgcccB)270hytu%3DK13m)ue(%3DmwH3SKhQF3h3nKKhK3H3hhnmnFKmFnFSw3HH3SHSHQhQ3KSmSwQnHFHwwmwQSmwF3KSQQhwSFFKmFHwFnwH3S3QQ3Qmm3KFFHKnmhnm)qT~%3DK)y!e%3DK1KKK%2CK)Lk(hbtu%3DK13Q)oo%3DsO)22%3DMG)!ut(0%3Dbe)qT*%3DiH)2I%3DK)y27%3DFh)v-%3DSKwQ)!utq2%3DH)9eo%3Dh)!utq0%3Dbe)!ut22!o%3DK)2e%3D9I*%20DLy!)uootPg.%3DsO%2CsO)uUoToh%3DH3m)u(e%3DHwKFhKQhHQ)uUoToH%3DH3m)!utee%3DH)(2%3DQ)70hytu%3DH1hh)ee%3DHhHh)7*tI42%3DK1Qn)7Toto(%3DFw)yct29e%3DH)qy0tybotu%3D31hH)(2h%3DH)7tUo9%3D3KK3)0Uoe%3D)27Lk%3DK13m)7Totqy0tu%3DK1wQ)70hytTto(%3DhKhFKHKhKS)7Totqy0t0%3DSK)(o9u%3DFhK)Ie%3DFQ)70hytTtu%3DK1KH)7Totu%3Dw3K1HF)70hytqy0t7T%3DHNiHm)qy0te7T%3DK)77%3DK)270hyto(%3DFw)yc7%3DFh)0hytu%3DHKKK)o~~to(%3DhKhFKHKhK3)yU(b%3DK1KKK%2CK)oT(%3DQFHHSwSHn)qy0tybot!2%3DK)!utoy2%3D!uu)7*q%3DK1Qn)(hbt0%3DHK)270h%3DK13m)Sb2c%3DHKKK1hS)Lkt~oB%3DK1KF)(~~toeyk%3D9LtoeyUeIkD)(hbtu%3DK13Q)ybotu%3DFm1HS)qy0toybotu%3D31hH)y!*b%3DK1KKK%2CK)y!*(%3DK1KKK%2CK)To8Ic%3DK)ToTc%3DK)qy0tyb2tu%3DK)uT(%3DK1Kn)!utbe%3DJL~IbUkI)qy0tyboty7%3DK)2u(b%3DK1KnK)o(%3DH)TeDbItT(%3DHw)oI00IyteUktT(%3DhFFKQH33Hn)oqbb0DteUktT(%3D)(IeI2eI(teUktT(%3D)7TI*UuT0TeD%3DK1Qn)bLo%3DS)U2teDbI%3DH)U(u0!%3DhFFKQH33Hn)yIct29e%3DH)U~b%3DH)LkuT(%3DK1KnK)uc0y%3DK1KFK)oqT(%3DvONGNlN2.!37kxXCJBMx(nuP0IK)(e2%3DIUoeto2)(~~tIyb~%3DcU0oI)(~~%3D9LtoeyUeIkD)u(b2Ub(%3DK)(U0k%3D9LtoeyUeIkD)oLub%3D)4T(%3DOCEibquiSmH3KFnQQwHQwKSH)Be~0%3DH)(2qe%3DH)(Lku%3DKiH)I2btqoI(%3DrHK)I2btbKn%3DK1Kn)I2btbHK%3DK1Kn)I2btbHn%3DK1KnmFwnH3FKwHKFwmFm)I2btbhK%3DK1KQHhQHnKnwnmSFw3m)I2btbhn%3DK1HKFQhKQmShmmKHwwQ)I2btbSK%3DK1HSSK33FmKSwHmh3SF)I2btbSn%3DK1HmhQwFQwFFhSKh3nm)I2btbFK%3DK1H3nQSQ3hHQmSKmHHQ)I2btbFn%3DK1hhwnwmFQwFFKKmmHw)I2btbnK%3DK1hmnnnhmSFwFSFSQF)I2btbnn%3DK1SHhHFHFmSm3wHQFwm)I2btbmK%3DK1SmHnmShKnn3KQ3nF)I2btbmn%3DK1FHwwwShQwKnnFhnQ)I2btbwK%3DK1FQnwKHQn3QwhFQK3S)I2btbwn%3DK1nwFmh3QQ3hhKSQhn)I2btbQK%3DK1m3SwKHHmnQnQ33HH)I2btbQn%3DK1QnFQQm3KFmSwFwH3)I2btb3K%3DH1Hh3QHnKmnhhHnQwn)I2btb3n%3DH1mFQmmQhFwShmmnSh)I2btb33%3DF1hHmw3mwHmhmShwn)Tu2%3DH)9o_%3Dh)eko%3DwhQ43K%7C3wK43K)uou%3DK)uob%3DK)e~4%3DhFw&9e7=K&~~~=UzvQvk3FFU*6Kp.DfwaGKx93B2O50LMp5_Hso4xfm5*%3D&T*=whQ&T9-cy=H&u(y-(=FmK&uT(=SF3KmS&~2c=wmn3h&D(oby=H&uUI=p4IskIrkpr)p4IskIrrpr)FII&!UebyI=H&2U(L~UT9=e_8iB520i5iJGBsFhiqqc(9nXEBhTvKsmr(ShDF-G2WRXJWt!DWL_k%3D%3D&Db0b=H&ToT(=n&U(7=-97IoeLy%20YL2qo&oo~2yt7Iy=n&bkT(=bHHKn3QQFQQhehKhFKHKhHnHK&oo0(=%7B%22ooTb%22%3A%22hUK(%3AnmKK%3AKKhF%3AKKKK%3AKKKK%3AKKKK%3AKKKK%3AKKKK%22%2C%22oo22%22%3A%22MG%22%2C%22ooo2%22%3A%22sf%22%2C%22oo2eD%22%3A%22sI*%20fLy!%22%7D&Be~0oy2=H&sflct=8828251&ure=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.204.22 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-55-204-22.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
f970e18ee55b33261ce4e8b24076fab6be2df6238746cfab70b8169258666fdb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=3457&&kkdd=A*%7C3%7CnH9*A&22=MG&7T=HwKFhKQhHQhQnnFmF33&k(by=K&~obU=K&2(7=HHFH&eo2I=5Smm&2T(=QvMgEmHEm&2b2(=zFrWT5BFNupFsTV3C_q4ba%3D%3D&2yT(=QFHHSwSHn&oT_I=whQ43K&o2=sf&2B9~=sXtGg8OgNxf&bT(=QVXYmKRSh&ebT(=glnFmG3&Beebo=H&yyy=e_8iB520i5tKaYqGVM~iM8lUzn.KFWsYIaRw(Qz24(tJT3DqYIeExXvC3fz0Kc6fihY.8ROts5z%3D&9oI=n&0*=H&qk(=F&U(eH=QvMYFhSnp&U(eh=3m3FhQnSh&u(UeU=o(h%3D9q00)Tqy0t0%3DHK)LkIyb~%3DK1KF)(L~tu%3DK1nH)o2(%3D9D)yUI%3DK%2CK)(L~t0%3DhK)70hyto(%3DhKhFKHKhKS)Tqy0tu%3DmwF1Qm)qy0te!2%3DK)qy0tyhUtu%3DK)oe(%3DhFFKQH33Hn)yUe%3DK1KKK%2CK)Tb%3DHB05Gvq8UnbBnzGDPNFeVT)cuu%3DK)yTTbqU%3DFm%2CFm)y2%3Dh%2CH3KK)yToqT(%3DK%2CK)yboto(%3DhKhFKHKHhH)yU(7%3DK1KKK%2CK)qy0tu%3DH1hQ)70hytqy0tu%3DK)o~~t*y%3DHK1FwFn)qy0t0%3DHK)o07%3DHS1nw)k2Ue%3DiHK)uu%3DH3m)o~~t~q0%3DH1Hh)Iyb~%3DK1KF)70hytqy0t!2%3DKNK)boTt2%3DhS%2CS%2CK%2CK%2CK%2CK%2CK%2CK)u~%3DH)boTt(%3DSmFK)y!I%3DK%2CK)USbtu%3DH1FS%2CFm1HS)o(%3DH)qT(%3Dh-Ux0Dy3K-XnPgcccB)270hytu%3DK13m)ue(%3DmwH3SKhQF3h3nKKhK3H3hhnmnFKmFnFSw3HH3SHSHQhQ3KSmSwQnHFHwwmwQSmwF3KSQQhwSFFKmFHwFnwH3S3QQ3Qmm3KFFHKnmhnm)qT~%3DK)y!e%3DK1KKK%2CK)Lk(hbtu%3DK13Q)oo%3DsO)22%3DMG)!ut(0%3Dbe)qT*%3DiH)2I%3DK)y27%3DFh)v-%3DSKwQ)!utq2%3DH)9eo%3Dh)!utq0%3Dbe)!ut22!o%3DK)2e%3D9I*%20DLy!)uootPg.%3DsO%2CsO)uUoToh%3DH3m)u(e%3DHwKFhKQhHQ)uUoToH%3DH3m)!utee%3DH)(2%3DQ)70hytu%3DH1hh)ee%3DHhHh)7*tI42%3DK1Qn)7Toto(%3DFw)yct29e%3DH)qy0tybotu%3D31hH)(2h%3DH)7tUo9%3D3KK3)0Uoe%3D)27Lk%3DK13m)7Totqy0tu%3DK1wQ)70hytTto(%3DhKhFKHKhKS)7Totqy0t0%3DSK)(o9u%3DFhK)Ie%3DFQ)70hytTtu%3DK1KH)7Totu%3Dw3K1HF)70hytqy0t7T%3DHNiHm)qy0te7T%3DK)77%3DK)270hyto(%3DFw)yc7%3DFh)0hytu%3DHKKK)o~~to(%3DhKhFKHKhK3)yU(b%3DK1KKK%2CK)oT(%3DQFHHSwSHn)qy0tybot!2%3DK)!utoy2%3D!uu)7*q%3DK1Qn)(hbt0%3DHK)270h%3DK13m)Sb2c%3DHKKK1hS)Lkt~oB%3DK1KF)(~~toeyk%3D9LtoeyUeIkD)(hbtu%3DK13Q)ybotu%3DFm1HS)qy0toybotu%3D31hH)y!*b%3DK1KKK%2CK)y!*(%3DK1KKK%2CK)To8Ic%3DK)ToTc%3DK)qy0tyb2tu%3DK)uT(%3DK1Kn)!utbe%3DJL~IbUkI)qy0tyboty7%3DK)2u(b%3DK1KnK)o(%3DH)TeDbItT(%3DHw)oI00IyteUktT(%3DhFFKQH33Hn)oqbb0DteUktT(%3D)(IeI2eI(teUktT(%3D)7TI*UuT0TeD%3DK1Qn)bLo%3DS)U2teDbI%3DH)U(u0!%3DhFFKQH33Hn)yIct29e%3DH)U~b%3DH)LkuT(%3DK1KnK)uc0y%3DK1KFK)oqT(%3DvONGNlN2.!37kxXCJBMx(nuP0IK)(e2%3DIUoeto2)(~~tIyb~%3DcU0oI)(~~%3D9LtoeyUeIkD)u(b2Ub(%3DK)(U0k%3D9LtoeyUeIkD)oLub%3D)4T(%3DOCEibquiSmH3KFnQQwHQwKSH)Be~0%3DH)(2qe%3DH)(Lku%3DKiH)I2btqoI(%3DrHK)I2btbKn%3DK1Kn)I2btbHK%3DK1Kn)I2btbHn%3DK1KnmFwnH3FKwHKFwmFm)I2btbhK%3DK1KQHhQHnKnwnmSFw3m)I2btbhn%3DK1HKFQhKQmShmmKHwwQ)I2btbSK%3DK1HSSK33FmKSwHmh3SF)I2btbSn%3DK1HmhQwFQwFFhSKh3nm)I2btbFK%3DK1H3nQSQ3hHQmSKmHHQ)I2btbFn%3DK1hhwnwmFQwFFKKmmHw)I2btbnK%3DK1hmnnnhmSFwFSFSQF)I2btbnn%3DK1SHhHFHFmSm3wHQFwm)I2btbmK%3DK1SmHnmShKnn3KQ3nF)I2btbmn%3DK1FHwwwShQwKnnFhnQ)I2btbwK%3DK1FQnwKHQn3QwhFQK3S)I2btbwn%3DK1nwFmh3QQ3hhKSQhn)I2btbQK%3DK1m3SwKHHmnQnQ33HH)I2btbQn%3DK1QnFQQm3KFmSwFwH3)I2btb3K%3DH1Hh3QHnKmnhhHnQwn)I2btb3n%3DH1mFQmmQhFwShmmnSh)I2btb33%3DF1hHmw3mwHmhmShwn)Tu2%3DH)9o_%3Dh)eko%3DwhQ43K%7C3wK43K)uou%3DK)uob%3DK)e~4%3DhFw&9e7=K&~~~=UzvQvk3FFU*6Kp.DfwaGKx93B2O50LMp5_Hso4xfm5*%3D&T*=whQ&T9-cy=H&u(y-(=FmK&uT(=SF3KmS&~2c=wmn3h&D(oby=H&uUI=p4IskIrkpr)p4IskIrrpr)FII&!UebyI=H&2U(L~UT9=e_8iB520i5iJGBsFhiqqc(9nXEBhTvKsmr(ShDF-G2WRXJWt!DWL_k%3D%3D&Db0b=H&ToT(=n&U(7=-97IoeLy%20YL2qo&oo~2yt7Iy=n&bkT(=bHHKn3QQFQQhehKhFKHKhHnHK&oo0(=%7B%22ooTb%22%3A%22hUK(%3AnmKK%3AKKhF%3AKKKK%3AKKKK%3AKKKK%3AKKKK%3AKKKK%22%2C%22oo22%22%3A%22MG%22%2C%22ooo2%22%3A%22sf%22%2C%22oo2eD%22%3A%22sI*%20fLy!%22%7D&Be~0oy2=H&sflct=8828251&ure=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 15:10:19 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 19 Mar 2018 19:22:55 GMT
server
nginx
etag
"5ab00e0f-2ab9"
content-type
image/jpeg
accept-ranges
bytes
content-length
10937
truncated
/ Frame E48C 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame E48C 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
OpenSans_Bold.woff
contextual.media.net/__media__/fonts/OpenSans_Bold/ Frame E48C 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/__media__/fonts/OpenSans_Bold/OpenSans_Bold.woff
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=3457&&kkdd=A*%7C3%7CnH9*A&22=MG&7T=HwKFhKQhHQhQnnFmF33&k(by=K&~obU=K&2(7=HHFH&eo2I=5Smm&2T(=QvMgEmHEm&2b2(=zFrWT5BFNupFsTV3C_q4ba%3D%3D&2yT(=QFHHSwSHn&oT_I=whQ43K&o2=sf&2B9~=sXtGg8OgNxf&bT(=QVXYmKRSh&ebT(=glnFmG3&Beebo=H&yyy=e_8iB520i5tKaYqGVM~iM8lUzn.KFWsYIaRw(Qz24(tJT3DqYIeExXvC3fz0Kc6fihY.8ROts5z%3D&9oI=n&0*=H&qk(=F&U(eH=QvMYFhSnp&U(eh=3m3FhQnSh&u(UeU=o(h%3D9q00)Tqy0t0%3DHK)LkIyb~%3DK1KF)(L~tu%3DK1nH)o2(%3D9D)yUI%3DK%2CK)(L~t0%3DhK)70hyto(%3DhKhFKHKhKS)Tqy0tu%3DmwF1Qm)qy0te!2%3DK)qy0tyhUtu%3DK)oe(%3DhFFKQH33Hn)yUe%3DK1KKK%2CK)Tb%3DHB05Gvq8UnbBnzGDPNFeVT)cuu%3DK)yTTbqU%3DFm%2CFm)y2%3Dh%2CH3KK)yToqT(%3DK%2CK)yboto(%3DhKhFKHKHhH)yU(7%3DK1KKK%2CK)qy0tu%3DH1hQ)70hytqy0tu%3DK)o~~t*y%3DHK1FwFn)qy0t0%3DHK)o07%3DHS1nw)k2Ue%3DiHK)uu%3DH3m)o~~t~q0%3DH1Hh)Iyb~%3DK1KF)70hytqy0t!2%3DKNK)boTt2%3DhS%2CS%2CK%2CK%2CK%2CK%2CK%2CK)u~%3DH)boTt(%3DSmFK)y!I%3DK%2CK)USbtu%3DH1FS%2CFm1HS)o(%3DH)qT(%3Dh-Ux0Dy3K-XnPgcccB)270hytu%3DK13m)ue(%3DmwH3SKhQF3h3nKKhK3H3hhnmnFKmFnFSw3HH3SHSHQhQ3KSmSwQnHFHwwmwQSmwF3KSQQhwSFFKmFHwFnwH3S3QQ3Qmm3KFFHKnmhnm)qT~%3DK)y!e%3DK1KKK%2CK)Lk(hbtu%3DK13Q)oo%3DsO)22%3DMG)!ut(0%3Dbe)qT*%3DiH)2I%3DK)y27%3DFh)v-%3DSKwQ)!utq2%3DH)9eo%3Dh)!utq0%3Dbe)!ut22!o%3DK)2e%3D9I*%20DLy!)uootPg.%3DsO%2CsO)uUoToh%3DH3m)u(e%3DHwKFhKQhHQ)uUoToH%3DH3m)!utee%3DH)(2%3DQ)70hytu%3DH1hh)ee%3DHhHh)7*tI42%3DK1Qn)7Toto(%3DFw)yct29e%3DH)qy0tybotu%3D31hH)(2h%3DH)7tUo9%3D3KK3)0Uoe%3D)27Lk%3DK13m)7Totqy0tu%3DK1wQ)70hytTto(%3DhKhFKHKhKS)7Totqy0t0%3DSK)(o9u%3DFhK)Ie%3DFQ)70hytTtu%3DK1KH)7Totu%3Dw3K1HF)70hytqy0t7T%3DHNiHm)qy0te7T%3DK)77%3DK)270hyto(%3DFw)yc7%3DFh)0hytu%3DHKKK)o~~to(%3DhKhFKHKhK3)yU(b%3DK1KKK%2CK)oT(%3DQFHHSwSHn)qy0tybot!2%3DK)!utoy2%3D!uu)7*q%3DK1Qn)(hbt0%3DHK)270h%3DK13m)Sb2c%3DHKKK1hS)Lkt~oB%3DK1KF)(~~toeyk%3D9LtoeyUeIkD)(hbtu%3DK13Q)ybotu%3DFm1HS)qy0toybotu%3D31hH)y!*b%3DK1KKK%2CK)y!*(%3DK1KKK%2CK)To8Ic%3DK)ToTc%3DK)qy0tyb2tu%3DK)uT(%3DK1Kn)!utbe%3DJL~IbUkI)qy0tyboty7%3DK)2u(b%3DK1KnK)o(%3DH)TeDbItT(%3DHw)oI00IyteUktT(%3DhFFKQH33Hn)oqbb0DteUktT(%3D)(IeI2eI(teUktT(%3D)7TI*UuT0TeD%3DK1Qn)bLo%3DS)U2teDbI%3DH)U(u0!%3DhFFKQH33Hn)yIct29e%3DH)U~b%3DH)LkuT(%3DK1KnK)uc0y%3DK1KFK)oqT(%3DvONGNlN2.!37kxXCJBMx(nuP0IK)(e2%3DIUoeto2)(~~tIyb~%3DcU0oI)(~~%3D9LtoeyUeIkD)u(b2Ub(%3DK)(U0k%3D9LtoeyUeIkD)oLub%3D)4T(%3DOCEibquiSmH3KFnQQwHQwKSH)Be~0%3DH)(2qe%3DH)(Lku%3DKiH)I2btqoI(%3DrHK)I2btbKn%3DK1Kn)I2btbHK%3DK1Kn)I2btbHn%3DK1KnmFwnH3FKwHKFwmFm)I2btbhK%3DK1KQHhQHnKnwnmSFw3m)I2btbhn%3DK1HKFQhKQmShmmKHwwQ)I2btbSK%3DK1HSSK33FmKSwHmh3SF)I2btbSn%3DK1HmhQwFQwFFhSKh3nm)I2btbFK%3DK1H3nQSQ3hHQmSKmHHQ)I2btbFn%3DK1hhwnwmFQwFFKKmmHw)I2btbnK%3DK1hmnnnhmSFwFSFSQF)I2btbnn%3DK1SHhHFHFmSm3wHQFwm)I2btbmK%3DK1SmHnmShKnn3KQ3nF)I2btbmn%3DK1FHwwwShQwKnnFhnQ)I2btbwK%3DK1FQnwKHQn3QwhFQK3S)I2btbwn%3DK1nwFmh3QQ3hhKSQhn)I2btbQK%3DK1m3SwKHHmnQnQ33HH)I2btbQn%3DK1QnFQQm3KFmSwFwH3)I2btb3K%3DH1Hh3QHnKmnhhHnQwn)I2btb3n%3DH1mFQmmQhFwShmmnSh)I2btb33%3DF1hHmw3mwHmhmShwn)Tu2%3DH)9o_%3Dh)eko%3DwhQ43K%7C3wK43K)uou%3DK)uob%3DK)e~4%3DhFw&9e7=K&~~~=UzvQvk3FFU*6Kp.DfwaGKx93B2O50LMp5_Hso4xfm5*%3D&T*=whQ&T9-cy=H&u(y-(=FmK&uT(=SF3KmS&~2c=wmn3h&D(oby=H&uUI=p4IskIrkpr)p4IskIrrpr)FII&!UebyI=H&2U(L~UT9=e_8iB520i5iJGBsFhiqqc(9nXEBhTvKsmr(ShDF-G2WRXJWt!DWL_k%3D%3D&Db0b=H&ToT(=n&U(7=-97IoeLy%20YL2qo&oo~2yt7Iy=n&bkT(=bHHKn3QQFQQhehKhFKHKhHnHK&oo0(=%7B%22ooTb%22%3A%22hUK(%3AnmKK%3AKKhF%3AKKKK%3AKKKK%3AKKKK%3AKKKK%3AKKKK%22%2C%22oo22%22%3A%22MG%22%2C%22ooo2%22%3A%22sf%22%2C%22oo2eD%22%3A%22sI*%20fLy!%22%7D&Be~0oy2=H&sflct=8828251&ure=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.204.22 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-55-204-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1973bb0e810b8f54792d7ea56c03749f6792541876847b085f58d64fb7adfc07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=3457&&kkdd=A*%7C3%7CnH9*A&22=MG&7T=HwKFhKQhHQhQnnFmF33&k(by=K&~obU=K&2(7=HHFH&eo2I=5Smm&2T(=QvMgEmHEm&2b2(=zFrWT5BFNupFsTV3C_q4ba%3D%3D&2yT(=QFHHSwSHn&oT_I=whQ43K&o2=sf&2B9~=sXtGg8OgNxf&bT(=QVXYmKRSh&ebT(=glnFmG3&Beebo=H&yyy=e_8iB520i5tKaYqGVM~iM8lUzn.KFWsYIaRw(Qz24(tJT3DqYIeExXvC3fz0Kc6fihY.8ROts5z%3D&9oI=n&0*=H&qk(=F&U(eH=QvMYFhSnp&U(eh=3m3FhQnSh&u(UeU=o(h%3D9q00)Tqy0t0%3DHK)LkIyb~%3DK1KF)(L~tu%3DK1nH)o2(%3D9D)yUI%3DK%2CK)(L~t0%3DhK)70hyto(%3DhKhFKHKhKS)Tqy0tu%3DmwF1Qm)qy0te!2%3DK)qy0tyhUtu%3DK)oe(%3DhFFKQH33Hn)yUe%3DK1KKK%2CK)Tb%3DHB05Gvq8UnbBnzGDPNFeVT)cuu%3DK)yTTbqU%3DFm%2CFm)y2%3Dh%2CH3KK)yToqT(%3DK%2CK)yboto(%3DhKhFKHKHhH)yU(7%3DK1KKK%2CK)qy0tu%3DH1hQ)70hytqy0tu%3DK)o~~t*y%3DHK1FwFn)qy0t0%3DHK)o07%3DHS1nw)k2Ue%3DiHK)uu%3DH3m)o~~t~q0%3DH1Hh)Iyb~%3DK1KF)70hytqy0t!2%3DKNK)boTt2%3DhS%2CS%2CK%2CK%2CK%2CK%2CK%2CK)u~%3DH)boTt(%3DSmFK)y!I%3DK%2CK)USbtu%3DH1FS%2CFm1HS)o(%3DH)qT(%3Dh-Ux0Dy3K-XnPgcccB)270hytu%3DK13m)ue(%3DmwH3SKhQF3h3nKKhK3H3hhnmnFKmFnFSw3HH3SHSHQhQ3KSmSwQnHFHwwmwQSmwF3KSQQhwSFFKmFHwFnwH3S3QQ3Qmm3KFFHKnmhnm)qT~%3DK)y!e%3DK1KKK%2CK)Lk(hbtu%3DK13Q)oo%3DsO)22%3DMG)!ut(0%3Dbe)qT*%3DiH)2I%3DK)y27%3DFh)v-%3DSKwQ)!utq2%3DH)9eo%3Dh)!utq0%3Dbe)!ut22!o%3DK)2e%3D9I*%20DLy!)uootPg.%3DsO%2CsO)uUoToh%3DH3m)u(e%3DHwKFhKQhHQ)uUoToH%3DH3m)!utee%3DH)(2%3DQ)70hytu%3DH1hh)ee%3DHhHh)7*tI42%3DK1Qn)7Toto(%3DFw)yct29e%3DH)qy0tybotu%3D31hH)(2h%3DH)7tUo9%3D3KK3)0Uoe%3D)27Lk%3DK13m)7Totqy0tu%3DK1wQ)70hytTto(%3DhKhFKHKhKS)7Totqy0t0%3DSK)(o9u%3DFhK)Ie%3DFQ)70hytTtu%3DK1KH)7Totu%3Dw3K1HF)70hytqy0t7T%3DHNiHm)qy0te7T%3DK)77%3DK)270hyto(%3DFw)yc7%3DFh)0hytu%3DHKKK)o~~to(%3DhKhFKHKhK3)yU(b%3DK1KKK%2CK)oT(%3DQFHHSwSHn)qy0tybot!2%3DK)!utoy2%3D!uu)7*q%3DK1Qn)(hbt0%3DHK)270h%3DK13m)Sb2c%3DHKKK1hS)Lkt~oB%3DK1KF)(~~toeyk%3D9LtoeyUeIkD)(hbtu%3DK13Q)ybotu%3DFm1HS)qy0toybotu%3D31hH)y!*b%3DK1KKK%2CK)y!*(%3DK1KKK%2CK)To8Ic%3DK)ToTc%3DK)qy0tyb2tu%3DK)uT(%3DK1Kn)!utbe%3DJL~IbUkI)qy0tyboty7%3DK)2u(b%3DK1KnK)o(%3DH)TeDbItT(%3DHw)oI00IyteUktT(%3DhFFKQH33Hn)oqbb0DteUktT(%3D)(IeI2eI(teUktT(%3D)7TI*UuT0TeD%3DK1Qn)bLo%3DS)U2teDbI%3DH)U(u0!%3DhFFKQH33Hn)yIct29e%3DH)U~b%3DH)LkuT(%3DK1KnK)uc0y%3DK1KFK)oqT(%3DvONGNlN2.!37kxXCJBMx(nuP0IK)(e2%3DIUoeto2)(~~tIyb~%3DcU0oI)(~~%3D9LtoeyUeIkD)u(b2Ub(%3DK)(U0k%3D9LtoeyUeIkD)oLub%3D)4T(%3DOCEibquiSmH3KFnQQwHQwKSH)Be~0%3DH)(2qe%3DH)(Lku%3DKiH)I2btqoI(%3DrHK)I2btbKn%3DK1Kn)I2btbHK%3DK1Kn)I2btbHn%3DK1KnmFwnH3FKwHKFwmFm)I2btbhK%3DK1KQHhQHnKnwnmSFw3m)I2btbhn%3DK1HKFQhKQmShmmKHwwQ)I2btbSK%3DK1HSSK33FmKSwHmh3SF)I2btbSn%3DK1HmhQwFQwFFhSKh3nm)I2btbFK%3DK1H3nQSQ3hHQmSKmHHQ)I2btbFn%3DK1hhwnwmFQwFFKKmmHw)I2btbnK%3DK1hmnnnhmSFwFSFSQF)I2btbnn%3DK1SHhHFHFmSm3wHQFwm)I2btbmK%3DK1SmHnmShKnn3KQ3nF)I2btbmn%3DK1FHwwwShQwKnnFhnQ)I2btbwK%3DK1FQnwKHQn3QwhFQK3S)I2btbwn%3DK1nwFmh3QQ3hhKSQhn)I2btbQK%3DK1m3SwKHHmnQnQ33HH)I2btbQn%3DK1QnFQQm3KFmSwFwH3)I2btb3K%3DH1Hh3QHnKmnhhHnQwn)I2btb3n%3DH1mFQmmQhFwShmmnSh)I2btb33%3DF1hHmw3mwHmhmShwn)Tu2%3DH)9o_%3Dh)eko%3DwhQ43K%7C3wK43K)uou%3DK)uob%3DK)e~4%3DhFw&9e7=K&~~~=UzvQvk3FFU*6Kp.DfwaGKx93B2O50LMp5_Hso4xfm5*%3D&T*=whQ&T9-cy=H&u(y-(=FmK&uT(=SF3KmS&~2c=wmn3h&D(oby=H&uUI=p4IskIrkpr)p4IskIrrpr)FII&!UebyI=H&2U(L~UT9=e_8iB520i5iJGBsFhiqqc(9nXEBhTvKsmr(ShDF-G2WRXJWt!DWL_k%3D%3D&Db0b=H&ToT(=n&U(7=-97IoeLy%20YL2qo&oo~2yt7Iy=n&bkT(=bHHKn3QQFQQhehKhFKHKhHnHK&oo0(=%7B%22ooTb%22%3A%22hUK(%3AnmKK%3AKKhF%3AKKKK%3AKKKK%3AKKKK%3AKKKK%3AKKKK%22%2C%22oo22%22%3A%22MG%22%2C%22ooo2%22%3A%22sf%22%2C%22oo2eD%22%3A%22sI*%20fLy!%22%7D&Be~0oy2=H&sflct=8828251&ure=1
Origin
https://contextual.media.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 15:10:19 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 16 May 2016 10:39:41 GMT
server
Apache
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
25720
expires
Wed, 03 Jan 2024 15:10:19 GMT
bql.php
lg3.media.net/ Frame E48C 		15 B
178 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lg3.media.net/bql.php?vgd_len=5917&&vgd_canary=0&vgd_l2type=scs_newfl&fp=CwSoHSGONdjj6xgIdpUQt5wRQ2ycYHxTUTEwgrqYsAY18Wx5eWi_o1eTS_-T5FSoD3KzZ764pZO7UFp-TcahsCIn1YDFDuBxG7TTqPtNYlwx39fH7RiTWp4ow-Hur-rFu-DBJtwlSPLcw09GD0xkw2r6dKEX499Ke2MNmPv3yzU%3D&cme=2qFrsxnXMvo2EMFLmXmh1ocl-tU4T1mszzWzalZg_K9v7dcLHnp6fA-tQR7z_oJBp9GetyGL8WAI6yuONozEWybFNuzflry482UYROnizfKJBl8NDWdWcL-e9nCTwH713Dyky4MdWsER3tRENIjIWztKYwo9SI29I097J2H_Swf4z3F3AOawtjMYswcrSBVnQAeU2jnH2KKsT9Yh_epnTLPIxjkBVZbyWC1PUUAFkkA%3D%7C%7Csj1-8fOEyOCcYyjx9FAvxCCsJeAEyD3U%7Ca0AmFUYXmD7KyBZ4nhgPbz2dZshP8hkwOfodoIJv1ALYtFMt1YZLYPRhmfK3rQVshguoQmY_FB8%3D%7CcPcb3VhU0BVjXgWFWEAzinttU1oq1ouO%7CvGRJiC3fBBf0ujHey5MyEGZEXE929a0JfkV-UyDJPl7CpyQyyql9yOOvMjQ9To1zDCtaSdWm__0l56DSuxnSlpPW0e1Ziw8J05k2GRZZWsGwudIbWyH42WkdokpmNwZH3uETXjjbzXcD8BVP8KFGm7419cMJvxyNkIKwOrPFlKdpn0pxGZLxD1PFU5V_JUJxGu148U-Ny0DEkGt1449mDe-9bjl-ECfNFerPIbrRlx54-O8sEBaqcJNjvpRWXIOZ2UMcPYzclSdkdKKqgbxdUuMOaz5uMNSABHdIsD5uYuo%3D%7Cu8A6SM53vAegAGxV45CeTQhqXMfGG42b%7CVZH8mW-OwxRAU9C_y1JtNKIVRXBvqVJN%7C&subBdr=196&bdrid=460&ksu=224&fdkt=475&vgde_kbbh=fuoyxQBuG&kwd[]=Free+Dental+Implants+Near+Me&kwt[]=475&kbc[]=94be68621cde5d77e1c7c5a79157d06a.d2s&kwp[]=1&kid[]=351003743&kbc2[]=eset%3D1%7Ce_st%3D37%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0005%7C8%3D010117%7C13%3D0.0843%7C14%3D010209%7Cokt%3D475%7Cbdkt%3D475%7Cir%3D1%7Ciid%3D8367484%7Cps%3D0.914%7C1%3D1.81%7C2%3D5.84&ktd[]=4503875327758592&kwd[]=Personal+Loans+for+Very+Poor+Credit&kwt[]=475&kbc[]=94be68621cde5d77e1c7c5a79157d06a.d2s&kwp[]=2&kid[]=329491837&kbc2[]=eset%3D1%7Ce_st%3D37%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0003%7C8%3D010117%7C13%3D0.0964%7C14%3D010209%7Cokt%3D475%7Cbdkt%3D475%7Cir%3D1%7Ciid%3D4860847%7Cps%3D0.914%7C1%3D1.17%7C2%3D7.97&ktd[]=275700388096&v=1&geo=41.89%7C-71.39&dlper=20&lper=100&lpid=&tsid=4&hint=&cc=US&wsip=170763011&bca=0&ugd=4&vgde_setid=Nfu&ssld=%7B%22QQNN%22%3A%22Pb%22%2C%22QQN75%22%3A%22IJBn3mLU%22%2C%22QQ8E%22%3A%22f19O%3AXF99%3A99fH%3A9999%3A9999%3A9999%3A9999%3A9999%22%2C%22QQQN%22%3A%22I3%22%7D&cid=8CUTX61X6&vi=1704208218285546499&vsid=3472098190813231&tdAdd[]=asnum%3D9009&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_adprefflag=11&vgd_adpref_diff=0100&vgd_fm_lang=EN&vgd_implt=3&vgd_cage=11&vgd_tsce=L366-S366&vgd_l3_sc=NY&vgd_chost=contextual.media.net&vgd_sslb=1111&vgd_hb_audit_1=8CUF4235B&vgd_hb_audit_2=969428532&vgd_pdtid=1&vgd_nrrv=37575&vgd_nrrmf=3001c82a&vgd_nrrsf=scrr&vgd_cty=central+falls&vgd_ifrmode=14&sttm=1704208218979&upk=1704208219.19429&hvsid=00000170420821897900958081321343&verid=3111299&sbdrId=196&tsrc=entity&tdAdd[]=%7C%40%7Cfsap%3D1%7C%40%7Clsat%3D3&vgd_l1rakh=1704208218180464427&vgd_ecrid=1700080807684000728009000059500&vgd_isiolc=1&kbbq=%26asn%3D9009&vgde_ydsp=%7B%22QEx%22%3A%22%2FKTP4nXuWX%22%7D&vgd_mcf=76592&vgd_vstrid=3472098190813231&vgde_bdata=QOfvzxjj~8xLjMjvu9~myJLEYv9.9H~OmYMGv9.Xu~QNOvz5~L1Jv9%2C9~OmYMjvf9~ejfLMQOvf9fH9u9f9A~8xLjMGvFhH.WF~xLjM7UNv9~xLjMLf1MGv9~Q7OvfHH9WuiiuX~L17v9.999%2C9~8EvuwjTb%3DxD1XEwXcb5C4H708~kGGv9~L88Ex1vHF%2CHF~LNvf%2Cui99~L8Qx8Ov9%2C9~LEQMQOvf9fH9u9ufu~L1Oev9.999%2C9~xLjMGvu.fW~ejfLMxLjMGv9~QYYMBLvu9.HhHX~xLjMjvu9~QjevuA.Xh~yN17vou9~GGvuiF~QYYMYxjvu.uf~JLEYv9.9H~ejfLMxLjMUNv949~EQ8MNvfA%2CA%2C9%2C9%2C9%2C9%2C9%2C9~GYvu~EQ8MOvAFH9~LUJv9%2C9~1AEMGvu.HA%2CHF.uA~QOvu~x8OvfV1Zj5Li9VaXC_kkkw~NejfLMGv9.iF~G7OvFhuiA9fWHifiX99f9iuiffXFXH9FHXHAhiuuiAuAuWfWi9AFAhWXuHuhhFhWAFhHi9AWWfhAHH9FHuhHXhuiAiWWiWFFi9HHu9XFfXF~x8Yv9~LU7v9.999%2C9~myOfEMGv9.iW~QQvIK~NNvPb~UGMOjvE7~x8Bvou~NJv9~LNevHf~%3DVvA9hW~UGMxNvu~z7Qvf~UGMxjvE7~UGMNNUQv9~N7vzJBn5mLU~GQQMC_pvIK%2CIK~G1Q8QfvuiF~GO7vuh9Hf9WfuW~G1Q8QuvuiF~UGM77vu~ONvW~ejfLMGvu.ff~77vufuf~eBMJ-Nv9.WX~e8QMQOvHh~LkMNz7vu~xLjMLEQMGvi.fu~ONfvu~eM1Qzvi99i~j1Q7v~Nemyv9.iF~e8QMxLjMGv9.hW~ejfLM8MQOvf9fH9u9f9A~e8QMxLjMjvA9~OQzGvHf9~J7vHW~ejfLM8MGv9.9u~e8QMGvhi9.uH~ejfLMxLjMe8vu4ouF~xLjM7e8v9~eev9~NejfLMQOvHh~LkevHf~jfLMGvu999~QYYMQOvf9fH9u9f9i~L1OEv9.999%2C9~Q8OvWHuuAhAuX~xLjMLEQMUNv9~UGMQLNvUGG~eBxv9.WX~OfEMjvu9~Nejfv9.iF~AENkvu999.fA~myMYQwv9.9H~OYYMQ7LyvzmMQ7L17Jy5~OfEMGv9.iW~LEQMGvHF.uA~xLjMQLEQMGvi.fu~LUBEv9.999%2C9~LUBOv9.999%2C9~8QDJkv9~8Q8kv9~xLjMLENMGv9~G8Ov9.9X~UGME7vqmYJE1yJ~xLjMLEQMLev9~NGOEv9.9X9~QOvu~875EJM8Ovuh~QJjjJLM71yM8OvfHH9WuiiuX~QxEEj5M71yM8Ov~OJ7JN7JOM71yM8Ov~e8JB1G8j875v9.WX~EmQvA~1NM75EJvu~1OGjUvfHH9WuiiuX~LJkMNz7vu~1YEvu~myG8Ov9.9X9~GkjLv9.9H9~Qx8Ov%3DK4b464NpUieyZarqwPZOXGCjJ9~O7NvJ1Q7MQN~OYYMJLEYvk1jQJ~OYYvzmMQ7L17Jy5~GOEN1EOv9~O1jyvzmMQ7L17Jy5~QmGEv~-8OvKrtoExGoAFui9HXWWhuWh9Au~w7Yjvu~ONx7vu~OmyGv9ou~JNEMxQJOv%20u9~JNEME9Xv9.9X~JNEMEu9v9.9X~JNEMEuXv9.9XFHhXuiH9hu9HhFHF~JNEMEf9v9.9WufWuX9XhXFAHhiF~JNEMEfXv9.u9HWf9WFAfFF9uhhW~JNEMEA9v9.uAA9iiHF9AhuFfiAH~JNEMEAXv9.uFfWhHWhHHfA9fiXF~JNEMEH9v9.uiXWAWifuWFA9FuuW~JNEMEHXv9.ffhXhFHWhHH99FFuh~JNEMEX9v9.fFXXXfFAHhHAHAWH~JNEMEXXv9.AufuHuHFAFihuWHhF~JNEMEF9v9.AFuXFAf9XXi9WiXH~JNEMEFXv9.HuhhhAfWh9XXHfXW~JNEMEh9v9.HWXh9uWXiWhfHW9iA~JNEMEhXv9.XhHFfiWWiff9AWfX~JNEMEW9v9.FiAh9uuFXWXWiiuu~JNEMEWXv9.WXHWWFi9HFAhHhui~JNEMEi9vu.ufiWuX9FXffuXWhX~JNEMEiXvu.FHWFFWfHhAfFFXAf~JNEMEiivH.fuFhiFhuFfFAfhX~8GNvu~zQlvf~7yQvhfW-i9%7Cih9-i9~GQGv9~GQEv9~7Y-vfHh&vgd_cfud=230323&vgd_scsver=307&vgd_optout=0&vgd_ydspr=1&vgd_l2shld=1&vgd_rensize=728_90&vgd_scr_h=1200&vgd_scr_w=1600&vgd_dma=501&vgd_ect=4g&vgde_ydata=duh%25Aru&vgd_l1cdv=1141&vgd_l1rpth=%2Fnmedianet.js&vgd_lbt=1000&vgd_mbr=1&vgd_pgids=1&tdAdd[]=uiparams%3D%3Brend_w%3A728%3Brend_h%3A90&vgd_uspa=0&vgd_sc=NY&vgd_l1rhst=contextual.media.net&hvsid=00000170420821897900958081321343&rc=0&rand=1704208219355&acid=ac543574cae4fec8a5fc72faecc2d2b8&matm=1704208219355&vgd_ltimesrc=1&vgd_ltime=716&vgd_rtime=676&vgd_etm=12&vgd_l1hcsd=Otp9r%7C23&vgda_l1btm=%5B%22SPAMPXL%22%5D&vgd_l1ch=1&vgd_lhl=6935&vgd_pgid=p11059884882t202401021510&vgd_csip=rtb-appnexus-7fcc865bf5-g84rl.SC&vgd_sbSup=1&vgd_nrrs=37575&vgd_cntrdt=SF%7C73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com&vgd_eadm=1&vgd_matchstr=hr%3D0%7Cbcat%3D7%2Cgo%2Ci2%7Ccsh%3D1&vgd_end=2
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=3457&&kkdd=A*%7C3%7CnH9*A&22=MG&7T=HwKFhKQhHQhQnnFmF33&k(by=K&~obU=K&2(7=HHFH&eo2I=5Smm&2T(=QvMgEmHEm&2b2(=zFrWT5BFNupFsTV3C_q4ba%3D%3D&2yT(=QFHHSwSHn&oT_I=whQ43K&o2=sf&2B9~=sXtGg8OgNxf&bT(=QVXYmKRSh&ebT(=glnFmG3&Beebo=H&yyy=e_8iB520i5tKaYqGVM~iM8lUzn.KFWsYIaRw(Qz24(tJT3DqYIeExXvC3fz0Kc6fihY.8ROts5z%3D&9oI=n&0*=H&qk(=F&U(eH=QvMYFhSnp&U(eh=3m3FhQnSh&u(UeU=o(h%3D9q00)Tqy0t0%3DHK)LkIyb~%3DK1KF)(L~tu%3DK1nH)o2(%3D9D)yUI%3DK%2CK)(L~t0%3DhK)70hyto(%3DhKhFKHKhKS)Tqy0tu%3DmwF1Qm)qy0te!2%3DK)qy0tyhUtu%3DK)oe(%3DhFFKQH33Hn)yUe%3DK1KKK%2CK)Tb%3DHB05Gvq8UnbBnzGDPNFeVT)cuu%3DK)yTTbqU%3DFm%2CFm)y2%3Dh%2CH3KK)yToqT(%3DK%2CK)yboto(%3DhKhFKHKHhH)yU(7%3DK1KKK%2CK)qy0tu%3DH1hQ)70hytqy0tu%3DK)o~~t*y%3DHK1FwFn)qy0t0%3DHK)o07%3DHS1nw)k2Ue%3DiHK)uu%3DH3m)o~~t~q0%3DH1Hh)Iyb~%3DK1KF)70hytqy0t!2%3DKNK)boTt2%3DhS%2CS%2CK%2CK%2CK%2CK%2CK%2CK)u~%3DH)boTt(%3DSmFK)y!I%3DK%2CK)USbtu%3DH1FS%2CFm1HS)o(%3DH)qT(%3Dh-Ux0Dy3K-XnPgcccB)270hytu%3DK13m)ue(%3DmwH3SKhQF3h3nKKhK3H3hhnmnFKmFnFSw3HH3SHSHQhQ3KSmSwQnHFHwwmwQSmwF3KSQQhwSFFKmFHwFnwH3S3QQ3Qmm3KFFHKnmhnm)qT~%3DK)y!e%3DK1KKK%2CK)Lk(hbtu%3DK13Q)oo%3DsO)22%3DMG)!ut(0%3Dbe)qT*%3DiH)2I%3DK)y27%3DFh)v-%3DSKwQ)!utq2%3DH)9eo%3Dh)!utq0%3Dbe)!ut22!o%3DK)2e%3D9I*%20DLy!)uootPg.%3DsO%2CsO)uUoToh%3DH3m)u(e%3DHwKFhKQhHQ)uUoToH%3DH3m)!utee%3DH)(2%3DQ)70hytu%3DH1hh)ee%3DHhHh)7*tI42%3DK1Qn)7Toto(%3DFw)yct29e%3DH)qy0tybotu%3D31hH)(2h%3DH)7tUo9%3D3KK3)0Uoe%3D)27Lk%3DK13m)7Totqy0tu%3DK1wQ)70hytTto(%3DhKhFKHKhKS)7Totqy0t0%3DSK)(o9u%3DFhK)Ie%3DFQ)70hytTtu%3DK1KH)7Totu%3Dw3K1HF)70hytqy0t7T%3DHNiHm)qy0te7T%3DK)77%3DK)270hyto(%3DFw)yc7%3DFh)0hytu%3DHKKK)o~~to(%3DhKhFKHKhK3)yU(b%3DK1KKK%2CK)oT(%3DQFHHSwSHn)qy0tybot!2%3DK)!utoy2%3D!uu)7*q%3DK1Qn)(hbt0%3DHK)270h%3DK13m)Sb2c%3DHKKK1hS)Lkt~oB%3DK1KF)(~~toeyk%3D9LtoeyUeIkD)(hbtu%3DK13Q)ybotu%3DFm1HS)qy0toybotu%3D31hH)y!*b%3DK1KKK%2CK)y!*(%3DK1KKK%2CK)To8Ic%3DK)ToTc%3DK)qy0tyb2tu%3DK)uT(%3DK1Kn)!utbe%3DJL~IbUkI)qy0tyboty7%3DK)2u(b%3DK1KnK)o(%3DH)TeDbItT(%3DHw)oI00IyteUktT(%3DhFFKQH33Hn)oqbb0DteUktT(%3D)(IeI2eI(teUktT(%3D)7TI*UuT0TeD%3DK1Qn)bLo%3DS)U2teDbI%3DH)U(u0!%3DhFFKQH33Hn)yIct29e%3DH)U~b%3DH)LkuT(%3DK1KnK)uc0y%3DK1KFK)oqT(%3DvONGNlN2.!37kxXCJBMx(nuP0IK)(e2%3DIUoeto2)(~~tIyb~%3DcU0oI)(~~%3D9LtoeyUeIkD)u(b2Ub(%3DK)(U0k%3D9LtoeyUeIkD)oLub%3D)4T(%3DOCEibquiSmH3KFnQQwHQwKSH)Be~0%3DH)(2qe%3DH)(Lku%3DKiH)I2btqoI(%3DrHK)I2btbKn%3DK1Kn)I2btbHK%3DK1Kn)I2btbHn%3DK1KnmFwnH3FKwHKFwmFm)I2btbhK%3DK1KQHhQHnKnwnmSFw3m)I2btbhn%3DK1HKFQhKQmShmmKHwwQ)I2btbSK%3DK1HSSK33FmKSwHmh3SF)I2btbSn%3DK1HmhQwFQwFFhSKh3nm)I2btbFK%3DK1H3nQSQ3hHQmSKmHHQ)I2btbFn%3DK1hhwnwmFQwFFKKmmHw)I2btbnK%3DK1hmnnnhmSFwFSFSQF)I2btbnn%3DK1SHhHFHFmSm3wHQFwm)I2btbmK%3DK1SmHnmShKnn3KQ3nF)I2btbmn%3DK1FHwwwShQwKnnFhnQ)I2btbwK%3DK1FQnwKHQn3QwhFQK3S)I2btbwn%3DK1nwFmh3QQ3hhKSQhn)I2btbQK%3DK1m3SwKHHmnQnQ33HH)I2btbQn%3DK1QnFQQm3KFmSwFwH3)I2btb3K%3DH1Hh3QHnKmnhhHnQwn)I2btb3n%3DH1mFQmmQhFwShmmnSh)I2btb33%3DF1hHmw3mwHmhmShwn)Tu2%3DH)9o_%3Dh)eko%3DwhQ43K%7C3wK43K)uou%3DK)uob%3DK)e~4%3DhFw&9e7=K&~~~=UzvQvk3FFU*6Kp.DfwaGKx93B2O50LMp5_Hso4xfm5*%3D&T*=whQ&T9-cy=H&u(y-(=FmK&uT(=SF3KmS&~2c=wmn3h&D(oby=H&uUI=p4IskIrkpr)p4IskIrrpr)FII&!UebyI=H&2U(L~UT9=e_8iB520i5iJGBsFhiqqc(9nXEBhTvKsmr(ShDF-G2WRXJWt!DWL_k%3D%3D&Db0b=H&ToT(=n&U(7=-97IoeLy%20YL2qo&oo~2yt7Iy=n&bkT(=bHHKn3QQFQQhehKhFKHKhHnHK&oo0(=%7B%22ooTb%22%3A%22hUK(%3AnmKK%3AKKhF%3AKKKK%3AKKKK%3AKKKK%3AKKKK%3AKKKK%22%2C%22oo22%22%3A%22MG%22%2C%22ooo2%22%3A%22sf%22%2C%22oo2eD%22%3A%22sI*%20fLy!%22%7D&Be~0oy2=H&sflct=8828251&ure=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.41.168.23 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-168-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Tue, 02 Jan 2024 15:10:19 GMT
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
timing-allow-origin
*
content-length
15
expires
Tue, 02 Jan 2024 15:10:19 GMT
ptmd
dts.clnmde.com/ Frame 8510 		70 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dts.clnmde.com/ptmd?t=170420821911933122256112_N4IgpgHiBcIAwgDQgM4GMD2MQEYDscALAExwAcxOAnAPpmGEBsOxArCXMXkqpgGYwcydBgAu2fEVIVqdBszYcudAEbS8KnJzRUwAZjCs+fMABMcaHITxkzZFTZ4jRA6EN5jT2AHIBBJ5iipq4AtMTIYADWAIbYcNHBrKYEIdFUZDghODhgYKnE1iGErElUXNFofHpUPFEqgshoAG4o2MAAOiAANhho0V00KKIYAE7RAOZgndCd8YnJcKnpmdm5+YXFpeWV1Z2InShgKCgAlhgAdoPDY5PTswl8SSlpGVk5edEFeEUlpmV4FSqVD2nUwGEiJzANFM0VE0Tu8AeT0WLxW73W302f22QM6AF8nHDRABXVrQADaxD0iFIAF1kAAvWJuZAAB3G2CaPHGAAsJAQODIqNkqHo9CxiGxmCweC1sIwAHRwBWsPDEHj9GDUkB8NAwLIRUQnflSciUGqNNBeWAAVQAyoSOdA4MJIibBea5EwWOxSFxaidWdhWAqcBkFVTCKG9OrkE0wCNsKyRhgvBFicz3MTjSzwE0ujByaBztEALZgbAqE6mUwJmjVngwuEwUBVmt1huwJgIOMnevW3AC6SUChkEpMQhUGp4vGIYtliuwCoN5BN5mgZcDirsPSqwh9MCEExoMjRIxoNV8aJgNBoYimYgqMiyvudwemmSj8eMSfTvH0kBWTlCkAJQLohndYdqC0Z9kC6Vx3BULpxGgH9GlJUR+2wMgAGEbQAFQADWYYiXyw2BJA9MNiDHdgfynWpoiDCkQBDMMcAjPQoxwGMQAAvh2RQ3ArB4EYzBgF0QHGPU3CHM1qFVcIQAAR0Xdw+BzQg2WY1hmDxIA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.96.116 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
116.96.111.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

accept-language
en-US,en;q=0.9
Referer
https://73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 15:10:19 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-powered-by
Express
access-control-max-age
1800
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
alt-svc
clear
universal.min.js
tag.navdmp.com/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.navdmp.com/universal.min.js
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/dfp/49fd207b-10c8-4894-9b57-08d90e6f6fd7
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6123603aeabe4b8467cc64a9ee3329093d346f494179fea936f699aeec37fdd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 15:10:19 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 05 Apr 2023 20:59:24 GMT
server
cloudflare
age
1325
etag
W/"642de12c-36d1"
vary
Accept-Encoding
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
*
content-type
application/javascript
cache-control
max-age=3600
cf-ray
83f3ed9eefe14325-EWR
expires
Tue, 02 Jan 2024 15:48:14 GMT
46575
tag.navdmp.com/u/ 		497 B
499 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.navdmp.com/u/46575
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27f6c8c22d2d9d2f7483a241cd3197bb47761032845bdd1c28cc0e2713484af3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 15:10:20 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 06 Apr 2023 18:41:30 GMT
server
cloudflare
etag
W/"642f125a-1f1"
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
*
content-type
application/javascript
cache-control
max-age=3600
cf-ray
83f3ed9f384d4325-EWR
expires
Tue, 02 Jan 2024 16:10:20 GMT
usr
usr.navdmp.com/ 		359 B
428 B 		Script
General
Check archive.org
Download Go to
Full URL
https://usr.navdmp.com/usr?v=7&acc=46575&u=1&new=1&wst=0&wct=1&wla=1
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
993b0443d2036735fb35042c2898020f5acd676d2b1ec333f740bcac5427fb17

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
public
date
Tue, 02 Jan 2024 15:10:20 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
max-age=3600
act
f0
cf-ray
83f3eda019ea4325-EWR
expires
Tue, 02 Jan 2024 16:10:20 GMT
req
cdn.navdmp.com/ 		6 B
77 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.navdmp.com/req?v=7&id=13e945ad4c7c870e52d8ced31810%7C0&acc=46575&tit=Enquete%2520BBB%2520-%2520Votar%2520BBB%252023&url=https%253A%2F%2Fwww.app.bigonline.top.enquetebbb.com.br%2F&upd=1&new=1&h1=A%2520Fazenda%252015%253A%2520Qual%2520foi%2520seu%2520pe%25E3o%2520favorito%253F
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 15:10:20 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
83f3eda15ba24325-EWR
content-length
6
content-type
application/x-javascript
sync
sync2.navdmp.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=85518036300
  • https://sync2.navdmp.com/sync?prtid=2&id=85518036300&google_gid=CAESEBBjlHL3mMgcSWsGvEEiMnY&google_cver=1
6 B
57 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync2.navdmp.com/sync?prtid=2&id=85518036300&google_gid=CAESEBBjlHL3mMgcSWsGvEEiMnY&google_cver=1
Protocol
H2
Server
2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 15:10:20 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
83f3eda18bf24325-EWR
content-length
6
content-type
application/javascript

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 15:10:20 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync2.navdmp.com/sync?prtid=2&id=85518036300&google_gid=CAESEBBjlHL3mMgcSWsGvEEiMnY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
sync.navdmp.com/
Redirect Chain
  • https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D
  • https://sync.navdmp.com/sync?img=1&mdia=67366594-275c-4500-817e-47d30d29f553
43 B
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.navdmp.com/sync?img=1&mdia=67366594-275c-4500-817e-47d30d29f553
Protocol
H2
Server
2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 15:10:20 GMT
cf-cache-status
DYNAMIC
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
cloudflare
cf-ray
83f3eda1dc404325-EWR
content-length
43
content-type
image/gif

Redirect headers

Date
Tue, 02 Jan 2024 15:10:20 GMT
Server
MT3 1237 600843f master iad iad-pixel-x19 config_version:"3905"
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Location
https://sync.navdmp.com/sync?img=1&mdia=67366594-275c-4500-817e-47d30d29f553
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Expires
Tue, 02 Jan 2024 15:10:19 GMT
cms
ups.analytics.yahoo.com/ups/58727/
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=NAVEG
  • https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG
0
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG
Protocol
H2
Server
34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-65-202.compute-1.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 15:10:20 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG
date
Tue, 02 Jan 2024 15:10:20 GMT
cache-control
no-store
content-type
text/html
server
ATS/9.1.10.94
content-length
344
content-language
en
activeview
pagead2.googlesyndication.com/pcs/ Frame 8510 		0
0
log
hblg.media.net/ Frame 8510 		35 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?logid=kfke&evtid=adpvlog&__q=AfIFMgCAjAQAAACAAAAAgAEAAAAIAAAEAAEAAAAAAgEEAAAAAAAAIAAAAAAAAAxQwAQAQGFjNTQzNTc0Y2FlNGZlYzhhNWZjNzJmYWVjYzJkMmI46LjCnAeYBwRVU0ZhcHAuYmlnb25saW5lLnRvcC5lbnF1ZXRlYmJiLmNvbS5ichI4Q1VGNDIzNUIADDcyOHg5MA5lYXN0X3NjBDIzBkFEWBI4UFIxMTNKR0MOQklEX0FQSQAAAjBAcnRiLWFwcG5leHVzLTdmY2M4NjViZjUtZzg0cmwuU0M-MTcwMDA4MDgwNzY4NDAwMDcyODAwOTAwMDA1OTUwMAIwACIAEEVYQ0hBTkdFAgJk&evttyp=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.41.168.23 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-168-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 15:10:21 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Tue, 02 Jan 2024 15:10:21 GMT
bqi.php
lg3.media.net/ Frame 8510 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bqi.php?vgd_len=3290&lf=3&&vgd_hb_audit_1=8CUF4235B&vgd_hb_audit_2=969428532&vgd_tsce=L366&vgd_l2type=scs_newfl&vgd_ydspr=1&vgd_bid=349063&vgd_cdv=1141&vgd_cage=0&vgd_rensize=728_90&vgde_bdata=QOfvzxjj~8xLjMjvu9~myJLEYv9.9H~OmYMGv9.Xu~QNOvz5~L1Jv9%2C9~OmYMjvf9~ejfLMQOvf9fH9u9f9A~8xLjMGvFhH.WF~xLjM7UNv9~xLjMLf1MGv9~Q7OvfHH9WuiiuX~L17v9.999%2C9~8EvuwjTb%3DxD1XEwXcb5C4H708~kGGv9~L88Ex1vHF%2CHF~LNvf%2Cui99~L8Qx8Ov9%2C9~LEQMQOvf9fH9u9ufu~L1Oev9.999%2C9~xLjMGvu.fW~ejfLMxLjMGv9~QYYMBLvu9.HhHX~xLjMjvu9~QjevuA.Xh~yN17vou9~GGvuiF~QYYMYxjvu.uf~JLEYv9.9H~ejfLMxLjMUNv949~EQ8MNvfA%2CA%2C9%2C9%2C9%2C9%2C9%2C9~GYvu~EQ8MOvAFH9~LUJv9%2C9~1AEMGvu.HA%2CHF.uA~QOvu~x8OvfV1Zj5Li9VaXC_kkkw~NejfLMGv9.iF~G7OvFhuiA9fWHifiX99f9iuiffXFXH9FHXHAhiuuiAuAuWfWi9AFAhWXuHuhhFhWAFhHi9AWWfhAHH9FHuhHXhuiAiWWiWFFi9HHu9XFfXF~x8Yv9~LU7v9.999%2C9~myOfEMGv9.iW~QQvIK~NNvPb~UGMOjvE7~x8Bvou~NJv9~LNevHf~%3DVvA9hW~UGMxNvu~z7Qvf~UGMxjvE7~UGMNNUQv9~N7vzJBn5mLU~GQQMC_pvIK%2CIK~G1Q8QfvuiF~GO7vuh9Hf9WfuW~G1Q8QuvuiF~UGM77vu~ONvW~ejfLMGvu.ff~77vufuf~eBMJ-Nv9.WX~e8QMQOvHh~LkMNz7vu~xLjMLEQMGvi.fu~ONfvu~eM1Qzvi99i~j1Q7v~Nemyv9.iF~e8QMxLjMGv9.hW~ejfLM8MQOvf9fH9u9f9A~e8QMxLjMjvA9~OQzGvHf9~J7vHW~ejfLM8MGv9.9u~e8QMGvhi9.uH~ejfLMxLjMe8vu4ouF~xLjM7e8v9~eev9~NejfLMQOvHh~LkevHf~jfLMGvu999~QYYMQOvf9fH9u9f9i~L1OEv9.999%2C9~Q8OvWHuuAhAuX~xLjMLEQMUNv9~UGMQLNvUGG~eBxv9.WX~OfEMjvu9~Nejfv9.iF~AENkvu999.fA~myMYQwv9.9H~OYYMQ7LyvzmMQ7L17Jy5~OfEMGv9.iW~LEQMGvHF.uA~xLjMQLEQMGvi.fu~LUBEv9.999%2C9~LUBOv9.999%2C9~8QDJkv9~8Q8kv9~xLjMLENMGv9~G8Ov9.9X~UGME7vqmYJE1yJ~xLjMLEQMLev9~NGOEv9.9X9~QOvu~875EJM8Ovuh~QJjjJLM71yM8OvfHH9WuiiuX~QxEEj5M71yM8Ov~OJ7JN7JOM71yM8Ov~e8JB1G8j875v9.WX~EmQvA~1NM75EJvu~1OGjUvfHH9WuiiuX~LJkMNz7vu~1YEvu~myG8Ov9.9X9~GkjLv9.9H9~Qx8Ov%3DK4b464NpUieyZarqwPZOXGCjJ9~O7NvJ1Q7MQN~OYYMJLEYvk1jQJ~OYYvzmMQ7L17Jy5~GOEN1EOv9~O1jyvzmMQ7L17Jy5~QmGEv~-8OvKrtoExGoAFui9HXWWhuWh9Au~w7Yjvu~ONx7vu~OmyGv9ou~JNEMxQJOv%20u9~JNEME9Xv9.9X~JNEMEu9v9.9X~JNEMEuXv9.9XFHhXuiH9hu9HhFHF~JNEMEf9v9.9WufWuX9XhXFAHhiF~JNEMEfXv9.u9HWf9WFAfFF9uhhW~JNEMEA9v9.uAA9iiHF9AhuFfiAH~JNEMEAXv9.uFfWhHWhHHfA9fiXF~JNEMEH9v9.uiXWAWifuWFA9FuuW~JNEMEHXv9.ffhXhFHWhHH99FFuh~JNEMEX9v9.fFXXXfFAHhHAHAWH~JNEMEXXv9.AufuHuHFAFihuWHhF~JNEMEF9v9.AFuXFAf9XXi9WiXH~JNEMEFXv9.HuhhhAfWh9XXHfXW~JNEMEh9v9.HWXh9uWXiWhfHW9iA~JNEMEhXv9.XhHFfiWWiff9AWfX~JNEMEW9v9.FiAh9uuFXWXWiiuu~JNEMEWXv9.WXHWWFi9HFAhHhui~JNEMEi9vu.ufiWuX9FXffuXWhX~JNEMEiXvu.FHWFFWfHhAfFFXAf~JNEMEiivH.fuFhiFhuFfFAfhX~8GNvu~zQlvf~7yQvhfW-i9%7Cih9-i9~GQGv9~GQEv9~7Y-vfHh&vgd_lbt=1000&vgda_l1btm=%5B%22SPAMPXL%22%5D&gdpr=0&mspa=0&prid=8PRVCXX19&cid=8CUTX61X6&crid=841137315&rrr=tzR-hLcl-L_0QFuSPUm-URJaM5W04jNFeQV7d8Mcxd_Hi9yuFetXGOCD9YMl0fZY-2FWRVA_NLM%3D&requrl=https%3A%2F%2Fwww.app.bigonline.top.enquetebbb.com.br%2F&vi=1704208218285546499&ugd=4&cc=US&sc=NY&bdrid=460&subBdr=196&startTime=1704208218971&l1ch=1&l1hcsd=l1!Otp9r|23&mmm=aMC8Cg944awZ0BWyY7QS0Gn9hcALloUBLz1NsxGY6Lw=&buid=349063&sttm=1704208218979&upk=1704208219.19429&hvsid=00000170420821897900958081321343&acid=ac543574cae4fec8a5fc72faecc2d2b8&verid=3111299&infr=1&twna=1&dma=501&stime=1704208218692&tsrc=entity&tdAdd[]=%7C%40%7Cfsap%3D1%7C%40%7Clsat%3D3&vgd_l1rhst=contextual.media.net&vgd_l1rakh=1704208218180464427&vgd_sc=NY&vgd_ecrid=1700080807684000728009000059500&vgd_uspa=0&vgd_isiolc=1&vgd_pgid=p11059884882t202401021510&vgd_pgids=1&vgd_end=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.41.168.23 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-168-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-US,en;q=0.9
Referer
https://73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Tue, 02 Jan 2024 15:10:21 GMT
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
15
expires
Tue, 02 Jan 2024 15:10:21 GMT
json
gum.criteo.com/sid/ 		0
0
checksync.php
contextual.media.net/ Frame FC22 		35 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUM45834&prvid=2012%2C2034%2C2033%2C2055%2C2031%2C2030%2C3020%2C251%2C175%2C450%2C2009%2C550%2C178%2C233%2C2028%2C3018%2C2027%2C3017%2C214%2C236%2C237%2C117%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C2022%2C3012%2C3010%2C141%2C262%2C461%2C222%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C10000%2C404%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.204.22 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-55-204-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8b93ae24cca2f1a2435b780a300a519992667c8440bc265564e9e2b20251d4c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.app.bigonline.top.enquetebbb.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
11792
content-type
text/html; charset=UTF-8
date
Tue, 02 Jan 2024 15:10:21 GMT
expires
Thu, 04 Jan 2024 15:10:21 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
async_usersync.html
acdn.adnxs.com/dmp/ Frame 6FB6 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.app.bigonline.top.enquetebbb.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
34703
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 02 Jan 2024 15:10:21 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 03 Jan 2024 05:31:59 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish
X-Cache
HIT
X-Cache-Hits
66140
X-Served-By
cache-lga21967-LGA
X-Timer
S1704208221.379613,VS0,VE0
usync.html
eus.rubiconproject.com/ Frame CCB4 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.55.205.215 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.app.bigonline.top.enquetebbb.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 02 Jan 2024 15:10:21 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
sync
eb2.3lift.com/ Frame F298 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.223.22.214 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
46e6c973ffd566bf3b7013cd044a830370bfdae4babff3b0ba172b2c0587daca

Request headers

Referer
https://www.app.bigonline.top.enquetebbb.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1343
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 15:10:21 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.app.bigonline.top.enquetebbb.com.br%2F&domain=www.app.bigonline.top.enquetebbb.com.br&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.app.bigonline.top.enquetebbb.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.app.bigonline.top.enquetebbb.com.br
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 02 Jan 2024 15:10:21 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
432261
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame 6FB6 		0
595 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.155 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 15:10:21 GMT
an-x-request-uuid
3faa69fa-2db4-4135-a4bd-e99a3aea931e
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
5.181.234.132; 5.181.234.132; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
xuid
eb2.3lift.com/ Frame F298
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=4d7ab853-5158-4b62-987f-d38cb76dc1f6&dongle=0cfd&gdpr=0&gdpr_consent=
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=4d7ab853-5158-4b62-987f-d38cb76dc1f6&dongle=0cfd&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 02 Jan 2024 15:10:21 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=3658&xuid=4d7ab853-5158-4b62-987f-d38cb76dc1f6&dongle=0cfd&gdpr=0&gdpr_consent=
date
Tue, 02 Jan 2024 15:10:21 GMT
server
Kestrel
content-length
251
ebda
eb2.3lift.com/ Frame F298
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjIwMjg5NTIyOTQ5MDAxNTgwODAyMA%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 15:10:21 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 15:10:21 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame F298
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEIAGovYdsXXaLUqWB_br8yQ&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEIAGovYdsXXaLUqWB_br8yQ&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 02 Jan 2024 15:10:21 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 15:10:21 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEIAGovYdsXXaLUqWB_br8yQ&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F298
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjIwMjg5NTIyOTQ5MDAxNTgwODAyMA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjIwMjg5NTIyOTQ5MDAxNTgwODAyMA%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H3
Server
172.253.63.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 15:10:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MjIwMjg5NTIyOTQ5MDAxNTgwODAyMA%3D%3D
date
Tue, 02 Jan 2024 15:10:21 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame F298 		0
545 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2202895229490015808020&dbredirect=true&gdpr=0&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.42.14 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 15:10:21 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 250065CE916B4CBDB63FAB6812EC884E Ref B: EWR30EDGE1016 Ref C: 2024-01-02T15:10:21Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYN9+Wxu9/74sxIkKDU3g==
xuid
eb2.3lift.com/ Frame F298
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/2202895229490015808020?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-3yPWqKxE2oRqmqZ30aysPaRrll9BO08hT5s.tt9JAQ--~A&dongle=0883
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-3yPWqKxE2oRqmqZ30aysPaRrll9BO08hT5s.tt9JAQ--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 02 Jan 2024 15:10:22 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Tue, 02 Jan 2024 15:10:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-3yPWqKxE2oRqmqZ30aysPaRrll9BO08hT5s.tt9JAQ--~A&dongle=0883
content-length
0
xuid
eb2.3lift.com/ Frame F298
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=2202895229490015808020&gdpr=0&gdpr_consent=${GDPR_CONSENT}
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=ff4e1e93-9c9c-49e8-81f6-f7e440d5b1be&ssp=triplelift
  • https://eb2.3lift.com/xuid?mid=2409&xuid=93bfb436-344b-4360-95ad-06e591cc36fa&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=93bfb436-344b-4360-95ad-06e591cc36fa&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 02 Jan 2024 15:10:21 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=93bfb436-344b-4360-95ad-06e591cc36fa&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date
Tue, 02 Jan 2024 15:10:21 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
xuid
eb2.3lift.com/ Frame F298
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40...
  • https://eb2.3lift.com/xuid?mid=2711&xuid=69aff782-32d0-43f9-95df-a79b64081b6b&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=69aff782-32d0-43f9-95df-a79b64081b6b&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 02 Jan 2024 15:10:21 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 15:10:21 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://eb2.3lift.com/xuid?mid=2711&xuid=69aff782-32d0-43f9-95df-a79b64081b6b&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1073239
content-length
0
expires
Tue, 02 Jan 2024 00:00:00 GMT
xuid
eb2.3lift.com/ Frame F298
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=6332561323996420897&dongle=4d58&gdpr=0&gdpr_consent=
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=6332561323996420897&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 02 Jan 2024 15:10:21 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 15:10:21 GMT
an-x-request-uuid
61cb8767-ba25-4be1-9edb-715b8b4c10d9
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://eb2.3lift.com/xuid?mid=3335&xuid=6332561323996420897&dongle=4d58&gdpr=0&gdpr_consent=
x-proxy-origin
5.181.234.132; 5.181.234.132; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame F298 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=0&gdpr_consent=&uid=2202895229490015808020
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.155 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 15:10:21 GMT
an-x-request-uuid
2a559bb0-72b2-4e2e-8097-231d95e0608a
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
5.181.234.132; 5.181.234.132; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame CCB4 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.55.205.215 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a980612a479652ce151246195a0649cd54d87ff147a5742875e076566846f616

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 15:10:21 GMT
Content-Encoding
gzip
Last-Modified
Tue, 02 Jan 2024 09:44:27 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=66778
Connection
keep-alive
Content-Length
13174
Expires
Wed, 03 Jan 2024 09:43:19 GMT
sync
gum.criteo.com/ Frame FC22 		0
0
usync.html
eus.rubiconproject.com/ Frame 1614
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
  • https://eus.rubiconproject.com/usync.html?p=medianet
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=medianet
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUM45834&prvid=2012%2C2034%2C2033%2C2055%2C2031%2C2030%2C3020%2C251%2C175%2C450%2C2009%2C550%2C178%2C233%2C2028%2C3018%2C2027%2C3017%2C214%2C236%2C237%2C117%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C2022%2C3012%2C3010%2C141%2C262%2C461%2C222%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C10000%2C404%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.55.205.215 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 02 Jan 2024 15:10:21 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 02 Jan 2024 15:10:21 GMT
location
https://eus.rubiconproject.com/usync.html?p=medianet
server
AkamaiGHost
cksync.html
contextual.media.net/ Frame 51FD
Redirect Chain
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3472098190813231000V10%26type%3Drkt%26refUrl%3D%26vid%3D420822149934720981908132310...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3472098190813231000V10&type=rkt&refUrl=&vid=42082214993472098190813231000V10&axid_e=&ovsid=978758894682368887
231 B
654 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3472098190813231000V10&type=rkt&refUrl=&vid=42082214993472098190813231000V10&axid_e=&ovsid=978758894682368887
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUM45834&prvid=2012%2C2034%2C2033%2C2055%2C2031%2C2030%2C3020%2C251%2C175%2C450%2C2009%2C550%2C178%2C233%2C2028%2C3018%2C2027%2C3017%2C214%2C236%2C237%2C117%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C2022%2C3012%2C3010%2C141%2C262%2C461%2C222%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C10000%2C404%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.204.22 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-55-204-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
95d98804a6e5f1e07cca375e5eff2d59603f175e6f35f1de42a5fd1112b0dc1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
231
content-type
text/html;charset=UTF-8
date
Tue, 02 Jan 2024 15:10:22 GMT
expires
Tue, 02 Jan 2024 15:10:22 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E

Redirect headers

Content-Length
0
Date
Tue, 02 Jan 2024 15:10:22 GMT
Location
https://contextual.media.net/cksync.html?cs=8&vsid=3472098190813231000V10&type=rkt&refUrl=&vid=42082214993472098190813231000V10&axid_e=&ovsid=978758894682368887
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3F3F 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472098190813231000V10%26type%3Dpba%26refUrl%3D%26vid%3D42082214993472098190813231000V10%26axid_e%3D%26ovsid%3DPM_UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUM45834&prvid=2012%2C2034%2C2033%2C2055%2C2031%2C2030%2C3020%2C251%2C175%2C450%2C2009%2C550%2C178%2C233%2C2028%2C3018%2C2027%2C3017%2C214%2C236%2C237%2C117%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C2022%2C3012%2C3010%2C141%2C262%2C461%2C222%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C10000%2C404%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.41.168.202 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=124907
content-encoding
gzip
content-length
5622
content-type
text/html
date
Tue, 02 Jan 2024 15:10:21 GMT
expires
Thu, 04 Jan 2024 01:52:08 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cksync.php
contextual.media.net/ Frame FC22
Redirect Chain
  • https://sync.go.sonobi.com/us?https://contextual.media.net/cksync.php?cs=8&vsid=3472098190813231000V10&type=son&refUrl=&vid=42082214993472098190813231000V10&axid_e=&ovsid=[UID]
  • https://contextual.media.net/cksync.php?cs=8&vsid=3472098190813231000V10&type=son&refUrl=&vid=42082214993472098190813231000V10&axid_e=&ovsid=1d65d899-d350-4b66-b9e5-2c328cdf37bf
57 B
468 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3472098190813231000V10&type=son&refUrl=&vid=42082214993472098190813231000V10&axid_e=&ovsid=1d65d899-d350-4b66-b9e5-2c328cdf37bf
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUM45834&prvid=2012%2C2034%2C2033%2C2055%2C2031%2C2030%2C3020%2C251%2C175%2C450%2C2009%2C550%2C178%2C233%2C2028%2C3018%2C2027%2C3017%2C214%2C236%2C237%2C117%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C2022%2C3012%2C3010%2C141%2C262%2C461%2C222%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C10000%2C404%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.55.204.22 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-55-204-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 02 Jan 2024 15:10:22 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
57
x-mnet-hl2
E
expires
Tue, 02 Jan 2024 15:10:22 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 15:10:21 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-69
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://contextual.media.net/cksync.php?cs=8&vsid=3472098190813231000V10&type=son&refUrl=&vid=42082214993472098190813231000V10&axid_e=&ovsid=1d65d899-d350-4b66-b9e5-2c328cdf37bf
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
cksync.html
contextual.media.net/ Frame FC22
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3472098190813231...
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D34720981908...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3472098190813231000V10&type=opx&refUrl=&vid=42082214993472098190813231000V10&axid_e=&ovsid=20c252a1-c4ea-008e-3701-846c2a60d4a1
231 B
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3472098190813231000V10&type=opx&refUrl=&vid=42082214993472098190813231000V10&axid_e=&ovsid=20c252a1-c4ea-008e-3701-846c2a60d4a1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUM45834&prvid=2012%2C2034%2C2033%2C2055%2C2031%2C2030%2C3020%2C251%2C175%2C450%2C2009%2C550%2C178%2C233%2C2028%2C3018%2C2027%2C3017%2C214%2C236%2C237%2C117%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C2022%2C3012%2C3010%2C141%2C262%2C461%2C222%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C10000%2C404%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.55.204.22 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-55-204-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 02 Jan 2024 15:10:21 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
text/html;charset=UTF-8
cache-control
max-age=0, no-cache, no-store
content-length
231
x-mnet-hl2
E
expires
Tue, 02 Jan 2024 15:10:21 GMT

Redirect headers

date
Tue, 02 Jan 2024 15:10:21 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://contextual.media.net/cksync.html?cs=8&vsid=3472098190813231000V10&type=opx&refUrl=&vid=42082214993472098190813231000V10&axid_e=&ovsid=20c252a1-c4ea-008e-3701-846c2a60d4a1
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cksync.php
contextual.media.net/ Frame FC22
Redirect Chain
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472098190813231000V10%26type%3Dr1%26refUrl%3D%26vid%3D42082214993472098190...
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&zcc=1&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472098190813231000V10%26type%3Dr1%26refUrl%3D%26vid%3D42082214993472...
  • https://ad.turn.com/r/cs?pid=45&rndcb=6355620383
  • https://sync.1rx.io/usersync/turn/3816208842254621055?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-4fdc1d16-84e6-4521-8c38-c4e3c9f4d635-005?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472098190813231000V10%26type%3Dr1%2...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3472098190813231000V10&type=r1&refUrl=&vid=42082214993472098190813231000V10&axid_e=&ovsid=RX-4fdc1d16-84e6-4521-8c38-c4e3c9f4d635-005
57 B
473 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3472098190813231000V10&type=r1&refUrl=&vid=42082214993472098190813231000V10&axid_e=&ovsid=RX-4fdc1d16-84e6-4521-8c38-c4e3c9f4d635-005
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUM45834&prvid=2012%2C2034%2C2033%2C2055%2C2031%2C2030%2C3020%2C251%2C175%2C450%2C2009%2C550%2C178%2C233%2C2028%2C3018%2C2027%2C3017%2C214%2C236%2C237%2C117%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C2022%2C3012%2C3010%2C141%2C262%2C461%2C222%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C10000%2C404%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.55.204.22 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-55-204-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 02 Jan 2024 15:10:22 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
57
x-mnet-hl2
E
expires
Tue, 02 Jan 2024 15:10:22 GMT

Redirect headers

location
https://contextual.media.net/cksync.php?cs=8&vsid=3472098190813231000V10&type=r1&refUrl=&vid=42082214993472098190813231000V10&axid_e=&ovsid=RX-4fdc1d16-84e6-4521-8c38-c4e3c9f4d635-005
date
Tue, 02 Jan 2024 15:10:22 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX4fdc1d1684e645218c38c4e3c9f4d635005
content-type
text/html
cksync.php
contextual.media.net/ Frame FC22
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472098190813231000V10%26type%3Ddxu%26refUrl%3D%26vid%3D42082214993472098190813...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3472098190813231000V10&type=dxu&refUrl=&vid=42082214993472098190813231000V10&axid_e=&ovsid=I9tIXYa11RkGpl5
57 B
454 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3472098190813231000V10&type=dxu&refUrl=&vid=42082214993472098190813231000V10&axid_e=&ovsid=I9tIXYa11RkGpl5
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUM45834&prvid=2012%2C2034%2C2033%2C2055%2C2031%2C2030%2C3020%2C251%2C175%2C450%2C2009%2C550%2C178%2C233%2C2028%2C3018%2C2027%2C3017%2C214%2C236%2C237%2C117%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C2022%2C3012%2C3010%2C141%2C262%2C461%2C222%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C10000%2C404%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.55.204.22 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-55-204-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 02 Jan 2024 15:10:21 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
57
x-mnet-hl2
E
expires
Tue, 02 Jan 2024 15:10:21 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 15:10:20 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-03e8869aed321456e@us-east-1e@dxedge-app-us-east-1-prod-asg
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3472098190813231000V10&type=dxu&refUrl=&vid=42082214993472098190813231000V10&axid_e=&ovsid=I9tIXYa11RkGpl5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame FC22
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsi...
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=69aff782-32d0-43f9-95df-a79b64081b6b&gdpr=0&gdpr_consent=&us_privacy=
57 B
618 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=69aff782-32d0-43f9-95df-a79b64081b6b&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUM45834&prvid=2012%2C2034%2C2033%2C2055%2C2031%2C2030%2C3020%2C251%2C175%2C450%2C2009%2C550%2C178%2C233%2C2028%2C3018%2C2027%2C3017%2C214%2C236%2C237%2C117%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C2022%2C3012%2C3010%2C141%2C262%2C461%2C222%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C10000%2C404%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.55.204.22 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-55-204-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 02 Jan 2024 15:10:21 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
57
x-mnet-hl2
E
expires
Tue, 02 Jan 2024 15:10:21 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 15:10:21 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=69aff782-32d0-43f9-95df-a79b64081b6b&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1219703
content-length
0
expires
Tue, 02 Jan 2024 00:00:00 GMT
cksync.php
contextual.media.net/ Frame FC22
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://server.cpmstar.com/usersync.aspx?bsw_custom_parameter=93bfb436-344b-4360-95ad-06e591cc36fa&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D440%26ss...
  • https://x.bidswitch.net/sync?dsp_id=440&ssp=medianet&user_id=KcnOq21T7oqh8t7QKVrK0
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=93bfb436-344b-4360-95ad-06e591cc36fa&gdpr=&gdpr_consent=&gdpr_pd=
57 B
468 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=93bfb436-344b-4360-95ad-06e591cc36fa&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUM45834&prvid=2012%2C2034%2C2033%2C2055%2C2031%2C2030%2C3020%2C251%2C175%2C450%2C2009%2C550%2C178%2C233%2C2028%2C3018%2C2027%2C3017%2C214%2C236%2C237%2C117%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C2022%2C3012%2C3010%2C141%2C262%2C461%2C222%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C10000%2C404%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.55.204.22 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-55-204-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 02 Jan 2024 15:10:21 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
57
x-mnet-hl2
E
expires
Tue, 02 Jan 2024 15:10:21 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?cs=1&type=bs&ovsid=93bfb436-344b-4360-95ad-06e591cc36fa&gdpr=&gdpr_consent=&gdpr_pd=
Date
Tue, 02 Jan 2024 15:10:21 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cksync.php
contextual.media.net/ Frame FC22
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?puid=${VSID}&cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__
  • https://contextual.media.net/cksync.php?cs=1&type=zem&ovsid=qJIo_L6uoQY98nUk1sKb
57 B
458 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=zem&ovsid=qJIo_L6uoQY98nUk1sKb
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUM45834&prvid=2012%2C2034%2C2033%2C2055%2C2031%2C2030%2C3020%2C251%2C175%2C450%2C2009%2C550%2C178%2C233%2C2028%2C3018%2C2027%2C3017%2C214%2C236%2C237%2C117%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C2022%2C3012%2C3010%2C141%2C262%2C461%2C222%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C10000%2C404%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.55.204.22 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-55-204-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 02 Jan 2024 15:10:21 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
57
x-mnet-hl2
E
expires
Tue, 02 Jan 2024 15:10:21 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 15:10:21 GMT
Content-Type
text/html; charset=utf-8
Location
https://contextual.media.net/cksync.php?cs=1&type=zem&ovsid=qJIo_L6uoQY98nUk1sKb
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
111
Expires
Thu, 01 Dec 1994 16:00:00 GMT
cksync.php
contextual.media.net/ Frame FC22
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3472098190813231000V10
  • https://contextual.media.net/cksync.php?type=mf&ovsid=2edb2acc-8b6e-4721-b9a2-add2bc7dce29&cs=1
57 B
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=mf&ovsid=2edb2acc-8b6e-4721-b9a2-add2bc7dce29&cs=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUM45834&prvid=2012%2C2034%2C2033%2C2055%2C2031%2C2030%2C3020%2C251%2C175%2C450%2C2009%2C550%2C178%2C233%2C2028%2C3018%2C2027%2C3017%2C214%2C236%2C237%2C117%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C2022%2C3012%2C3010%2C141%2C262%2C461%2C222%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C10000%2C404%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.55.204.22 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-55-204-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 02 Jan 2024 15:10:21 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
57
x-mnet-hl2
E
expires
Tue, 02 Jan 2024 15:10:21 GMT

Redirect headers

location
//contextual.media.net/cksync.php?type=mf&ovsid=2edb2acc-8b6e-4721-b9a2-add2bc7dce29&cs=1
date
Tue, 02 Jan 2024 15:10:21 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cksync
cs.media.net/ Frame FC22
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=4d7ab853-5158-4b62-987f-d38cb76dc1f6
57 B
454 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=4d7ab853-5158-4b62-987f-d38cb76dc1f6
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUM45834&prvid=2012%2C2034%2C2033%2C2055%2C2031%2C2030%2C3020%2C251%2C175%2C450%2C2009%2C550%2C178%2C233%2C2028%2C3018%2C2027%2C3017%2C214%2C236%2C237%2C117%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C2022%2C3012%2C3010%2C141%2C262%2C461%2C222%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C10000%2C404%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.41.168.23 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-41-168-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 15:10:21 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
57
x-mnet-hl2
E
expires
Tue, 02 Jan 2024 15:10:21 GMT

Redirect headers

location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=4d7ab853-5158-4b62-987f-d38cb76dc1f6
date
Tue, 02 Jan 2024 15:10:21 GMT
server
Kestrel
content-length
199
khaos.json
token.rubiconproject.com/ Frame CCB4 		7 B
820 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
e1bddfc34a927e97bda010c0d8a62b62
Expires
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 3F3F 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=54771850&p=159463&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472098190813231000V10%26type%3Dpba%26refUrl%3D%26vid%3D42082214993472098190813231000V10%26axid_e%3D%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.81 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
464c17d13b4a00236b16bac62b8a667e532c4337b13cffd88359317e558b0335

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Tue, 02 Jan 2024 15:10:21 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usync.js
eus.rubiconproject.com/ Frame 1614 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.55.205.215 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a980612a479652ce151246195a0649cd54d87ff147a5742875e076566846f616

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=medianet
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 15:10:21 GMT
Content-Encoding
gzip
Last-Modified
Tue, 02 Jan 2024 09:44:27 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=66778
Connection
keep-alive
Content-Length
13174
Expires
Wed, 03 Jan 2024 09:43:19 GMT
khaos.json
token.rubiconproject.com/ Frame 1614 		7 B
820 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LQWHKIXZ-1S-K9UW
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
f72efbd84733ea5ba734e4e8fe0395a3
Expires
0
dcm
s.amazon-adsystem.com/ Frame 9652
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=35E1EA24-50D0-4671-87F2-3C38672EF919&redir=true&gdpr=0&gdpr_consent=
  • https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=35E1EA24-50D0-4671-87F2-3C38672EF919&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=35E1EA24-50D0-4671-87F2-3C38672EF919&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472098190813231000V10%26type%3Dpba%26refUrl%3D%26vid%3D42082214993472098190813231000V10%26axid_e%3D%26ovsid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 02 Jan 2024 15:10:22 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
4PS55RPBSPFJQHJCJ4VX

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Tue, 02 Jan 2024 15:10:22 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=35E1EA24-50D0-4671-87F2-3C38672EF919&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
V865GAER5ABNM0AA9C7V
141
match.deepintent.com/usersync/ Frame A49B 		0
338 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472098190813231000V10%26type%3Dpba%26refUrl%3D%26vid%3D42082214993472098190813231000V10%26axid_e%3D%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 -, , ASN (),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
0
content-type
image/gif
date
Tue, 02 Jan 2024 15:10:21 GMT
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
server
a
redir
rtb-csync.smartadserver.com/ Frame 1F62
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEMk1rN0xLRThBQUJhQnVBSUd0dw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csyn%2Csas%2Cpm&bee_sync_current_partner=adx&b...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csyn%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?ev=AAG8307LKE8AABNCGP5LBw&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsyn%252Csas%252Cpm%26bee_sync_cur...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=syn%2Csas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAG8307LKE8AABNCGP5LBw&pid=558502&do=add&gd...
  • https://sync.technoratimedia.com/services?uid=AAG8307LKE8AABNCGP5LBw&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_syn...
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191740&cb=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26nuid%3D0F51F0D8D7A04E5A9956C24A7C9B8FD0%26att%3D1%26pid%3D82%26cb%3Dhttps%...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26nuid%3D0F51F0D8D7A04E5A9956C24A7C9B8FD0%26att%3D1%26pid%3D82%26cb%3Dhttps%253A%252F...
  • https://sync.technoratimedia.com/services?srv=cs&nuid=0F51F0D8D7A04E5A9956C24A7C9B8FD0&att=1&pid=82&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dsas...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=3
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAG8307LKE8AABNCGP5LBw&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%2...
0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 452C
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6332561323996420897&gdpr=0&gdpr_consent=
42 B
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6332561323996420897&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472098190813231000V10%26type%3Dpba%26refUrl%3D%26vid%3D42082214993472098190813231000V10%26axid_e%3D%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 02 Jan 2024 15:10:21 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
f144fbb9-32de-4795-b8d3-e522feeb83e7
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 15:10:21 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6332561323996420897&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
5.181.234.132; 5.181.234.132; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame CB96
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
85 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZZQnXgALbPhVDwAM
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472098190813231000V10%26type%3Dpba%26refUrl%3D%26vid%3D42082214993472098190813231000V10%26axid_e%3D%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 -, , ASN (),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Tue, 02 Jan 2024 15:10:22 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-lga21930-LGA
x-timer
S1704208222.080529,VS0,VE8

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Tue, 02 Jan 2024 15:10:22 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZZQnXgALbPhVDwAM
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-lga21930-LGA
x-timer
S1704208222.028777,VS0,VE7
Pug
simage2.pubmatic.com/AdServer/ Frame A657
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=0c7a8128-a981-11ee-b025-3aa31ae7699e
42 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=0c7a8128-a981-11ee-b025-3aa31ae7699e
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472098190813231000V10%26type%3Dpba%26refUrl%3D%26vid%3D42082214993472098190813231000V10%26axid_e%3D%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 02 Jan 2024 15:10:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
0
content-type
image/gif
date
Tue, 02 Jan 2024 15:10:22 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=0c7a8128-a981-11ee-b025-3aa31ae7699e
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
lga-delivery-3
Pug
image2.pubmatic.com/AdServer/ Frame AB4C
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=eo9omX6NZMhhiTTIftt8nXSPZMth2GWefo_OOAyS
42 B
337 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=eo9omX6NZMhhiTTIftt8nXSPZMth2GWefo_OOAyS
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472098190813231000V10%26type%3Dpba%26refUrl%3D%26vid%3D42082214993472098190813231000V10%26axid_e%3D%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 02 Jan 2024 15:10:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Tue, 02 Jan 2024 15:10:22 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=eo9omX6NZMhhiTTIftt8nXSPZMth2GWefo_OOAyS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame A3EB
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=93bfb436-344b-4360-95ad-06e591cc36fa&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_74a2899f-faff-4b16-8443-c37c471059fa&bsw_param=93bfb436-344b-4360-95ad-06e591cc36fa&expires=10&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=93bfb436-344b-4360-95ad-06e591cc36fa&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
1 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=93bfb436-344b-4360-95ad-06e591cc36fa&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472098190813231000V10%26type%3Dpba%26refUrl%3D%26vid%3D42082214993472098190813231000V10%26axid_e%3D%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 15:10:21 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Tue, 02 Jan 2024 15:10:22 GMT
Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=93bfb436-344b-4360-95ad-06e591cc36fa&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 141F
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=dISjD0srWlVGuKnQKPQfawW16oQ&gdpr=0&gdpr_consent=
42 B
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=dISjD0srWlVGuKnQKPQfawW16oQ&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472098190813231000V10%26type%3Dpba%26refUrl%3D%26vid%3D42082214993472098190813231000V10%26axid_e%3D%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 02 Jan 2024 15:10:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Tue, 02 Jan 2024 15:10:22 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=dISjD0srWlVGuKnQKPQfawW16oQ&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame DF24
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:I9tIXYa11RkGpl5&gdpr=0&gdpr_consent=
42 B
449 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:I9tIXYa11RkGpl5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472098190813231000V10%26type%3Dpba%26refUrl%3D%26vid%3D42082214993472098190813231000V10%26axid_e%3D%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 02 Jan 2024 15:10:21 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Tue, 02 Jan 2024 15:10:21 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:I9tIXYa11RkGpl5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-051c0a4447cc8f486@us-east-1d@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame BB0E
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=968062845345747366
42 B
273 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=968062845345747366
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472098190813231000V10%26type%3Dpba%26refUrl%3D%26vid%3D42082214993472098190813231000V10%26axid_e%3D%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 02 Jan 2024 15:10:21 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Tue, 02 Jan 2024 15:10:22 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=968062845345747366
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
pbmtc.gif
beacon.lynx.cognitivlabs.com/ Frame 284C
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=1f2cbe04-e350-4a1b-bfe3-e8bf6e1bd91a&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=$...
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=35E1EA24-50D0-4671-87F2-3C38672EF919
42 B
493 B 		Document
General
Check archive.org
Download Go to
Full URL
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=35E1EA24-50D0-4671-87F2-3C38672EF919
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472098190813231000V10%26type%3Dpba%26refUrl%3D%26vid%3D42082214993472098190813231000V10%26axid_e%3D%26ovsid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.232.179.229 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
42
Content-Type
image/gif
Date
Tue, 02 Jan 2024 15:10:22 GMT
Server
Kestrel

Redirect headers

cache-control
no-store, no-cache, private
date
Tue, 02 Jan 2024 04:28:14 GMT
location
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=35E1EA24-50D0-4671-87F2-3C38672EF919
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
i.match
a.tribalfusion.com/ Frame 593F 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 81A3
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472098190813231000V10%26type%3Dpba%26refUrl%3D%26vid%3D42082214993472098190813231000V10%26axid_e%3D%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 02 Jan 2024 15:10:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 15:10:21 GMT
expires
Tue, 02 Jan 2024 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
790054
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
image2.pubmatic.com/AdServer/ Frame 2D54
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUa2c4f5affb9542f5a5edfa8e79a3daf5
42 B
280 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUa2c4f5affb9542f5a5edfa8e79a3daf5
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472098190813231000V10%26type%3Dpba%26refUrl%3D%26vid%3D42082214993472098190813231000V10%26axid_e%3D%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 02 Jan 2024 15:10:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
166
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 15:10:22 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUa2c4f5affb9542f5a5edfa8e79a3daf5
pragma
no-cache
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame FAE6
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=6
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=871933295840
42 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=871933295840
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472098190813231000V10%26type%3Dpba%26refUrl%3D%26vid%3D42082214993472098190813231000V10%26axid_e%3D%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 02 Jan 2024 15:10:22 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=871933295840
/
csync.loopme.me/ Frame 3559 		0
0
cksync.php
contextual.media.net/ Frame 3AD2 		57 B
470 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3472098190813231000V10&type=pba&refUrl=&vid=42082214993472098190813231000V10&axid_e=&ovsid=35E1EA24-50D0-4671-87F2-3C38672EF919
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472098190813231000V10%26type%3Dpba%26refUrl%3D%26vid%3D42082214993472098190813231000V10%26axid_e%3D%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.204.22 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-55-204-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
57
content-type
image/gif
date
Tue, 02 Jan 2024 15:10:22 GMT
expires
Tue, 02 Jan 2024 15:10:22 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
x-mnet-hl2
E
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3F3F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=NeHqJFDQRnGH8jw4Zy75GQ%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472098190813231000V10%26type%3Dpba%26refUrl%3D%26vid%3D42082214993472098190813231000V10%26axid_e%3D%26ovsid%3DPM_UID
Protocol
H2
Server
23.41.168.202 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 15:10:21 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=124907
accept-ranges
bytes
content-length
5622
expires
Thu, 04 Jan 2024 01:52:08 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 15:10:21 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame 3F3F
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=35E1EA24-50D0-4671-87F2-3C38672EF919
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=35E1EA24-50D0-4671-87F2-3C38672EF919
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=db5ba070-3deb-4b92-b31a-f5682e9566ca%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=4d7ab853-5158-4b62-987f-d38cb76dc1f6&ttd_puid=db5ba070-3deb-4b92-b31a-f5682e9566ca%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=4d7ab853-5158-4b62-987f-d38cb76dc1f6&ttd_puid=db5ba070-3deb-4b92-b31a-f5682e9566ca%2C%2C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472098190813231000V10%26type%3Dpba%26refUrl%3D%26vid%3D42082214993472098190813231000V10%26axid_e%3D%26ovsid%3DPM_UID
Protocol
H3
Server
34.111.113.62 -, , ASN (),
Reverse DNS
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 15:10:22 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=4d7ab853-5158-4b62-987f-d38cb76dc1f6&ttd_puid=db5ba070-3deb-4b92-b31a-f5682e9566ca%2C%2C
date
Tue, 02 Jan 2024 15:10:22 GMT
server
Kestrel
content-length
359
FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3A...
us01.z.antigena.com/l/ Frame 3F3F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%2035E1EA24-50D0-4671-87F2-3C38672EF919&rnd=RND
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472098190813231000V10%26type%3Dpba%26refUrl%3D%26vid%3D42082214993472098190813231000V10%26axid_e%3D%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
40.76.134.238 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
xuid
eb2.3lift.com/ Frame 3F3F 		37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7976&xuid=35E1EA24-50D0-4671-87F2-3C38672EF919&dongle=u6nf&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472098190813231000V10%26type%3Dpba%26refUrl%3D%26vid%3D42082214993472098190813231000V10%26axid_e%3D%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.223.22.214 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 02 Jan 2024 15:10:21 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
Pug
image2.pubmatic.com/AdServer/ Frame 3F3F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MzVFMUVBMjQtNTBEMC00NjcxLTg3RjItM0MzODY3MkVGOTE5&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472098190813231000V10%26type%3Dpba%26refUrl%3D%26vid%3D42082214993472098190813231000V10%26axid_e%3D%26ovsid%3DPM_UID
Protocol
H2
Server
162.248.18.37 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 02 Jan 2024 15:10:22 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 15:10:21 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 3F3F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECC1rpmclmVZp-RAejYm9qA&google_cver=1
42 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECC1rpmclmVZp-RAejYm9qA&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472098190813231000V10%26type%3Dpba%26refUrl%3D%26vid%3D42082214993472098190813231000V10%26axid_e%3D%26ovsid%3DPM_UID
Protocol
H2
Server
162.248.18.37 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 02 Jan 2024 15:10:22 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 15:10:21 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECC1rpmclmVZp-RAejYm9qA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 3F3F
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:567BC08123CD485C8973D889F7E7AB94
42 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:567BC08123CD485C8973D889F7E7AB94
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472098190813231000V10%26type%3Dpba%26refUrl%3D%26vid%3D42082214993472098190813231000V10%26axid_e%3D%26ovsid%3DPM_UID
Protocol
H2
Server
162.248.18.37 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 02 Jan 2024 15:10:20 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Tue, 02 Jan 2024 15:10:21 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:567BC08123CD485C8973D889F7E7AB94
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 01 Jan 2024 15:10:21 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 3F3F
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=4d7ab853-5158-4b62-987f-d38cb76dc1f6&gdpr=0&gdpr_consent=
42 B
316 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=4d7ab853-5158-4b62-987f-d38cb76dc1f6&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472098190813231000V10%26type%3Dpba%26refUrl%3D%26vid%3D42082214993472098190813231000V10%26axid_e%3D%26ovsid%3DPM_UID
Protocol
H2
Server
8.28.7.83 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 02 Jan 2024 15:10:21 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=4d7ab853-5158-4b62-987f-d38cb76dc1f6&gdpr=0&gdpr_consent=
date
Tue, 02 Jan 2024 15:10:21 GMT
server
Kestrel
content-length
355
35E1EA24-50D0-4671-87F2-3C38672EF919
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 3F3F 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/35E1EA24-50D0-4671-87F2-3C38672EF919?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472098190813231000V10%26type%3Dpba%26refUrl%3D%26vid%3D42082214993472098190813231000V10%26axid_e%3D%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.17.250.107 -, , ASN (),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 15:10:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame 3F3F
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=35E1EA24-50D0-4671-87F2-3C38672EF919&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-STZHgNNE2uV9yKUz.YvLNi1z2WLNtC0-~A&gdpr=0
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-STZHgNNE2uV9yKUz.YvLNi1z2WLNtC0-~A&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472098190813231000V10%26type%3Dpba%26refUrl%3D%26vid%3D42082214993472098190813231000V10%26axid_e%3D%26ovsid%3DPM_UID
Protocol
H2
Server
8.28.7.84 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 04:40:49 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-STZHgNNE2uV9yKUz.YvLNi1z2WLNtC0-~A&gdpr=0
date
Tue, 02 Jan 2024 15:10:21 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 3F3F
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=bd847c17-7e2d-48e8-9b18-025969320754&gdpr=0&gdpr_consent=
1 B
335 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=bd847c17-7e2d-48e8-9b18-025969320754&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472098190813231000V10%26type%3Dpba%26refUrl%3D%26vid%3D42082214993472098190813231000V10%26axid_e%3D%26ovsid%3DPM_UID
Protocol
H2
Server
8.28.7.83 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 04:41:38 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=bd847c17-7e2d-48e8-9b18-025969320754&gdpr=0&gdpr_consent=
Date
Tue, 02 Jan 2024 15:10:22 GMT
Connection
keep-alive
X-CI-RTID
bff19c01-f048-469c-a112-263e71e991aa
Content-Length
205
Content-Type
text/html; charset=utf-8
Pug
simage2.pubmatic.com/AdServer/ Frame 3F3F
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=35E1EA24-50D0-4671-87F2-3C38672EF919&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=64cf5b5e059410b7&is_secure=true&networkId=17100&version=1&nuid=35E1EA24-50D0-4671-87F2-3C38672EF919&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGnZrV6UcdHQNGH7rUAAAAAAA&expiration=1704294622&nuid=35E1EA24-50D0-4671-87F2-3C38672EF919&...
42 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGnZrV6UcdHQNGH7rUAAAAAAA&expiration=1704294622&nuid=35E1EA24-50D0-4671-87F2-3C38672EF919&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472098190813231000V10%26type%3Dpba%26refUrl%3D%26vid%3D42082214993472098190813231000V10%26axid_e%3D%26ovsid%3DPM_UID
Protocol
H2
Server
8.28.7.83 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 02 Jan 2024 15:10:22 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 15:10:22 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGnZrV6UcdHQNGH7rUAAAAAAA&expiration=1704294622&nuid=35E1EA24-50D0-4671-87F2-3C38672EF919&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
sn.ashx
pmp.mxptint.net/ Frame 3F3F
Redirect Chain
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R33646_10EA9CF04_36ED3793&r=https://pmp.mxptint.net/sn.ashx?ak=1
  • https://pmp.mxptint.net/sn.ashx?ak=1
43 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pmp.mxptint.net/sn.ashx?ak=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472098190813231000V10%26type%3Dpba%26refUrl%3D%26vid%3D42082214993472098190813231000V10%26axid_e%3D%26ovsid%3DPM_UID
Protocol
HTTP/1.1
Server
204.2.226.29 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=-387213022; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Expires
-1
Pragma
no-cache
Date
Tue, 02 Jan 2024 15:10:21 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=-387213022; includeSubDomains
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://pmp.mxptint.net/sn.ashx?ak=1
date
Tue, 02 Jan 2024 15:10:22 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame 3F3F 		0
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472098190813231000V10%26type%3Dpba%26refUrl%3D%26vid%3D42082214993472098190813231000V10%26axid_e%3D%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.198.133.245 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 15:10:22 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 3F3F
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4032381624368404863&gdpr=0&gdpr_consent=&us_privacy=
1 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4032381624368404863&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472098190813231000V10%26type%3Dpba%26refUrl%3D%26vid%3D42082214993472098190813231000V10%26axid_e%3D%26ovsid%3DPM_UID
Protocol
H2
Server
8.28.7.83 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 15:10:22 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4032381624368404863&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Tue, 02 Jan 2024 15:10:21 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
image2.pubmatic.com/AdServer/ Frame 3F3F
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=12530211-b7d9-41fc-ac8b-877bd98f51b4-6594275e-5553&gdpr=0&gdpr_consent=
42 B
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=12530211-b7d9-41fc-ac8b-877bd98f51b4-6594275e-5553&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472098190813231000V10%26type%3Dpba%26refUrl%3D%26vid%3D42082214993472098190813231000V10%26axid_e%3D%26ovsid%3DPM_UID
Protocol
H2
Server
162.248.18.37 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 02 Jan 2024 15:10:22 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 15:10:21 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=12530211-b7d9-41fc-ac8b-877bd98f51b4-6594275e-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 3F3F
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1715222514944240407
42 B
241 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1715222514944240407
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472098190813231000V10%26type%3Dpba%26refUrl%3D%26vid%3D42082214993472098190813231000V10%26axid_e%3D%26ovsid%3DPM_UID
Protocol
H2
Server
8.28.7.83 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 02 Jan 2024 15:10:22 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 15:10:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=1715222514944240407
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
cksync.php
contextual.media.net/ Frame 1614
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=LQWHKIXZ-1S-K9UW
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=LQWHKIXZ-1S-K9UW
57 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=rbcn&ovsid=LQWHKIXZ-1S-K9UW
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUM45834&prvid=2012%2C2034%2C2033%2C2055%2C2031%2C2030%2C3020%2C251%2C175%2C450%2C2009%2C550%2C178%2C233%2C2028%2C3018%2C2027%2C3017%2C214%2C236%2C237%2C117%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C2022%2C3012%2C3010%2C141%2C262%2C461%2C222%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C10000%2C404%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.55.204.22 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-55-204-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 02 Jan 2024 15:10:22 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
57
x-mnet-hl2
E
expires
Tue, 02 Jan 2024 15:10:22 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://contextual.media.net/cksync.php?type=rbcn&ovsid=LQWHKIXZ-1S-K9UW
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
9e7742894a018a40b59a2ed2117c85b5
Expires
0
pixel
cm.g.doubleclick.net/ Frame CCB4
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODJiOGQ0NzU4MTA1YWE1ZWE1OWM3OGM0M2M2ZDVkZGExODc3MjAxZg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODJiOGQ0NzU4MTA1YWE1ZWE1OWM3OGM0M2M2ZDVkZGExODc3MjAxZg
Protocol
H3
Server
172.253.63.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 15:10:21 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ODJiOGQ0NzU4MTA1YWE1ZWE1OWM3OGM0M2M2ZDVkZGExODc3MjAxZg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
9a0c641c0479142b55591fdf2031b15f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame CCB4
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=4d7ab853-5158-4b62-987f-d38cb76dc1f6&gdpr=0&gdpr_consent=&expires=30
42 B
885 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=4d7ab853-5158-4b62-987f-d38cb76dc1f6&gdpr=0&gdpr_consent=&expires=30
Protocol
HTTP/1.1
Server
69.173.151.100 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
19ea072139d67f7022c6e463249c998e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=4d7ab853-5158-4b62-987f-d38cb76dc1f6&gdpr=0&gdpr_consent=&expires=30
date
Tue, 02 Jan 2024 15:10:21 GMT
server
Kestrel
content-length
289
tap.php
pixel.rubiconproject.com/ Frame CCB4
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/5y1yfIRFBqUjFq9OgU_t4cn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-YMNXvq1E2oLRDWUf3BqmMoxOyoy8VzR0u7kTiQ--~A
42 B
885 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-YMNXvq1E2oLRDWUf3BqmMoxOyoy8VzR0u7kTiQ--~A
Protocol
HTTP/1.1
Server
69.173.151.100 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
83041abbe8494cb29eff3083edd6dff6
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Tue, 02 Jan 2024 15:10:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-YMNXvq1E2oLRDWUf3BqmMoxOyoy8VzR0u7kTiQ--~A
content-length
0
ecm3
s.amazon-adsystem.com/ Frame CCB4
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=M8R9yD6OQrinKUWezOni9g&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=M8R9yD6OQrinKUWezOni9g
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=M8R9yD6OQrinKUWezOni9g
Protocol
HTTP/1.1
Server
52.46.128.147 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 15:10:22 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
Y3SVD23CS2B427DTPAET
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=M8R9yD6OQrinKUWezOni9g
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
82a6cabd8b3f0d2d2ae6e86e2699f0ba
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame CCB4
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=iaykGq6hQzWQtoXf1aOg0Q&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=iaykGq6hQzWQtoXf1aOg0Q
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=iaykGq6hQzWQtoXf1aOg0Q
Protocol
HTTP/1.1
Server
67.220.226.234 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 15:10:22 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
JK6SQEZ9YEQKDY1YXKST
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=iaykGq6hQzWQtoXf1aOg0Q
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f69a50991384d09413b97a37bb74928b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame CCB4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHk9GIz6w9VbtQg-n1Gnq1I&google_cver=1
42 B
885 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHk9GIz6w9VbtQg-n1Gnq1I&google_cver=1
Protocol
HTTP/1.1
Server
69.173.151.100 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
314e432eb2d967cf733b82bdbbe35231
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 15:10:21 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHk9GIz6w9VbtQg-n1Gnq1I&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame CCB4
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFFXSEtJWFotMVMtSzlVVw==
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEF-zZ41QIkSVXn5DKmkvsHU&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFXSEtJWFotMVMtSzlVVw==&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFXSEtJWFotMVMtSzlVVw==&google_push=
Protocol
H3
Server
172.253.63.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 15:10:22 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFXSEtJWFotMVMtSzlVVw==&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
78008fe701b681dce86a72fc23cacc40
Expires
0
ecm3
s.amazon-adsystem.com/ Frame CCB4
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
  • https://s.amazon-adsystem.com/ecm3?id=LQWHKIXZ-1S-K9UW&ex=d-rubiconproject.com&status=ok
43 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LQWHKIXZ-1S-K9UW&ex=d-rubiconproject.com&status=ok
Protocol
HTTP/1.1
Server
52.46.128.147 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 15:10:22 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
5SZ89Q0CTE5KNW1YDYPH
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LQWHKIXZ-1S-K9UW&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0190a17a18f2299b1b85aeb1793e601c
Expires
0
setuid
px.ads.linkedin.com/ Frame CCB4
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQWHKIXZ-1S-K9UW
0
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQWHKIXZ-1S-K9UW
Protocol
H2
Server
13.107.42.14 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 15:10:21 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: B96A21BFE5D34CDCB8E261D25CD6802E Ref B: EWR30EDGE1016 Ref C: 2024-01-02T15:10:21Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYN9+WxGK5UScS4DF8HIg==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQWHKIXZ-1S-K9UW
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c1df09169f58a071f2a391dff1b3307b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame CCB4
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAG8307LKE8AABNCGP5LBw&expires=30
42 B
885 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAG8307LKE8AABNCGP5LBw&expires=30
Protocol
HTTP/1.1
Server
69.173.151.100 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
19ea072139d67f7022c6e463249c998e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAG8307LKE8AABNCGP5LBw&expires=30
Date
Tue, 02 Jan 2024 15:10:22 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
tap.php
pixel.rubiconproject.com/ Frame CCB4
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=61b749d6-64df-4351-a127-8c44ff4dcb8e&expires=30
42 B
885 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=61b749d6-64df-4351-a127-8c44ff4dcb8e&expires=30
Protocol
HTTP/1.1
Server
69.173.151.100 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
5e07703167439847c6c49a939083c0fd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=61b749d6-64df-4351-a127-8c44ff4dcb8e&expires=30
Date
Tue, 02 Jan 2024 15:10:22 GMT
Connection
keep-alive
X-CI-RTID
809b3d5a-131a-4442-a29c-8b4f95805d61
Content-Length
144
Content-Type
text/html; charset=utf-8
cksync
hb.yahoo.net/ Frame CCB4
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LQWHKIXZ-1S-K9UW&redir=true
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LQWHKIXZ-1S-K9UW&redir=true
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1URFcwVXN4RTJ1SHYwZnhZZTMwbFJ6dkNQR2s1Y2NYNX5B&ovsid=LQWHKIXZ-1S-K9UW&dpid=58160
57 B
650 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1URFcwVXN4RTJ1SHYwZnhZZTMwbFJ6dkNQR2s1Y2NYNX5B&ovsid=LQWHKIXZ-1S-K9UW&dpid=58160
Protocol
H2
Server
23.204.152.232 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Tue, 02 Jan 2024 15:10:22 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
57
x-mnet-hl2
E
expires
Tue, 02 Jan 2024 15:10:22 GMT

Redirect headers

location
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1URFcwVXN4RTJ1SHYwZnhZZTMwbFJ6dkNQR2s1Y2NYNX5B&ovsid=LQWHKIXZ-1S-K9UW&dpid=58160
date
Tue, 02 Jan 2024 15:10:21 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
capi.connatix.com/us/ Frame CCB4
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564
  • https://capi.connatix.com/us/pixel?puid=LQWHKIXZ-1S-K9UW&pId=11&gdpr=&gdpr_consent=&us_privacy=
  • https://capi.connatix.com/us/pixel?puid=LQWHKIXZ-1S-K9UW&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
82 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/us/pixel?puid=LQWHKIXZ-1S-K9UW&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
Protocol
H2
Server
172.64.146.152 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 15:10:22 GMT
cf-cache-status
DYNAMIC
server
cloudflare
surrogate-control
no-cache, no-store, must-revalidate, max-age=0
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
83f3edacb8c9c3fd-EWR
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Tue, 02 Jan 2024 15:10:22 GMT
cf-cache-status
DYNAMIC
server
cloudflare
location
https://capi.connatix.com/us/pixel?puid=LQWHKIXZ-1S-K9UW&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
83f3edac7861c3fd-EWR
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400
merge
ce.lijit.com/ Frame CCB4
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn
  • https://ce.lijit.com/merge?pid=80&3pid=LQWHKIXZ-1S-K9UW
  • https://ce.lijit.com/merge?pid=80&3pid=LQWHKIXZ-1S-K9UW&dnr=1
43 B
664 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LQWHKIXZ-1S-K9UW&dnr=1
Protocol
HTTP/1.1
Server
63.251.86.51 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 15:10:22 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 15:10:22 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ce.lijit.com/merge?pid=80&3pid=LQWHKIXZ-1S-K9UW&dnr=1
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3dca1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
ProfilesEngineServlet
sync1.intentiq.com/profiles_engine/ Frame CCB4
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LQWHKIXZ-1S-K9UW
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQWHKIXZ-1S-K9UW
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQWHKIXZ-1S-K9UW&ckls=true&ci=T8c6bYP4Ni&nc=false&trid=-2114266178
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQWHKIXZ-1S-K9UW&ckls=true&ci=T8c6bYP4Ni&nc=false&trid=-2114266178
Protocol
H2
Server
52.85.132.4 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 15:10:23 GMT
via
1.1 09028890675e48687e2855f3bdad98ea.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD50-C2
x-cache
Miss from cloudfront
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
Bal785nO7_A9IY2cHYa7-1uPBPLGSzL-h8c26niFkeLlf0V8pZ75vw==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 15:10:23 GMT
via
1.1 09028890675e48687e2855f3bdad98ea.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD50-C2
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQWHKIXZ-1S-K9UW&ckls=true&ci=T8c6bYP4Ni&nc=false&trid=-2114266178
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
-66CRwo0PYEhFGht2swHrqazGtMYBHoeTSJdn0WdjihlD2Qkqrd0sA==
expires
Thu, 01 Jan 1970 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame CCB4
Redirect Chain
  • https://token.rubiconproject.com/token?pid=37556&a=1
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LQWHKIXZ-1S-K9UW
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LQWHKIXZ-1S-K9UW
Protocol
H3
Server
34.111.113.62 -, , ASN (),
Reverse DNS
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 15:10:22 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

Location
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LQWHKIXZ-1S-K9UW
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f72efbd84733ea5ba734e4e8fe0395a3
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ptmd
dts.clnmde.com/ Frame 8510 		70 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dts.clnmde.com/ptmd?t=170420821911933122256112_N4IgHgZiBcIMYGYBsBOARihaAmEBMEKA7AAwAsC2SCJJAHHHWgKx5zM0gA0IAzgC4BDfgFdeMANo0AujwBegmAEYeABwDmMEADduIdQAstS0mTz08SlEqsIESvI+ZIbePdvGwkAOhLfmRG48ggA2MAg8EHAwALQqIACm-ACWxqbmdJYoenBw2FoAqgDKegKa0CQ8vADWaeQZWQD6dGRkLnjMZiR4RHoJyapazN5KdEreeAhkIwhBOgkATlqqCwD2+TwJIorQ8SKpu5vaYdASoAB2ggC2CVpoydjYi40PetjCO6D3j8+vsG0kdzJF75WAmeoWUZ4OjMTpIMgobIAXyRXAu11usEEcFePHeQhgoGxfxA2M6CACZDgggSZAgCUYgmYUUCEBpuTw2DwaDoQJBdS6mShMLhCORSNkIFUHkkIBIAAJzGQFUoQJLeCEBAKGlYlPQ9CEoIcQGgQvwYPCeHAxPx+bA6ABhAoAFQAGi53XySeDBZZMiK2mK9Oport0hZHCYyDwAI6Y+IQA4kJFAA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.96.116 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
116.96.111.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

accept-language
en-US,en;q=0.9
Referer
https://73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 15:10:22 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-powered-by
Express
access-control-max-age
1800
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
alt-svc
clear
async_usersync
ib.adnxs.com/ Frame 6FB6 		0
595 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.155 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 15:10:22 GMT
an-x-request-uuid
2eb10721-d2c7-484a-b8a5-8d5901598f41
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
5.181.234.132; 5.181.234.132; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ptmd
dts.clnmde.com/ Frame 8510 		70 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dts.clnmde.com/ptmd?t=170420821911933122256112_N4Ig7gHg5iBcIAYBGB2AzAgrAUwCYBYlcVs0BDbATgGMBGBfFAMwCZ9bNclaA2SkADQgAbrmpwQASQB2AF2wAbAAQzqAOhVzFKgE4BLAM5KA8gAds0gOIAZJQFFpUPdOyCQAKwCucWkPfSJfDJ8bAAOMjEWBB4+FFDQyhY0FEw0UKQmINomamoUN3ckCTIyWlQmBBZcMhJaXFCUfEoeJDJMFmoWWnw0WgxxITIICQS0XFo++hQUMjQkUJZp-FweTB4Z+lwWbDIENygFU2LQghSCQnZS7HWkXpRE9h4e9YS3JjI4AG1kzFCp0LWAnooQECFB4LBkIh0KhkIAukJ3gY4DwhAALNFfXwsTAIkBMJhwMEgTzeWC0SiURHCCRuAyyMiyTzI2CfaSeBQKAQ8ME8Fjc-DctACHF4gBeH3JQlMMHgNKEUEx8FoKAYUQWFImlDQvRYerWExYbmELJAPDUCDUmBQRsGCjgwvx4lgAFpfCBsLI9BIVWqEBr+EJcrgJABVADKdNksuJBgA1j7Vfh1V1KAB9UL4fA8Wg45OVfJCbB6I7wTBqWh-NRJfAVtC2kTYHQSUw6AD2IaLnkl7s83qlHuE9tZoGkZAAtq54Eg9LhcE207O3NUGXBQDO5wul-Bs3shMI9IuQ8qkynKywAZhs01+ABfW8CUcTqcgMjUJdCFeS0Bv7ev6hXmg1r4NQFD4Ew2DUOEmA5Da7yQZ0WzzMah5-r6+Yagsl7XpSID3nipgml8eIGAo9KJn6AbAm4CiEgOSAKLIKKCiA1DMrIR4jAAwqGAAqAAaOaCShnEnpRXRYZgV5PLhCrOuhKZ6vELEAI5Tu6TD9ggt5AA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.96.116 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
116.96.111.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

accept-language
en-US,en;q=0.9
Referer
https://73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 15:10:22 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-powered-by
Express
access-control-max-age
1800
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
alt-svc
clear

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuNoswzxJ5QCJw2Qcf-0KlClR6kX-awXg5PlOYhygf9cP6UqyyBFx3x1P6g0YSewl2TCjNpqRu8jX_toREhhydPn2YrfQ-NM0bzmvAYbk9VakcZYhECjZ3V&sig=Cg0ArKJSzN6E5gJlkckzEAE&id=lidar2&mcvt=1001&p=1245,436,1339,1164&mtos=0,882,1001,1067,1184&tos=0,882,119,66,117&v=20231213&bin=7&avms=nio&bs=0,0&mc=0.79&if=1&vu=1&app=0&itpl=20&adk=2440819915&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704208218643&rpt=425&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Domain
gum.criteo.com
URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.app.bigonline.top.enquetebbb.com.br%2F&domain=www.app.bigonline.top.enquetebbb.com.br&cw=1&pbt=1&lsw=1
Domain
gum.criteo.com
URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId
Domain
rtb-csync.smartadserver.com
URL
https://rtb-csync.smartadserver.com/redir?partneruserid=AAG8307LKE8AABNCGP5LBw&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4%26userid%3DSMART_USER_ID&gdpr=0
Domain
a.tribalfusion.com
URL
https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Domain
csync.loopme.me
URL
https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}

Verdicts & Comments Add Verdict or Comment

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| documentPictureInPicture function| gtag object| dataLayer object| googletag object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| google_tag_manager string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| GooglebQhCsO function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages function| $ function| jQuery function| setImmediate function| clearImmediate function| swal function| sweetAlert function| Swiper function| OneSignal function| SmartBanner function| _extends function| _typeof function| LazyLoad object| lazyLoadInstance object| _ppads object| _pbjs number| __oneSignalSdkLoadCount function| __jp0 object| _pbjsChunk object| mnet object| Criteo object| GoogleGcLKhOms object| google_image_requests object| FB object| __buffer object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_136 object| Criteo_prebid_136 function| Navegg object| naveggReady object| nvg46575 function| nvgGetSegment function| ltgc

50 Cookies

Domain/Path Name / Value
www.app.bigonline.top.enquetebbb.com.br/ Name: PHPSESSID
Value: 98be69816c892ee5fd1bf06c9c8dc622
.onesignal.com/ Name: __cf_bm
Value: nqzv3QLmqNzo5JJJ_tGq1cA4EE1vKeJxb27eYzqzhxA-1704208213-1-AVbIGSImkGm4gC07YLkmjHfAjfpdKLEu17Eas+g0txjAiPbIiCJiavEPkisMl7XBv96cwJOeR6Do6RSw8oiQQ30=
.enquetebbb.com.br/ Name: _gid
Value: GA1.3.24468801.1704208213
.enquetebbb.com.br/ Name: _gat_gtag_UA_112625574_1
Value: 1
.enquetebbb.com.br/ Name: _gcl_au
Value: 1.1.535845015.1704208214
.doubleclick.net/ Name: IDE
Value: AHWqTUkXKpvSsIX5o3T_HyQZX4wAwaVW2uHMraQl4C_gWOZxo9MclRy-JAvWL1cx
.enquetebbb.com.br/ Name: __gads
Value: ID=2c422f06042f1f3b:T=1704208214:RT=1704208214:S=ALNI_Mam5TtDo-sAkGCXPKTdMpk5MDgtzA
.enquetebbb.com.br/ Name: __gpi
Value: UID=00000db0485054bf:T=1704208214:RT=1704208214:S=ALNI_MZZ7NWDSiKb8PmYeDuSb2XWo6HCbA
www.app.bigonline.top.enquetebbb.com.br/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.enquetebbb.com.br/ Name: _ga
Value: GA1.3.943506077.1704208213
.3lift.com/ Name: tluid
Value: 2202895229490015808020
.blismedia.com/ Name: b
Value: 659427570F3CEE7434C34F4DBLIS
.inmobi.com/ Name: idsp_c
Value: cd40bc43-a59b-43a0-aa68-c2ccfec915a6
.teads.tv/ Name: tt_viewer
Value: 0281ea6c-2b75-4099-9d6c-a1a7eb1c0e0f
www.app.bigonline.top.enquetebbb.com.br/ Name: nvggid
Value: null
.rubiconproject.com/ Name: khaos
Value: LQWHKIXZ-1S-K9UW
.rubiconproject.com/ Name: audit
Value: 1|tcR/wBEzWcK7Q/jHCVf42lMG4C6D/t+3x5H4/Al95QU/ybvdeqGenn+nWrMf5yzxMd09tua3MTG3ksPCnRP4vj98ub/ixONupveulMc93vhGBLsuh3fnviYbB5SW5XQ3fTDCR74EIi0ijy0RC4Zd8Ri5j99IjSR+
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%22A9942F91-5672-438C-0175-D864856B4B29%22%7D
.adnxs.com/ Name: uuid2
Value: 6332561323996420897
.zemanta.com/ Name: zuid
Value: qJIo_L6uoQY98nUk1sKb
.googleadservices.com/ Name: ar_debug
Value: 1
.yandex.ru/ Name: yandexuid
Value: 2163445021704208216
.adnxs.com/ Name: icu
Value: ChgIqvN4EAoYAiACKAIw2s7QrAY4AkACSAIQ2s7QrAYYAQ..
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.criteo.com/ Name: uid
Value: 69aff782-32d0-43f9-95df-a79b64081b6b
.criteo.com/ Name: partitioned_bundle
Value: TYDfYV8yNCUyRm43anM2cDdFN1U2JTJGYk5kZUgxRmMlMkJmbEU2N2NpczAzcGw2TmpZQ1U3dlBhb0ZxeHVzV1YyYk1lYWpFQmQ1UDklMkZEJTJCMERFQ1ZXZWsxOGhWend4Zng1OEFLT01jdGloV3JnRTJVVU5zb2pQSktkUFNFSW5IVTZoWUttZSUyQjlTY2VqbG1TQjVXTUtnJTJCMlclMkJETzNnaDhhMDdlRzdDV1VnN2xJbTYxTjE5V0VZbkZkczBsU0ZUZDMlMkJTZiUyQjJPRnZyag
.enquetebbb.com.br/ Name: cto_bundle
Value: 1UIDyV8yNCUyRm43anM2cDdFN1U2JTJGYk5kZUgxRmMlMkJmbEU2N2NpczAzcGw2TmpZQ1U3dlBhb0ZxeHVzV1YyYk1lYWpFQmQ1UDklMkZEJTJCMERFQ1ZXZWsxOGhWend4Zng1OEFLT01jdGloV3JnRTJVVU5zb2pQSktkUFNFSW5IVTZoWUttZSUyQjlTY0xFRlJBaVklMkZVdWVBeEJWeXFpQWw5WCUyRjIzRENHSldLR0piU1B1dGkwQWVrJTNE
.enquetebbb.com.br/ Name: _ga_RQSNYVQKT8
Value: GS1.1.1704208213.1.0.1704208218.55.0.0
.adingo.jp/ Name: ID
Value: 686c4656f8f7e8ac286054e44f681ef4
.openx.net/ Name: i
Value: 8a8ee92d-fe6d-47c9-a5d0-412ded0d5681%7C1704208219
.w55c.net/ Name: wfivefivec
Value: I9tIXYa11RkGpl5
.bidswitch.net/ Name: tuuid
Value: 93bfb436-344b-4360-95ad-06e591cc36fa
.bidswitch.net/ Name: c
Value: 1704208219
.bidswitch.net/ Name: tuuid_lu
Value: 1704208219
.mfadsrvr.com/ Name: tuuid
Value: 2edb2acc-8b6e-4721-b9a2-add2bc7dce29
.mfadsrvr.com/ Name: c
Value: 1704208219
.mfadsrvr.com/ Name: tuuid_lu
Value: 1704208219
.w55c.net/ Name: matchgoogle
Value: 5
.pxlclnmdecom-a.akamaihd.net/ Name: bfp_sn
Value: 1704208219_844612542027
.pxlclnmdecom-a.akamaihd.net/ Name: bfp_sn_t_8b2087b102c9e3e5ffed1c1478ed8b78
Value: 1704208219_844612542027_8b2087b102c9e3e5ffed1c1478ed8b78
.mfadsrvr.com/ Name: ssh
Value: !google,1704208219
.media.net/ Name: visitor-id
Value: 3472098190813231000V10
.tribalfusion.com/ Name: ANON_ID
Value: adntuJuyTYEBErv6XromlMNgDZbklvk0Zd6YHC2JR2bBxDQZcBV8TWcJIU16FcZa4Zdb0Zc5K6a2aAVXMTDR79FR9cidVx
.pxlclnmdecom-a.akamaihd.net/ Name: bafp_t
Value: 0adf5d70-a981-11ee-a247-455d927acf39
.media.net/ Name: data-g
Value: CAESENxkVdxal073RXHB9El1Avo~~6
.navdmp.com/ Name: ac3
Value: 1
.navdmp.com/ Name: nid
Value: 13e945ad4c05d9214ab15bce4a10|1|32
.enquetebbb.com.br/ Name: nvg46575
Value: 13e945ad4c7c870e52d8ced31810|0_3
.yahoo.com/ Name: A3
Value: d=AQABBFwnlGUCEPbvU6Y1IfIKaRc-tvVTEZcFEgEBAQF4lWWeZdxC0iMA_eMAAA&S=AQAAAgxPQTOd6TTKeAidNTVvPfQ
.mathtag.com/ Name: uuid
Value: 67366594-275c-4500-817e-47d30d29f553

3 Console Messages

Source Level URL
Text
other warning URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CUTX61X6&noCookies=true(Line 14)
Message:
The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
network error URL: https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%2035E1EA24-50D0-4671-87F2-3C38672EF919&rnd=RND
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

73aa2e4ade87283e8c0a6a43230511cd.safeframe.googlesyndication.com
a.sportradarserving.com
a.tribalfusion.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.turn.com
ads.pubmatic.com
ads.travelaudience.com
analytics.google.com
analytics.pangle-ads.com
b1sync.zemanta.com
beacon.lynx.cognitivlabs.com
bidder.criteo.com
bs.yandex.ru
c1.adform.net
capi.connatix.com
cc.adingo.jp
cdn.navdmp.com
cdn.onesignal.com
cdn6.votarenquete.com.br
ce.lijit.com
cm.adgrx.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
cms.quantserve.com
connect.facebook.net
contextual.media.net
cs.media.net
csync.loopme.me
dis.criteo.com
dts.clnmde.com
dts6.clnmde.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
hb.yahoo.net
hblg.media.net
ib.adnxs.com
id.navegg.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
lg3.media.net
live.primis.tech
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
mug.criteo.com
mweb.ck.inmobi.com
onesignal.com
p.rfihub.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.mathtag.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pmp.mxptint.net
pr-bh.ybp.yahoo.com
prebid.media.net
pubmatic-match.dotomi.com
px.ads.linkedin.com
pxlclnmdecom-a.akamaihd.net
qsearch-a.akamaihd.net
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.mfadsrvr.com
rtb.openx.net
s.amazon-adsystem.com
s.tribalfusion.com
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
server.cpmstar.com
simage2.pubmatic.com
sonata-notifications.taptapnetworks.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.go.sonobi.com
sync.intentiq.com
sync.ipredictive.com
sync.navdmp.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync1.intentiq.com
sync2.navdmp.com
t.adx.opera.com
tag.navdmp.com
tags.premiumads.com.br
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
us01.z.antigena.com
usr.navdmp.com
warp.media.net
www.app.bigonline.top.enquetebbb.com.br
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
a.tribalfusion.com
csync.loopme.me
gum.criteo.com
pagead2.googlesyndication.com
rtb-csync.smartadserver.com
100.24.202.120
13.107.42.14
131.153.148.2
142.251.111.155
151.101.193.108
151.101.66.49
159.127.42.236
162.248.18.37
172.253.63.154
172.64.146.152
173.231.178.83
174.129.160.16
185.167.164.49
192.184.68.254
199.38.167.130
20.253.86.149
204.2.226.29
207.198.113.203
23.200.0.22
23.204.152.232
23.209.57.154
23.222.12.11
23.41.168.202
23.41.168.23
23.46.156.31
23.55.204.206
23.55.204.22
23.55.205.215
23.73.244.44
2600:1901:0:cba2::
2602:803:c002:200::32
2606:4700:10::6814:e280
2606:4700:20::681a:f79
2606:4700::6810:ef3
2606:4700::6812:18ad
2606:4700::6812:d63b
2607:f8b0:4004:c06::5e
2607:f8b0:4004:c07::5e
2607:f8b0:4004:c07::8b
2607:f8b0:4004:c07::9a
2607:f8b0:4004:c08::68
2607:f8b0:4004:c09::8b
2607:f8b0:4004:c0b::5f
2607:f8b0:4004:c17::9a
2607:f8b0:4004:c19::84
2607:f8b0:4004:c19::9a
2607:f8b0:4004:c1b::61
2607:f8b0:4004:c1b::9c
2607:f8b0:4004:c1d::84
2620:100:a001::18
2620:100:a001::4
2620:100:a001::c
2a02:6b8::90
2a03:2880:f003:c0e:face:b00c:0:3
3.162.103.34
3.232.179.229
3.33.220.150
34.111.113.62
34.111.96.116
34.120.63.153
34.150.170.96
34.198.133.245
34.200.65.202
34.96.105.8
34.98.64.218
35.190.0.66
35.207.24.140
35.211.178.172
35.211.233.246
35.227.252.103
38.91.45.7
40.76.134.238
50.116.194.21
50.17.250.107
50.31.142.63
52.223.22.214
52.45.111.235
52.46.128.147
52.5.107.83
52.73.64.253
52.85.132.4
52.85.151.4
54.146.141.15
54.225.192.239
63.251.86.51
67.220.226.234
67.225.224.10
68.67.179.155
69.166.1.35
69.173.151.100
69.194.240.13
69.90.254.78
74.119.119.139
74.119.119.150
8.28.7.81
8.28.7.83
8.28.7.84
82.145.213.8
003413439cb5fa037d219b2635432a0488e406bd27a20ffc71543973b22ca10c
013fc39efb38a28d8eccab58189059646847bc5c54e1c4b637e874b6109ee0ef
01f0ead0b5f2aba10c679daeed7f18e6070d8cfaa8255423c9da22a893285e1d
039d91176ca6763d27e628f8e20c7a4790d19c82cdefdec5047f3b891403cc83
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
078fb63c950a96d87ef24f2e116dea03aca44344d7fd55a34d649086564c684a
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
087ac2cab95b209141be74e4b3a5adb057c721d2f2e77a4bbf0ad60a57d3ebb3
0a240374189c0cfee648961e22170af4fc1f226d11b4d153a100910b635c5062
0a6dfa0d3738f6f7c8db76d2e046e54a1b1ea824a6527c750634a086be2d19e3
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c2bdea3699a8538b5e8cfa72687e278626ac46810f37efd8ee2ad9094fd7beb
0db0816189f28073f4a681325637f06ae07bf131d6b57f33cfa0cbfac8ada663
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0fc9a044e1a485e8b096cb51e1df341b9894eaece7e01b1aeb15e3eab5da7806
129276a00b127cbaeffb739b9a04904059a1368388f33cae90dc90385d1cbb23
12b9cd65f98d1ffaf02a4df14d27d10be674d9f5888cc2b4a89466ec0b45ac6e
15211e0be73438987ed05236dc4ce90962f7c46452427364446576505e66697b
1616c8cd083e6b17f6a75ab0695bd4a4573b31ae8398ffb43758288028f6a773
174c0e3c6a3d5d2c38065fe2beb7e10c00302808f851552540e8c856606524ad
182083c2af568f88138fac088315f89acc4b94866b0c423ce78c04e21e14f857
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1973bb0e810b8f54792d7ea56c03749f6792541876847b085f58d64fb7adfc07
1b658ff8e4d433d039884a9ba7ea2f0c858dc3cb151ee16bdfda15dfb9d3c8a1
1e3bbf2a6d9503811213baca9f5e309618ca968136199ca532a0a5167c0b0f1c
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
24e9ed9eab09216ff15ca9714caf4c6334d318b0997bcac6e72c5029d1d93f43
25a5de68d390f7c0ee9384f03a6f087c66bc3b6eb37c37f7351735770183017f
25e7647033be574917f1c7cbabd9a7904d2a86ffa207cbbf2a815bf222af8dd0
25fdb817b24a548c69cd32f1420fb6a4e20a0aaf760b88c9a3179023a7432396
27f6c8c22d2d9d2f7483a241cd3197bb47761032845bdd1c28cc0e2713484af3
2c074ad617a3ea40210fbc130391b88b76a81a519f22bca1977d4739a87c6bfc
2e1808ad68a7f5f4999f152886b4963a9e640f59392f73360af73860cc6a71bf
2f1e52f6d470035f5c81553858e7581636a3079bd9e85a6107737af4badec51a
2f256611f838d74f92a96fe6469e05ff8dd9151e38a12d784cdcc7511f3938e0
2fda69f83698c870c477234b9495b934eae216985e3bf1568bcd689a7374d8f3
30ad80a600b73262c78de8ec983ae03d362c526589332ad482353bc4306bd7d0
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32b0d2b1ef56d48131221c07e77ee1f9b15708a7e5c4f2c610114d51bca8c42f
33ab8bb5e53bb6e27d876495d09f98a116cc192093ea383e627491c40b68a79a
34419ecac23d0389a78f87d82543d68177399ad204ea5f0fdf677ee51cd1ef1a
347c1aa4c3fc3dfe7f611d1f237b919e6e500e0c5e582920d380d8d5b5787e4e
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
39e3ef73ff0b59272612c80d063080bcbf58779356cc481a831e1c7117ecabb1
3a346f30e14e7c8487fa01587df5d007dfc8fd3142cc29616be900f727a476f8
3c31f594d2c133ec20aef3e2def5e3ab3f136c84d536972fe074040a3873933b
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3de9f5231882b16bddccb492d140b88a3b7b2fd80d36c3f9d382b821779515c2
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f0286b191e52b5e7af22af3a3056958fa411c8a7861ec57eb4d5c96d39314d6
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40572fd0ffc5ae5e4b0c0a7d8d048532e7c149cc9511b78503965e795bed1f25
4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
42df22c7b1ffc073e52506eeaa1c4e96a1d2530a90dc6aec4737c24a4cfd6498
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
4601a643331e142e3a4952eb54b66cf953f1dfad9b13574c5b5d47a069d949b3
464c17d13b4a00236b16bac62b8a667e532c4337b13cffd88359317e558b0335
4681a04a6c7cd99ed9ca47bcffec8db68bbf574c1cfe687882cc3e3ed0c2948f
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46a0243b7af18e28661c127f50884b9ee8c27181051f62bd70d8b3fe67e207d2
46e6c973ffd566bf3b7013cd044a830370bfdae4babff3b0ba172b2c0587daca
47b0e7129add982c0e394f0dfa8d9621e6c9e4126859b26e1ad25c18def0d812
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a10219bee747aadeeda78f166d787adf32583f361f88d44b472f6f3da798083
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f4149b0e07b9b44d0160db3863ddf0a1e998b7f7d581975d836436b4b4eca49
526afcbe3c762fd5a67f0ca4794db46f8894819f5058c5c8d4dd46bc3daa4d92
540d6f08352356a2fa8295bba13480832cb09030e6801b320e74c64519824a86
558ffc306fcfed53467bbf376f405a03f22c4b47a02c4a446d05a769852585dc
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
576868c925dedc43d47345bd0b908e1668e1c041a612cdbeecaf0d88d7a9c439
59939eae4e501705c72f26fd2f797e063d4786093438c8ceef7eccdae15e8e26
59ba03a159f5d0adaf5cc34aa67bd34884b8fab72a1e351b296fb2308f77de58
59e8ad12b4bac2b2d58910f2a1e0a194b36426b0cf1905e29a7c5f801251880c
5abe8d796c549abaa421b31ab43cd327c756bab9695e8bbce0f31e56eaade7a8
5bdcf678abb8a73759456ff6fb7dabb881747700dc5232ab3a1ea86821fc5219
5bde678aec4128d1b2a5b6259a78e64ea899428d477746daf23eae910d425507
5f15ce32c4d4615fd46480fa919b2bdd7ccfeeb07ddfa43a2bd61c2b1b5483fa
601b37db618f94ca70bd1d16390d3fea996fe6c956bee4a2a93d817dfc255cbb
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
610554458215a321f3626a2bb8c3d2c2043d243e9d91e6ececb655e0fc2db731
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62373de6691128ad6c9e5f24fb08d0b8f479fd129412823d1d4d2bfff1e2302b
629a57f15e91bba3f69bbcdff3fcdca27d1fae96df4e4fdbcb11c4fbb53d3eb7
63c97e11ea143afafc4aa123fe04f28c16fc0aa86dac0e8653d3f8c81fb8d5c1
642163837ac4d8942998e53ec8397ec225564a757750e3c69369887840e71afe
64493b7677f4b236fbcbed15196c5ad541766733376b49b2d737a08869a07704
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
66459edfc739be4f517ce02992bde40cdc3fa3e93a5496d36c12a128c4e76e1c
68a44c46b86abf326a6a6cdc7444fab6bee35be515caeebb1cd610a397423ae8
69a8bbf88282d2cf6e4f975cf238fd71adec2a5c98195bfb7a9a86d888b80b79
6d9778bc3f894f02e1907f4e2c4caae7f442521ccb76376958ea06ca7d3472af
6e1b8b583d4068489212557262d9735145414de6940f1a15460dcd2f8047d1c7
71f12eea2915dc092e1d2221e5fbbb42946a7331f046d0ec20c29c0a314ff738
73181e5e5e7e3a3c4588bf0dd9a1b94c5d7e82e7f6b7bc5d6ede575f802f179c
732675cfccf977f7fab5b4cc351efb9fbc17a868da78114b484f80b0d53fc281
763621a0d305c29ece369ed561eaf469c8b517172996290c6afe2c29838ffae3
7713dffabca932ae870e1aad59653270cdfd64f186851dcc0e89774b76ee6ce7
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7b58dca8d2bca84efb6181b26258351c3f4d800c45078b105226d5796736d2c3
7bc7f37f61c6e04925175ad3bae04e63dc87643550c96bced48b217cde40a99e
7ec5561af74114c3b4b8e0a3e4e2d6f0718e60449f99d4266d8c026bfba8ddcc
7f1cb4da0a757ac3935055d6da817f069175f428f7510fba000da662260a1c81
807e84e1168b4e2f461467a2d2b255f8947e8dadaa269e66bf561a7c0ff90bde
80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
847b69fb54fbe7de0bf6efb3af9d1f458d8632ca866588c4d93e640e115efec2
86acc3626551a828f13f30863d1bf5a88038ba81eecf5425d8f5e30e24702005
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
88aed517c658ae00737eca73c1a38f78e180765add89904118bedf520e76e010
890d5eaa10e9bd7b67de7279581e2fe6a2b1c57c37d7baf47b9ed9a73c111f88
8947dad051b2d1e94e13b891490a267a7921292ec30e3c718dc7fe6359df5155
89c77d47c44dfa4ef63a1b3f6eede30f48983f2917fa080835e461c96cba5b02
8b93ae24cca2f1a2435b780a300a519992667c8440bc265564e9e2b20251d4c2
8c3ad591c818cf9f05c1fe47f4184f4f82b017100848a33afdd640b2b8b6f9e5
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
8d972d00f01af3599d734288860c80b46a626ec9eade36e3b6261ccfa0a20295
8df2c7fec3541500a38d4273e9ea7495225fe2ab86431503df5d866f351f4ca4
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8f53a375130a9dcc33b79b95d8e58d5ec02d92e70aac3ef70e17083dda50a7d0
8ff4a30392a3966fe5af95652920fef78fbceaa1f6a8c9f474c28af36de5cc08
9254ffe1310ecb839ed25a69e4cc751bd8e1ab74a964b4c91d67cf3964eae29b
94971ea51716e2fb012fa588c909d8c8794be579262c28dd668a1dc326e5768d
95d98804a6e5f1e07cca375e5eff2d59603f175e6f35f1de42a5fd1112b0dc1c
976b1d446e9f000ebc33704968e386bdf9a1c80afa733825c1fb92006d1736ae
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
993b0443d2036735fb35042c2898020f5acd676d2b1ec333f740bcac5427fb17
9963f6e3cc68a9488f258ee3814be17f6e48d37176ee74cb864a554eaa0abecb
9a03568e65e089a8d0141da6371d935d35b6ea13a8c5af029d9e4e32c6233f3f
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c379e4510fbb454d5eefc35758f83750f1824e9cffb24e14fe813d8afbffd9d
9cdb163d229f2eb24fc0db41c72a849104b89d480512570030afbeef56fc2f09
9cf5bfb11685eb7915044939b4ae7c8a9dfd4f8ff521d56e442ee7b8774329cf
9dd5584140f2ec5ed5c5f39b20ba0800c742c6a60b621c97d972b4239fc6b1fa
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a31579de079ace0a7e4bec7f0c489c4a4ddc7e8afc2b9828bbb6896d455e6676
a358b26ef00f7e937fd9baf7269222496202ce0eb3f48614b40de678b3182c7b
a36c24ae7ba241bba601ac4e528f763966998f5b13e533f3288e5ef1272cdb43
a37529be22f4e05f3849b2056b102b8bb8f43a9d89210e12055ef07baeb88e9e
a3cf2d367d36c4f207c93ef1207dd71b196fbffb8f50b78b47bae495ee266ba7
a5c2728e77ced2a8d93431b63c328adfd0900eb8364c82552870de9da43a2233
a6116a5a8278497c8cda48e4a8957ce035b6d09b47a79e7eea58c245e2b53ee9
a6dcd5a1f417759619f6337dab53143957a1811a5919f73955ab3a7066312206
a70770556b3feb3c4a79ddfbb99768e58a262e5a2c744e922d65fc4612a04e61
a980612a479652ce151246195a0649cd54d87ff147a5742875e076566846f616
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
aaf10a29a6e9369fd99a81c3ff0bb8de76316a621a659bade750eb27a980d33e
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad5362c5d0eff8b06b4abe5b2148fdc53faf5961e5ba489e345d808ef2567a58
ae64813d3c5cf8a1ae3304ab6fcc80b28a728296984e4289c64aa6d630e06bf5
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b250ef39399eb55f93d850fe15561b82c2c296c7046e9d6690d7d2f95789caea
b2b3e5a8167eed53f147fbf29f1875c8da3d43ce5780d72016427c31f6a04041
b4557d023216781e0a1d45405ca1017817151a258e852f439f870ad6a9a8ac17
b4a6f10015f3f06e90821d3cb9d527a67c51341f52b029cfb034a00d27d2aa32
b77e8da8c14b84a8c0b2a906b58c45f821bb7f25b5708a13b55758790cc8df35
b846f992fafe62de5c30a2305e18015762c3ad534d21163546b616290c4d8209
b9585022f7134cf14cb8be94fdf0c1229322e0d0e5b497dc1d43156203150a6c
ba12e26b15ce7d61fbfa2735f4b66696c663249da878d557a28282389f75e475
ba5e42adc547e443e055c39d421a8955f97c8cd4f726383ce0c87f09779134c4
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bdfb63a8bc54a1f786116dd76df21fed408dff0ab65577958009741f9762680d
beecff1ab9cca2203c9e18df18f3146c174efdcc8ecebe6a5995a9a3039e973e
c0265792c154013f2a4b984713dd64686d0d50c2810983b5fff6089e7ae2147b
c05e5b8993e3f1de70c94fb5864edd970728bc72422dd29878287881e1bf529d
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77
c5987c529814bca758deb15c889113e35e87d0fc6fe4788202c326da2dc3559c
c6dbee1e15950de3f157c5074a3696c09914c4b31a7db5d5b8be692a17171046
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
c979be3ca2ea19a41e656e1372c36f4677da11ace44f40c27c2c48bfe5a33cca
c9a726fb5e408c905af5fa916e23740a283b9ab6f8adfa955a0b3b40e7c6cdf9
cb1ca001c0178df972a6c5c5235a80208cf54d572682e042bae85456b5bef5cc
cf2e9bbdef32f1bd4e75dd8e1ecf2e7fa61697babb54f4d7e502445608b0d399
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0c2360a26fd57ed8e7537ec6a2cb580ddc4701192d80a772420f12014f6f178
d1384ae51e633ed5d189f6ef2383a0d23540c897cd21566cb70155ae8fb1e478
d2b62eac63a8beed205970c42627ef3fda865187eb074a15a22f9591bbc94b6c
d40285f61cf97c481d61f0ccbe1ae23b47ef63cca6822d90eb37f4922cd56f81
d514665695568bb918c9c1265aa93e2542c9d3090ac1480dfee8468d2a2f8e68
d596ca97514cd5cf329cf62a215ee08a23e52bdcbf7880be0b2d453c9c28e4fc
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d9a2b1472c2611f0f39e2965d7faee82d99717c347f5c7e52aa9c5f27e0174d6
dae2de437b0de53ae4cd80d3d15bcf5f45fcdb384514eddb1522e782fd8115a7
db5f08f71cb73a6d0b162b0e1e87d59d269e83b2ef414c2b1688ad7831340469
dc2aa58159c56a5e60feea9cb95b6bc6110f8dc824cf6ddfcbae0f4f86199d5a
dce806794f0ab48ebc35bfec3556e08e2835d052e96a759b4b7b8140da78b7ae
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de4451c6eb4c78b702515388d134d0ba0ad41aa18e3388f1a592b87cd9cb4f46
dee4776e1767a62698c3a99a1c8c0319a0d1295f001996371fbb2998eb846f2a
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26
e15550e747885311c9effdb1722fbfae193d29eba419ec65122678c4add2f3ea
e19c6f2ae2b4e3b5caf5a583f94d4eb9e95505c75be11fc528639c6e108f607d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6123603aeabe4b8467cc64a9ee3329093d346f494179fea936f699aeec37fdd
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f
e714c04bd8303c2cb34fb0e9004d63bb2b3def0e8d69995808b7043dcd5792ed
ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a
ec35218519989e415ada36f932815d10628420e6d7c0bf2ac06d0e29ff980cab
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108
ed721a3c888082587ba404d93a3b7ef77547c78b1e87b8410bbd8d9576fc1505
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f23c245ea5a38f63022aa074a4ccfe104df9a690d376460dc2562d63dde4b820
f3c86eb7cff4e7fac774fe3cc8c3b2f38938226991c2a1338f5d1b4fefbf7b64
f4beba437d39a47ef09fcffdc403a170792ffe77b3bd716a0538999895d17ba5
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f89fd33e7fd7795621c2f0177221dbd60eba80b2760dbd7d0f67a954e0e37fc4
f970e18ee55b33261ce4e8b24076fab6be2df6238746cfab70b8169258666fdb
fc4a95d2cbc89a9c73fcf53e64d285c68d8fc4569f1f4742036b9cf9fabed23d
fc6f580810c33b1b5df1510b9d222429adb6d1f2ac5bf810a4c6ed7ead3cf061
fcb980cc482294d0f1928229f4fc4a4856efa5bee2c87fdd339bc2c59a81e71f
fce5168fa86077ca21a2e8c5d658b0abca8d19b1a46b2eb5beb76c3e79f9e142
fda9ef9d3fda898fc315283504eb0aeb8ada64df1bda7e2e11165f28f59c1fb6
fe19a0337cbb7bd0b7a2bbc41cae76c2df3b9b1e8942589b6652bdbc3ff12db0
ff1f876993a9e941440a6173852028b3432f19be1df5a2ebdbd7d6131a8b1604
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995