urlscan.io logo urlscan.io
SecurityTrails logo

promo-quemdisseberenice.com Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

Go To Rescan Add Verdict Report
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Submission: On May 13 via api from HU — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 64 IPs in 8 countries across 40 domains to perform 480 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is promo-quemdisseberenice.com.
TLS certificate: Issued by GTS CA 1P5 on May 10th 2024. Valid for: 3 months.
This is the only time promo-quemdisseberenice.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 2a06:98c1:312... 13335 (CLOUDFLAR...)
12 104.126.37.162 20940 (AKAMAI-ASN1)
3 130.211.29.114 396982 (GOOGLE-CL...)
1 15 2620:1ec:c11:... 8068 (MICROSOFT...)
4 151.101.64.84 54113 (FASTLY)
2 34.102.147.248 396982 (GOOGLE-CL...)
2 2a02:6ea0:c70... 60068 (CDN77 _)
4 2a00:1450:400... 15169 (GOOGLE)
4 2a03:2880:f08... 32934 (FACEBOOK)
5 2620:1ec:46::45 8075 (MICROSOFT...)
4 2a02:26f0:350... 20940 (AKAMAI-ASN1)
10 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
12 2600:9000:249... 16509 (AMAZON-02)
14 2600:9000:249... 16509 (AMAZON-02)
1 2600:9000:249... 16509 (AMAZON-02)
1 13.32.27.72 16509 (AMAZON-02)
12 2606:4700::68... 13335 (CLOUDFLAR...)
16 142.250.184.194 15169 (GOOGLE)
37 188.114.97.3 13335 (CLOUDFLAR...)
2 2620:100:a00b... 19750 (AS-CRITEO)
3 2a02:2638:3::24 44788 (ASN-CRITE...)
14 16.12.0.84 16509 (AMAZON-02)
1 205.234.175.175 30081 (CACHENETW...)
2 2606:4700:440... 13335 (CLOUDFLAR...)
3 18.66.102.51 16509 (AMAZON-02)
2 13.32.27.21 16509 (AMAZON-02)
7 172.67.70.13 13335 (CLOUDFLAR...)
74 108.138.7.28 16509 (AMAZON-02)
1 3.95.83.9 14618 (AMAZON-AES)
1 2a02:2638:3::e 44788 (ASN-CRITE...)
4 2606:4700:20:... 13335 (CLOUDFLAR...)
3 52.95.165.80 16509 (AMAZON-02)
2 2600:9000:237... 16509 (AMAZON-02)
3 169.55.209.190 36351 (SOFTLAYER)
2 151.101.130.49 54113 (FASTLY)
3 2a02:26f0:ab0... 20940 (AKAMAI-ASN1)
6 142.250.184.198 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
6 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
20 142.250.74.206 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 34.98.67.3 396982 (GOOGLE-CL...)
2 2a02:2638:3::3 44788 (ASN-CRITE...)
16 142.250.186.68 15169 (GOOGLE)
12 142.250.186.99 15169 (GOOGLE)
1 2a02:2638:3::c 44788 (ASN-CRITE...)
1 6 185.184.10.30 203690 (RTB-HOUSE...)
3 172.217.18.14 15169 (GOOGLE)
3 2a02:26f0:ab0... 20940 (AKAMAI-ASN1)
3 177.153.231.53 27715 (Locaweb S...)
7 142.250.185.98 15169 (GOOGLE)
1 157.240.252.13 32934 (FACEBOOK)
41 151.101.129.91 54113 (FASTLY)
4 2a03:2880:f17... 32934 (FACEBOOK)
1 3.234.179.32 14618 (AMAZON-AES)
15 151.101.1.91 54113 (FASTLY)
1 151.101.0.84 54113 (FASTLY)
1 3 68.219.88.97 8075 (MICROSOFT...)
3 18.229.209.188 16509 (AMAZON-02)
3 216.239.34.36 15169 (GOOGLE)
480 64
4    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
promo-quemdisseberenice.com
12    104.126.37.162 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-126-37-162.deploy.static.akamaitechnologies.com
analytics.tiktok.com
3    130.211.29.114 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 114.29.211.130.bc.googleusercontent.com
cdn.perfdrive.com
15    2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
c.bing.com
4    151.101.64.84 (San Francisco, United States)

ASN54113 (FASTLY, US)
ct.pinterest.com
2    34.102.147.248 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 248.147.102.34.bc.googleusercontent.com
tag.rmp.rakuten.com
2    2a02:6ea0:c700::19 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)
tags.creativecdn.com
4    2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
5    2620:1ec:46::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
4    2a02:26f0:3500:888::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
s.pinimg.com
10    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
8    2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
12    2600:9000:2490:6c00:b:757a:54c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
epocacosmeticos.vteximg.com.br
14    2600:9000:2490:ac00:9:a515:6780:93a1 (United States)

ASN16509 (AMAZON-02, US)
io.vtex.com.br
1    2600:9000:2490:1000:b:757a:54c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
vtex.vtexassets.com
1    13.32.27.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-72.fra56.r.cloudfront.net
activity-flow.vtex.com
12    2606:4700::6812:1baf (United States)

ASN13335 (CLOUDFLARENET, US)
static.trustvox.com.br
rate.trustvox.com.br
trustvox.com.br
16    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
googleads.g.doubleclick.net
37    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
chat-app.meudroz.com
promo-quemdisseberenice.com
2    2620:100:a00b::20 (United States)

ASN19750 (AS-CRITEO, US)
www.hlserve.com
3    2a02:2638:3::24 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
d.criteo.com
14    16.12.0.84 (São Paulo, Brazil)

ASN16509 (AMAZON-02, US)
PTR: s3-sa-east-1.amazonaws.com
s3-sa-east-1.amazonaws.com
1    205.234.175.175 (United States)

ASN30081 (CACHENETWORKS, US)
PTR: vip1.G-anycast1.cachefly.net
cdn.richrelevance.com
2    2606:4700:4400::6812:2b44 (United States)

ASN13335 (CLOUDFLARENET, US)
recs.richrelevance.com
media.richrelevance.com
3    18.66.102.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-51.fra56.r.cloudfront.net
static.hotjar.com
2    13.32.27.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-21.fra56.r.cloudfront.net
script.hotjar.com
7    172.67.70.13 (United States)

ASN13335 (CLOUDFLARENET, US)
collect.vendavalida.com.br
74    108.138.7.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-28.fra56.r.cloudfront.net
epocacosmeticos.vteximg.com.br
1    3.95.83.9 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-95-83-9.compute-1.amazonaws.com
af-origin.vtex.com
1    2a02:2638:3::e (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dynamic.criteo.com
4    2606:4700:20::681a:b69 (United States)

ASN13335 (CLOUDFLARENET, US)
i.btg360.com.br
3    52.95.165.80 (São Paulo, Brazil)

ASN16509 (AMAZON-02, US)
PTR: s3-sa-east-1.amazonaws.com
s3.sa-east-1.amazonaws.com
2    2600:9000:237d:f600:f:5081:d8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.percycle.com
3    169.55.209.190 (United States)

ASN36351 (SOFTLAYER, US)
PTR: be.d1.37a9.ip4.static.sl-reverse.com
tracker.pensebig.com.br
2    151.101.130.49 (San Francisco, United States)

ASN54113 (FASTLY, US)
scontent.webcollage.net
syndi.webcollage.net
3    2a02:26f0:ab00::214:8e70 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.siteblindado.com
6    142.250.184.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net
5454431.fls.doubleclick.net
10    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
10    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
td.doubleclick.net
6    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
region1.google-analytics.com
1    2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
20    142.250.74.206 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f14.1e100.net
www.google-analytics.com
5    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.nl
1    34.98.67.3 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 3.67.98.34.bc.googleusercontent.com
consent.linksynergy.com
2    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
16    142.250.186.68 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f4.1e100.net
www.google.com
12    142.250.186.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f3.1e100.net
www.google.nl
1    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
6    185.184.10.30 (Cyprus)

ASN203690 (RTB-HOUSE-ASH, CY)
PTR: ip-185-184-10-30.rtbhouse.net
us.creativecdn.com
3    172.217.18.14 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f14.1e100.net
google.com
3    2a02:26f0:ab00::214:8e59 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
seal.siteblindado.com
3    177.153.231.53 (Brazil)

ASN27715 (Locaweb Servicos de Internet SA, BR)
c.btg360.com.br
7    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
td.doubleclick.net
1    157.240.252.13 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra3.fbcdn.net
connect.facebook.net
41    151.101.129.91 (San Francisco, United States)

ASN54113 (FASTLY, US)
content.syndigo.com
4    2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    3.234.179.32 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-234-179-32.compute-1.amazonaws.com
api-ads.percycle.com
15    151.101.1.91 (San Francisco, United States)

ASN54113 (FASTLY, US)
event.syndigo.cloud
1    151.101.0.84 (San Francisco, United States)

ASN54113 (FASTLY, US)
ct.pinterest.com
3    68.219.88.97 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
3    18.229.209.188 (São Paulo, Brazil)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-229-209-188.sa-east-1.compute.amazonaws.com
standout.com.br
3    216.239.34.36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
region1.analytics.google.com
Apex Domain
Subdomains		 Transfer
86 vteximg.com.br
epocacosmeticos.vteximg.com.br
2 MB
41 syndigo.com
content.syndigo.com — Cisco Umbrella Rank: 8848
105 KB
40 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 35
5454431.fls.doubleclick.net
td.doubleclick.net — Cisco Umbrella Rank: 417
stats.g.doubleclick.net — Cisco Umbrella Rank: 89
26 KB
26 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3095
www.google.com — Cisco Umbrella Rank: 2
google.com — Cisco Umbrella Rank: 1
2 KB
26 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32
region1.google-analytics.com — Cisco Umbrella Rank: 2533
210 KB
25 promo-quemdisseberenice.com
promo-quemdisseberenice.com
143 KB
17 google.nl
www.google.nl — Cisco Umbrella Rank: 10834
2 KB
17 amazonaws.com
s3-sa-east-1.amazonaws.com
s3.sa-east-1.amazonaws.com
65 KB
16 meudroz.com
chat-app.meudroz.com
35 KB
15 syndigo.cloud
event.syndigo.cloud — Cisco Umbrella Rank: 10144
7 KB
15 bing.com
bat.bing.com — Cisco Umbrella Rank: 345
c.bing.com — Cisco Umbrella Rank: 231
17 KB
14 vtex.com.br
io.vtex.com.br — Cisco Umbrella Rank: 48446
93 KB
12 trustvox.com.br
static.trustvox.com.br — Cisco Umbrella Rank: 589066
rate.trustvox.com.br — Cisco Umbrella Rank: 487236
trustvox.com.br — Cisco Umbrella Rank: 321998
170 KB
12 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 712
285 KB
10 gstatic.com
fonts.gstatic.com
190 KB
10 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
712 KB
8 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
4 KB
8 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 743
c.clarity.ms — Cisco Umbrella Rank: 1385
31 KB
8 creativecdn.com
tags.creativecdn.com — Cisco Umbrella Rank: 6195
us.creativecdn.com — Cisco Umbrella Rank: 3108
4 KB
7 btg360.com.br
i.btg360.com.br — Cisco Umbrella Rank: 408212
c.btg360.com.br — Cisco Umbrella Rank: 415505
5 KB
7 vendavalida.com.br
collect.vendavalida.com.br — Cisco Umbrella Rank: 479501
8 KB
6 siteblindado.com
cdn.siteblindado.com — Cisco Umbrella Rank: 610829
seal.siteblindado.com — Cisco Umbrella Rank: 413213
3 KB
5 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 742
script.hotjar.com — Cisco Umbrella Rank: 988
59 KB
5 criteo.com
d.criteo.com — Cisco Umbrella Rank: 13771
dynamic.criteo.com — Cisco Umbrella Rank: 3769
gum.criteo.com — Cisco Umbrella Rank: 444
387 KB
5 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 183
94 KB
5 pinterest.com
ct.pinterest.com — Cisco Umbrella Rank: 902
5 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 101
534 B
4 pinimg.com
s.pinimg.com — Cisco Umbrella Rank: 911
22 KB
3 standout.com.br
standout.com.br — Cisco Umbrella Rank: 695320
1 KB
3 pensebig.com.br
tracker.pensebig.com.br
2 KB
3 percycle.com
static.percycle.com — Cisco Umbrella Rank: 786707
api-ads.percycle.com — Cisco Umbrella Rank: 759558
23 KB
3 richrelevance.com
cdn.richrelevance.com — Cisco Umbrella Rank: 92162
recs.richrelevance.com — Cisco Umbrella Rank: 17281
media.richrelevance.com — Cisco Umbrella Rank: 29534
21 KB
3 perfdrive.com
cdn.perfdrive.com — Cisco Umbrella Rank: 22544
8 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 664
731 B
2 webcollage.net
scontent.webcollage.net — Cisco Umbrella Rank: 15750
syndi.webcollage.net — Cisco Umbrella Rank: 18253
3 KB
2 hlserve.com
www.hlserve.com — Cisco Umbrella Rank: 11780
11 KB
2 vtex.com
activity-flow.vtex.com — Cisco Umbrella Rank: 56723
af-origin.vtex.com — Cisco Umbrella Rank: 49006
7 KB
2 rakuten.com
tag.rmp.rakuten.com — Cisco Umbrella Rank: 7849
14 KB
1 linksynergy.com
consent.linksynergy.com — Cisco Umbrella Rank: 32717
290 B
1 vtexassets.com
vtex.vtexassets.com — Cisco Umbrella Rank: 61988
3 KB
480 40
Domain Requested by
86 epocacosmeticos.vteximg.com.br promo-quemdisseberenice.com
epocacosmeticos.vteximg.com.br
41 content.syndigo.com syndi.webcollage.net
content.syndigo.com
25 promo-quemdisseberenice.com promo-quemdisseberenice.com
io.vtex.com.br
www.googletagmanager.com
24 www.google-analytics.com promo-quemdisseberenice.com
www.google-analytics.com
www.googletagmanager.com
17 www.google.nl promo-quemdisseberenice.com
17 td.doubleclick.net promo-quemdisseberenice.com
16 www.google.com promo-quemdisseberenice.com
16 chat-app.meudroz.com promo-quemdisseberenice.com
chat-app.meudroz.com
16 googleads.g.doubleclick.net promo-quemdisseberenice.com
15 event.syndigo.cloud promo-quemdisseberenice.com
14 s3-sa-east-1.amazonaws.com promo-quemdisseberenice.com
chat-app.meudroz.com
14 io.vtex.com.br promo-quemdisseberenice.com
14 bat.bing.com promo-quemdisseberenice.com
bat.bing.com
12 analytics.tiktok.com promo-quemdisseberenice.com
analytics.tiktok.com
10 fonts.gstatic.com fonts.googleapis.com
10 www.googletagmanager.com promo-quemdisseberenice.com
8 fonts.googleapis.com promo-quemdisseberenice.com
static.trustvox.com.br
chat-app.meudroz.com
7 region1.analytics.google.com www.googletagmanager.com
7 collect.vendavalida.com.br promo-quemdisseberenice.com
collect.vendavalida.com.br
6 us.creativecdn.com 1 redirects promo-quemdisseberenice.com
6 5454431.fls.doubleclick.net promo-quemdisseberenice.com
6 trustvox.com.br promo-quemdisseberenice.com
static.trustvox.com.br
5 www.clarity.ms promo-quemdisseberenice.com
bat.bing.com
5 connect.facebook.net promo-quemdisseberenice.com
connect.facebook.net
5 ct.pinterest.com promo-quemdisseberenice.com
s.pinimg.com
4 www.facebook.com promo-quemdisseberenice.com
4 i.btg360.com.br promo-quemdisseberenice.com
epocacosmeticos.vteximg.com.br
www.googletagmanager.com
4 static.trustvox.com.br promo-quemdisseberenice.com
static.trustvox.com.br
4 s.pinimg.com promo-quemdisseberenice.com
www.googletagmanager.com
s.pinimg.com
3 standout.com.br s3-sa-east-1.amazonaws.com
3 c.clarity.ms 1 redirects
3 c.btg360.com.br promo-quemdisseberenice.com
3 seal.siteblindado.com cdn.siteblindado.com
3 google.com www.googletagmanager.com
3 cdn.siteblindado.com promo-quemdisseberenice.com
www.googletagmanager.com
3 tracker.pensebig.com.br promo-quemdisseberenice.com
3 s3.sa-east-1.amazonaws.com promo-quemdisseberenice.com
3 static.hotjar.com promo-quemdisseberenice.com
3 d.criteo.com promo-quemdisseberenice.com
dynamic.criteo.com
3 cdn.perfdrive.com promo-quemdisseberenice.com
2 static.criteo.net dynamic.criteo.com
2 region1.google-analytics.com www.googletagmanager.com
2 static.percycle.com promo-quemdisseberenice.com
www.googletagmanager.com
2 script.hotjar.com promo-quemdisseberenice.com
2 rate.trustvox.com.br promo-quemdisseberenice.com
2 www.hlserve.com promo-quemdisseberenice.com
2 tags.creativecdn.com promo-quemdisseberenice.com
www.googletagmanager.com
2 tag.rmp.rakuten.com promo-quemdisseberenice.com
www.googletagmanager.com
1 c.bing.com 1 redirects
1 api-ads.percycle.com static.percycle.com
1 syndi.webcollage.net scontent.webcollage.net
1 gum.criteo.com dynamic.criteo.com
1 consent.linksynergy.com promo-quemdisseberenice.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 scontent.webcollage.net promo-quemdisseberenice.com
1 dynamic.criteo.com promo-quemdisseberenice.com
1 af-origin.vtex.com activity-flow.vtex.com
1 media.richrelevance.com promo-quemdisseberenice.com
1 recs.richrelevance.com promo-quemdisseberenice.com
1 cdn.richrelevance.com promo-quemdisseberenice.com
1 activity-flow.vtex.com promo-quemdisseberenice.com
1 vtex.vtexassets.com promo-quemdisseberenice.com
480 62

This site contains links to these domains. Also see Links.

Domain
www.epocacosmeticos.com.br
Subject Issuer Validity Valid
promo-quemdisseberenice.com
GTS CA 1P5		 2024-05-10 -
2024-08-08		 3 months crt.sh
*.tiktok.com
RapidSSL ECC CA 2018		 2023-07-14 -
2024-08-13		 a year crt.sh
*.perfdrive.com
Go Daddy Secure Certificate Authority - G2		 2023-09-21 -
2024-09-26		 a year crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 02		 2024-05-01 -
2024-06-27		 2 months crt.sh
*.pinterest.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-31 -
2024-08-07		 a year crt.sh
tag.rmp.rakuten.com
GTS CA 1D4		 2024-03-31 -
2024-06-29		 3 months crt.sh
1589314308.rsc.cdn77.org
R3		 2024-03-19 -
2024-06-17		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-02-21 -
2024-05-21		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-07 -
2024-12-07		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
*.vtexassets.com
Amazon RSA 2048 M03		 2024-03-12 -
2025-04-09		 a year crt.sh
*.vtex.com.br
Amazon RSA 2048 M02		 2023-07-05 -
2024-08-02		 a year crt.sh
*.vtex.com
Amazon RSA 2048 M03		 2023-10-03 -
2024-10-31		 a year crt.sh
trustvox.com.br
E1		 2024-04-15 -
2024-07-14		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
meudroz.com
E1		 2024-04-06 -
2024-07-05		 3 months crt.sh
*.hlserve.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-04-05 -
2024-07-01		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-04-15 -
2024-07-10		 3 months crt.sh
*.s3-sa-east-1.amazonaws.com
Amazon RSA 2048 M01		 2024-04-12 -
2025-03-30		 a year crt.sh
*.cachefly.net
GlobalSign RSA OV SSL CA 2018		 2023-11-13 -
2024-12-14		 a year crt.sh
*.richrelevance.com
Go Daddy Secure Certificate Authority - G2		 2023-10-25 -
2024-11-25		 a year crt.sh
*.hotjar.com
Amazon ECDSA 256 M03		 2024-02-07 -
2025-03-08		 a year crt.sh
vendavalida.com.br
E1		 2024-03-29 -
2024-06-27		 3 months crt.sh
media.richrelevance.com
E1		 2024-04-25 -
2024-07-24		 3 months crt.sh
btg360.com.br
GTS CA 1P5		 2024-04-04 -
2024-07-03		 3 months crt.sh
percycle.com
Amazon RSA 2048 M01		 2023-09-05 -
2024-10-03		 a year crt.sh
*.pensebig.com.br
Thawte TLS RSA CA G1		 2024-02-02 -
2025-03-04		 a year crt.sh
*.webcollage.net
GlobalSign Atlas R3 DV TLS CA 2024 Q1		 2024-01-15 -
2025-02-15		 a year crt.sh
b2wdigital.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-01-15 -
2025-01-14		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
*.google.nl
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
consent.linksynergy.com
GTS CA 1D4		 2024-04-10 -
2024-07-09		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-04-25 -
2024-07-19		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
*.creativecdn.com
RapidSSL TLS RSA CA G1		 2024-04-05 -
2025-04-30		 a year crt.sh
*.btg360.com.br
AlphaSSL CA - SHA256 - G4		 2023-05-18 -
2024-06-18		 a year crt.sh
*.syndigo.com
GlobalSign Atlas R3 DV TLS CA 2024 Q1		 2024-01-15 -
2025-02-15		 a year crt.sh
*.ads.linximpulse.net
Amazon RSA 2048 M02		 2023-11-04 -
2024-12-02		 a year crt.sh
*.syndigo.cloud
GlobalSign Atlas R3 DV TLS CA 2024 Q1		 2024-01-15 -
2025-02-15		 a year crt.sh
standout.com.br
Amazon RSA 2048 M03		 2023-09-22 -
2024-10-20		 a year crt.sh
c.msn.com
Microsoft Azure RSA TLS Issuing CA 07		 2024-02-27 -
2025-02-21		 a year crt.sh

This page contains 29 frames:

Primary Page: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Frame ID: 11E361E0AFAFE0B4567E07A09032577B
Requests: 460 HTTP requests in this frame

Frame: https://5454431.fls.doubleclick.net/activityi;src=5454431;type=invmedia;cat=o2rgnkah;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord='%203463544360623.847%20'
Frame ID: D4B838360D20789F189ABAFB200A4A4C
Requests: 1 HTTP requests in this frame

Frame: https://5454431.fls.doubleclick.net/activityi;src=5454431;type=invmedia;cat=o2rgnkah;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord='%208068891657779.891%20'
Frame ID: 2CCD4CC56CD3A81B95B7CD8B2F626DE8
Requests: 1 HTTP requests in this frame

Frame: https://5454431.fls.doubleclick.net/activityi;src=5454431;type=invmedia;cat=o2rgnkah;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord='%206067706164168.442%20'
Frame ID: 3CBD0D5699C342B3051DC4EEF0CDF0A1
Requests: 1 HTTP requests in this frame

Frame: https://i.btg360.com.br/_bifr.htm?rand=1715619434910&rand2=0.4391764881646678
Frame ID: 3976B7DD9641967608A80435D32EA7A1
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-G20C9N71BZ&gacid=956626974.1715315959&gtm=45je4580v877287869z8850186639za200&dma=0&gcd=13l3l3l3l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&z=88995449
Frame ID: E4D483806D3EB2454097D548FF613D83
Requests: 1 HTTP requests in this frame

Frame: https://5454431.fls.doubleclick.net/activityi;src=5454431;type=invmedia;cat=o2rgnkah;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord='%201676830933777.671%20'
Frame ID: EA749EB52E6956E3716BA0960C3019F7
Requests: 1 HTTP requests in this frame

Frame: https://5454431.fls.doubleclick.net/activityi;src=5454431;type=invmedia;cat=o2rgnkah;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord='%20810831801212.1462%20'
Frame ID: F25B4E8059BFC8BC0E79DF7E410EDDB9
Requests: 1 HTTP requests in this frame

Frame: https://5454431.fls.doubleclick.net/activityi;src=5454431;type=invmedia;cat=o2rgnkah;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord='%204342241185821.2827%20'
Frame ID: 7EFE05B03014645E2BB21AC635870AF0
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=promo-quemdisseberenice.com&origin=onetag
Frame ID: 0ECAEB902236CF8E81B1745F61221A67
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/601624232?random=1715410880110&cv=11&fst=1715410880110&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4580za200&gcd=13l3l3l3l1&dma=0&u_w=375&u_h=667&url=https%3A%2F%2Fofertas-maybelyne.com%2Fquiz-maybe%2Fpremio%2F&hn=www.googleadservices.com&frm=0&tiba=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&ga_uid=G-G20C9N71BZ.undefined&npa=0&pscdl=noapi&auid=1346515874.1715315959&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 8E2316D44FA145B2927C30E07BE9B894
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/601624232?random=1715372382381&cv=11&fst=1715372382381&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4580za200&gcd=13l3l3l3l1&dma=0&u_w=375&u_h=667&url=https%3A%2F%2Fwww.epocacosmeticos.com.br%2Fmaybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom%2Fp%3Fidsku%3D65884%26utm_content%3D65884%26utm_medium%3Dcpc%26utm_source%3Dgoogle%26utmi_cp%3Dpla%26gad_source%3D1%26gclid%3DCj0KCQjwxeyxBhC7ARIsAC7dS3_w1fBtzQPFXN_Mh9YXzcGNcD1TigVLwUAhZUwpgrTxSY7MTO_0rogaAv-7EALw_wcB%26gclsrc%3Daw.ds%26uam%3Dtrue%26mobile%3D2&ref=https%3A%2F%2Fwww.epocacosmeticos.com.br%2Fmaybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom%2Fp%3Fidsku%3D65884%26utm_content%3D65884%26utm_medium%3Dcpc%26utm_source%3Dgoogle%26utmi_cp%3Dpla%26gad_source%3D1%26gclid%3DCj0KCQjwxeyxBhC7ARIsAC7dS3_w1fBtzQPFXN_Mh9YXzcGNcD1TigVLwUAhZUwpgrTxSY7MTO_0rogaAv-7EALw_wcB%26gclsrc%3Daw.ds&hn=www.googleadservices.com&frm=0&tiba=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&ga_uid=G-G20C9N71BZ.undefined&npa=0&pscdl=noapi&auid=283673711.1714267076&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 46D8D477CBBD3E313D9C4B0EFF11D6FE
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/601624232?random=1715410880254&cv=11&fst=1715410880254&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4580za200&gcd=13l3l3l3l1&dma=0&u_w=375&u_h=667&url=https%3A%2F%2Fofertas-maybelyne.com%2Fquiz-maybe%2Fpremio%2F&hn=www.googleadservices.com&frm=0&tiba=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&ga_uid=G-G20C9N71BZ.undefined&npa=0&pscdl=noapi&auid=1346515874.1715315959&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: B20C57F1938E92869759BBACC1A3CD93
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/976458679?random=1715372383782&cv=11&fst=1715372383782&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4580v872370555za200&gcd=13l3l3l3l1&dma=0&u_w=375&u_h=667&url=https%3A%2F%2Fwww.epocacosmeticos.com.br%2Fmaybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom%2Fp%3Fidsku%3D65884%26utm_content%3D65884%26utm_medium%3Dcpc%26utm_source%3Dgoogle%26utmi_cp%3Dpla%26gad_source%3D1%26gclid%3DCj0KCQjwxeyxBhC7ARIsAC7dS3_w1fBtzQPFXN_Mh9YXzcGNcD1TigVLwUAhZUwpgrTxSY7MTO_0rogaAv-7EALw_wcB%26gclsrc%3Daw.ds%26uam%3Dtrue%26mobile%3D2&ref=https%3A%2F%2Fwww.epocacosmeticos.com.br%2Fmaybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom%2Fp%3Fidsku%3D65884%26utm_content%3D65884%26utm_medium%3Dcpc%26utm_source%3Dgoogle%26utmi_cp%3Dpla%26gad_source%3D1%26gclid%3DCj0KCQjwxeyxBhC7ARIsAC7dS3_w1fBtzQPFXN_Mh9YXzcGNcD1TigVLwUAhZUwpgrTxSY7MTO_0rogaAv-7EALw_wcB%26gclsrc%3Daw.ds&hn=www.googleadservices.com&frm=0&tiba=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&ga_uid=G-G20C9N71BZ.undefined&npa=0&pscdl=noapi&auid=283673711.1714267076&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 4369C8C95454C85A2D89DFE9E868F3B0
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/601624232?random=1715372383897&cv=11&fst=1715372383897&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4580za200&gcd=13l3l3l3l1&dma=0&u_w=375&u_h=667&url=https%3A%2F%2Fwww.epocacosmeticos.com.br%2Fmaybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom%2Fp%3Fidsku%3D65884%26utm_content%3D65884%26utm_medium%3Dcpc%26utm_source%3Dgoogle%26utmi_cp%3Dpla%26gad_source%3D1%26gclid%3DCj0KCQjwxeyxBhC7ARIsAC7dS3_w1fBtzQPFXN_Mh9YXzcGNcD1TigVLwUAhZUwpgrTxSY7MTO_0rogaAv-7EALw_wcB%26gclsrc%3Daw.ds%26uam%3Dtrue%26mobile%3D2&ref=https%3A%2F%2Fwww.epocacosmeticos.com.br%2Fmaybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom%2Fp%3Fidsku%3D65884%26utm_content%3D65884%26utm_medium%3Dcpc%26utm_source%3Dgoogle%26utmi_cp%3Dpla%26gad_source%3D1%26gclid%3DCj0KCQjwxeyxBhC7ARIsAC7dS3_w1fBtzQPFXN_Mh9YXzcGNcD1TigVLwUAhZUwpgrTxSY7MTO_0rogaAv-7EALw_wcB%26gclsrc%3Daw.ds&hn=www.googleadservices.com&frm=0&tiba=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&value=186.9&ga_uid=G-G20C9N71BZ.undefined&npa=0&pscdl=noapi&auid=283673711.1714267076&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dview_item%3Bgoogle_business_vertical%3Dretail%3Bid%3D6152
Frame ID: 0763531A4D98A1EEA184F9F744F137B6
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/976458679?random=1715372383947&cv=11&fst=1715372383947&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4580v872370555za200&gcd=13l3l3l3l1&dma=0&u_w=375&u_h=667&url=https%3A%2F%2Fwww.epocacosmeticos.com.br%2Fmaybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom%2Fp%3Fidsku%3D65884%26utm_content%3D65884%26utm_medium%3Dcpc%26utm_source%3Dgoogle%26utmi_cp%3Dpla%26gad_source%3D1%26gclid%3DCj0KCQjwxeyxBhC7ARIsAC7dS3_w1fBtzQPFXN_Mh9YXzcGNcD1TigVLwUAhZUwpgrTxSY7MTO_0rogaAv-7EALw_wcB%26gclsrc%3Daw.ds%26uam%3Dtrue%26mobile%3D2&ref=https%3A%2F%2Fwww.epocacosmeticos.com.br%2Fmaybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom%2Fp%3Fidsku%3D65884%26utm_content%3D65884%26utm_medium%3Dcpc%26utm_source%3Dgoogle%26utmi_cp%3Dpla%26gad_source%3D1%26gclid%3DCj0KCQjwxeyxBhC7ARIsAC7dS3_w1fBtzQPFXN_Mh9YXzcGNcD1TigVLwUAhZUwpgrTxSY7MTO_0rogaAv-7EALw_wcB%26gclsrc%3Daw.ds&hn=www.googleadservices.com&frm=0&tiba=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&value=186.9&ga_uid=G-G20C9N71BZ.undefined&npa=0&pscdl=noapi&auid=283673711.1714267076&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dview_item%3Bgoogle_business_vertical%3Dretail%3Bid%3D6152
Frame ID: 78344377E5902D21DC3A058024319DF8
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/976458679?random=1715410880506&cv=11&fst=1715410880506&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4580v872370555za200&gcd=13l3l3l3l1&dma=0&u_w=375&u_h=667&url=https%3A%2F%2Fofertas-maybelyne.com%2Fquiz-maybe%2Fpremio%2F&hn=www.googleadservices.com&frm=0&tiba=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&ga_uid=G-G20C9N71BZ.undefined&npa=0&pscdl=noapi&auid=1346515874.1715315959&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 68A55C52DB88D104719331F2E658F6F3
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/601624232?random=1715410880565&cv=11&fst=1715410880565&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4580za200&gcd=13l3l3l3l1&dma=0&u_w=375&u_h=667&url=https%3A%2F%2Fofertas-maybelyne.com%2Fquiz-maybe%2Fpremio%2F&hn=www.googleadservices.com&frm=0&tiba=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&ga_uid=G-G20C9N71BZ.undefined&npa=0&pscdl=noapi&auid=1346515874.1715315959&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dview_item%3Bgoogle_business_vertical%3Dretail
Frame ID: BAF28B684878F7D7C41B41603F2F27B6
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/976458679?random=1715410880616&cv=11&fst=1715410880616&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4580v872370555za200&gcd=13l3l3l3l1&dma=0&u_w=375&u_h=667&url=https%3A%2F%2Fofertas-maybelyne.com%2Fquiz-maybe%2Fpremio%2F&hn=www.googleadservices.com&frm=0&tiba=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&ga_uid=G-G20C9N71BZ.undefined&npa=0&pscdl=noapi&auid=1346515874.1715315959&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dview_item%3Bgoogle_business_vertical%3Dretail
Frame ID: D09DE025A7E1C59CF61BE58EB7E66855
Requests: 1 HTTP requests in this frame

Frame: https://us.creativecdn.com/ig-membership?ntk=TIT-D_riVatJ57hIBScFMp7hEsKrPb-_yw3MZjG9f9MCbmtmH9e7Jsp8v3EGZFv6w_ETzqTQobrNNItni3iq_4aYh9jMfi2MjLcEB2yFnWk
Frame ID: C3E3586642F8CBBA9C72593A6CDA9F95
Requests: 1 HTTP requests in this frame

Frame: https://us.creativecdn.com/topics-membership?ntk=ERVpUFX2Mgf1uFCxWMkzdAcx5AwbsUu7shZdcHKetJD6hTeRZ6IB0NCyJkkYLoq642BLQN9k9xEDT670QVa-IO11CkboPqGq9hRUrQke1s0
Frame ID: C5C62831D591199BB91C6B67F47F5E61
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/601624232?random=1715372392807&cv=11&fst=1715372392807&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4580za200&gcd=13l3l3l3l1&dma=0&u_w=375&u_h=667&url=https%3A%2F%2Fwww.epocacosmeticos.com.br%2Fmaybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom%2Fp%3Fidsku%3D65884%26utm_content%3D65884%26utm_medium%3Dcpc%26utm_source%3Dgoogle%26utmi_cp%3Dpla%26gad_source%3D1%26gclid%3DCj0KCQjwxeyxBhC7ARIsAC7dS3_w1fBtzQPFXN_Mh9YXzcGNcD1TigVLwUAhZUwpgrTxSY7MTO_0rogaAv-7EALw_wcB%26gclsrc%3Daw.ds%26uam%3Dtrue%26mobile%3D2&ref=https%3A%2F%2Fwww.epocacosmeticos.com.br%2Fmaybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom%2Fp%3Fidsku%3D65884%26utm_content%3D65884%26utm_medium%3Dcpc%26utm_source%3Dgoogle%26utmi_cp%3Dpla%26gad_source%3D1%26gclid%3DCj0KCQjwxeyxBhC7ARIsAC7dS3_w1fBtzQPFXN_Mh9YXzcGNcD1TigVLwUAhZUwpgrTxSY7MTO_0rogaAv-7EALw_wcB%26gclsrc%3Daw.ds&hn=www.googleadservices.com&frm=0&tiba=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&ga_uid=G-G20C9N71BZ.undefined&npa=0&pscdl=noapi&auid=283673711.1714267076&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3DVisualizou%20o%20widget%3Bcategory%3DTrustvox%20%3C%3E%20Sincero%3BproductName%3DM%C3%A1scara%20de%20C%C3%ADlios%20Maybelline%20The%20Colossal%20Volum%27%20Express%20Lav%C3%A1vel%20Preto%3Bnon_interaction%3Dtrue
Frame ID: 399D288843562DBF7CA79928CC00765C
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/976458679?random=1715372392844&cv=11&fst=1715372392844&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4580v872370555za200&gcd=13l3l3l3l1&dma=0&u_w=375&u_h=667&url=https%3A%2F%2Fwww.epocacosmeticos.com.br%2Fmaybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom%2Fp%3Fidsku%3D65884%26utm_content%3D65884%26utm_medium%3Dcpc%26utm_source%3Dgoogle%26utmi_cp%3Dpla%26gad_source%3D1%26gclid%3DCj0KCQjwxeyxBhC7ARIsAC7dS3_w1fBtzQPFXN_Mh9YXzcGNcD1TigVLwUAhZUwpgrTxSY7MTO_0rogaAv-7EALw_wcB%26gclsrc%3Daw.ds%26uam%3Dtrue%26mobile%3D2&ref=https%3A%2F%2Fwww.epocacosmeticos.com.br%2Fmaybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom%2Fp%3Fidsku%3D65884%26utm_content%3D65884%26utm_medium%3Dcpc%26utm_source%3Dgoogle%26utmi_cp%3Dpla%26gad_source%3D1%26gclid%3DCj0KCQjwxeyxBhC7ARIsAC7dS3_w1fBtzQPFXN_Mh9YXzcGNcD1TigVLwUAhZUwpgrTxSY7MTO_0rogaAv-7EALw_wcB%26gclsrc%3Daw.ds&hn=www.googleadservices.com&frm=0&tiba=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&ga_uid=G-G20C9N71BZ.undefined&npa=0&pscdl=noapi&auid=283673711.1714267076&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3DVisualizou%20o%20widget%3Bcategory%3DTrustvox%20%3C%3E%20Sincero%3BproductName%3DM%C3%A1scara%20de%20C%C3%ADlios%20Maybelline%20The%20Colossal%20Volum%27%20Express%20Lav%C3%A1vel%20Preto%3Bnon_interaction%3Dtrue
Frame ID: C3040EEDDBD72286FD9D363DA8DD3C4F
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/601624232?random=1715372395912&cv=11&fst=1715372395912&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4580za200&gcd=13l3l3l3l1&dma=0&u_w=375&u_h=667&url=https%3A%2F%2Fwww.epocacosmeticos.com.br%2Fmaybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom%2Fp%3Fidsku%3D65884%26utm_content%3D65884%26utm_medium%3Dcpc%26utm_source%3Dgoogle%26utmi_cp%3Dpla%26gad_source%3D1%26gclid%3DCj0KCQjwxeyxBhC7ARIsAC7dS3_w1fBtzQPFXN_Mh9YXzcGNcD1TigVLwUAhZUwpgrTxSY7MTO_0rogaAv-7EALw_wcB%26gclsrc%3Daw.ds%26uam%3Dtrue%26mobile%3D2&ref=https%3A%2F%2Fwww.epocacosmeticos.com.br%2Fmaybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom%2Fp%3Fidsku%3D65884%26utm_content%3D65884%26utm_medium%3Dcpc%26utm_source%3Dgoogle%26utmi_cp%3Dpla%26gad_source%3D1%26gclid%3DCj0KCQjwxeyxBhC7ARIsAC7dS3_w1fBtzQPFXN_Mh9YXzcGNcD1TigVLwUAhZUwpgrTxSY7MTO_0rogaAv-7EALw_wcB%26gclsrc%3Daw.ds&hn=www.googleadservices.com&frm=0&tiba=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&ga_uid=G-G20C9N71BZ.undefined&npa=0&pscdl=noapi&auid=283673711.1714267076&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3DVisualizou%20o%20widget%3Bcategory%3DTrustvox%20%3C%3E%20Sincero%3BproductName%3DM%C3%A1scara%20de%20C%C3%ADlios%20Maybelline%20The%20Colossal%20Volum%27%20Express%20Lav%C3%A1vel%20Preto%3Bnon_interaction%3Dtrue
Frame ID: F0AD47EC4EC57206EC3AA98EC47E2728
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/976458679?random=1715372395950&cv=11&fst=1715372395950&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4580v872370555za200&gcd=13l3l3l3l1&dma=0&u_w=375&u_h=667&url=https%3A%2F%2Fwww.epocacosmeticos.com.br%2Fmaybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom%2Fp%3Fidsku%3D65884%26utm_content%3D65884%26utm_medium%3Dcpc%26utm_source%3Dgoogle%26utmi_cp%3Dpla%26gad_source%3D1%26gclid%3DCj0KCQjwxeyxBhC7ARIsAC7dS3_w1fBtzQPFXN_Mh9YXzcGNcD1TigVLwUAhZUwpgrTxSY7MTO_0rogaAv-7EALw_wcB%26gclsrc%3Daw.ds%26uam%3Dtrue%26mobile%3D2&ref=https%3A%2F%2Fwww.epocacosmeticos.com.br%2Fmaybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom%2Fp%3Fidsku%3D65884%26utm_content%3D65884%26utm_medium%3Dcpc%26utm_source%3Dgoogle%26utmi_cp%3Dpla%26gad_source%3D1%26gclid%3DCj0KCQjwxeyxBhC7ARIsAC7dS3_w1fBtzQPFXN_Mh9YXzcGNcD1TigVLwUAhZUwpgrTxSY7MTO_0rogaAv-7EALw_wcB%26gclsrc%3Daw.ds&hn=www.googleadservices.com&frm=0&tiba=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&ga_uid=G-G20C9N71BZ.undefined&npa=0&pscdl=noapi&auid=283673711.1714267076&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3DVisualizou%20o%20widget%3Bcategory%3DTrustvox%20%3C%3E%20Sincero%3BproductName%3DM%C3%A1scara%20de%20C%C3%ADlios%20Maybelline%20The%20Colossal%20Volum%27%20Express%20Lav%C3%A1vel%20Preto%3Bnon_interaction%3Dtrue
Frame ID: 25F611059BB416B968715D5A3F98476E
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/976458679?random=1715410881527&cv=11&fst=1715410881527&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4580v872370555za200&gcd=13l3l3l3l1&dma=0&u_w=375&u_h=667&url=https%3A%2F%2Fofertas-maybelyne.com%2Fquiz-maybe%2Fpremio%2F&hn=www.googleadservices.com&frm=0&tiba=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&ga_uid=G-G20C9N71BZ.undefined&npa=0&pscdl=noapi&auid=1346515874.1715315959&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: FC04F570B82B8F709BBCD2122125E4F9
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/601624232?random=1715410881556&cv=11&fst=1715410881556&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4580za200&gcd=13l3l3l3l1&dma=0&u_w=375&u_h=667&url=https%3A%2F%2Fofertas-maybelyne.com%2Fquiz-maybe%2Fpremio%2F&hn=www.googleadservices.com&frm=0&tiba=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&value=186.9&ga_uid=G-G20C9N71BZ.undefined&npa=0&pscdl=noapi&auid=1346515874.1715315959&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dview_item%3Bgoogle_business_vertical%3Dretail%3Bid%3D6152
Frame ID: 6BE0FA5A7AFB35B1AB68A4968581888D
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/976458679?random=1715410881602&cv=11&fst=1715410881602&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4580v872370555za200&gcd=13l3l3l3l1&dma=0&u_w=375&u_h=667&url=https%3A%2F%2Fofertas-maybelyne.com%2Fquiz-maybe%2Fpremio%2F&hn=www.googleadservices.com&frm=0&tiba=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&value=186.9&ga_uid=G-G20C9N71BZ.undefined&npa=0&pscdl=noapi&auid=1346515874.1715315959&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dview_item%3Bgoogle_business_vertical%3Dretail%3Bid%3D6152
Frame ID: 3985F917E805418F96F96DD90AFE68A7
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: EEAD222FD64EA86030EA3ADF27DD3565
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Kit Maybelline Colossal Age Rewind Matte Ink – Máscara de Cílios + Corretivo + Batom - Época Cosméticos

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • tag\.rmp\.rakuten\.com
Overall confidence: 100%
Detected patterns
  • swfobject.*\.js
Overall confidence: 100%
Detected patterns
  • underscore.*\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

480
Requests

99 %
HTTPS

46 %
IPv6

40
Domains

62
Subdomains

64
IPs

8
Countries

4644 kB
Transfer

16724 kB
Size

43
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 363
  • https://us.creativecdn.com/tags/v2?type=json HTTP 307
  • https://us.creativecdn.com/tags/v2?type=json&tc=1
Request Chain 422
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=7507EE6988D04B719C38DFF8D2A3A7C7&RedC=c.clarity.ms&MXFR=1C39368A95FF65082D2622F491FF6B02 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=7507EE6988D04B719C38DFF8D2A3A7C7&MUID=22A32BE7B4D96AFF1A583F99B5B56BFF

480 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
promo-quemdisseberenice.com/quiz-maybe/premio/ 		742 KB
89 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6ed4db546de69c178a0adfff905ee2d2a33b9eb62ab0976e4d71eab9a402dc4

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
88342fb2c9729fed-AMS
content-encoding
br
content-type
text/html
date
Mon, 13 May 2024 16:57:13 GMT
last-modified
Sat, 11 May 2024 07:08:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jbokLnKyJuUvThZPW64qmpE8EAKijilraJw57n8wvwDKK6Klc3U%2FMmanXeOLxAwv8Jb49TxfvToVbj0qeCoG66ALNvCr816laGa7y2NvViHTP0STjy9DqpA%2Bg35blLV06kHM3a0e%2FUksVTuehGuyjKjfJSyr6WuyMaA%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
main.MWNkMWZjOGNjNQ.js
analytics.tiktok.com/i18n/pixel/static/ 		467 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MWNkMWZjOGNjNQ.js
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-162.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a7495d58f7dc65e47f5dd0a1c44d3dd7e7ad8637880954d0cb968a8449f6df03

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-akamai-request-id
aaf31879
date
Mon, 13 May 2024 16:57:13 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20240509122015EE5CBF262F554FCE8C60
x-tt-trace-id
00-240509122015EE5CBF262F554FCE8C60-6895D1CCE5BE2A76-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a104-126-37-158.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
0177d03d61c534b10f9b4053ba55d8f8ebedeea0129482ed152cb46b005b3e43b0614e9fd0d829069f87540c10634055febf801ad9227cd73d13730d4344e2f0f1778cf04c9ebab88aae1560615c484d75fb455c53985bfec6a3f66077a6d676f3
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=17
content-length
122971
aperture.js
cdn.perfdrive.com/aperture/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.perfdrive.com/aperture/aperture.js
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.29.114 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
114.29.211.130.bc.googleusercontent.com
Software
nginx/1.10.1 /
Resource Hash
9fb91ff0e8c179aea40dbe6842b36fd201654f5647c21dcec41fd18be535d506

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:13:04 GMT
content-encoding
gzip
via
1.1 google
last-modified
Mon, 13 May 2024 04:56:42 GMT
server
nginx/1.10.1
age
2649
etag
W/"66419d8a-6844"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7938
events.js
analytics.tiktok.com/i18n/pixel/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C3VI4K9U9OSLU1GC5NK0&lib=ttq
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-162.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
7fe9747710de09ff867a64597bc465dcce18909fa3d5e7ee8925a6f42243303c

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-akamai-request-id
2a49aa1a.aaf3261f
date
Mon, 13 May 2024 16:57:14 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2405131657149BEA3DE459A30AAFB612-13CFCE6705B7F19E-00
x-cache
TCP_MISS from a104-126-37-158.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
x-parent-response-time
101,104.126.37.158
server-timing
cdn-cache; desc=MISS, edge; dur=97, origin; dur=8, inner; dur=3
content-length
1980
pragma
no-cache
server
nginx
x-tt-logid
202405131657149BEA3DE459A30AAFB612
x-cache-remote
TCP_MISS from a23-48-200-10.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
8,23.48.200.10
x-tt-trace-host
01e623bd4a1a6771e371d4afb544e9cc0b4525732b068c3e63166adabc622bbc0b6144101862282fdd204f9062541444553fa0018b218158804be57842eff1c61e4adfaffe198d29d70d8d7d82f608910fb4df3e3dd436e677aa09c3a4bec6ad665db5a2469429ea71547eeb6ab03aa789
expires
Mon, 13 May 2024 16:57:14 GMT
bat.js
bat.bing.com/ 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Mon, 13 May 2024 16:57:14 GMT
last-modified
Thu, 29 Feb 2024 19:58:06 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 2EA9FB591FA046FDB636026A1ABC80AC Ref B: BRU30EDGE0519 Ref C: 2024-05-13T16:57:14Z
etag
"01b4e9c496bda1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13261
token_create.js
ct.pinterest.com/static/ct/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/static/ct/token_create.js
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cd56592299c1c670fb97ef28bcb50048508c01879ecb23b71364aecc0483e202

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:13 GMT
x-cdn
fastly
age
4574
etag
"19c94b308deaf8fbf050b4fca2fa21b7"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=7200
timing-allow-origin
https://ct.pinterest.com
alt-svc
h3=":443";ma=600
content-length
4103
126194.ct.js
tag.rmp.rakuten.com/ 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.rmp.rakuten.com/126194.ct.js
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.147.248 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
248.147.102.34.bc.googleusercontent.com
Software
/
Resource Hash
6e182aa05ac5c63b1b4af578c441b688e61900898a593c80cc2a587a4c0ab3ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:14 GMT
content-encoding
gzip
via
1.1 google
strict-transport-security
max-age=31536000
last-modified
Mon, 13 May 2024 16:57:14 GMT
x-cache
hit
x-samesite
secure
content-type
text/javascript
cache-control
max-age=86400
x-dyn
0
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
MdhW45gp5T3Lc9HKO0hl.js
tags.creativecdn.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.creativecdn.com/MdhW45gp5T3Lc9HKO0hl.js
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
a18ebd731b20d7404e2eed45ad15a0e9068ec7c4eb6d95da6727c086e366227d

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-77-pop
frankfurtDE
date
Mon, 13 May 2024 16:57:14 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPqeweNEBtJ9ULRbi2payp1yatQXPdg899-5bgb1StJRe-mw-Q1pz40PFQZgZSvE_x_BG0Mr-wXX
x-77-cache
HIT
x-cache
HIT
x-goog-storage-class
STANDARD
x-guploader-response-body-transformations
gunzipped
x-goog-metageneration
4
x-goog-stored-content-encoding
gzip
x-age
177
x-accel-date
1715619257
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-77-nzt
EgwBw7WqEQH3sQAAAAwBJRPCNAH3tQ0AAA
x-accel-expires
@1715622597
x-77-age
177
last-modified
Tue, 20 Sep 2022 08:47:43 GMT
server
CDN77-Turbo
etag
W/"7dd71e4b922b44d4a1b639cea2047fcd"
x-77-nzt-ray
4c1562249357729a6a464266156a3a34
vary
Accept-Encoding, Accept-Encoding
x-goog-generation
1663663663138166
content-type
application/javascript
x-goog-hash
crc32c=U/iOdA==, md5=fdceS5IrRNShtjnOogR/zQ==
cache-control
public, max-age=3600
warning
214 UploadServer gunzipped
x-goog-stored-content-length
1741
expires
Sun, 05 May 2024 18:19:54 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 13 May 2024 16:07:49 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
2965
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 13 May 2024 18:07:49 GMT
269861466524501
connect.facebook.net/signals/config/ 		56 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/269861466524501?v=2.9.156&r=stable&domain=ofertas-maybelyne.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
89a94ebeba29a6eaa70ef306c35089141dd69c16b509e08420c0c3898577a1be
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 13 May 2024 16:57:14 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=25, rtx=0, c=62, mss=1294, tbw=75464, tp=-1, tpl=-1, uplat=92, ullat=0
pragma
public
x-fb-debug
EQmmk0hhOm6+yKFSYbfsYcsHhjObH63qq3bqkZYyF4/6eS3p2p/5xsanbvdvscEwLlqOJJkXkpaf9dv9+ZPykw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
fbevents.js
connect.facebook.net/en_US/ 		218 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 13 May 2024 16:57:14 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57845
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=21, rtx=0, c=14, mss=1294, tbw=2822, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma
public
x-fb-debug
1ZPg5NNZz1LZLSmAM5jhxZ6ud5dY6jKJOXppQbM8ObGFX+p+welL+AxtUoLj0WkPtsFBLsdi92gp8aT3tJZNVQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
5061910
www.clarity.ms/tag/uet/ 		844 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/uet/5061910
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
96bc15f860c2155f5a9ecb304eb30c615a25269430cf6ca9b51f5e6b5df43846

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

expires
-1
date
Mon, 13 May 2024 16:57:15 GMT
x-azure-ref
20240513T165714Z-1577bc5fdd5dxrn64qwqfptkdc000000040000000000hhcy
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
844
request-context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
main.2bdc3040.js
s.pinimg.com/ct/lib/ 		69 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/lib/main.2bdc3040.js
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:888::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
32d720cede6dadc60f848ff6670b767292e508c5ec392ef64ffd4fd46982e565

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

content-encoding
br
x-cdn
akamai
etag
"12a8f2d3ddbe2363a4a569b085d70d28"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-expose-headers
X-CDN
cache-control
max-age=1209600
accept-ranges
bytes
alt-svc
h3=":443"; ma=600
content-length
19942
core.js
s.pinimg.com/ct/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/core.js
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:888::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
0882be2bb685d64ae46b56574b330fb1afe5dfef39f940d12ca776475248eaa8

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

content-encoding
br
x-cdn
akamai
etag
"c292daff66d2a9db8fb67b7807bf3c7b"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-expose-headers
X-CDN
cache-control
max-age=7200
accept-ranges
bytes
content-length
1881
js
www.google-analytics.com/gtm/ 		173 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-WTFPLQG&cid=956626974.1715315959
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7c54ee8d2c14ad1bc1c5ea49a194ac04e792bb01bdc1666b582c6e4277a05402
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64374
x-xss-protection
0
last-modified
Mon, 13 May 2024 16:10:41 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 13 May 2024 16:57:14 GMT
gtm.js
www.googletagmanager.com/ 		594 KB
160 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PXJPWLP
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a4464256c7b5ce8de298a2ad4278d31a097c3de17f580c416888d27bd044ad5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:14 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
163687
x-xss-protection
0
last-modified
Mon, 13 May 2024 16:10:41 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 13 May 2024 16:57:14 GMT
269861466524501
connect.facebook.net/signals/config/ 		56 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/269861466524501?v=2.9.156&r=stable&domain=www.epocacosmeticos.com.br&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
89a94ebeba29a6eaa70ef306c35089141dd69c16b509e08420c0c3898577a1be
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 13 May 2024 16:57:14 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
11847
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=25, rtx=0, c=62, mss=1294, tbw=63347, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma
public
x-fb-debug
CEQ7fzwrdk9BktPfkBcBWfKwdpcv2Eq0OHwYTglUCxmRGDK+qhTtUDyl13kn3FHLWCArMPsHHOtQj5tP59PPxg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
clarity.js
www.clarity.ms/s/0.7.32/ 		61 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.32/clarity.js
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:14 GMT
content-encoding
br
last-modified
Fri, 10 May 2024 17:30:20 GMT
etag
W/"0x8DC7116DE09E645"
vary
Accept-Encoding
x-azure-ref
20240513T165714Z-1577bc5fdd5dxrn64qwqfptkdc000000040000000000hhcx
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
0e71d7ff-501e-0064-7559-a4df43000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
51562430
js
www.google-analytics.com/gtm/ 		173 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-WTFPLQG&cid=1594602282.1714267076&gclid=Cj0KCQjwxeyxBhC7ARIsAC7dS3_w1fBtzQPFXN_Mh9YXzcGNcD1TigVLwUAhZUwpgrTxSY7MTO_0rogaAv-7EALw_wcB
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
993d06a950182f02b33c197ceee893ff76a8ef41c0df53c5e223bb431a3a969f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64372
x-xss-protection
0
last-modified
Mon, 13 May 2024 16:10:41 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 13 May 2024 16:57:14 GMT
js
www.googletagmanager.com/gtag/ 		304 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-B0521B3853&l=dataLayer&cx=c
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d17a8d92c8e4ca53073cd0a19542db9571693e2ba42b395f0abbe6a30bb29ccd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
102915
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 13 May 2024 16:57:14 GMT
js
www.googletagmanager.com/gtag/ 		317 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-G20C9N71BZ&l=dataLayer&cx=c
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f670c341f2a69604d471a70d5821bbb3174bba31a2a7021a31e32e1f7d11eef7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
104751
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 13 May 2024 16:57:14 GMT
gtm.js
www.googletagmanager.com/ 		247 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WNB7MKV&l=dataLayer
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
867686bfe96a6845ada76e805e98d9a6819df3f0ca58a2f0ba583d87ac15b16f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
80167
x-xss-protection
0
last-modified
Mon, 13 May 2024 16:10:41 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 13 May 2024 16:57:14 GMT
css
fonts.googleapis.com/ 		11 KB
876 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7bed7288ddace927bca419777d5eb9483b1620ee6b87afbfae6c62e112d15ccb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security
max-age=31536000
date
Mon, 13 May 2024 16:57:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
expires
Mon, 13 May 2024 16:57:13 GMT
lightslider_pdp.min.css
epocacosmeticos.vteximg.com.br/arquivos/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://epocacosmeticos.vteximg.com.br/arquivos/lightslider_pdp.min.css?v=202102031005
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:6c00:b:757a:54c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
f64c34c7206517e031701d5fa6ec49a7222145edd41bdf0694faa8c8da1bd118
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-vtex-apicache-time
388800
date
Fri, 10 May 2024 09:21:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-vtex-cache-server
apicache10
via
1.1 cfbb6e543d97587a32117dbabb25fc86.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
x-vtex-processed-at
Thu, 08 Dec 2022 20:47:26 GMT
x-cache
Hit from cloudfront
x-vtex-janus-router-backend-app
prtarq-v1.48.2+1482
age
286552
alt-svc
h3=":443"; ma=86400
content-length
1356
x-vtex-cache-time
0.001
last-modified
Tue, 02 Feb 2021 20:37:54 GMT
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=345600
x-powered-by-vtex-cache
2.3.2
x-vtex-cache-status-janus-apicache
HIT
x-amz-cf-id
NSEKEEC-RhSyinRqkzfVBn8Dl_ul93bHAKoN6133HZO0eTtknsssZw==
product-v2-mobile.min.css
epocacosmeticos.vteximg.com.br/arquivos/ 		2 MB
1 MB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://epocacosmeticos.vteximg.com.br/arquivos/product-v2-mobile.min.css?v=202404222345
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:6c00:b:757a:54c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
b1097b726e87948e49917b94555c54d63f06f203cd507bc302bc85f03924bea4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-vtex-apicache-time
388800
date
Fri, 10 May 2024 04:32:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-vtex-cache-server
apicache11
via
1.1 cfbb6e543d97587a32117dbabb25fc86.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
x-vtex-processed-at
Tue, 23 Apr 2024 03:37:44 GMT
x-cache
Hit from cloudfront
x-vtex-janus-router-backend-app
prtarq-v1.48.2+1482
age
303876
alt-svc
h3=":443"; ma=86400
x-vtex-cache-time
0.002
last-modified
Tue, 23 Apr 2024 02:44:48 GMT
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=345600
x-powered-by-vtex-cache
2.3.2
x-vtex-cache-status-janus-apicache
HIT
x-amz-cf-id
w4YBruUGx7UmDXXARbA61vHD0JVNXEkGdQnHiaR2AdcUIDA2MHJHTw==
modernizr.js
epocacosmeticos.vteximg.com.br/arquivos/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://epocacosmeticos.vteximg.com.br/arquivos/modernizr.js?v=2019040301
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:6c00:b:757a:54c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d56ea6558bd02f4c4ff745f79892889161595eb9c7c1e53b686c470fb1ee03fb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-vtex-apicache-time
388800
date
Mon, 13 May 2024 11:06:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-vtex-cache-server
apicache15
via
1.1 cfbb6e543d97587a32117dbabb25fc86.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
x-vtex-processed-at
Wed, 01 Jun 2022 10:29:22 GMT
x-cache
Hit from cloudfront
x-vtex-janus-router-backend-app
prtarq-v1.48.2+1482
age
21550
alt-svc
h3=":443"; ma=86400
content-length
4529
x-vtex-cache-time
0.000
last-modified
Fri, 10 Jan 2020 14:03:41 GMT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=345600
x-powered-by-vtex-cache
2.3.2
x-vtex-cache-status-janus-apicache
HIT
x-amz-cf-id
3Rcw3jFBajknrlbywtn7z8YJjUwkM4QeNLtOuFSgv0-eL70VWXuq5g==
identify_93546.js
analytics.tiktok.com/i18n/pixel/static/ 		139 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_93546.js
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-162.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a869fe8cddaf23f1ee50724c35748cefb30c697095b2cf4a231033cb8f43b4ab

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-akamai-request-id
aaf31867
date
Mon, 13 May 2024 16:57:13 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20240508162128A7935037EF47876CAA1E
x-tt-trace-id
00-240508162128A7935037EF47876CAA1E-248153F902C85EBA-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a104-126-37-158.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01d63fdf8755a6439346cdde42912ed98be3a5cc992bb38cdc9a48682e50bb90057c9712f050b3997894cd82c4f839b3637f0e8ac03b9d53e89e49541d86e3daf20a79e9d3ac9c96352fc423f55dd5b18e13d8653d8c374963f99588c84c2d634c
server-timing
cdn-cache; desc=HIT, edge; dur=1, origin; dur=0, inner; dur=12
content-length
37062
jquery-1.8.3.min.js
io.vtex.com.br/front-libs/jquery/1.8.3/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io.vtex.com.br/front-libs/jquery/1.8.3/jquery-1.8.3.min.js?v=1.0.0.0
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:ac00:9:a515:6780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-amz-version-id
2R5xGh4XuOe9eucEzijEZ9GgQDAC5HyV
content-encoding
gzip
via
1.1 61c90c70feca5f532bf48bc0dc85d516.cloudfront.net (CloudFront)
date
Sat, 11 May 2024 13:40:47 GMT
last-modified
Tue, 31 Aug 2021 13:04:59 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
232267
etag
W/"3576a6e73c9dccdbbc4a2cf8ff544ad7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
rFKuLnO4QphGdjazY4LyAwqvWokggAovTwvxjQRiZXBKC7b4a9f_QQ==
swfobject.js
epocacosmeticos.vteximg.com.br/scripts/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://epocacosmeticos.vteximg.com.br/scripts/swfobject.js?v=1.0.0.0
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:6c00:b:757a:54c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
18ed473eb7c0d41a81375280fe371d8f4d7efdfbc04bbe03b2a64fc634ae217f

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 03:59:35 GMT
content-encoding
gzip
via
1.1 cfbb6e543d97587a32117dbabb25fc86.cloudfront.net (CloudFront)
last-modified
Mon, 12 Aug 2019 17:45:11 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
474489
etag
W/"33cca7aead105276606536984f503d00"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
public, max-age=345600, s-maxage=604800
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
Z_8rHbsWuQT8f_6pp7B78TzjlUOZJSgRiWFOO4FRDPTaETEg7ISRiw==
vtex.ajax.wait.js
epocacosmeticos.vteximg.com.br/scripts/ 		595 B
1004 B 		Script
General
Check archive.org
Download Go to
Full URL
https://epocacosmeticos.vteximg.com.br/scripts/vtex.ajax.wait.js?v=1.0.0.0
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:6c00:b:757a:54c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c7323a80eb541350a4de095bb70dee036402b035f427b8d20d6d5ab9e307afe4

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 04:24:37 GMT
via
1.1 cfbb6e543d97587a32117dbabb25fc86.cloudfront.net (CloudFront)
last-modified
Mon, 12 Aug 2019 17:45:11 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
445967
etag
"12a2504c83c60c899a9b9223fcd2aa60"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
public, max-age=345600, s-maxage=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
595
x-amz-cf-id
xbiFmsniycp43mpiTlTPShBGf8bL2wbDHI905lucmPTCa5wXSwTinQ==
vtex.common.js
epocacosmeticos.vteximg.com.br/scripts/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://epocacosmeticos.vteximg.com.br/scripts/vtex.common.js?v=1.0.0.0
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:6c00:b:757a:54c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8ab9a6b82121345688f603431961d7db11ab9066b1e62726034ec86725171514

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 12 May 2024 11:51:05 GMT
content-encoding
br
via
1.1 cfbb6e543d97587a32117dbabb25fc86.cloudfront.net (CloudFront)
last-modified
Mon, 12 Aug 2019 17:45:11 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
567050
etag
W/"05597b0232c5dcf965edbbc73916008d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
public, max-age=345600, s-maxage=604800
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
-zCeLrWoJTJ_Q852OQ8E-99pYw60etzq_XYyCaqSTM2repmeyhFh1Q==
render-extension-loader.js
vtex.vtexassets.com/_v/public/assets/v1/npm/@vtex/render-extension-loader@0.1.6/lib/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vtex.vtexassets.com/_v/public/assets/v1/npm/@vtex/render-extension-loader@0.1.6/lib/render-extension-loader.js?v=1.0.0.0
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:1000:b:757a:54c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
0afe16b78ff1969bbd5a2fa0e70a610d223a699987f79a1d639f848277c4f6e1

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 11 Mar 2024 15:18:25 GMT
content-encoding
gzip
x-vtex-cache-server
apicache31
via
1.1 e96aebc8d7c9ec82b88c3160a18fed96.cloudfront.net (CloudFront)
x-router-cache
MISS
x-amz-cf-pop
FRA56-P6
age
5449128
x-cache
Hit from cloudfront
x-vtex-janus-router-backend-app
io-production-vstore-group-1-1c-m0u
x-vtex-router-version
0.0.0-dev
alt-svc
h3=":443"; ma=86400
content-length
1878
x-vtex-cache-time
0.000
x-vtex-backend-elapsed-time
00:00:00.0026020
x-request-id
ec1ffc876e43491a91ac10f4b102deff
x-vtex-cache-status
HIT
x-vtex-router-elapsed-time
00:00:00.0033287
vary
Accept-Encoding
x-vtex-io-cluster-id
prod-dj-iostore-eks-use1c-m0u
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-powered-by-vtex-cache
2.3.2
x-amz-cf-id
gpMESztCXiD2zEBSUhz9J7aIx7QGTSxDzPLzCouhHG7Ae7gOdVhY-g==
rc.js
io.vtex.com.br/rc/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io.vtex.com.br/rc/rc.js?v=1.0.0.0
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:ac00:9:a515:6780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4e164eaf995e6852a4cb7916b41098e84313d17f4f184605b7b8569627628804

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-amz-version-id
ZOExsqQXqdnMhVJiVaeJSnCuQY1YRM1Z
content-encoding
gzip
via
1.1 61c90c70feca5f532bf48bc0dc85d516.cloudfront.net (CloudFront)
date
Thu, 09 May 2024 03:54:33 GMT
x-amz-cf-pop
FRA56-P6
age
394220
x-amz-server-side-encryption
AES256
x-amz-meta-version
v2.0.20
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 20 Feb 2024 20:23:50 GMT
server
AmazonS3
etag
W/"b4f2d089212b2bfd2764e6683d5715e0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900,public
x-amz-cf-id
wq3DTYWlkVOLaUA_MvJccG9N8B_CDykvz5w2xyCEbGuaS0TKT_MbqA==
af.js
activity-flow.vtex.com/af/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://activity-flow.vtex.com/af/af.js?v=1.0.0.0
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-72.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
677d4f362b57d6089bfd673331c2840da6096c0246468fa19d07a7ca4adc2d6d

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 07:49:54 GMT
content-encoding
br
via
1.1 28b0f9ae51406f70504a784d296a3a48.cloudfront.net (CloudFront)
last-modified
Thu, 09 May 2024 18:08:19 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
age
32840
x-amz-server-side-encryption
AES256
etag
W/"0cfd9db5899c1c947660018cae907f9e"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
3Mw7detz3dojghOuq6YBylqtVvI09nTbL4jO_wVgeZRKwgGdaw4I5A==
vtex.tagmanager.helper.js
epocacosmeticos.vteximg.com.br/scripts/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://epocacosmeticos.vteximg.com.br/scripts/vtex.tagmanager.helper.js?v=1.0.0.0
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:6c00:b:757a:54c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
73c5ed5cae04a969aa48084c9601a485ad01d2adddd14b53e0e1d11857b2be82

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Sat, 11 May 2024 04:16:37 GMT
content-encoding
gzip
via
1.1 cfbb6e543d97587a32117dbabb25fc86.cloudfront.net (CloudFront)
last-modified
Mon, 12 Aug 2019 17:45:11 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
219607
etag
W/"b6ddd63073745e26284c540e09d90bea"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=345600, s-maxage=604800
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
tOwHrsFqz2_C_E_pgBSugq75Uje5QE8mjOaySOfutQhY2YwLpN5HrA==
vtex-events-all.min.js
io.vtex.com.br/portal-ui/v1.20.1/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io.vtex.com.br/portal-ui/v1.20.1/scripts/vtex-events-all.min.js?v=1.0.0.0
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:ac00:9:a515:6780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
72848d5a425ef1adb3ffed381ca76d429b75a9c0429dc47d6e9e330f802f0273

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-amz-version-id
2H5.J8VPCLWBeSJ3ogRMfUfUHhnLu3c_
content-encoding
gzip
via
1.1 61c90c70feca5f532bf48bc0dc85d516.cloudfront.net (CloudFront)
date
Mon, 13 May 2024 07:30:02 GMT
last-modified
Tue, 30 Jan 2024 20:26:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
48147
x-amz-server-side-encryption
AES256
etag
W/"3d80d07cf132b691f364ceb192595d30"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
M_64K4Q-01QFdcBZmwyK6eivTS0qXMGZSL-JYPVhYp0n42IItHjDNQ==
vtex-analytics.js
io.vtex.com.br/portal-ui/v1.20.1/scripts/ 		993 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io.vtex.com.br/portal-ui/v1.20.1/scripts/vtex-analytics.js?v=1.0.0.0
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:ac00:9:a515:6780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6e66c8d10e33a27e6e38bf2f88e33038acad2622134ce15f00c748f0c2f2d3c0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-amz-version-id
i538qwpUWLUs9PeUZhZ2E3BNUkKbW15U
date
Sat, 11 May 2024 17:48:24 GMT
via
1.1 61c90c70feca5f532bf48bc0dc85d516.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
age
524076
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
993
last-modified
Tue, 30 Jan 2024 20:26:29 GMT
server
AmazonS3
etag
"8dbe427161e7a009baa0eba004defae2"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
x-amz-cf-id
2sJvVl0Ia4akB2CKEcQrhbNPFJ7dHo05ovBaWbmLLcmlB_JrLsAqig==
vtex-i18n.min.js
io.vtex.com.br/front-libs/front-i18n/0.7.2/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io.vtex.com.br/front-libs/front-i18n/0.7.2/vtex-i18n.min.js?v=1.0.0.0
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:ac00:9:a515:6780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
83ff2a7b06166aef1eeda774db548c4bd895ed3fd6b0231d66979879d4d39ce0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 61c90c70feca5f532bf48bc0dc85d516.cloudfront.net (CloudFront)
date
Sun, 12 May 2024 00:34:24 GMT
last-modified
Tue, 27 Nov 2018 15:03:52 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
593894
etag
W/"b06cf9c41e2c763e38e5373b739e77fa"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
i8vWv8hVn4y0pP0wk6_z5p_K3X2LxejKR_MQG0GLdRv0_Q89pAqzqA==
underscore-extensions.js
io.vtex.com.br/front-libs/front-utils/3.0.8/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io.vtex.com.br/front-libs/front-utils/3.0.8/underscore-extensions.js?v=1.0.0.0
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:ac00:9:a515:6780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a580fecb74da8a21116a789598a3d144a5a94a41f0394bbb2e33751c07a2b8cf

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 61c90c70feca5f532bf48bc0dc85d516.cloudfront.net (CloudFront)
date
Sat, 11 May 2024 06:45:36 GMT
last-modified
Thu, 02 Aug 2018 20:49:18 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
221254
etag
W/"8caa2c4225adfb5a2a221bfd4a0ef288"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
NVA1q4tIir9kaKgdQVQw5dkR9XQ0aL_gQfU2al8cDu_lnygFaXPB7Q==
currency-format.min.js
epocacosmeticos.vteximg.com.br/scripts/ 		696 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://epocacosmeticos.vteximg.com.br/scripts/currency-format.min.js?v=1.0.0.0
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:6c00:b:757a:54c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
76d9304962edf525b5a89151443b702461c6b7451bb3b84fe3ef0c3c9aa34b99

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 12 May 2024 05:50:19 GMT
via
1.1 cfbb6e543d97587a32117dbabb25fc86.cloudfront.net (CloudFront)
last-modified
Mon, 12 Aug 2019 17:45:11 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
559722
etag
"33db0d1db29183d0659d695b275d7dd4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=345600, s-maxage=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
696
x-amz-cf-id
R_KrBcngFtF85qwZkVq1waABuKRLbmm1hHaLdhR5L6L65R97FHKnyg==
dust-core-2.3.5.min.js
io.vtex.com.br/front-libs/dustjs-linkedin/2.3.5/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io.vtex.com.br/front-libs/dustjs-linkedin/2.3.5/dust-core-2.3.5.min.js?v=1.0.0.0
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:ac00:9:a515:6780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
98e14bdb80a83e6a1e34da361394ab517974de696f5b765074b3a690252919b9

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 61c90c70feca5f532bf48bc0dc85d516.cloudfront.net (CloudFront)
date
Tue, 07 May 2024 03:53:36 GMT
last-modified
Fri, 05 Sep 2014 15:17:36 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
568683
etag
W/"742b98d5d7848fe1706fd7ccafbd57f0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
5XI4d4_QXT_dnH9ECDxTuICb8bT0cWZ6dQpVna8P3nNf5DQokDCOFA==
catalog-sdk.min.js
io.vtex.com.br/portal-plugins/2.9.13/js/ 		1 KB
837 B 		Script
General
Check archive.org
Download Go to
Full URL
https://io.vtex.com.br/portal-plugins/2.9.13/js/catalog-sdk.min.js?v=1.0.0.0
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:ac00:9:a515:6780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4a5ffabdd8f96cce941b0cdc7ea94fd2153f9d2386e9ee0cac211046bf8ecbba

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 06 May 2024 20:52:19 GMT
x-amz-version-id
null
content-encoding
gzip
last-modified
Thu, 30 Apr 2015 12:09:27 GMT
server
AmazonS3
via
1.1 61c90c70feca5f532bf48bc0dc85d516.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
etag
W/"3ef77f782074424261aaf8ebc746e36f"
age
590695
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
TUtPlu5mSgvMHlYQP_ATv7K3CeFpb3j3fVnVj44RmWEXuu-rN1RNXA==
vtex.min.js
io.vtex.com.br/vtex.js/v2.13.0/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io.vtex.com.br/vtex.js/v2.13.0/vtex.min.js?v=1.0.0.0
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:ac00:9:a515:6780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3032b429f2f5ec2468b7e75ac78fe32d3ea2cc39018bbffdb5e05dc5284046f1

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Fri, 10 May 2024 21:23:20 GMT
x-amz-version-id
sZ9E3hU0UL7sMwamxpLVlr8jMUtxLRQT
content-encoding
gzip
last-modified
Thu, 16 Sep 2021 19:53:01 GMT
server
AmazonS3
via
1.1 61c90c70feca5f532bf48bc0dc85d516.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
etag
W/"88576933b0046190e6928e274fd2c511"
age
243234
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
IymQ0bXrtNRZkiKj5mNHWSvT7Zy4NwYn5N2evqLz_lxgb9A_ahj8yw==
vtexid-jquery.min.js
io.vtex.com.br/vtex-id-ui/3.27.1/ 		96 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io.vtex.com.br/vtex-id-ui/3.27.1/vtexid-jquery.min.js?v=1.0.0.0
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:ac00:9:a515:6780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
48155980a7148c48f567067ade847c18310545c2c0bf13fd215a6a8f1384ee98

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-amz-version-id
8aMaI_JEVMCGYIECRKl0CIIdOhYJy0h6
content-encoding
gzip
via
1.1 61c90c70feca5f532bf48bc0dc85d516.cloudfront.net (CloudFront)
date
Sat, 11 May 2024 04:05:16 GMT
x-amz-cf-pop
FRA56-P6
age
226419
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 16 Feb 2024 21:40:16 GMT
server
AmazonS3
etag
W/"cd25ac294fa49afe9b60f3651f18be0e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600,public
x-amz-cf-id
93WGLLi7JYZsAqlpJrnh4OUncpX9ehNETouYLYjs8ZKpIAE0EFtgpA==
portal-price-with-template2.min.js
io.vtex.com.br/portal-plugins/2.9.13/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io.vtex.com.br/portal-plugins/2.9.13/js/portal-price-with-template2.min.js?v=1.0.0.0
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:ac00:9:a515:6780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e371379d3152d61ee42b6a26be5b8aa51c0bbfff86e200b28dc1266ebc7aec17

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 61c90c70feca5f532bf48bc0dc85d516.cloudfront.net (CloudFront)
date
Sun, 12 May 2024 13:03:04 GMT
last-modified
Thu, 05 Mar 2020 22:29:12 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
100456
etag
W/"1f41bc6f9dc9ed216e341953c8657d19"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
7guHjOe4_ByhDX6iPyo8u9aq3zeeRLtZ7_F-WtZQKSUGeZRvtvF7YQ==
portal-sku-selector-with-template.min.js
io.vtex.com.br/portal-plugins/2.9.13/js/ 		26 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io.vtex.com.br/portal-plugins/2.9.13/js/portal-sku-selector-with-template.min.js?v=1.0.0.0
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:ac00:9:a515:6780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1b05db9e626d0640fcc27eb3dfc650e4e092bae18bd27aff3beb85568756f54a

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 61c90c70feca5f532bf48bc0dc85d516.cloudfront.net (CloudFront)
date
Wed, 08 May 2024 08:28:13 GMT
last-modified
Thu, 30 Apr 2015 12:09:28 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
462543
etag
W/"21211d5f4e92004a9c7ca8e072039b3a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
mK-sVz7RcFUSM45i8kjHz-mgfDoynh8dKMUx6yFXwJT9q_w9xex8sQ==
portal-buy-button.min.js
io.vtex.com.br/portal-plugins/2.9.13/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io.vtex.com.br/portal-plugins/2.9.13/js/portal-buy-button.min.js?v=1.0.0.0
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:ac00:9:a515:6780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b214f3de84be1702ac85e79a5f49b092b711d89b34997ba11046ef9c8ea461a4

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 61c90c70feca5f532bf48bc0dc85d516.cloudfront.net (CloudFront)
date
Sun, 12 May 2024 10:03:15 GMT
last-modified
Thu, 30 Apr 2015 12:09:27 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
111243
etag
W/"6d7de0f6371cd3285730c9d50538f8cb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
KM0V2Dz-lpy5aoBhO1uqVjnZFg04EUzOXI3zS7INGaXnUQld1Gc1wA==
portal-notify-me-with-template.min.js
io.vtex.com.br/portal-plugins/2.9.13/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io.vtex.com.br/portal-plugins/2.9.13/js/portal-notify-me-with-template.min.js?v=1.0.0.0
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:ac00:9:a515:6780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a530bc5f4e6b06737261b8a4d29f8819d58b83b44f1d99ce0155157d5d02b969

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 61c90c70feca5f532bf48bc0dc85d516.cloudfront.net (CloudFront)
date
Fri, 10 May 2024 10:00:59 GMT
last-modified
Thu, 30 Apr 2015 12:09:27 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
399703
etag
W/"081a5be94ac1a2d26aca79e9afaf9542"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
jj6S0lbSfF4bj8_88Lt3w_QfXG75cwXIFIssAKI7bBzIlobyMgigGA==
trustvox-selo.css
promo-quemdisseberenice.com/arquivos/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://promo-quemdisseberenice.com/arquivos/trustvox-selo.css?v=123
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/quiz-maybe/premio/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:14 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BvoERxExnmDccpQBTy454%2BXw04QVjoHKTfXdd7d1pTnurbk88ferJ68tr70hSMtPb8LhMATvq5M0nIf9zxSDkyz7l8iBXws4q3g%2B1%2FjCestb8BlNGyHy7esShhdowWlw%2FyouzVMmyl6qd%2BKpBEv0HcAyrWmVgM2HKL8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
88342fb58d9f9fed-AMS
alt-svc
h3=":443"; ma=86400
sincero.js
static.trustvox.com.br/sincero/ 		486 KB
146 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.trustvox.com.br/sincero/sincero.js
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1baf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87eab8ffcd1c1675636ed79cbb05c422936943e8a0d203f4429e87b873939485

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:14 GMT
content-encoding
gzip
cf-cache-status
HIT
age
3347
x-guploader-uploadid
ABPtcPqeT--Rcy0WHCscOOE_9JGLjTC4OHAO90fDgcH5uJ-FUqJYTxqy7gX1cqgNT6rsaN5AVuQ
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
148620
last-modified
Mon, 22 Apr 2024 17:30:29 GMT
server
cloudflare
etag
"fcb9897c5fc806b1c817ca35fc5d0db5"
vary
Accept-Encoding
x-goog-generation
1713807029551303
content-type
application/javascript; charset=utf-8
x-goog-hash
crc32c=9td4Pg==, md5=/LmJfF/IBrHIF8o1/F0NtQ==
cache-control
public, max-age=14400
x-goog-stored-content-length
148620
accept-ranges
bytes
cf-ray
88342fbc8e496702-AMS
expires
Mon, 13 May 2024 20:57:14 GMT
js
www.googletagmanager.com/gtag/ 		304 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-B0521B3853
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8a1bd61243b393e02df0a00de1401f52201f8e39be590b7b46b40dea50076bd8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
102863
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 13 May 2024 16:57:14 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/601624232/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/601624232/?random=1715372382381&cv=11&fst=1715372382381&bg=ffffff&guid=ON&async=1&gtm=45be4580za200&gcd=13l3l3l3l1&dma=0&u_w=375&u_h=667&url=https%3A%2F%2Fwww.epocacosmeticos.com.br%2Fmaybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom%2Fp%3Fidsku%3D65884%26utm_content%3D65884%26utm_medium%3Dcpc%26utm_source%3Dgoogle%26utmi_cp%3Dpla%26gad_source%3D1%26gclid%3DCj0KCQjwxeyxBhC7ARIsAC7dS3_w1fBtzQPFXN_Mh9YXzcGNcD1TigVLwUAhZUwpgrTxSY7MTO_0rogaAv-7EALw_wcB%26gclsrc%3Daw.ds%26uam%3Dtrue%26mobile%3D2&ref=https%3A%2F%2Fwww.epocacosmeticos.com.br%2Fmaybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom%2Fp%3Fidsku%3D65884%26utm_content%3D65884%26utm_medium%3Dcpc%26utm_source%3Dgoogle%26utmi_cp%3Dpla%26gad_source%3D1%26gclid%3DCj0KCQjwxeyxBhC7ARIsAC7dS3_w1fBtzQPFXN_Mh9YXzcGNcD1TigVLwUAhZUwpgrTxSY7MTO_0rogaAv-7EALw_wcB%26gclsrc%3Daw.ds&hn=www.googleadservices.com&frm=0&tiba=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&ga_uid=G-G20C9N71BZ.undefined&npa=0&pscdl=noapi&auid=283673711.1714267076&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
2d9b1768206a1bb847cf461f8f47dec144022f49ef5e4d32a6fd9693a037a6c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Mon, 13 May 2024 16:57:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1706
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
droz.js
chat-app.meudroz.com/v1/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://chat-app.meudroz.com/v1/droz.js?i=9d8ec964788d7819cdac497969b23b0cf0ed73ce&u=https://chat-app.meudroz.com&v=547064
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f71c6fd702841dd80a37e8762ad1c6d0dbfe8210f9bbeca88c2fb70f5f2a86d
Security Headers
Name Value
Content-Security-Policy default-src *; font-src *;img-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; frame-ancestors *
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src *; font-src *;img-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; frame-ancestors *
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 18 Apr 2024 21:31:50 GMT
server
cloudflare
etag
W/"9936-1713475910000"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dy3ijJwLAUwZ7%2FSst8E4vREe2efaPrbGahrLobPf%2BtXXTW77BgXghKz9tpdvGoMYmWerDGSe3L9thFWB0STEhUsvLhq%2FyXgDO97q7%2BlUeewGsmp9iG%2FH8K%2FQRTDfsO6nwbm69xY5qw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=2073600
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
cf-ray
88342fbb5ca66643-AMS
priority
u=3,i=?0
5061910.js
bat.bing.com/p/action/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/5061910.js
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c313eec4e95dde04ddcc53a36b3a6a2cc8920d7342347fbe9528c21c899bb178
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
date
Mon, 13 May 2024 16:57:14 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 92046B4CAD2D4E129E32FDF58B5A317C Ref B: BRU30EDGE0519 Ref C: 2024-05-13T16:57:14Z
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
cache-control
private,max-age=60
onetag.js
www.hlserve.com/Delivery/ClientPaths/Library/ 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hlserve.com/Delivery/ClientPaths/Library/onetag.js?cid=1204
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a00b::20 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
52dc22b382a72ffbcdef12abf7989ee5b495615291f994455543e366485139fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:15 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 16 Nov 2022 14:15:59 GMT
server
nginx
etag
W/"6374f09f-9cae"
content-type
application/javascript; charset=UTF-8
cross-origin-resource-policy
cross-origin
rm.js
d.criteo.com/Delivery/ClientPaths/Library/ 		786 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.criteo.com/Delivery/ClientPaths/Library/rm.js?a=9137&1948850516
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
7b26f488918984eb6994ec65b7b50646a9d531ef371ea1cf19e099eb539cb048
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:15 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 09 May 2024 19:06:04 GMT
server
nginx
etag
W/"663d1e9c-c4701"
content-type
application/javascript; charset=UTF-8
main-v1.js
s3-sa-east-1.amazonaws.com/chatbot-droz/chatbot-droz-prod/attachment/9d8ec964788d7819cdac497969b23b0cf0ed73ce/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3-sa-east-1.amazonaws.com/chatbot-droz/chatbot-droz-prod/attachment/9d8ec964788d7819cdac497969b23b0cf0ed73ce/main-v1.js?v=547064
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
16.12.0.84 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-sa-east-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
79bb9daacad4452d5b73011c68f6de54b945524e6d510285ec4cd7f92febdd49

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date
Mon, 13 May 2024 16:57:15 GMT
Last-Modified
Tue, 06 Jun 2023 16:24:39 GMT
Server
AmazonS3
x-amz-request-id
2AP578Z8MJ6WKDMN
ETag
"be570b28d341e20041a42ab1910e3935"
x-amz-server-side-encryption
AES256
Content-Type
text/javascript
Accept-Ranges
bytes
Content-Length
2065
x-amz-id-2
T06RM3AP+WwQmLFhd9hEYVvZtBkMCg27lqH3OmHYwgBnGJhMslMke2oVzg3GAGcQQ0vtgxmbzIY=
client.js
cdn.richrelevance.com/dashboard/applications/clientjs-dev/ 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.richrelevance.com/dashboard/applications/clientjs-dev/client.js
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
08c131c726ad751575689b7a8f9c6e4b1368e9c140a189ffb791ae3b66c5f933

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:14 GMT
x-cf-tsc
1709792175
content-encoding
gzip
x-cf3
H
cf4ttl
31535994.000
x-cf1
16087:fA.ams1:cf:nom:cacheN.ams1-01:H
x-cf-reqid
c1a92561d9f988107c63261a18d7609f
content-length
7330
x-cf2
H
last-modified
Thu, 07 Mar 2024 06:08:57 GMT
server
CFS 0215
x-cff
B
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-cfhash
"917929e1f25f2648837d7e046296ab8c"
cf4age
6
accept-ranges
bytes
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/976458679/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/976458679/?random=1715372383782&cv=11&fst=1715372383782&bg=ffffff&guid=ON&async=1&gtm=45be4580v872370555za200&gcd=13l3l3l3l1&dma=0&u_w=375&u_h=667&url=https%3A%2F%2Fwww.epocacosmeticos.com.br%2Fmaybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom%2Fp%3Fidsku%3D65884%26utm_content%3D65884%26utm_medium%3Dcpc%26utm_source%3Dgoogle%26utmi_cp%3Dpla%26gad_source%3D1%26gclid%3DCj0KCQjwxeyxBhC7ARIsAC7dS3_w1fBtzQPFXN_Mh9YXzcGNcD1TigVLwUAhZUwpgrTxSY7MTO_0rogaAv-7EALw_wcB%26gclsrc%3Daw.ds%26uam%3Dtrue%26mobile%3D2&ref=https%3A%2F%2Fwww.epocacosmeticos.com.br%2Fmaybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom%2Fp%3Fidsku%3D65884%26utm_content%3D65884%26utm_medium%3Dcpc%26utm_source%3Dgoogle%26utmi_cp%3Dpla%26gad_source%3D1%26gclid%3DCj0KCQjwxeyxBhC7ARIsAC7dS3_w1fBtzQPFXN_Mh9YXzcGNcD1TigVLwUAhZUwpgrTxSY7MTO_0rogaAv-7EALw_wcB%26gclsrc%3Daw.ds&hn=www.googleadservices.com&frm=0&tiba=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&ga_uid=G-G20C9N71BZ.undefined&npa=0&pscdl=noapi&auid=283673711.1714267076&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
5f99c005dd202da6c4c0b7ca627edc0fa813529e25a84e0851e9d5647c08b15f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Mon, 13 May 2024 16:57:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1719
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/601624232/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/601624232/?random=1715372383897&cv=11&fst=1715372383897&bg=ffffff&guid=ON&async=1&gtm=45be4580za200&gcd=13l3l3l3l1&dma=0&u_w=375&u_h=667&url=https%3A%2F%2Fwww.epocacosmeticos.com.br%2Fmaybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom%2Fp%3Fidsku%3D65884%26utm_content%3D65884%26utm_medium%3Dcpc%26utm_source%3Dgoogle%26utmi_cp%3Dpla%26gad_source%3D1%26gclid%3DCj0KCQjwxeyxBhC7ARIsAC7dS3_w1fBtzQPFXN_Mh9YXzcGNcD1TigVLwUAhZUwpgrTxSY7MTO_0rogaAv-7EALw_wcB%26gclsrc%3Daw.ds%26uam%3Dtrue%26mobile%3D2&ref=https%3A%2F%2Fwww.epocacosmeticos.com.br%2Fmaybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom%2Fp%3Fidsku%3D65884%26utm_content%3D65884%26utm_medium%3Dcpc%26utm_source%3Dgoogle%26utmi_cp%3Dpla%26gad_source%3D1%26gclid%3DCj0KCQjwxeyxBhC7ARIsAC7dS3_w1fBtzQPFXN_Mh9YXzcGNcD1TigVLwUAhZUwpgrTxSY7MTO_0rogaAv-7EALw_wcB%26gclsrc%3Daw.ds&hn=www.googleadservices.com&frm=0&tiba=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&value=186.9&ga_uid=G-G20C9N71BZ.undefined&npa=0&pscdl=noapi&auid=283673711.1714267076&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dview_item%3Bgoogle_business_vertical%3Dretail%3Bid%3D6152&rfmt=3&fmt=4
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
4a8e570d68bb13a568a252c13b616b519eb273fcd2e9465b7044f9fc8a69f430
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Mon, 13 May 2024 16:57:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1747
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/976458679/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/976458679/?random=1715372383947&cv=11&fst=1715372383947&bg=ffffff&guid=ON&async=1&gtm=45be4580v872370555za200&gcd=13l3l3l3l1&dma=0&u_w=375&u_h=667&url=https%3A%2F%2Fwww.epocacosmeticos.com.br%2Fmaybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom%2Fp%3Fidsku%3D65884%26utm_content%3D65884%26utm_medium%3Dcpc%26utm_source%3Dgoogle%26utmi_cp%3Dpla%26gad_source%3D1%26gclid%3DCj0KCQjwxeyxBhC7ARIsAC7dS3_w1fBtzQPFXN_Mh9YXzcGNcD1TigVLwUAhZUwpgrTxSY7MTO_0rogaAv-7EALw_wcB%26gclsrc%3Daw.ds%26uam%3Dtrue%26mobile%3D2&ref=https%3A%2F%2Fwww.epocacosmeticos.com.br%2Fmaybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom%2Fp%3Fidsku%3D65884%26utm_content%3D65884%26utm_medium%3Dcpc%26utm_source%3Dgoogle%26utmi_cp%3Dpla%26gad_source%3D1%26gclid%3DCj0KCQjwxeyxBhC7ARIsAC7dS3_w1fBtzQPFXN_Mh9YXzcGNcD1TigVLwUAhZUwpgrTxSY7MTO_0rogaAv-7EALw_wcB%26gclsrc%3Daw.ds&hn=www.googleadservices.com&frm=0&tiba=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&value=186.9&ga_uid=G-G20C9N71BZ.undefined&npa=0&pscdl=noapi&auid=283673711.1714267076&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dview_item%3Bgoogle_business_vertical%3Dretail%3Bid%3D6152&rfmt=3&fmt=4
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
2b4b9629fd3b6420475f7537fa1e01d73f0e08f7d45f6a6687c28024c187f140
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Mon, 13 May 2024 16:57:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1760
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
p13n_generated.js
recs.richrelevance.com/rrserver/ 		42 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://recs.richrelevance.com/rrserver/p13n_generated.js?a=c85912f892c73e30&ts=1715372383668&v=1.2.6.20240208&ssl=t&p=6152&n=M%C3%A1scara%20de%20C%C3%ADlios%20Maybelline%20The%20Colossal%20Volum%27%20Express%20Lav%C3%A1vel%20Preto&pt=%7Citem_page.rr1%7Citem_page.rr2%7Citem_page.content_banner_mobile&s=29136db4-8bdc-437f-a229-7ae5c5a7d8bd&cts=https%3A%2F%2Fwww.epocacosmeticos.com.br&pref=https%3A%2F%2Fwww.epocacosmeticos.com.br%2Fmaybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom%2Fp%3Fidsku%3D65884%26utm_content%3D65884%26utm_medium%3Dcpc%26utm_source%3Dgoogle%26utmi_cp%3Dpla%26gad_source%3D1%26gclid%3DCj0KCQjwxeyxBhC7ARIsAC7dS3_w1fBtzQPFXN_Mh9YXzcGNcD1TigVLwUAhZUwpgrTxSY7MTO_0rogaAv-7EALw_wcB%26gclsrc%3Daw.ds&rcs=eF5jYSlN9rAwNzFMtTA307VITTPRNTFOStY1MU1K1E0zNTNOtrA0TDVIM-DKLSvJTBEwNDcw1zXUNQQAlEcORw&l=1
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f07378fad86ad1f83dcf1c8a428863fbe93f9352be3dc00297bb93fa716259ce

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date
Mon, 13 May 2024 16:57:15 GMT
content-encoding
zstd
CF-Cache-Status
DYNAMIC
Server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="http://recs.richrelevance.com/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR NOR"
access-control-allow-origin
*
Content-Type
text/javascript;charset=utf-8
Connection
keep-alive
CF-RAY
88342fbd6c191af8-AMS
Content-Length
5501
widget.css
rate.trustvox.com.br/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rate.trustvox.com.br/widget.css
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1baf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51db7b392bd063f3109cb75e343b29cdcb891bf2beeabe4437969a5bd60f69ec

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:13 GMT
content-encoding
gzip
cf-cache-status
HIT
age
169
x-guploader-uploadid
ABPtcPqg7Yg__Y9Y_x69sgCl9u9b-TOFVMGBwqtrD0G3Ew-jPtm3cFvPYSd-qg3veATZVGZ4ab-h4kkCzA
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
last-modified
Tue, 04 Jul 2023 02:47:23 GMT
server
cloudflare
etag
W/"3d149247212fddd3c92e7e1aac940a6f"
vary
Accept-Encoding
x-goog-hash
crc32c=2Xv/sQ==, md5=PRSSRyEv3dPJLn4arJQKbw==
x-goog-generation
1688438843463434
content-type
text/css
cache-control
public, max-age=14400
x-goog-stored-content-length
8761
cf-ray
88342fb5fd536702-AMS
expires
Mon, 13 May 2024 20:57:13 GMT
products_rates
trustvox.com.br/widget/shelf/v2/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trustvox.com.br/widget/shelf/v2/products_rates?codes[]=6153&codes[]=6154&codes[]=19586&codes[]=21336&codes[]=22064&codes[]=31292&codes[]=42509&codes[]=50111&codes[]=51037&codes[]=51502&codes[]=55064&codes[]=55778&codes[]=6152&store_id=393&callback=_tsRatesReady
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1baf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
642f9a402653c32a5a25e89891fe52320483539e2e9e4f5b55a46cb9433afd39
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
gzip
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
6f22811643d0ea94f2596128dfc9fbe4
x-runtime
0.028540
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"642f9a402653c32a5a25e89891fe5232"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Origin, Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=14400
cf-ray
88342fb5ed326702-AMS
expires
Mon, 13 May 2024 20:57:14 GMT
droz.css
chat-app.meudroz.com//v1/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://chat-app.meudroz.com//v1/droz.css?v=1
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47bb1e860b10c1705406bb14f24fe00ea5422b7cf9c83cb99f373095cd7fc8c1
Security Headers
Name Value
Content-Security-Policy default-src *; font-src *;img-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; frame-ancestors *
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:13 GMT
content-security-policy
default-src *; font-src *;img-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; frame-ancestors *
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6332
cf-polished
origSize=10056
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin
cf-bgj
minify
last-modified
Thu, 18 Apr 2024 21:31:50 GMT
server
cloudflare
etag
W/"10056-1713475910000"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KU2nu5kXd5LZuXqJasQxbBK4MOlP7l5I4ZU5UHYm8YJWqjyvRYDzFvcXkV6QQXQffJqqbM14OBwG8UcS9bReBMn39liVpJK0oM%2BG5pQAmKQtyz8ey7SBsWG2UysEIYq5N2tgeKB3QA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2073600
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
cf-ray
88342fb5edce6643-AMS
priority
u=0,i=?0
css
fonts.googleapis.com/ 		6 KB
1020 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,700,900?v=1
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
437989feebcf325430945e4224d167e7660faa3f4f09c7330807f1d49031c405
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security
max-age=31536000
date
Mon, 13 May 2024 16:57:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
expires
Mon, 13 May 2024 16:57:13 GMT
main-v1.css
s3-sa-east-1.amazonaws.com/chatbot-droz/chatbot-droz-prod/attachment/9d8ec964788d7819cdac497969b23b0cf0ed73ce/ 		31 KB
32 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s3-sa-east-1.amazonaws.com/chatbot-droz/chatbot-droz-prod/attachment/9d8ec964788d7819cdac497969b23b0cf0ed73ce/main-v1.css?v=547064
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
16.12.0.84 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-sa-east-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
5e7b26a6b26ac59880286ea3a557b4f1a64f81091dca9573f3748c1d70d7c1c9

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date
Mon, 13 May 2024 16:57:15 GMT
Last-Modified
Wed, 14 Apr 2021 19:06:50 GMT
Server
AmazonS3
x-amz-request-id
2APD9F3ERRDXTNSQ
ETag
"08c3ac04f0cac20811f3ccf85c43035a"
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
32063
x-amz-id-2
ng7Zr/ZV887qZ8cStJsR5P2q9Jt2juTQm5yqLtrIzMK3pmxOlbjVZ+XOQCq5Q74vJdJUNubOyxc=
script-standout-epocacosmeticos.js
s3-sa-east-1.amazonaws.com/assets.standout.com.br/js/ 		28 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3-sa-east-1.amazonaws.com/assets.standout.com.br/js/script-standout-epocacosmeticos.js
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
16.12.0.84 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-sa-east-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
c494bfba2677dc79490866f69a66adf9ba9435f79153dd12d3d4188d7e0d1664

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date
Mon, 13 May 2024 16:57:15 GMT
x-amz-version-id
MG1VZ2CkgyQAp8m6USso9FYJST5KcK_r
Last-Modified
Fri, 23 Feb 2024 19:51:44 GMT
Server
AmazonS3
x-amz-request-id
2AP3C7TPRDVKZ4KJ
ETag
"fcf8b6f637a42d35df9d51c5ce6467a1"
x-amz-server-side-encryption
AES256
Content-Type
application/javascript
x-amz-replication-status
COMPLETED
Accept-Ranges
bytes
Content-Length
28970
x-amz-id-2
ehFofltOYUTvdR75f/JDLUN3uyvHqKA2F3WulH7QR50JtSDWknCAZ4qNKzBytM9Ki1aNPXYbDNc=
hotjar-700264.js
static.hotjar.com/c/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-700264.js?sv=6
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-51.fra56.r.cloudfront.net
Software
/
Resource Hash
bd884404c1bb5915f953c7f3e922982d6b26448a78a8b3445b15c2641aeb1115
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Mon, 13 May 2024 16:57:15 GMT
via
1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
etag
W/725d601b52275eb0ad12cd3b1b718473
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
cross-origin-resource-policy
cross-origin
x-amz-cf-id
RjPxI9qkPJdmvoUGLZaqHqHuwXxpWQIbZpNuIcUjcfqWdO-bpnXBxw==
modules.1a30a0a67c3c23c13060.js
script.hotjar.com/ 		221 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.1a30a0a67c3c23c13060.js
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-21.fra56.r.cloudfront.net
Software
/
Resource Hash
6a22634f79988e2d27b3207f1b854001e840bc838901e419afcc287873f0cf4d
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 07 May 2024 11:24:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 1a3d61cabf9778724765b3e70befe816.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
538389
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
55860
last-modified
Tue, 07 May 2024 11:23:47 GMT
etag
"2fd6012f850b43dfffc8cb9291fc5153"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
Llldv4u2jdPeGqugHTr2dlGvOwWymd3e5HMfngH1e2B8uXscUa9fsQ==
vtex.js
collect.vendavalida.com.br/helpers/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://collect.vendavalida.com.br/helpers/vtex.js
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.70.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac8a7a136b999c64141510a7c12520e926ad6eb92bbca0fa463bfd28a60329d5
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:14 GMT
via
1.1 vegur
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
strict-transport-security
max-age=2592000; includeSubDomains; preload
age
10368
content-encoding
br
alt-svc
h3=":443"; ma=86400
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1715551185&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=%2FVBmYD8tlyfUOCA%2F7wcMgEMl59d86dTUJClD5j6EcbU%3D
cf-bgj
minify
last-modified
Fri, 10 May 2024 20:55:26 GMT
server
cloudflare
etag
W/"1caa-18f644a0e30"
vary
Accept-Encoding
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1715551185&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=%2FVBmYD8tlyfUOCA%2F7wcMgEMl59d86dTUJClD5j6EcbU%3D"}]}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=28800
cf-ray
88342fb92bfbb8f4-AMS
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/601624232/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/601624232/?random=1715372392807&cv=11&fst=1715372392807&bg=ffffff&guid=ON&async=1&gtm=45be4580za200&gcd=13l3l3l3l1&dma=0&u_w=375&u_h=667&url=https%3A%2F%2Fwww.epocacosmeticos.com.br%2Fmaybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom%2Fp%3Fidsku%3D65884%26utm_content%3D65884%26utm_medium%3Dcpc%26utm_source%3Dgoogle%26utmi_cp%3Dpla%26gad_source%3D1%26gclid%3DCj0KCQjwxeyxBhC7ARIsAC7dS3_w1fBtzQPFXN_Mh9YXzcGNcD1TigVLwUAhZUwpgrTxSY7MTO_0rogaAv-7EALw_wcB%26gclsrc%3Daw.ds%26uam%3Dtrue%26mobile%3D2&ref=https%3A%2F%2Fwww.epocacosmeticos.com.br%2Fmaybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom%2Fp%3Fidsku%3D65884%26utm_content%3D65884%26utm_medium%3Dcpc%26utm_source%3Dgoogle%26utmi_cp%3Dpla%26gad_source%3D1%26gclid%3DCj0KCQjwxeyxBhC7ARIsAC7dS3_w1fBtzQPFXN_Mh9YXzcGNcD1TigVLwUAhZUwpgrTxSY7MTO_0rogaAv-7EALw_wcB%26gclsrc%3Daw.ds&hn=www.googleadservices.com&frm=0&tiba=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&ga_uid=G-G20C9N71BZ.undefined&npa=0&pscdl=noapi&auid=283673711.1714267076&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3DVisualizou%20o%20widget%3Bcategory%3DTrustvox%20%3C%3E%20Sincero%3BproductName%3DM%C3%A1scara%20de%20C%C3%ADlios%20Maybelline%20The%20Colossal%20Volum%27%20Express%20Lav%C3%A1vel%20Preto%3Bnon_interaction%3Dtrue&rfmt=3&fmt=4
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
aac13c04ae6bee5e8536f0359c216f60d5ae0b6cec116453c6bdbe5f4c9dfb58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Mon, 13 May 2024 16:57:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1809
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/976458679/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/976458679/?random=1715372392844&cv=11&fst=1715372392844&bg=ffffff&guid=ON&async=1&gtm=45be4580v872370555za200&gcd=13l3l3l3l1&dma=0&u_w=375&u_h=667&url=https%3A%2F%2Fwww.epocacosmeticos.com.br%2Fmaybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom%2Fp%3Fidsku%3D65884%26utm_content%3D65884%26utm_medium%3Dcpc%26utm_source%3Dgoogle%26utmi_cp%3Dpla%26gad_source%3D1%26gclid%3DCj0KCQjwxeyxBhC7ARIsAC7dS3_w1fBtzQPFXN_Mh9YXzcGNcD1TigVLwUAhZUwpgrTxSY7MTO_0rogaAv-7EALw_wcB%26gclsrc%3Daw.ds%26uam%3Dtrue%26mobile%3D2&ref=https%3A%2F%2Fwww.epocacosmeticos.com.br%2Fmaybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom%2Fp%3Fidsku%3D65884%26utm_content%3D65884%26utm_medium%3Dcpc%26utm_source%3Dgoogle%26utmi_cp%3Dpla%26gad_source%3D1%26gclid%3DCj0KCQjwxeyxBhC7ARIsAC7dS3_w1fBtzQPFXN_Mh9YXzcGNcD1TigVLwUAhZUwpgrTxSY7MTO_0rogaAv-7EALw_wcB%26gclsrc%3Daw.ds&hn=www.googleadservices.com&frm=0&tiba=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&ga_uid=G-G20C9N71BZ.undefined&npa=0&pscdl=noapi&auid=283673711.1714267076&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3DVisualizou%20o%20widget%3Bcategory%3DTrustvox%20%3C%3E%20Sincero%3BproductName%3DM%C3%A1scara%20de%20C%C3%ADlios%20Maybelline%20The%20Colossal%20Volum%27%20Express%20Lav%C3%A1vel%20Preto%3Bnon_interaction%3Dtrue&rfmt=3&fmt=4
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
fea06c2e49a307a978b97e2059cb8deea0ec20e4993f065793fd86a822bc245a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Mon, 13 May 2024 16:57:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1821
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/601624232/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/601624232/?random=1715372395912&cv=11&fst=1715372395912&bg=ffffff&guid=ON&async=1&gtm=45be4580za200&gcd=13l3l3l3l1&dma=0&u_w=375&u_h=667&url=https%3A%2F%2Fwww.epocacosmeticos.com.br%2Fmaybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom%2Fp%3Fidsku%3D65884%26utm_content%3D65884%26utm_medium%3Dcpc%26utm_source%3Dgoogle%26utmi_cp%3Dpla%26gad_source%3D1%26gclid%3DCj0KCQjwxeyxBhC7ARIsAC7dS3_w1fBtzQPFXN_Mh9YXzcGNcD1TigVLwUAhZUwpgrTxSY7MTO_0rogaAv-7EALw_wcB%26gclsrc%3Daw.ds%26uam%3Dtrue%26mobile%3D2&ref=https%3A%2F%2Fwww.epocacosmeticos.com.br%2Fmaybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom%2Fp%3Fidsku%3D65884%26utm_content%3D65884%26utm_medium%3Dcpc%26utm_source%3Dgoogle%26utmi_cp%3Dpla%26gad_source%3D1%26gclid%3DCj0KCQjwxeyxBhC7ARIsAC7dS3_w1fBtzQPFXN_Mh9YXzcGNcD1TigVLwUAhZUwpgrTxSY7MTO_0rogaAv-7EALw_wcB%26gclsrc%3Daw.ds&hn=www.googleadservices.com&frm=0&tiba=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&ga_uid=G-G20C9N71BZ.undefined&npa=0&pscdl=noapi&auid=283673711.1714267076&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3DVisualizou%20o%20widget%3Bcategory%3DTrustvox%20%3C%3E%20Sincero%3BproductName%3DM%C3%A1scara%20de%20C%C3%ADlios%20Maybelline%20The%20Colossal%20Volum%27%20Express%20Lav%C3%A1vel%20Preto%3Bnon_interaction%3Dtrue&rfmt=3&fmt=4
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
420f40e04f3d03bfd914c4346211579075b970a9f3ec414a5c5519080d10b8c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Mon, 13 May 2024 16:57:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1810
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/976458679/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/976458679/?random=1715372395950&cv=11&fst=1715372395950&bg=ffffff&guid=ON&async=1&gtm=45be4580v872370555za200&gcd=13l3l3l3l1&dma=0&u_w=375&u_h=667&url=https%3A%2F%2Fwww.epocacosmeticos.com.br%2Fmaybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom%2Fp%3Fidsku%3D65884%26utm_content%3D65884%26utm_medium%3Dcpc%26utm_source%3Dgoogle%26utmi_cp%3Dpla%26gad_source%3D1%26gclid%3DCj0KCQjwxeyxBhC7ARIsAC7dS3_w1fBtzQPFXN_Mh9YXzcGNcD1TigVLwUAhZUwpgrTxSY7MTO_0rogaAv-7EALw_wcB%26gclsrc%3Daw.ds%26uam%3Dtrue%26mobile%3D2&ref=https%3A%2F%2Fwww.epocacosmeticos.com.br%2Fmaybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom%2Fp%3Fidsku%3D65884%26utm_content%3D65884%26utm_medium%3Dcpc%26utm_source%3Dgoogle%26utmi_cp%3Dpla%26gad_source%3D1%26gclid%3DCj0KCQjwxeyxBhC7ARIsAC7dS3_w1fBtzQPFXN_Mh9YXzcGNcD1TigVLwUAhZUwpgrTxSY7MTO_0rogaAv-7EALw_wcB%26gclsrc%3Daw.ds&hn=www.googleadservices.com&frm=0&tiba=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&ga_uid=G-G20C9N71BZ.undefined&npa=0&pscdl=noapi&auid=283673711.1714267076&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3DVisualizou%20o%20widget%3Bcategory%3DTrustvox%20%3C%3E%20Sincero%3BproductName%3DM%C3%A1scara%20de%20C%C3%ADlios%20Maybelline%20The%20Colossal%20Volum%27%20Express%20Lav%C3%A1vel%20Preto%3Bnon_interaction%3Dtrue&rfmt=3&fmt=4
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
f417f310514e1822d6eadbaf2adfa57c4c5c0761b31c76c8fa637f686f8e2433
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Mon, 13 May 2024 16:57:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1818
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sincero.css
static.trustvox.com.br/sincero/css/ 		62 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.trustvox.com.br/sincero/css/sincero.css
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1baf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76c20b6db9a18d0e9a11f16fa05f90666dc839c12771dabea5c8ff7e9b3ffa6d

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:14 GMT
content-encoding
gzip
cf-cache-status
HIT
age
3968
x-guploader-uploadid
ABPtcPr6mvwaXvdkon6fZkkIez1mbJD6csy4IR0vt9sRAW6ugntrmAEHvZB3Ow2U-3rLQx7BkBw
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
8653
last-modified
Mon, 22 Apr 2024 17:30:29 GMT
server
cloudflare
etag
"dafc8a7e4df36f90774110eced9a5779"
vary
Accept-Encoding
x-goog-generation
1713807029663149
content-type
text/css; charset=utf-8
x-goog-hash
crc32c=2+H6oQ==, md5=2vyKfk3zb5B3QRDs7ZpXeQ==
cache-control
public, max-age=14400
x-goog-stored-content-length
8653
accept-ranges
bytes
cf-ray
88342fb72ed76702-AMS
expires
Mon, 13 May 2024 20:57:14 GMT
rm.js
d.criteo.com/Delivery/ClientPaths/Library/ 		786 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.criteo.com/Delivery/ClientPaths/Library/rm.js?a=9137&1220507943
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
7b26f488918984eb6994ec65b7b50646a9d531ef371ea1cf19e099eb539cb048
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:15 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 09 May 2024 19:06:04 GMT
server
nginx
etag
W/"663d1e9c-c4701"
content-type
application/javascript; charset=UTF-8
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/601624232/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/601624232/?random=1715410880110&cv=11&fst=1715410880110&bg=ffffff&guid=ON&async=1&gtm=45be4580za200&gcd=13l3l3l3l1&dma=0&u_w=375&u_h=667&url=https%3A%2F%2Fofertas-maybelyne.com%2Fquiz-maybe%2Fpremio%2F&hn=www.googleadservices.com&frm=0&tiba=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&ga_uid=G-G20C9N71BZ.undefined&npa=0&pscdl=noapi&auid=1346515874.1715315959&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
13898b3430ffed25d26e944d6bdcd5dc561430cad7d5b70fa154fbf10fdb6668
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Mon, 13 May 2024 16:57:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1476
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/601624232/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/601624232/?random=1715410880254&cv=11&fst=1715410880254&bg=ffffff&guid=ON&async=1&gtm=45be4580za200&gcd=13l3l3l3l1&dma=0&u_w=375&u_h=667&url=https%3A%2F%2Fofertas-maybelyne.com%2Fquiz-maybe%2Fpremio%2F&hn=www.googleadservices.com&frm=0&tiba=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&ga_uid=G-G20C9N71BZ.undefined&npa=0&pscdl=noapi&auid=1346515874.1715315959&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
8916db21bf524bfb76ba78a33fb9a5638e5f10621a54ece2ef49839af11a72b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Mon, 13 May 2024 16:57:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1478
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
droz.js
chat-app.meudroz.com/v1/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://chat-app.meudroz.com/v1/droz.js?i=9d8ec964788d7819cdac497969b23b0cf0ed73ce&u=https://chat-app.meudroz.com&v=564343
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f71c6fd702841dd80a37e8762ad1c6d0dbfe8210f9bbeca88c2fb70f5f2a86d
Security Headers
Name Value
Content-Security-Policy default-src *; font-src *;img-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; frame-ancestors *
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src *; font-src *;img-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; frame-ancestors *
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 18 Apr 2024 21:31:50 GMT
server
cloudflare
etag
W/"9936-1713475910000"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CyOmF%2BjXFc%2FXyFtJJMRq2eXfLYSdz1hCzCRH%2FmKi7ZOLXnAtv4f44kutJFacEK5uc5JpBC%2FOdiNFV7QkHfO4qZ7HFqni2fxTKMM5pcjX3Q2M1pp9vr96XLBo0WHVUp5P5Ua9w3RXIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=2073600
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
cf-ray
88342fbb5ca96643-AMS
priority
u=3,i=?0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/976458679/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/976458679/?random=1715410880506&cv=11&fst=1715410880506&bg=ffffff&guid=ON&async=1&gtm=45be4580v872370555za200&gcd=13l3l3l3l1&dma=0&u_w=375&u_h=667&url=https%3A%2F%2Fofertas-maybelyne.com%2Fquiz-maybe%2Fpremio%2F&hn=www.googleadservices.com&frm=0&tiba=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&ga_uid=G-G20C9N71BZ.undefined&npa=0&pscdl=noapi&auid=1346515874.1715315959&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
60f7a30c638763dc8d8e0e8ebd1008b4970e3f9d273b8a7cd745a8172d9d4c7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Mon, 13 May 2024 16:57:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1488
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/601624232/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/601624232/?random=1715410880565&cv=11&fst=1715410880565&bg=ffffff&guid=ON&async=1&gtm=45be4580za200&gcd=13l3l3l3l1&dma=0&u_w=375&u_h=667&url=https%3A%2F%2Fofertas-maybelyne.com%2Fquiz-maybe%2Fpremio%2F&hn=www.googleadservices.com&frm=0&tiba=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&ga_uid=G-G20C9N71BZ.undefined&npa=0&pscdl=noapi&auid=1346515874.1715315959&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dview_item%3Bgoogle_business_vertical%3Dretail&rfmt=3&fmt=4
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
3ad1a8004ccc87deaa36d30fe241d985cf6111458f2128112db05a045c468a01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Mon, 13 May 2024 16:57:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1498
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/976458679/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/976458679/?random=1715410880616&cv=11&fst=1715410880616&bg=ffffff&guid=ON&async=1&gtm=45be4580v872370555za200&gcd=13l3l3l3l1&dma=0&u_w=375&u_h=667&url=https%3A%2F%2Fofertas-maybelyne.com%2Fquiz-maybe%2Fpremio%2F&hn=www.googleadservices.com&frm=0&tiba=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&ga_uid=G-G20C9N71BZ.undefined&npa=0&pscdl=noapi&auid=1346515874.1715315959&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dview_item%3Bgoogle_business_vertical%3Dretail&rfmt=3&fmt=4
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
55b9fc812c9f6b89f00c9fc77fa4c7436fc71502de96793e062f363ad4d21789
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Mon, 13 May 2024 16:57:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1510
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
droz.js
chat-app.meudroz.com/v1/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://chat-app.meudroz.com/v1/droz.js?i=9d8ec964788d7819cdac497969b23b0cf0ed73ce&u=https://chat-app.meudroz.com&v=467475
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f71c6fd702841dd80a37e8762ad1c6d0dbfe8210f9bbeca88c2fb70f5f2a86d
Security Headers
Name Value
Content-Security-Policy default-src *; font-src *;img-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; frame-ancestors *
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src *; font-src *;img-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; frame-ancestors *
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 18 Apr 2024 21:31:50 GMT
server
cloudflare
etag
W/"9936-1713475910000"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wA5NLZExAELJm9aMqDcPZx6dMh7YO4yR9yW41%2FAGL7nZcrOIMG6EJxwsROA%2FsDb%2B4WTm%2FyFjymaP8pg4rXTeXx%2B5p5hpXJE8n%2FPMbCONal4b%2Fe9fRkNu5C2ltrjAB2rjTx0MFzUyyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=2073600
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
cf-ray
88342fbb5cab6643-AMS
priority
u=3,i=?0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/976458679/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/976458679/?random=1715410881527&cv=11&fst=1715410881527&bg=ffffff&guid=ON&async=1&gtm=45be4580v872370555za200&gcd=13l3l3l3l1&dma=0&u_w=375&u_h=667&url=https%3A%2F%2Fofertas-maybelyne.com%2Fquiz-maybe%2Fpremio%2F&hn=www.googleadservices.com&frm=0&tiba=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&ga_uid=G-G20C9N71BZ.undefined&npa=0&pscdl=noapi&auid=1346515874.1715315959&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
f00494fa721dcc9d087913129292f53d7d3156b5a320cf620fef74b404b1e34d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Mon, 13 May 2024 16:57:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1490
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/601624232/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/601624232/?random=1715410881556&cv=11&fst=1715410881556&bg=ffffff&guid=ON&async=1&gtm=45be4580za200&gcd=13l3l3l3l1&dma=0&u_w=375&u_h=667&url=https%3A%2F%2Fofertas-maybelyne.com%2Fquiz-maybe%2Fpremio%2F&hn=www.googleadservices.com&frm=0&tiba=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&value=186.9&ga_uid=G-G20C9N71BZ.undefined&npa=0&pscdl=noapi&auid=1346515874.1715315959&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dview_item%3Bgoogle_business_vertical%3Dretail%3Bid%3D6152&rfmt=3&fmt=4
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
63f91f5e1397e8e6052bef2914c1bc678dc94c6c901be9480f0b8229f53651ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Mon, 13 May 2024 16:57:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1521
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/976458679/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/976458679/?random=1715410881602&cv=11&fst=1715410881602&bg=ffffff&guid=ON&async=1&gtm=45be4580v872370555za200&gcd=13l3l3l3l1&dma=0&u_w=375&u_h=667&url=https%3A%2F%2Fofertas-maybelyne.com%2Fquiz-maybe%2Fpremio%2F&hn=www.googleadservices.com&frm=0&tiba=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&value=186.9&ga_uid=G-G20C9N71BZ.undefined&npa=0&pscdl=noapi&auid=1346515874.1715315959&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dview_item%3Bgoogle_business_vertical%3Dretail%3Bid%3D6152&rfmt=3&fmt=4
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
a001fb7ffb3f8fe6c4102085452ef0d5214061a605f5eaa7c10988307eea21bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Mon, 13 May 2024 16:57:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1532
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
main.js
chat-app.meudroz.com/iframe/ 		63 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://chat-app.meudroz.com/iframe/main.js?v=547064
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63c02ad54dc396aa2e0bd9fecee4ea05461f1bc15ad6c752eb886458cf50bb91
Security Headers
Name Value
Content-Security-Policy default-src *; font-src *;img-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; frame-ancestors *
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src *; font-src *;img-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; frame-ancestors *
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 18 Apr 2024 21:31:48 GMT
server
cloudflare
etag
W/"64363-1713475908000"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vKYJFPMaFHXssWLwY%2BAR%2BuIGfJcsiCd7bhkBWghAA%2F3YaMHYF%2BHFxzQsWPiM3ehQLYSVseotDaOAOg1ntZMC7Y1htKGvCFE%2BLpFucDfo7tWVClm%2F%2FmEgtqAHQB5TiYyr76qzj1I6BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=2073600
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
cf-ray
88342fb71f006643-AMS
priority
u=1,i=?0
js
www.googletagmanager.com/gtag/ 		221 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-601624232
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f2ad1d5cc9d20f044f560c9ba2964e9fda2366cfe4fa8cc76b622ef44054e593
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
81827
x-xss-protection
0
last-modified
Mon, 13 May 2024 16:10:41 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 13 May 2024 16:57:14 GMT
p13n.js
media.richrelevance.com/rrserver/js/1.2/ 		27 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://media.richrelevance.com/rrserver/js/1.2/p13n.js
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b8b4e7893a40f6782b5e5e5de2cad9c0b490d68a796da1d7db2aef056a8deb0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:14 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 07 Mar 2024 04:49:12 GMT
server
cloudflare
age
54
etag
W/"d406a91ef53d2dfd04d4427a7faf5b32"
vary
Accept-Encoding
content-type
text/javascript
cf-ray
88342fb79d600c3b-AMS
epc-recommend-mob-fav.min.js
epocacosmeticos.vteximg.com.br/arquivos/ 		29 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://epocacosmeticos.vteximg.com.br/arquivos/epc-recommend-mob-fav.min.js?v=202405061900
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:6c00:b:757a:54c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7882dc530c3e2fb67b7c6cafcad2a2cd57d161291303857053412dee934c4560
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-vtex-apicache-time
388800
date
Fri, 10 May 2024 22:51:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-vtex-cache-server
apicache9
via
1.1 cfbb6e543d97587a32117dbabb25fc86.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
x-vtex-processed-at
Mon, 06 May 2024 22:04:46 GMT
x-cache
Hit from cloudfront
x-vtex-janus-router-backend-app
prtarq-v1.48.2+1482
age
240617
alt-svc
h3=":443"; ma=86400
content-length
6497
x-vtex-cache-time
0.000
last-modified
Mon, 06 May 2024 22:00:44 GMT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=345600
x-powered-by-vtex-cache
2.3.2
x-vtex-cache-status-janus-apicache
HIT
x-amz-cf-id
kSdzWo6AvVDh0VNBoEdykq0xfk3tgLhtUPG4ccUzNqcepv5TzA4qBw==
truck_icon.png
epocacosmeticos.vteximg.com.br/arquivos/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epocacosmeticos.vteximg.com.br/arquivos/truck_icon.png
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:6c00:b:757a:54c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
74b8bfea46d182a7b8825ee96236a209ffc2b87ba2308321a93a4fb2694d7269

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-vtex-apicache-time
5400
date
Mon, 13 May 2024 16:55:16 GMT
x-vtex-cache-server
apicache7
via
1.1 cfbb6e543d97587a32117dbabb25fc86.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
age
118
x-vtex-processed-at
Mon, 09 May 2022 21:02:35 GMT
x-cache
Hit from cloudfront
x-vtex-janus-router-backend-app
prtarq-v1.48.2+1482
alt-svc
h3=":443"; ma=86400
content-length
1210
x-vtex-cache-time
0.007
last-modified
Fri, 21 Feb 2020 12:32:57 GMT
vary
Accept-Encoding
x-vtex-cache-backend-header-time
0.008
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=3600
x-powered-by-vtex-cache
2.3.2
x-vtex-cache-status-janus-apicache
REVALIDATED
x-amz-cf-id
sQt2jXQnUmPIQfhzoqaERKdnSTTxo_65UUH3joCubehyLQ0cdfsz7w==
x-vtex-cache-backend-connect-time
0.000
logo_epoca_cosmeticos.jpg
epocacosmeticos.vteximg.com.br/arquivos/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epocacosmeticos.vteximg.com.br/arquivos/logo_epoca_cosmeticos.jpg?v=635576213510430000
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:6c00:b:757a:54c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2498922a7f4ef7c4d5b86f7c7c7b61bd400326b5c156dd892b167c5c56c453d0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-vtex-apicache-time
388800
date
Mon, 13 May 2024 07:22:28 GMT
x-vtex-cache-server
apicache18
via
1.1 cfbb6e543d97587a32117dbabb25fc86.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
age
34486
x-vtex-processed-at
Wed, 09 Aug 2023 16:19:04 GMT
x-cache
Hit from cloudfront
x-vtex-janus-router-backend-app
prtarq-v1.48.2+1482
alt-svc
h3=":443"; ma=86400
content-length
2044
x-vtex-cache-time
0.003
last-modified
Fri, 23 Jan 2015 14:49:19 GMT
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=345600
x-powered-by-vtex-cache
2.3.2
x-vtex-cache-status-janus-apicache
HIT
x-amz-cf-id
GSqs3LjwEkzBWNJ74fGiZ7mfnZJUrKb9Z2Pbq3KcaIRdHVP0qlDT7A==
acessibilidade-40-40.png
epocacosmeticos.vteximg.com.br/arquivos/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epocacosmeticos.vteximg.com.br/arquivos/acessibilidade-40-40.png?v=638037960872770000
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.7.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-28.fra56.r.cloudfront.net
Software
/
Resource Hash
810d32474ba7f5993625e0e225d2d693deb98ca0bd96687f6b845a2d668e0902

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-vtex-apicache-time
388800
date
Mon, 13 May 2024 07:36:40 GMT
x-vtex-cache-server
apicache14
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
age
152627
x-amz-cf-pop
FRA56-P6
x-vtex-processed-at
Tue, 29 Nov 2022 13:25:23 GMT
x-cache
Hit from cloudfront
x-vtex-janus-router-backend-app
prtarq-v1.48.2+1482
alt-svc
h3=":443"; ma=86400
content-length
1819
x-vtex-cache-time
0.000
last-modified
Fri, 11 Nov 2022 20:41:35 GMT
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=345600
x-powered-by-vtex-cache
2.3.2
x-vtex-cache-status-janus-apicache
HIT
x-amz-cf-id
buUyvq6Mp6BwiIJzbn50Pp569aA7AP0prSTdzifQZ7l_6C6hKHZ-og==
banner.png
promo-quemdisseberenice.com/quiz-maybe/premio/ 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://promo-quemdisseberenice.com/quiz-maybe/premio/banner.png
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1cf3ee72579641265af314d39ff9de330852472987ccd15fdcc55c8eea45ccf

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/quiz-maybe/premio/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:14 GMT
cf-cache-status
MISS
last-modified
Fri, 10 May 2024 15:26:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"a881-6181b280cf02a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8cZb0kTuxliXHsDajiZx6iOavtYXxubHwGe15DwYhs0kzH0EyPwgKcdmU0TWtJDzEcq%2F1WmtY2N%2BIAQbFv%2FseUAOe6KKU35fNqhtE3OSq6yQf6YkS8HKshj2WgE4Ppm6DxcYN66n%2B0X5tJeejO8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
88342fb74ff59fc4-AMS
alt-svc
h3=":443"; ma=86400
content-length
43137
maybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom-4.jpg
epocacosmeticos.vteximg.com.br/arquivos/ids/467697-500-500/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epocacosmeticos.vteximg.com.br/arquivos/ids/467697-500-500/maybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom-4.jpg?v=637740434060300000
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.7.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-28.fra56.r.cloudfront.net
Software
/
Resource Hash
50eabe06389ff423e278bfa271f67314243a3d48d692a7d6f0ca227bb9e104c5

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-vtex-apicache-time
388800
date
Fri, 10 May 2024 20:31:27 GMT
x-vtex-cache-server
apicache4
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
age
246347
x-amz-cf-pop
FRA56-P6
x-vtex-processed-at
Wed, 08 May 2024 21:05:24 GMT
x-cache
Hit from cloudfront
x-vtex-janus-router-backend-app
prtarq-v1.48.2+1482
alt-svc
h3=":443"; ma=86400
content-length
4918
x-vtex-cache-time
0.000
last-modified
Thu, 02 Dec 2021 12:03:34 GMT
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=345600
x-powered-by-vtex-cache
2.3.2
x-vtex-cache-status-janus-apicache
HIT
x-amz-cf-id
Ej6vn57NvVi7xgcQ8vw4C7_44dS83hhe4bVEAQ0368ZVI67phN8IIw==
maybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom.jpg
epocacosmeticos.vteximg.com.br/arquivos/ids/467694-500-500/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epocacosmeticos.vteximg.com.br/arquivos/ids/467694-500-500/maybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom.jpg?v=637740433670030000
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.7.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-28.fra56.r.cloudfront.net
Software
/
Resource Hash
1806237c0a8921c2a82387b39f689875d57ebf4ffc7830591d6871dfbfc9e6bf

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-vtex-apicache-time
388800
date
Fri, 10 May 2024 20:31:27 GMT
x-vtex-cache-server
apicache8
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
age
246347
x-amz-cf-pop
FRA56-P6
x-vtex-processed-at
Mon, 06 Jun 2022 21:39:35 GMT
x-cache
Hit from cloudfront
x-vtex-janus-router-backend-app
prtarq-v1.48.2+1482
alt-svc
h3=":443"; ma=86400
content-length
20944
x-vtex-cache-time
0.003
last-modified
Thu, 02 Dec 2021 12:02:55 GMT
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=345600
x-powered-by-vtex-cache
2.3.2
x-vtex-cache-status-janus-apicache
HIT
x-amz-cf-id
bMey1dvNQNbwBS9ri2O2HDI-UQAPataXBE0P0954TCaRsmBYy870lw==
maybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom-2.jpg
epocacosmeticos.vteximg.com.br/arquivos/ids/467695-500-500/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epocacosmeticos.vteximg.com.br/arquivos/ids/467695-500-500/maybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom-2.jpg?v=637740433797800000
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.7.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-28.fra56.r.cloudfront.net
Software
/
Resource Hash
13cf82a2d5030c083ce6ffdfb29eddb35a31d982e8a54a95a2d9e2440d812041

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-vtex-apicache-time
388800
date
Fri, 10 May 2024 20:31:27 GMT
x-vtex-cache-server
apicache17
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
age
246347
x-amz-cf-pop
FRA56-P6
x-vtex-processed-at
Thu, 15 Sep 2022 16:02:52 GMT
x-cache
Hit from cloudfront
x-vtex-janus-router-backend-app
prtarq-v1.48.2+1482
alt-svc
h3=":443"; ma=86400
content-length
7872
x-vtex-cache-time
0.004
last-modified
Thu, 02 Dec 2021 12:03:07 GMT
x-vtex-cache-backend-header-time
0.004
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=345600
x-powered-by-vtex-cache
2.3.2
x-vtex-cache-status-janus-apicache
REVALIDATED
x-amz-cf-id
aVUZSixNd5xN_4xHoPZJ-5wjh6JZi7BH-5KyZosG56DpV71Leh7bQQ==
x-vtex-cache-backend-connect-time
0.000
maybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom-3.jpg
epocacosmeticos.vteximg.com.br/arquivos/ids/467696-500-500/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epocacosmeticos.vteximg.com.br/arquivos/ids/467696-500-500/maybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom-3.jpg?v=637740433913570000
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.7.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-28.fra56.r.cloudfront.net
Software
/
Resource Hash
5e9a6f78de7e218c337dea8b60dd5386645c656a02e9fd18616d1fd68e708568

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-vtex-apicache-time
388800
date
Fri, 10 May 2024 20:31:27 GMT
x-vtex-cache-server
apicache8
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
age
246347
x-amz-cf-pop
FRA56-P6
x-vtex-processed-at
Mon, 06 Jun 2022 21:39:35 GMT
x-cache
Hit from cloudfront
x-vtex-janus-router-backend-app
prtarq-v1.48.2+1482
alt-svc
h3=":443"; ma=86400
content-length
7934
x-vtex-cache-time
0.000
last-modified
Thu, 02 Dec 2021 12:03:19 GMT
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=345600
x-powered-by-vtex-cache
2.3.2
x-vtex-cache-status-janus-apicache
HIT
x-amz-cf-id
ikOJ9_Rmkxh0qIKScNGegMJj58JIIhubWIAVJb3Iys5rr2JsuLtXKw==
brinde-maybelline-kit-presenteavel-ny--1-.jpg
epocacosmeticos.vteximg.com.br/arquivos/ids/555377-120-120/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epocacosmeticos.vteximg.com.br/arquivos/ids/555377-120-120/brinde-maybelline-kit-presenteavel-ny--1-.jpg?v=638217531472970000
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.7.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-28.fra56.r.cloudfront.net
Software
/
Resource Hash
51c18fb0e93cbbb62df0e861a904575c7fcb5d3bdcff7c4025fd5ac04e0042c1

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-vtex-apicache-time
388800
date
Fri, 10 May 2024 20:31:27 GMT
x-vtex-cache-server
apicache7
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
age
246347
x-amz-cf-pop
FRA56-P6
x-vtex-processed-at
Tue, 07 May 2024 03:31:16 GMT
x-cache
Hit from cloudfront
x-vtex-janus-router-backend-app
prtarq-v1.48.2+1482
alt-svc
h3=":443"; ma=86400
content-length
1536
x-vtex-cache-time
0.002
last-modified
Wed, 07 Jun 2023 16:45:55 GMT
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=345600
x-powered-by-vtex-cache
2.3.2
x-vtex-cache-status-janus-apicache
HIT
x-amz-cf-id
aoVoXHhWvr2bGZFDKwD0NLNqNZU4j7MGjw_y8dO4fehCdidqo7feiQ==
554260_2
epocacosmeticos.vteximg.com.br/arquivos/ids/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epocacosmeticos.vteximg.com.br/arquivos/ids/554260_2
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.7.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-28.fra56.r.cloudfront.net
Software
/
Resource Hash
d4e929c91c53f1ae75502a8e9eaf1307d2d9e9792e84a4c73f140882138129ef

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-vtex-apicache-time
5400
date
Mon, 13 May 2024 16:55:19 GMT
x-vtex-cache-server
apicache14
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
age
115
x-amz-cf-pop
FRA56-P6
x-vtex-processed-at
Thu, 25 Jan 2024 15:12:30 GMT
x-cache
Hit from cloudfront
x-vtex-janus-router-backend-app
prtarq-v1.48.2+1482
alt-svc
h3=":443"; ma=86400
content-length
5716
x-vtex-cache-time
0.000
last-modified
Thu, 01 Jun 2023 12:55:25 GMT
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=3600
x-powered-by-vtex-cache
2.3.2
x-vtex-cache-status-janus-apicache
HIT
x-amz-cf-id
56NQb97pqMz2L-gFFYE1vPtFkZc12cOZO6NePcqVg0wgeUz7Gf8OCw==
564646_2
epocacosmeticos.vteximg.com.br/arquivos/ids/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epocacosmeticos.vteximg.com.br/arquivos/ids/564646_2
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.7.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-28.fra56.r.cloudfront.net
Software
/
Resource Hash
be06f65b0d196fcb058b74eb3f402324c5a093d756f19aa2faceffb2c7bf708d

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-vtex-apicache-time
5400
date
Mon, 13 May 2024 16:55:20 GMT
x-vtex-cache-server
apicache8
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
age
114
x-amz-cf-pop
FRA56-P6
x-vtex-processed-at
Sat, 11 Nov 2023 19:47:12 GMT
x-cache
Hit from cloudfront
x-vtex-janus-router-backend-app
prtarq-v1.48.2+1482
alt-svc
h3=":443"; ma=86400
content-length
4858
x-vtex-cache-time
0.000
last-modified
Wed, 16 Aug 2023 12:38:53 GMT
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=3600
x-powered-by-vtex-cache
2.3.2
x-vtex-cache-status-janus-apicache
HIT
x-amz-cf-id
dB2qmbiTRFLsiGWtWYKtiprkqHEh_V0WZTMhYGL2zIvF3fRZJ8_g9Q==
564455_2
epocacosmeticos.vteximg.com.br/arquivos/ids/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epocacosmeticos.vteximg.com.br/arquivos/ids/564455_2
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.7.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-28.fra56.r.cloudfront.net
Software
/
Resource Hash
1bdacc95db59bc5c6286f3bf6a088065977f56cd9b103a318476d955e33db484

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-vtex-apicache-time
5400
date
Mon, 13 May 2024 16:55:19 GMT
x-vtex-cache-server
apicache3
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
age
115
x-amz-cf-pop
FRA56-P6
x-vtex-processed-at
Sat, 11 Nov 2023 00:00:16 GMT
x-cache
Hit from cloudfront
x-vtex-janus-router-backend-app
prtarq-v1.48.2+1482
alt-svc
h3=":443"; ma=86400
content-length
4742
x-vtex-cache-time
0.000
last-modified
Mon, 14 Aug 2023 16:52:49 GMT
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=3600
x-powered-by-vtex-cache
2.3.2
x-vtex-cache-status-janus-apicache
HIT
x-amz-cf-id
rgrO9l-UE_5t73eSAa6MKey62wVHOVXVr9VtHyTIsRopHHVBxQZX0Q==
KFOmCnqEu92Fr1Mu4mxK.css
epocacosmeticos.vteximg.com.br/arquivos/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://epocacosmeticos.vteximg.com.br/arquivos/KFOmCnqEu92Fr1Mu4mxK.css
Requested by
Host: epocacosmeticos.vteximg.com.br
URL: https://epocacosmeticos.vteximg.com.br/arquivos/product-v2-mobile.min.css?v=202404222345
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.7.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-28.fra56.r.cloudfront.net
Software
/
Resource Hash
98c6b5b72ccc31d05844ac700dec939533a17afbff7a3e51d3e1152d4e4d09ef
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://epocacosmeticos.vteximg.com.br/arquivos/product-v2-mobile.min.css?v=202404222345
Origin
https://promo-quemdisseberenice.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-vtex-apicache-time
5400
date
Mon, 13 May 2024 16:28:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-vtex-cache-server
apicache8
age
1783
x-amz-cf-pop
FRA56-P6
x-vtex-processed-at
Wed, 16 Jun 2021 19:20:10 GMT
via
1.1 3a4987afa567e120a2fa0d82969d4c0a.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-vtex-janus-router-backend-app
prtarq-v1.48.2+1482
alt-svc
h3=":443"; ma=86400
x-vtex-cache-time
0.000
last-modified
Wed, 09 Jun 2021 13:39:30 GMT
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=3600
x-powered-by-vtex-cache
2.3.2
x-vtex-cache-status-janus-apicache
HIT
x-amz-cf-id
WximIfrRQGjk6qERhQhJGe6JcBeiIkzgC9MqoLrKJXwvZOhCahSWeg==
page-views
af-origin.vtex.com/api/activity-flow/ 		0
192 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://af-origin.vtex.com/api/activity-flow/page-views
Requested by
Host: activity-flow.vtex.com
URL: https://activity-flow.vtex.com/af/af.js?v=1.0.0.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.95.83.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-95-83-9.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://promo-quemdisseberenice.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 13 May 2024 16:57:14 GMT
server
awselb/2.0
access-control-allow-headers
Content-Type, Authorization, Content-Length, X-Requested-With
content-length
0
access-control-allow-methods
POST,OPTIONS
content-type
text/html; charset=utf-8
getProfile
promo-quemdisseberenice.com/no-cache/profileSystem/ 		289 B
645 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://promo-quemdisseberenice.com/no-cache/profileSystem/getProfile
Requested by
Host: io.vtex.com.br
URL: https://io.vtex.com.br/front-libs/jquery/1.8.3/jquery-1.8.3.min.js?v=1.0.0.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f054889c4fddfe9aa2ae95481fa32122d11c2418a5dabb0a4ceb11f6d25b490

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://promo-quemdisseberenice.com/quiz-maybe/premio/
X-Requested-With
XMLHttpRequest
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:14 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RUCbn2nfTg2dhUz7%2BMOf%2BQdkn%2BWBxSC3c9aUzToYy6z4OcecL1dYQuR3KW2zJSwNJgjwWaWXwwevwzH3wqTtK8X%2FDCcuNrErMKuGee3xRwnz%2Fa%2B26j4HMqjDjybP8ulEqwWtOJRWDd4xliwjc9M%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cf-ray
88342fb7580f9fc4-AMS
alt-svc
h3=":443"; ma=86400
589041_2
epocacosmeticos.vteximg.com.br/arquivos/ids/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epocacosmeticos.vteximg.com.br/arquivos/ids/589041_2
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.7.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-28.fra56.r.cloudfront.net
Software
/
Resource Hash
69952c1defd9897b5611e32c51331e4ab985e3d8b3fad54f0c0a149647c92ad9

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-vtex-apicache-time
5400
date
Mon, 13 May 2024 16:55:20 GMT
x-vtex-cache-server
apicache7
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
age
114
x-amz-cf-pop
FRA56-P6
x-vtex-processed-at
Thu, 15 Feb 2024 01:33:24 GMT
x-cache
Hit from cloudfront
x-vtex-janus-router-backend-app
prtarq-v1.48.2+1482
alt-svc
h3=":443"; ma=86400
content-length
5896
x-vtex-cache-time
0.000
last-modified
Fri, 12 Jan 2024 18:23:35 GMT
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=3600
x-powered-by-vtex-cache
2.3.2
x-vtex-cache-status-janus-apicache
HIT
x-amz-cf-id
S88ggUYuH6N_UNG2F3-2zJFAmfj3arbelE24QI1qtvNVactdFU1aHA==
564657_2
epocacosmeticos.vteximg.com.br/arquivos/ids/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epocacosmeticos.vteximg.com.br/arquivos/ids/564657_2
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.7.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-28.fra56.r.cloudfront.net
Software
/
Resource Hash
81cc7b233791c4d3075b5d154876b70b11c27296f5da08bb6d5b2919ec74643f

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-vtex-apicache-time
5400
date
Mon, 13 May 2024 16:55:19 GMT
x-vtex-cache-server
apicache18
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
age
115
x-amz-cf-pop
FRA56-P6
x-vtex-processed-at
Fri, 10 Nov 2023 23:25:10 GMT
x-cache
Hit from cloudfront
x-vtex-janus-router-backend-app
prtarq-v1.48.2+1482
alt-svc
h3=":443"; ma=86400
content-length
5410
x-vtex-cache-time
0.000
last-modified
Wed, 16 Aug 2023 12:47:16 GMT
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=3600
x-powered-by-vtex-cache
2.3.2
x-vtex-cache-status-janus-apicache
HIT
x-amz-cf-id
fMJKIZvz-WfJ8UYPZNibRO0gSn9L0mwIm8BE-xhTrAdpyu1TbBBjCQ==
564637_2
epocacosmeticos.vteximg.com.br/arquivos/ids/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epocacosmeticos.vteximg.com.br/arquivos/ids/564637_2
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.7.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-28.fra56.r.cloudfront.net
Software
/
Resource Hash
2b60968bc284a4ceda9275d30adacce5291aec401811f086bdd5e19388078c00

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-vtex-apicache-time
5400
date
Mon, 13 May 2024 16:55:20 GMT
x-vtex-cache-server
apicache9
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
age
114
x-amz-cf-pop
FRA56-P6
x-vtex-processed-at
Wed, 08 May 2024 18:19:47 GMT
x-cache
Hit from cloudfront
x-vtex-janus-router-backend-app
prtarq-v1.48.2+1482
alt-svc
h3=":443"; ma=86400
content-length
3310
x-vtex-cache-time
0.000
last-modified
Wed, 16 Aug 2023 11:58:03 GMT
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=3600
x-powered-by-vtex-cache
2.3.2
x-vtex-cache-status-janus-apicache
HIT
x-amz-cf-id
E9Jn7cf1Drl5MS5mtmV4j3ZXb-427jC4i_QrxBClpkiVc_B_Ae0F9w==
554234_2
epocacosmeticos.vteximg.com.br/arquivos/ids/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epocacosmeticos.vteximg.com.br/arquivos/ids/554234_2
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.7.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-28.fra56.r.cloudfront.net
Software
/
Resource Hash
0a32efb04949de6ac3bbc515350c363587f3632f56d7f65ddf4a95899f490b13

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-vtex-apicache-time
5400
date
Mon, 13 May 2024 16:55:20 GMT
x-vtex-cache-server
apicache7
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
age
114
x-amz-cf-pop
FRA56-P6
x-vtex-processed-at
Tue, 26 Mar 2024 11:53:26 GMT
x-cache
Hit from cloudfront
x-vtex-janus-router-backend-app
prtarq-v1.48.2+1482
alt-svc
h3=":443"; ma=86400
content-length
6042
x-vtex-cache-time
0.000
last-modified
Thu, 01 Jun 2023 12:33:10 GMT
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=3600
x-powered-by-vtex-cache
2.3.2
x-vtex-cache-status-janus-apicache
HIT
x-amz-cf-id
N6QkNdMiIEI5BjLZPRDDSS0gDabokVpgJixK_qsbUbgLDjIMvfGOCg==
base-liquida-niina-secrets-by-eudora-hidra-glow-45.jpg
epocacosmeticos.vteximg.com.br/arquivos/ids/406538-300-300/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epocacosmeticos.vteximg.com.br/arquivos/ids/406538-300-300/base-liquida-niina-secrets-by-eudora-hidra-glow-45.jpg?v=637383638653470000
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.7.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-28.fra56.r.cloudfront.net
Software
/
Resource Hash
b0ca5f6fc10633e6e48e8c671f96158bf88f0b55cf1af8403d0d2a57bc2609db

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-vtex-apicache-time
388800
date
Mon, 13 May 2024 11:36:43 GMT
x-vtex-cache-server
apicache17
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
age
19231
x-amz-cf-pop
FRA56-P6
x-vtex-processed-at
Wed, 01 May 2024 11:12:38 GMT
x-cache
Hit from cloudfront
x-vtex-janus-router-backend-app
prtarq-v1.48.2+1482
alt-svc
h3=":443"; ma=86400
content-length
3254
x-vtex-cache-time
0.000
last-modified
Thu, 15 Oct 2020 13:04:33 GMT
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=345600
x-powered-by-vtex-cache
2.3.2
x-vtex-cache-status-janus-apicache
HIT
x-amz-cf-id
JOQQxomEXBF-bC2cN4coiZuKMkoXurkedgy2aDZC1_9_YWmSRGIQ8A==
3106.jpg
epocacosmeticos.vteximg.com.br/arquivos/ids/265372-300-300/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epocacosmeticos.vteximg.com.br/arquivos/ids/265372-300-300/3106.jpg?v=638240099902300000
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.7.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-28.fra56.r.cloudfront.net
Software
/
Resource Hash
89408df3bdee538e056f7f14b02a70197d73b0e7ee3d44bca8a5fe0855b1f86e

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-vtex-apicache-time
388800
date
Fri, 10 May 2024 04:15:12 GMT
x-vtex-cache-server
apicache3
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
age
304921
x-amz-cf-pop
FRA56-P6
x-vtex-processed-at
Mon, 03 Jul 2023 19:50:23 GMT
x-cache
Hit from cloudfront
x-vtex-janus-router-backend-app
prtarq-v1.48.2+1482
alt-svc
h3=":443"; ma=86400
content-length
3656
x-vtex-cache-time
0.001
last-modified
Mon, 03 Jul 2023 19:39:58 GMT
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=345600
x-powered-by-vtex-cache
2.3.2
x-vtex-cache-status-janus-apicache
HIT
x-amz-cf-id
jfyEb95qc-51PKBZLD8eHk5EMvD-Hc2k1fTakbHCOrsmEFypISaKRA==
Mascara-de-Cilios-Colossal-Super-Filme-Maybelline.jpg
epocacosmeticos.vteximg.com.br/arquivos/ids/441786-300-300/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epocacosmeticos.vteximg.com.br/arquivos/ids/441786-300-300/Mascara-de-Cilios-Colossal-Super-Filme-Maybelline.jpg?v=637613054031130000
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.7.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-28.fra56.r.cloudfront.net
Software
/
Resource Hash
9909cacc4ffffc1bbbf3231bdac4b533f481fd5d13919ed11cf34910e2147f99

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-vtex-apicache-time
388800
date
Sun, 12 May 2024 00:56:39 GMT
x-vtex-cache-server
apicache8
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
age
144035
x-amz-cf-pop
FRA56-P6
x-vtex-processed-at
Thu, 08 Jul 2021 10:23:57 GMT
x-cache
Hit from cloudfront
x-vtex-janus-router-backend-app
prtarq-v1.48.2+1482
alt-svc
h3=":443"; ma=86400
content-length
3642
x-vtex-cache-time
0.001
last-modified
Thu, 08 Jul 2021 01:43:31 GMT
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=345600
x-powered-by-vtex-cache
2.3.2
x-vtex-cache-status-janus-apicache
HIT
x-amz-cf-id
S-ABJU223crP9qgp_8x3w36j4Mjk5pKC5IydPmWTa-2xEQwS_CSvWQ==
7899026456051_2.jpg
epocacosmeticos.vteximg.com.br/arquivos/ids/595090-300-300/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epocacosmeticos.vteximg.com.br/arquivos/ids/595090-300-300/7899026456051_2.jpg?v=638447475276070000
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.7.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-28.fra56.r.cloudfront.net
Software
/
Resource Hash
e98e8c5a981aa8a0e8b847397442dfb434f978bbc895bea2dc9759a03cc8c1a0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-vtex-apicache-time
388800
date
Mon, 13 May 2024 16:55:55 GMT
x-vtex-cache-server
apicache4
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
age
11828
x-amz-cf-pop
FRA56-P6
x-vtex-processed-at
Wed, 08 May 2024 18:45:23 GMT
x-cache
Hit from cloudfront
x-vtex-janus-router-backend-app
prtarq-v1.48.2+1482
alt-svc
h3=":443"; ma=86400
content-length
3000
x-vtex-cache-time
0.087
last-modified
Wed, 28 Feb 2024 20:05:35 GMT
vary
Accept-Encoding
x-vtex-cache-backend-header-time
0.084
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=345600
x-powered-by-vtex-cache
2.3.2
x-vtex-cache-status-janus-apicache
MISS
x-amz-cf-id
A2aZw1EfMEmZP1bL_8_WOmKjFbFdXzVAJ6g-ifgPDYKUme2xMT-Jvw==
x-vtex-cache-backend-connect-time
0.000
Corretivo-para-area-dos-Olhos-Maybelline---Instant-Age-Eraser---Honey--1-.jpg
epocacosmeticos.vteximg.com.br/arquivos/ids/490932-300-300/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epocacosmeticos.vteximg.com.br/arquivos/ids/490932-300-300/Corretivo-para-area-dos-Olhos-Maybelline---Instant-Age-Eraser---Honey--1-.jpg?v=637895099476000000
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.7.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-28.fra56.r.cloudfront.net
Software
/
Resource Hash
e136bc820e6b104809f4b947de619974cb3bbb777e33b0a349bd2529b99c873e

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-vtex-apicache-time
388800
date
Fri, 10 May 2024 04:38:54 GMT
x-vtex-cache-server
apicache18
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
age
303500
x-amz-cf-pop
FRA56-P6
x-vtex-processed-at
Wed, 09 Aug 2023 17:29:25 GMT
x-cache
Hit from cloudfront
x-vtex-janus-router-backend-app
prtarq-v1.48.2+1482
alt-svc
h3=":443"; ma=86400
content-length
3590
x-vtex-cache-time
0.000
last-modified
Mon, 30 May 2022 12:19:15 GMT
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=345600
x-powered-by-vtex-cache
2.3.2
x-vtex-cache-status-janus-apicache
HIT
x-amz-cf-id
A_6Gr4Aghloq6QYbqzKjcP3v14Z5l1pose8o1qJO4mY1LketGHxcWQ==
contorno-cremoso-em-bastao-mariana-saad-by-oceane-contour-stick--1-.jpg
epocacosmeticos.vteximg.com.br/arquivos/ids/529103-300-300/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epocacosmeticos.vteximg.com.br/arquivos/ids/529103-300-300/contorno-cremoso-em-bastao-mariana-saad-by-oceane-contour-stick--1-.jpg?v=638083479590830000
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.7.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-28.fra56.r.cloudfront.net
Software
/
Resource Hash
4c805e6e97b6a55de798c133f980b2672eb3d869b8b43cfda24c5978b7c3aca4

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-vtex-apicache-time
388800
date
Sat, 11 May 2024 19:01:28 GMT
x-vtex-cache-server
apicache3
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
age
165346
x-amz-cf-pop
FRA56-P6
x-vtex-processed-at
Sat, 14 Jan 2023 09:48:44 GMT
x-cache
Hit from cloudfront
x-vtex-janus-router-backend-app
prtarq-v1.48.2+1482
alt-svc
h3=":443"; ma=86400
content-length
3348
x-vtex-cache-time
0.000
last-modified
Tue, 03 Jan 2023 13:06:07 GMT
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=345600
x-powered-by-vtex-cache
2.3.2
x-vtex-cache-status-janus-apicache
HIT
x-amz-cf-id
exlBg6f7zPMs_u_lP4dyHZoPww6uEPQIgNfJOd0H6vqk1qkm3nJ7Gw==
mascara-love-extreme-crazy--1---3-.jpg
epocacosmeticos.vteximg.com.br/arquivos/ids/564455-300-300/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epocacosmeticos.vteximg.com.br/arquivos/ids/564455-300-300/mascara-love-extreme-crazy--1---3-.jpg?v=638276287611800000
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.7.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-28.fra56.r.cloudfront.net
Software
/
Resource Hash
a385ab3c0442344e34719c73222f63ffd5a784b2ed6ce0cdddac7be8abdea22d

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-vtex-apicache-time
388800
date
Thu, 09 May 2024 19:03:11 GMT
x-vtex-cache-server
apicache6
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
age
338043
x-amz-cf-pop
FRA56-P6
x-vtex-processed-at
Fri, 10 Nov 2023 14:19:28 GMT
x-cache
Hit from cloudfront
x-vtex-janus-router-backend-app
prtarq-v1.48.2+1482
alt-svc
h3=":443"; ma=86400
content-length
4306
x-vtex-cache-time
0.000
last-modified
Mon, 14 Aug 2023 16:52:49 GMT
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=345600
x-powered-by-vtex-cache
2.3.2
x-vtex-cache-status-janus-apicache
HIT
x-amz-cf-id
2aiiCio_0M6FxdTjqNZkeXef6TM6OruiLk8ataTkQFjCHntXNffRAg==
base-mate-boca-rosa-beauty-by-payot-9-aline.jpg
epocacosmeticos.vteximg.com.br/arquivos/ids/476526-300-300/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epocacosmeticos.vteximg.com.br/arquivos/ids/476526-300-300/base-mate-boca-rosa-beauty-by-payot-9-aline.jpg?v=637806159772700000
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.7.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-28.fra56.r.cloudfront.net
Software
/
Resource Hash
8488d4da88057270872f1cf8bafc178b50ff9a72911fcda29c73ee3e966e6a7a

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-vtex-apicache-time
388800
date
Mon, 13 May 2024 11:44:15 GMT
x-vtex-cache-server
apicache5
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
age
18779
x-amz-cf-pop
FRA56-P6
x-vtex-processed-at
Thu, 21 Mar 2024 19:38:16 GMT
x-cache
Hit from cloudfront
x-vtex-janus-router-backend-app
prtarq-v1.48.2+1482
alt-svc
h3=":443"; ma=86400
content-length
2488
x-vtex-cache-time
0.000
last-modified
Wed, 16 Feb 2022 13:46:25 GMT
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=345600
x-powered-by-vtex-cache
2.3.2
x-vtex-cache-status-janus-apicache
HIT
x-amz-cf-id
_iGdnWSFwx1mx59z4Pq6Za8J7cTexMJTmICL6QAtAQqP4FhSYHg7Vg==
corretivo-liquido-ruby-kisses-under-eye-corrector-15.jpg
epocacosmeticos.vteximg.com.br/arquivos/ids/489473-300-300/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epocacosmeticos.vteximg.com.br/arquivos/ids/489473-300-300/corretivo-liquido-ruby-kisses-under-eye-corrector-15.jpg?v=637885676416500000
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.7.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-28.fra56.r.cloudfront.net
Software
/
Resource Hash
d993a79cfddad69a9286cff5f091c7aa38036f2d51bf69dd168a540dba749d04

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-vtex-apicache-time
388800
date
Mon, 13 May 2024 14:22:08 GMT
x-vtex-cache-server
apicache11
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
age
50065
x-amz-cf-pop
FRA56-P6
x-vtex-processed-at
Thu, 11 Apr 2024 13:58:04 GMT
x-cache
Hit from cloudfront
x-vtex-janus-router-backend-app
prtarq-v1.48.2+1482
alt-svc
h3=":443"; ma=86400
content-length
2634
x-vtex-cache-time
0.000
last-modified
Thu, 19 May 2022 14:34:09 GMT
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=345600
x-powered-by-vtex-cache
2.3.2
x-vtex-cache-status-janus-apicache
HIT
x-amz-cf-id
aWrCK_opNpA9JqqLCgySFDUAQDe4ut6uS9FHLM3x_Lntccn8pz-heg==
flat-blend-oceane-esponja-para-maquiagem.jpg
epocacosmeticos.vteximg.com.br/arquivos/ids/263357-300-300/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epocacosmeticos.vteximg.com.br/arquivos/ids/263357-300-300/flat-blend-oceane-esponja-para-maquiagem.jpg?v=636621656097530000
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.7.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-28.fra56.r.cloudfront.net
Software
/
Resource Hash
4eb65885f9c62846cb2e441d559794ce03193883083598fef6dd7e2c44f68395

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-vtex-apicache-time
388800
date
Fri, 10 May 2024 06:04:10 GMT
x-vtex-cache-server
apicache14
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
age
298384
x-amz-cf-pop
FRA56-P6
x-vtex-processed-at
Mon, 30 May 2022 15:13:56 GMT
x-cache
Hit from cloudfront
x-vtex-janus-router-backend-app
prtarq-v1.48.2+1482
alt-svc
h3=":443"; ma=86400
content-length
5214
x-vtex-cache-time
0.000
last-modified
Thu, 17 May 2018 14:53:37 GMT
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=345600
x-powered-by-vtex-cache
2.3.2
x-vtex-cache-status-janus-apicache
HIT
x-amz-cf-id
S66865_pbuCCaqg7EDKSHkDo8EuSQrIMHQCGWgKef_WTX7PhoZslHA==
mascara-de-cilios-maybelline-lash-sensational-sky-high.jpg
epocacosmeticos.vteximg.com.br/arquivos/ids/484257-300-300/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epocacosmeticos.vteximg.com.br/arquivos/ids/484257-300-300/mascara-de-cilios-maybelline-lash-sensational-sky-high.jpg?v=637859629882030000
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.7.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-28.fra56.r.cloudfront.net
Software
/
Resource Hash
b4c87a4b9f8e124c7199d1ab3abb288e975092a6f536496b69dc65b3c2eab589

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-vtex-apicache-time
388800
date
Sun, 12 May 2024 00:56:39 GMT
x-vtex-cache-server
apicache14
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
age
144035
x-amz-cf-pop
FRA56-P6
x-vtex-processed-at
Thu, 08 Dec 2022 17:00:51 GMT
x-cache
Hit from cloudfront
x-vtex-janus-router-backend-app
prtarq-v1.48.2+1482
alt-svc
h3=":443"; ma=86400
content-length
4918
x-vtex-cache-time
0.001
last-modified
Tue, 19 Apr 2022 11:03:16 GMT
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=345600
x-powered-by-vtex-cache
2.3.2
x-vtex-cache-status-janus-apicache
HIT
x-amz-cf-id
rhVk-a4f3hCORmUT4Qld9cYit42QH5kwk3rffnmDncg3eMPITxFezA==
real-techniques-kit-10-pinceis-bolsa-travel-fantasy--1-.jpg
epocacosmeticos.vteximg.com.br/arquivos/ids/529139-300-300/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epocacosmeticos.vteximg.com.br/arquivos/ids/529139-300-300/real-techniques-kit-10-pinceis-bolsa-travel-fantasy--1-.jpg?v=638083674547930000
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.7.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-28.fra56.r.cloudfront.net
Software
/
Resource Hash
7a015a9bf34c47268643dbf07ae3961daaff3157bd225a94caaa0589d1f6e553

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-vtex-apicache-time
388800
date
Fri, 10 May 2024 17:46:05 GMT
x-vtex-cache-server
apicache6
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
age
256269
x-amz-cf-pop
FRA56-P6
x-vtex-processed-at
Wed, 04 Jan 2023 01:03:26 GMT
x-cache
Hit from cloudfront
x-vtex-janus-router-backend-app
prtarq-v1.48.2+1482
alt-svc
h3=":443"; ma=86400
content-length
9208
x-vtex-cache-time
0.002
last-modified
Tue, 03 Jan 2023 18:31:02 GMT
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=345600
x-powered-by-vtex-cache
2.3.2
x-vtex-cache-status-janus-apicache
HIT
x-amz-cf-id
3zWW1JhZJXW0JUHI8_Lz0N0xCJYudO4M3YaY7UZbvwbeuVuNnCnj-Q==
corretivo-multifuncional-givenchy-prisme-libre-skin-caring-concealer--1-.jpg
epocacosmeticos.vteximg.com.br/arquivos/ids/527511-1000-1000/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epocacosmeticos.vteximg.com.br/arquivos/ids/527511-1000-1000/corretivo-multifuncional-givenchy-prisme-libre-skin-caring-concealer--1-.jpg?v=638073170631770000
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.7.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-28.fra56.r.cloudfront.net
Software
/
Resource Hash
fe8c733145ffed84e3e2b484dbfb8c3c1912ed5892ff343f1f9e0e5f7648ba08

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-vtex-apicache-time
388800
date
Mon, 13 May 2024 03:03:50 GMT
x-vtex-cache-server
apicache18
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
age
50004
x-amz-cf-pop
FRA56-P6
x-vtex-processed-at
Fri, 08 Mar 2024 14:44:33 GMT
x-cache
Hit from cloudfront
x-vtex-janus-router-backend-app
prtarq-v1.48.2+1482
alt-svc
h3=":443"; ma=86400
content-length
17114
x-vtex-cache-time
0.000
last-modified
Thu, 22 Dec 2022 14:44:31 GMT
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=345600
x-powered-by-vtex-cache
2.3.2
x-vtex-cache-status-janus-apicache
HIT
x-amz-cf-id
3eeFYn9FLRTe9aeK3bNXU8uZPHsRVRyXN_LERZSD2Y419HI8l2eVuw==
po-solto-facial-givenchy-prisme-libre-loose-powder-n01.jpg
epocacosmeticos.vteximg.com.br/arquivos/ids/446211-1000-1000/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epocacosmeticos.vteximg.com.br/arquivos/ids/446211-1000-1000/po-solto-facial-givenchy-prisme-libre-loose-powder-n01.jpg?v=637637039266130000
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.7.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-28.fra56.r.cloudfront.net
Software
/
Resource Hash
b62dbc10fce192f0806a0a31f10fba8a2c875030a080dbdec9638406ce809b89

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-vtex-apicache-time
388800
date
Sun, 12 May 2024 03:29:30 GMT
x-vtex-cache-server
apicache12
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
age
134864
x-amz-cf-pop
FRA56-P6
x-vtex-processed-at
Thu, 28 Mar 2024 14:59:50 GMT
x-cache
Hit from cloudfront
x-vtex-janus-router-backend-app
prtarq-v1.48.2+1482
alt-svc
h3=":443"; ma=86400
content-length
52804
x-vtex-cache-time
0.000
last-modified
Wed, 04 Aug 2021 19:58:54 GMT
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=345600
x-powered-by-vtex-cache
2.3.2
x-vtex-cache-status-janus-apicache
HIT
x-amz-cf-id
XlhqUDbuw9suiAzHqHKX9WBiozijqOn9SxtrRJjnZllsvk_UJQAKUg==
3274872458376.2.jpg
epocacosmeticos.vteximg.com.br/arquivos/ids/579067-1000-1000/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epocacosmeticos.vteximg.com.br/arquivos/ids/579067-1000-1000/3274872458376.2.jpg?v=638351612017170000
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.7.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-28.fra56.r.cloudfront.net
Software
/
Resource Hash
ae1d59ddb29bed9e4400c841953b979211023752019f9de666f056f49dd3c71f

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-vtex-apicache-time
388800
date
Fri, 10 May 2024 03:34:01 GMT
x-vtex-cache-server
apicache4
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
age
307393
x-amz-cf-pop
FRA56-P6
x-vtex-processed-at
Thu, 09 May 2024 02:21:57 GMT
x-cache
Hit from cloudfront
x-vtex-janus-router-backend-app
prtarq-v1.48.2+1482
alt-svc
h3=":443"; ma=86400
content-length
13746
x-vtex-cache-time
0.000
last-modified
Thu, 09 Nov 2023 21:13:29 GMT
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=345600
x-powered-by-vtex-cache
2.3.2
x-vtex-cache-status-janus-apicache
HIT
x-amz-cf-id
gdrbny9nCv7-lIaDQqbTSKoZ7bGUDEViIs2rSJEmyv8wihrfedbOlQ==
po-compacto-givenchy-prisme-libre-n03.jpg
epocacosmeticos.vteximg.com.br/arquivos/ids/504540-1000-1000/ 		68 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epocacosmeticos.vteximg.com.br/arquivos/ids/504540-1000-1000/po-compacto-givenchy-prisme-libre-n03.jpg?v=637968636058630000
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.7.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-28.fra56.r.cloudfront.net
Software
/
Resource Hash
bc351362281d37d8ed19acd66323afb821bf3a72c5db711d8709e32473618595

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-vtex-apicache-time
388800
date
Sun, 12 May 2024 03:29:29 GMT
x-vtex-cache-server
apicache6
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
age
134864
x-amz-cf-pop
FRA56-P6
x-vtex-processed-at
Wed, 07 Feb 2024 03:02:10 GMT
x-cache
Hit from cloudfront
x-vtex-janus-router-backend-app
prtarq-v1.48.2+1482
alt-svc
h3=":443"; ma=86400
content-length
69364
x-vtex-cache-time
0.000
last-modified
Tue, 23 Aug 2022 15:00:13 GMT
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=345600
x-powered-by-vtex-cache
2.3.2
x-vtex-cache-status-janus-apicache
HIT
x-amz-cf-id
Xt3u_Y-jNpYyH0YusXYR6vSkDuj2HNHJTFv7oyLEs-QG2EE-_jRXvg==
base-liquida-givenchy-prisme-libre-skin-caring-glow-n280.jpg
epocacosmeticos.vteximg.com.br/arquivos/ids/446168-1000-1000/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epocacosmeticos.vteximg.com.br/arquivos/ids/446168-1000-1000/base-liquida-givenchy-prisme-libre-skin-caring-glow-n280.jpg?v=637636997886470000
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.7.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-28.fra56.r.cloudfront.net
Software
/
Resource Hash
3320c00131ba3f97b68fb9372b7124fd8ee19260566d7c43c4930a13af1e1d3e

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-vtex-apicache-time
388800
date
Sun, 12 May 2024 03:29:30 GMT
x-vtex-cache-server
apicache12
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
age
134864
x-amz-cf-pop
FRA56-P6
x-vtex-processed-at
Wed, 08 May 2024 03:02:37 GMT
x-cache
Hit from cloudfront
x-vtex-janus-router-backend-app
prtarq-v1.48.2+1482
alt-svc
h3=":443"; ma=86400
content-length
12892
x-vtex-cache-time
0.000
last-modified
Wed, 04 Aug 2021 18:49:56 GMT
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=345600
x-powered-by-vtex-cache
2.3.2
x-vtex-cache-status-janus-apicache
HIT
x-amz-cf-id
1cjnNZYFsxuAn3O-22R22NP323n_ZCehEmkgmJtS2bif0k6cRaEHcA==
batom-givenchy-le-rouge-interdit-intense-silk--1-.jpg
epocacosmeticos.vteximg.com.br/arquivos/ids/527663-1000-1000/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epocacosmeticos.vteximg.com.br/arquivos/ids/527663-1000-1000/batom-givenchy-le-rouge-interdit-intense-silk--1-.jpg?v=638073929316000000
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.7.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-28.fra56.r.cloudfront.net
Software
/
Resource Hash
d31b9a0d12f3d7745943404e597674300af2c98bf6d4dda0f34fc25f67b2bba2

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-vtex-apicache-time
388800
date
Fri, 10 May 2024 03:53:09 GMT
x-vtex-cache-server
apicache14
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
age
306245
x-amz-cf-pop
FRA56-P6
x-vtex-processed-at
Sun, 17 Mar 2024 03:02:31 GMT
x-cache
Hit from cloudfront
x-vtex-janus-router-backend-app
prtarq-v1.48.2+1482
alt-svc
h3=":443"; ma=86400
content-length
45610
x-vtex-cache-time
0.000
last-modified
Fri, 23 Dec 2022 11:48:59 GMT
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=345600
x-powered-by-vtex-cache
2.3.2
x-vtex-cache-status-janus-apicache
HIT
x-amz-cf-id
6Y5BIBzyw2FdI9WBKxuoywJJ8BPWqLMCYr5LzJDRsM09lIZZERgyIQ==
email-decode.min.js
promo-quemdisseberenice.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://promo-quemdisseberenice.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/quiz-maybe/premio/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 08 May 2024 09:31:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"663b4689-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jdSuCPmJZh99KMvVdvarDkh53yfy6BlERy0ylnhjb%2FF9RpReH2bQ3c%2BsgTaPO0mk8VQwJp%2FvSZ9n%2F8JBqL1Hl3ASAGGzjm%2FL7MYoMA4%2BuFf1lBJWKsYLsHWJZ%2FSmgQlP%2BG51fMjhHxRCg5TfeIk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
88342fb7f9299fc4-AMS
expires
Wed, 15 May 2024 16:57:14 GMT
lightslider_pdp.min.js
epocacosmeticos.vteximg.com.br/arquivos/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://epocacosmeticos.vteximg.com.br/arquivos/lightslider_pdp.min.js?v=202102021745
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.7.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-28.fra56.r.cloudfront.net
Software
/
Resource Hash
9c79822be1ce3cc3decf34b7932f552b39cc587e2c5b891e4fc1eb31a0cd6d8a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-vtex-apicache-time
388800
date
Sat, 11 May 2024 04:50:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-vtex-cache-server
apicache18
age
278968
x-amz-cf-pop
FRA56-P6
x-vtex-processed-at
Wed, 09 Aug 2023 16:50:08 GMT
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-vtex-janus-router-backend-app
prtarq-v1.48.2+1482
alt-svc
h3=":443"; ma=86400
content-length
4943
x-vtex-cache-time
0.001
last-modified
Tue, 26 Jan 2021 19:30:28 GMT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=345600
x-powered-by-vtex-cache
2.3.2
x-vtex-cache-status-janus-apicache
HIT
x-amz-cf-id
J6hzOdT3o2U6WTzrhWwe7SRyttnjXK9zcsepi9DV48CFYAkEZArJHA==
lightgallery-all_pdp.min.js
epocacosmeticos.vteximg.com.br/arquivos/ 		55 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://epocacosmeticos.vteximg.com.br/arquivos/lightgallery-all_pdp.min.js?v=202102021745
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.7.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-28.fra56.r.cloudfront.net
Software
/
Resource Hash
2cd2ec168323d5ec03c4ffdf6a4d8b83bcbc6b591232bdf2951f19172578bd6b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-vtex-apicache-time
388800
date
Fri, 10 May 2024 03:52:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-vtex-cache-server
apicache16
age
306273
x-amz-cf-pop
FRA56-P6
x-vtex-processed-at
Wed, 14 Sep 2022 01:29:27 GMT
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-vtex-janus-router-backend-app
prtarq-v1.48.2+1482
alt-svc
h3=":443"; ma=86400
x-vtex-cache-time
0.000
last-modified
Tue, 26 Jan 2021 20:08:37 GMT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=345600
x-powered-by-vtex-cache
2.3.2
x-vtex-cache-status-janus-apicache
HIT
x-amz-cf-id
x5HAJ8nU_tCFRgjCJHEe6dak34apkGVXjN4L8RazLaVq10LieRsudQ==
product-v2-mobile.min.js
epocacosmeticos.vteximg.com.br/arquivos/ 		233 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://epocacosmeticos.vteximg.com.br/arquivos/product-v2-mobile.min.js?v=202405061900
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.7.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-28.fra56.r.cloudfront.net
Software
/
Resource Hash
59438fb23b7eaefa5c4c6e06e9da8380a8b98775addf6ccbd910fd1594a2b19a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-vtex-apicache-time
388800
date
Fri, 10 May 2024 22:06:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-vtex-cache-server
apicache7
age
240617
x-amz-cf-pop
FRA56-P6
x-vtex-processed-at
Mon, 06 May 2024 22:04:45 GMT
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-vtex-janus-router-backend-app
prtarq-v1.48.2+1482
alt-svc
h3=":443"; ma=86400
x-vtex-cache-time
0.000
last-modified
Mon, 06 May 2024 22:00:01 GMT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=345600
x-powered-by-vtex-cache
2.3.2
x-vtex-cache-status-janus-apicache
HIT
x-amz-cf-id
j7dDY5BuZOYYh2GbgR3SPe5Qn4mjBJM05ezRxLQfSxquNnVy0alvaw==
track.js
epocacosmeticos.vteximg.com.br/scripts/ 		648 B
969 B 		Script
General
Check archive.org
Download Go to
Full URL
https://epocacosmeticos.vteximg.com.br/scripts/track.js?v=1.0.0.0
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.7.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-28.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e5e08a7eddc18ac40b56c2b46c23372ac36b950f021139500ea2312c1f31bcdf

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 09 May 2024 00:31:47 GMT
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
last-modified
Mon, 12 Aug 2019 17:45:11 GMT
server
AmazonS3
age
404727
x-amz-cf-pop
FRA56-P6
etag
"9f17653dab3e199aa0fb874c102ea20a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=345600, s-maxage=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
648
x-amz-cf-id
YE7Lu4U6AWx-aZWu7hPwUFEyrTbKgBvgkym6us1NsiRBOApMeYJLiQ==
thickbox.js
epocacosmeticos.vteximg.com.br/scripts/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://epocacosmeticos.vteximg.com.br/scripts/thickbox.js?v=1.0.0.0
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.7.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-28.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a226eb7eede60e23df1ae85ec07046d9bafc4b563616e91b5759550ec0e9d2ec

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 07 May 2024 03:06:18 GMT
content-encoding
gzip
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
last-modified
Mon, 12 Aug 2019 17:45:11 GMT
server
AmazonS3
age
568257
x-amz-cf-pop
FRA56-P6
etag
W/"fae9071f3a783b7f0af657dd6af0b6c2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=345600, s-maxage=604800
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
wB33oVMIf7Ss4oCLSU903hzOjNFEoBy8zOFqOyfCwvFRwPRmR73pGw==
json2.js
epocacosmeticos.vteximg.com.br/scripts/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://epocacosmeticos.vteximg.com.br/scripts/json2.js?v=1.0.0.0
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.7.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-28.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1e393ad944004b7412d76139dd4c998e98cd7e2eacdb8b4c879d7afefe703923

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 12 May 2024 22:24:12 GMT
content-encoding
gzip
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
last-modified
Mon, 12 Aug 2019 17:45:11 GMT
server
AmazonS3
age
474489
x-amz-cf-pop
FRA56-P6
etag
W/"539b1122dc0c921083580d84537d06ab"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
public, max-age=345600, s-maxage=604800
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
52OW-S5JaFZN0wE2FsMvBLeOcpyuVU-cOPhHC3IVss-GiwCArL0bLg==
vtex.viewpart.callcenterdisclaimer.js
epocacosmeticos.vteximg.com.br/scripts/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://epocacosmeticos.vteximg.com.br/scripts/vtex.viewpart.callcenterdisclaimer.js?v=1.0.0.0
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.7.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-28.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2c0a73ed38272349b567a6d8d8349099fd4b79190f0166fbeed8a23124a032fe

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 12 May 2024 23:34:40 GMT
content-encoding
gzip
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
last-modified
Mon, 12 Aug 2019 17:45:11 GMT
server
AmazonS3
age
474489
x-amz-cf-pop
FRA56-P6
etag
W/"8de4c64ff686d75b72a303e5d5d66736"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
public, max-age=345600, s-maxage=604800
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
KZN8JM3PxZ9KPT4Cr82H-526WC4KgYy-29nQrB0S8hIZydAClol18Q==
vtex.viewpart.ajaxloader_v2.js
epocacosmeticos.vteximg.com.br/scripts/ 		688 B
1014 B 		Script
General
Check archive.org
Download Go to
Full URL
https://epocacosmeticos.vteximg.com.br/scripts/vtex.viewpart.ajaxloader_v2.js?v=1.0.0.0
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.7.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-28.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
211b2d62a6e73bcf8c3e7c882bb44a822fe0c54458bf711058397ddb602dab94

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 07 May 2024 09:06:04 GMT
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
last-modified
Mon, 12 Aug 2019 17:45:11 GMT
server
AmazonS3
age
546671
x-amz-cf-pop
FRA56-P6
etag
"049448a65648029f26aec31e7599228d"
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
public, max-age=345600, s-maxage=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
688
x-amz-cf-id
P4LeSni4yL_nnX_l1mAaayXRGgeKNMB9s0__uSdGyKyVPXumKzLOcA==
vtex-view-part.js
epocacosmeticos.vteximg.com.br/scripts/social/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://epocacosmeticos.vteximg.com.br/scripts/social/vtex-view-part.js?v=1.0.0.0
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.7.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-28.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7edecc697ee082b2ad36a2affd9b78ce6c42e5f6eac25f7c0d760044a2ad329f

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 01:32:06 GMT
content-encoding
gzip
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
last-modified
Mon, 12 Aug 2019 17:45:21 GMT
server
AmazonS3
age
489092
x-amz-cf-pop
FRA56-P6
etag
W/"35a3994452f3e06584ba3bb4b8ca88f9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
public, max-age=345600, s-maxage=604800
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
PSQRkx7-LrmaP7Lb-s9SoVU6evBYUM5_DTXmBZ8pEOpzSIz7Q7FS_A==
vtex.viewpart.otherpaymentmethod.js
epocacosmeticos.vteximg.com.br/scripts/ 		1013 B
790 B 		Script
General
Check archive.org
Download Go to
Full URL
https://epocacosmeticos.vteximg.com.br/scripts/vtex.viewpart.otherpaymentmethod.js?v=1.0.0.0
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.7.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-28.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
84572da5b7d7d1cb8f75ae283f9af0ecf24a76ab691ef90e23fa0ede12cacc9c

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 04:07:38 GMT
content-encoding
gzip
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
last-modified
Mon, 12 Aug 2019 17:45:12 GMT
server
AmazonS3
age
131649
x-amz-cf-pop
FRA56-P6
etag
W/"614243c314492e4db8bf03b3e1d095b3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
public, max-age=345600, s-maxage=604800
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
jH4AUVakUE8YaNm2cfv1h_Re87851BoV1BVWd3dZKWXG5hVUWb7ikQ==
vtex.jsevents.js
epocacosmeticos.vteximg.com.br/scripts/ 		2 KB
925 B 		Script
General
Check archive.org
Download Go to
Full URL
https://epocacosmeticos.vteximg.com.br/scripts/vtex.jsevents.js?v=1.0.0.0
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.7.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-28.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
53c97d5d8f47cfc8913bffc97e2d1d29163471a22f99049f3900592be142e464

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 07 May 2024 03:43:41 GMT
content-encoding
gzip
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
last-modified
Mon, 12 Aug 2019 17:45:11 GMT
server
AmazonS3
age
566014
x-amz-cf-pop
FRA56-P6
etag
W/"3bc31f2f1a1ed7afb01e3b9e5072fd1d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
public, max-age=345600, s-maxage=604800
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
1nqXPcMnWXToqlxO5Fu0yvJgeqJAhGZ8TJMHqDhrSmFfjmY34Ly5Iw==
vtex.skuevents.js
epocacosmeticos.vteximg.com.br/scripts/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://epocacosmeticos.vteximg.com.br/scripts/vtex.skuevents.js?v=1.0.0.0
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.7.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-28.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4d21ad4add89a439b784b232960ad1d6e5a80b0caa1e86278ffe9db2caeb88e3

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 03:42:40 GMT
content-encoding
gzip
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
last-modified
Mon, 12 Aug 2019 17:45:11 GMT
server
AmazonS3
age
474489
x-amz-cf-pop
FRA56-P6
etag
W/"b0ed48967214515d5935a93a58a348da"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
public, max-age=345600, s-maxage=604800
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
psmWh4lIPcNLzL76uCpsC7GsnT8F-_OURqLhJD2tJ6-y3r3kPXKq8Q==
vtex.skuevents.skudatafetcher.js
epocacosmeticos.vteximg.com.br/scripts/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://epocacosmeticos.vteximg.com.br/scripts/vtex.skuevents.skudatafetcher.js?v=1.0.0.0
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.7.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-28.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
58d0e1d69b34fe90f5612bb0ebbfc23205535b152136e02ac11f17027df7343a

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Sun, 12 May 2024 00:39:20 GMT
content-encoding
gzip
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
last-modified
Mon, 12 Aug 2019 17:45:11 GMT
server
AmazonS3
age
145075
x-amz-cf-pop
FRA56-P6
etag
W/"9483983c37ebb0b99e7bc7b87c0d974d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
public, max-age=345600, s-maxage=604800
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
R1UoBa9uUSp4g4-Oqu0cIrNADOrXKQ0fFdvOlQAMIDCtbJHcPGomZQ==
intersect.js
epocacosmeticos.vteximg.com.br/scripts/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://epocacosmeticos.vteximg.com.br/scripts/intersect.js?v=1.0.0.0
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.7.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-28.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f8971208a18d9a2743bb30fdadafd5d2f85ffb8779da91f34242d959e41f1615

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 07 May 2024 00:44:14 GMT
content-encoding
gzip
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
last-modified
Mon, 12 Aug 2019 17:45:11 GMT
server
AmazonS3
age
576782
x-amz-cf-pop
FRA56-P6
etag
W/"2812ddad7e0b5f5eeb495aba4bfbda17"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
public, max-age=345600, s-maxage=604800
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
_0s6g6C8gnw2zfIXaRUIERRxBjrDHqgT8RBPdawriAJ9erO-4MGZ0w==
ld.js
dynamic.criteo.com/js/ld/ 		49 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dynamic.criteo.com/js/ld/ld.js?a=9137
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::e , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
1d673ed4519e23c6d501a080fd1c47ca91046667f07d2a1e0d8582fba65281b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public,max-age=10800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
js
www.googletagmanager.com/gtag/ 		258 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-976458679
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cd738ebe6342e73063d0af3b66bf945a7e3e1dd9f3c5976044941c3cf346dcdf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
91162
x-xss-protection
0
last-modified
Mon, 13 May 2024 16:10:41 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 13 May 2024 16:57:14 GMT
btg360-2.0.1.min.js
i.btg360.com.br/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i.btg360.com.br/btg360-2.0.1.min.js
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca5c12fa2a2fdc26de649d2e849008083ee8671790948ba832c84d5a2cd5dbbc

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:14 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 11 Apr 2024 19:40:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-amz-request-id
TMV76N0HRHT5HE34
age
6404
etag
W/"479693e69031f0fcc929a4cf65dbe90e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g0KX6R7%2Fw92TjVTJtiKlEfzZ4uxZm29ABYi6a%2F4Jq4q0N%2BUMj0utnHowLjN9EQqd6kVui7RIgsHe%2BzL9YumQi%2BaxIFXpf9FpDX%2BX5AGv9VfV4fY2rXSm2FKV4BdeAmuURM7HFJu8s3fPrZ%2BJyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
88342fbbffaf0e50-AMS
x-amz-id-2
TxxdW+Ny24pmJpansB9XM/LXduTfztAUqf/nr9J6rsukz3rwh5JRnkLqAvo/yZzZeAIe4N02Kuk=
0
bat.bing.com/action/ 		0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5061910&Ver=2&mid=27bc18ef-d50a-41dd-ad2b-7aa3bd615ab6&sid=d6dbefd00e3311efac1af37f99c9a500&vid=2509e57004fd11ef9614fb1de9d2901f&vids=0&msclkid=N&pi=0&lg=pt-PT&sw=375&sh=667&sc=24&tl=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&p=https%3A%2F%2Fwww.epocacosmeticos.com.br%2Fmaybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom%2Fp%3Fidsku%3D65884%26utm_content%3D65884%26utm_medium%3Dcpc%26utm_source%3Dgoogle%26utmi_cp%3Dpla%26gad_source%3D1%26gclid%3DCj0KCQjwxeyxBhC7ARIsAC7dS3_w1fBtzQPFXN_Mh9YXzcGNcD1TigVLwUAhZUwpgrTxSY7MTO_0rogaAv-7EALw_wcB%26gclsrc%3Daw.ds%26uam%3Dtrue%26mobile%3D2&r=https%3A%2F%2Fwww.epocacosmeticos.com.br%2Fmaybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom%2Fp%3Fidsku%3D65884%26utm_content%3D65884%26utm_medium%3Dcpc%26utm_source%3Dgoogle%26utmi_cp%3Dpla%26gad_source%3D1%26gclid%3DCj0KCQjwxeyxBhC7ARIsAC7dS3_w1fBtzQPFXN_Mh9YXzcGNcD1TigVLwUAhZUwpgrTxSY7MTO_0rogaAv-7EALw_wcB%26gclsrc%3Daw.ds&lt=2608&mtp=1&evt=pageLoad&sv=1&rn=920171
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 13 May 2024 16:57:14 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 1B37FD483C5D43658752038900AD1EBC Ref B: BRU30EDGE0519 Ref C: 2024-05-13T16:57:15Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
0
bat.bing.com/action/ 		0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5061910&Ver=2&mid=27bc18ef-d50a-41dd-ad2b-7aa3bd615ab6&sid=d6dbefd00e3311efac1af37f99c9a500&vid=2509e57004fd11ef9614fb1de9d2901f&vids=0&msclkid=N&prodid=49436&pagetype=product&en=Y&p=https%3A%2F%2Fwww.epocacosmeticos.com.br%2Fmaybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom%2Fp&sw=375&sh=667&sc=24&evt=custom&rn=998961
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 13 May 2024 16:57:14 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: B4C87AE586634F579B7789948CB345C8 Ref B: BRU30EDGE0519 Ref C: 2024-05-13T16:57:15Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
icon-minimized-20200918113245043-313.png
s3.sa-east-1.amazonaws.com/chatbot-droz/chatbot-droz-prod/attachment/9d8ec964788d7819cdac497969b23b0cf0ed73ce/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.sa-east-1.amazonaws.com/chatbot-droz/chatbot-droz-prod/attachment/9d8ec964788d7819cdac497969b23b0cf0ed73ce/icon-minimized-20200918113245043-313.png
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.165.80 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-sa-east-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
406cb6f4517e483d3c94c50f38c4c291d3057c955a696685e97727edb75c5573

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date
Mon, 13 May 2024 16:57:16 GMT
Last-Modified
Fri, 18 Sep 2020 14:32:46 GMT
Server
AmazonS3
x-amz-request-id
N8PK6E5MPR9EDX0N
ETag
"77696db7316beec9faa8a3ad481cc735"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
1421
x-amz-id-2
H4ujMhlbezglhBVsXONaOWG8qwRwHwYL1j2t6vRLdUzMfCZ6XuBOSCpChULUxOHCVG29f8ijtoQ=
g.js
static.percycle.com/epocacosmeticos/ 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.percycle.com/epocacosmeticos/g.js
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237d:f600:f:5081:d8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d2f6018fd92177216c51daee33a41a82af1b556c64653ff2a57a247d1039788f

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 03:39:24 GMT
content-encoding
gzip
via
1.1 67393fa6b3a865c1a8252acac0aa5cbc.cloudfront.net (CloudFront)
x-amz-version-id
Y1zNUyIvk25F1Z9Uc22wbgJav_Omp9FH
last-modified
Fri, 05 Apr 2024 00:11:24 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P2
age
47870
etag
"4d964f2ef4173bfe1b594ea9621b170b"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
20880
x-amz-cf-id
oxB9WQKrwAxaCcThbD9re6hxImrJ0e6q6bqgI1uNhxrAk7Ug_JW69w==
tracker.min.js
tracker.pensebig.com.br/scripts/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tracker.pensebig.com.br/scripts/tracker.min.js
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
169.55.209.190 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
be.d1.37a9.ip4.static.sl-reverse.com
Software
Microsoft-IIS/10.0 /
Resource Hash
95167664226c09c2a69097d4af4fb5e3e5c0f753d5f1a698845d5a4377211d76

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:15 GMT
content-encoding
br
last-modified
Tue, 23 Feb 2021 10:01:08 GMT
server
Microsoft-IIS/10.0
etag
"1d709cace4e5f0a"
vary
Accept-Encoding
content-type
text/javascript
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400; persistir=1
product-content
scontent.webcollage.net/api/v2/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scontent.webcollage.net/api/v2/product-content
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
17681f393257cb4b5468c1145c000e763852d1a6e7d97d3cd0128f3f767b8f01

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 13 May 2024 16:57:14 GMT
content-encoding
gzip
via
1.1 varnish
content-md5
VVJCvNZ/3AElwpyUlU7EXQ==
age
1543
x-ms-server-encrypted
true
x-cache
HIT
content-disposition
content-length
1632
x-ms-lease-state
available
x-served-by
cache-ams21037-AMS
x-ms-lease-status
unlocked
x-ms-creation-time
Thu, 16 Sep 2021 14:27:51 GMT
last-modified
Fri, 24 Sep 2021 16:49:34 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-timer
S1715619435.868326,VS0,VE0
etag
"0x8D97F7B49D91A27"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
2fa172f9-f01e-0064-5e24-95f98b000000
x-ms-version
2022-11-02
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-PINGOTHER, Range, x-parent-txid
x-cache-hits
96
aw.js
cdn.siteblindado.com/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.siteblindado.com/aw.js
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::214:8e70 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
istio-envoy /
Resource Hash
6ee55ce73cc6f064f248d71356dfc718115c906839e9018eb9af78240a5f76db

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:14 GMT
content-encoding
gzip
last-modified
Wed, 20 Mar 2024 23:22:12 GMT
server
istio-envoy
etag
"65fb6fa4-10ac"
vary
Accept-Encoding
content-type
application/javascript
x-envoy-upstream-service-time
0
accept-ranges
bytes
content-length
1170
push.js
collect.vendavalida.com.br/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://collect.vendavalida.com.br/push.js
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.70.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73c08bb0bea7efeeec695fec69c1239bf7388d308088e4a6e23838c4c9a91afd
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:14 GMT
via
1.1 vegur
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
strict-transport-security
max-age=2592000; includeSubDomains; preload
age
10542
content-encoding
br
alt-svc
h3=":443"; ma=86400
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1715551244&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=yMl7tUm2GwgB6ZK6wlf60SvnPE%2F1%2B%2BH46kPxx%2FUZm%2Fg%3D
cf-bgj
minify
last-modified
Fri, 10 May 2024 20:55:26 GMT
server
cloudflare
etag
W/"1e5c-18f644a0e30"
vary
Accept-Encoding
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1715551244&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=yMl7tUm2GwgB6ZK6wlf60SvnPE%2F1%2B%2BH46kPxx%2FUZm%2Fg%3D"}]}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=28800
cf-ray
88342fbb4ecdb8f4-AMS
0
bat.bing.com/action/ 		0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5061910&Ver=2&mid=1a06ce60-cad7-456e-856f-d24b2e6a021a&sid=44fd31100e8711ef80d4692c01413ef6&vid=44fd8d400e8711efb4f11f080231ce16&vids=0&msclkid=N&pi=0&lg=pt-PT&sw=375&sh=667&sc=24&tl=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&p=https%3A%2F%2Fofertas-maybelyne.com%2Fquiz-maybe%2Fpremio%2F&r=&lt=3269&mtp=1&evt=pageLoad&sv=1&rn=75141
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 13 May 2024 16:57:14 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 2EEC098A8C304FF8BA97354E1972B274 Ref B: BRU30EDGE0519 Ref C: 2024-05-13T16:57:15Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
0
bat.bing.com/action/ 		0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5061910&Ver=2&mid=1a06ce60-cad7-456e-856f-d24b2e6a021a&sid=44fd31100e8711ef80d4692c01413ef6&vid=44fd8d400e8711efb4f11f080231ce16&vids=0&msclkid=N&pagetype=product&en=Y&p=https%3A%2F%2Fofertas-maybelyne.com%2Fquiz-maybe%2Fpremio%2F&sw=375&sh=667&sc=24&evt=custom&rn=455955
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 13 May 2024 16:57:14 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 7FA696AB0BA7454283A006A6EB0439EB Ref B: BRU30EDGE0519 Ref C: 2024-05-13T16:57:15Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
widget.css
rate.trustvox.com.br/ 		9 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rate.trustvox.com.br/widget.css
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1baf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51db7b392bd063f3109cb75e343b29cdcb891bf2beeabe4437969a5bd60f69ec

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:13 GMT
content-encoding
gzip
cf-cache-status
HIT
age
169
x-guploader-uploadid
ABPtcPqg7Yg__Y9Y_x69sgCl9u9b-TOFVMGBwqtrD0G3Ew-jPtm3cFvPYSd-qg3veATZVGZ4ab-h4kkCzA
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
last-modified
Tue, 04 Jul 2023 02:47:23 GMT
server
cloudflare
etag
W/"3d149247212fddd3c92e7e1aac940a6f"
vary
Accept-Encoding
x-goog-hash
crc32c=2Xv/sQ==, md5=PRSSRyEv3dPJLn4arJQKbw==
x-goog-generation
1688438843463434
content-type
text/css
cache-control
public, max-age=14400
x-goog-stored-content-length
8761
cf-ray
88342fb5fd536702-AMS
expires
Mon, 13 May 2024 20:57:13 GMT
products_rates
trustvox.com.br/widget/shelf/v2/ 		2 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://trustvox.com.br/widget/shelf/v2/products_rates?codes[]=6153&codes[]=6154&codes[]=19586&codes[]=21336&codes[]=22064&codes[]=31292&codes[]=42509&codes[]=50111&codes[]=51037&codes[]=51502&codes[]=55064&codes[]=55778&codes[]=6152&store_id=393&callback=_tsRatesReady
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1baf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
642f9a402653c32a5a25e89891fe52320483539e2e9e4f5b55a46cb9433afd39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
6f22811643d0ea94f2596128dfc9fbe4
x-runtime
0.028540
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"642f9a402653c32a5a25e89891fe5232"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Origin, Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=14400
cf-ray
88342fb5ed326702-AMS
expires
Mon, 13 May 2024 20:57:14 GMT
identify_93546.js
analytics.tiktok.com/i18n/pixel/static/ 		139 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_93546.js
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-162.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a869fe8cddaf23f1ee50724c35748cefb30c697095b2cf4a231033cb8f43b4ab

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-akamai-request-id
aaf31867
date
Mon, 13 May 2024 16:57:13 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20240508162128A7935037EF47876CAA1E
x-tt-trace-id
00-240508162128A7935037EF47876CAA1E-248153F902C85EBA-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a104-126-37-158.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01d63fdf8755a6439346cdde42912ed98be3a5cc992bb38cdc9a48682e50bb90057c9712f050b3997894cd82c4f839b3637f0e8ac03b9d53e89e49541d86e3daf20a79e9d3ac9c96352fc423f55dd5b18e13d8653d8c374963f99588c84c2d634c
server-timing
cdn-cache; desc=HIT, edge; dur=1, origin; dur=0, inner; dur=12
content-length
37062
css2
fonts.googleapis.com/ 		23 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500;600&display=swap
Requested by
Host: static.trustvox.com.br
URL: https://static.trustvox.com.br/sincero/css/sincero.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c7d619849b735a8df7f1c9dbe91e22116dca64cce4c2b896292c6286d69072d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://static.trustvox.com.br/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security
max-age=31536000
date
Mon, 13 May 2024 16:57:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
expires
Mon, 13 May 2024 16:57:14 GMT
icon
fonts.googleapis.com/ 		572 B
422 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: static.trustvox.com.br
URL: https://static.trustvox.com.br/sincero/css/sincero.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
489b322b84b5ae4de535d09f95d03379ac63dfac47797a2b897e285d9331e0ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://static.trustvox.com.br/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security
max-age=31536000
date
Mon, 13 May 2024 16:57:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
expires
Mon, 13 May 2024 16:57:14 GMT
js
www.googletagmanager.com/gtag/ 		304 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-B0521B3853
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8a1bd61243b393e02df0a00de1401f52201f8e39be590b7b46b40dea50076bd8
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:14 GMT
content-encoding
br
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
102863
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 13 May 2024 16:57:14 GMT
main-v1.js
s3-sa-east-1.amazonaws.com/chatbot-droz/chatbot-droz-prod/attachment/9d8ec964788d7819cdac497969b23b0cf0ed73ce/ 		2 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://s3-sa-east-1.amazonaws.com/chatbot-droz/chatbot-droz-prod/attachment/9d8ec964788d7819cdac497969b23b0cf0ed73ce/main-v1.js?v=547064
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
16.12.0.84 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-sa-east-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
79bb9daacad4452d5b73011c68f6de54b945524e6d510285ec4cd7f92febdd49

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date
Mon, 13 May 2024 16:57:15 GMT
Last-Modified
Tue, 06 Jun 2023 16:24:39 GMT
Server
AmazonS3
x-amz-request-id
2AP578Z8MJ6WKDMN
ETag
"be570b28d341e20041a42ab1910e3935"
x-amz-server-side-encryption
AES256
Content-Type
text/javascript
Accept-Ranges
bytes
Content-Length
2065
x-amz-id-2
T06RM3AP+WwQmLFhd9hEYVvZtBkMCg27lqH3OmHYwgBnGJhMslMke2oVzg3GAGcQQ0vtgxmbzIY=
onetag.js
www.hlserve.com/Delivery/ClientPaths/Library/ 		39 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hlserve.com/Delivery/ClientPaths/Library/onetag.js?cid=1204
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a00b::20 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
52dc22b382a72ffbcdef12abf7989ee5b495615291f994455543e366485139fe

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:15 GMT
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 14:15:59 GMT
server
nginx
cross-origin-resource-policy
cross-origin
etag
W/"6374f09f-9cae"
content-type
application/javascript; charset=UTF-8
5061910.js
bat.bing.com/p/action/ 		4 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/5061910.js
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c313eec4e95dde04ddcc53a36b3a6a2cc8920d7342347fbe9528c21c899bb178

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:14 GMT
content-encoding
br
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 92046B4CAD2D4E129E32FDF58B5A317C Ref B: BRU30EDGE0519 Ref C: 2024-05-13T16:57:14Z
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
cache-control
private,max-age=60
script-standout-epocacosmeticos.js
s3-sa-east-1.amazonaws.com/assets.standout.com.br/js/ 		28 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://s3-sa-east-1.amazonaws.com/assets.standout.com.br/js/script-standout-epocacosmeticos.js
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
16.12.0.84 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-sa-east-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
c494bfba2677dc79490866f69a66adf9ba9435f79153dd12d3d4188d7e0d1664

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date
Mon, 13 May 2024 16:57:15 GMT
x-amz-version-id
MG1VZ2CkgyQAp8m6USso9FYJST5KcK_r
Last-Modified
Fri, 23 Feb 2024 19:51:44 GMT
Server
AmazonS3
x-amz-request-id
2AP3C7TPRDVKZ4KJ
ETag
"fcf8b6f637a42d35df9d51c5ce6467a1"
x-amz-server-side-encryption
AES256
Content-Type
application/javascript
x-amz-replication-status
COMPLETED
Accept-Ranges
bytes
Content-Length
28970
x-amz-id-2
ehFofltOYUTvdR75f/JDLUN3uyvHqKA2F3WulH7QR50JtSDWknCAZ4qNKzBytM9Ki1aNPXYbDNc=
hotjar-700264.js
static.hotjar.com/c/ 		9 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-700264.js?sv=6
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-51.fra56.r.cloudfront.net
Software
/
Resource Hash
bd884404c1bb5915f953c7f3e922982d6b26448a78a8b3445b15c2641aeb1115
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:15 GMT
content-encoding
br
x-content-type-options
nosniff
via
1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
etag
W/725d601b52275eb0ad12cd3b1b718473
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
cross-origin-resource-policy
cross-origin
x-amz-cf-id
RjPxI9qkPJdmvoUGLZaqHqHuwXxpWQIbZpNuIcUjcfqWdO-bpnXBxw==
droz.css
chat-app.meudroz.com//v1/ 		10 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://chat-app.meudroz.com//v1/droz.css?v=1
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47bb1e860b10c1705406bb14f24fe00ea5422b7cf9c83cb99f373095cd7fc8c1
Security Headers
Name Value
Content-Security-Policy default-src *; font-src *;img-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; frame-ancestors *
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:13 GMT
content-security-policy
default-src *; font-src *;img-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; frame-ancestors *
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6332
cf-polished
origSize=10056
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin
cf-bgj
minify
last-modified
Thu, 18 Apr 2024 21:31:50 GMT
server
cloudflare
etag
W/"10056-1713475910000"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KU2nu5kXd5LZuXqJasQxbBK4MOlP7l5I4ZU5UHYm8YJWqjyvRYDzFvcXkV6QQXQffJqqbM14OBwG8UcS9bReBMn39liVpJK0oM%2BG5pQAmKQtyz8ey7SBsWG2UysEIYq5N2tgeKB3QA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2073600
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
cf-ray
88342fb5edce6643-AMS
priority
u=0,i=?0
css
fonts.googleapis.com/ 		6 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,700,900?v=1
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
437989feebcf325430945e4224d167e7660faa3f4f09c7330807f1d49031c405
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
expires
Mon, 13 May 2024 16:57:13 GMT
main-v1.css
s3-sa-east-1.amazonaws.com/chatbot-droz/chatbot-droz-prod/attachment/9d8ec964788d7819cdac497969b23b0cf0ed73ce/ 		31 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s3-sa-east-1.amazonaws.com/chatbot-droz/chatbot-droz-prod/attachment/9d8ec964788d7819cdac497969b23b0cf0ed73ce/main-v1.css?v=547064
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
16.12.0.84 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-sa-east-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
5e7b26a6b26ac59880286ea3a557b4f1a64f81091dca9573f3748c1d70d7c1c9

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date
Mon, 13 May 2024 16:57:15 GMT
Last-Modified
Wed, 14 Apr 2021 19:06:50 GMT
Server
AmazonS3
x-amz-request-id
2APD9F3ERRDXTNSQ
ETag
"08c3ac04f0cac20811f3ccf85c43035a"
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
32063
x-amz-id-2
ng7Zr/ZV887qZ8cStJsR5P2q9Jt2juTQm5yqLtrIzMK3pmxOlbjVZ+XOQCq5Q74vJdJUNubOyxc=
modules.1a30a0a67c3c23c13060.js
script.hotjar.com/ 		221 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.1a30a0a67c3c23c13060.js
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-21.fra56.r.cloudfront.net
Software
/
Resource Hash
6a22634f79988e2d27b3207f1b854001e840bc838901e419afcc287873f0cf4d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 07 May 2024 11:24:06 GMT
content-encoding
br
x-content-type-options
nosniff
via
1.1 1a3d61cabf9778724765b3e70befe816.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
538389
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
55860
last-modified
Tue, 07 May 2024 11:23:47 GMT
etag
"2fd6012f850b43dfffc8cb9291fc5153"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
Llldv4u2jdPeGqugHTr2dlGvOwWymd3e5HMfngH1e2B8uXscUa9fsQ==
activityi;src=5454431;type=invmedia;cat=o2rgnkah;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord='%203463544360623.847%20'
5454431.fls.doubleclick.net/ Frame D4B8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://5454431.fls.doubleclick.net/activityi;src=5454431;type=invmedia;cat=o2rgnkah;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord='%203463544360623.847%20'?
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
194
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 13 May 2024 16:57:15 GMT
expires
Mon, 13 May 2024 16:57:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activityi;src=5454431;type=invmedia;cat=o2rgnkah;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord='%208068891657779.891%20'
5454431.fls.doubleclick.net/ Frame 2CCD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://5454431.fls.doubleclick.net/activityi;src=5454431;type=invmedia;cat=o2rgnkah;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord='%208068891657779.891%20'?
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
194
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 13 May 2024 16:57:15 GMT
expires
Mon, 13 May 2024 16:57:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activityi;src=5454431;type=invmedia;cat=o2rgnkah;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord='%206067706164168.442%20'
5454431.fls.doubleclick.net/ Frame 3CBD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://5454431.fls.doubleclick.net/activityi;src=5454431;type=invmedia;cat=o2rgnkah;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord='%206067706164168.442%20'?
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
193
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 13 May 2024 16:57:15 GMT
expires
Mon, 13 May 2024 16:57:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truck_icon.png
epocacosmeticos.vteximg.com.br/arquivos/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epocacosmeticos.vteximg.com.br/arquivos/truck_icon.png
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:6c00:b:757a:54c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
74b8bfea46d182a7b8825ee96236a209ffc2b87ba2308321a93a4fb2694d7269

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-vtex-apicache-time
5400
date
Mon, 13 May 2024 16:55:16 GMT
x-vtex-cache-server
apicache7
via
1.1 cfbb6e543d97587a32117dbabb25fc86.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
age
118
x-vtex-processed-at
Mon, 09 May 2022 21:02:35 GMT
x-cache
Hit from cloudfront
x-vtex-janus-router-backend-app
prtarq-v1.48.2+1482
alt-svc
h3=":443"; ma=86400
content-length
1210
x-vtex-cache-time
0.007
last-modified
Fri, 21 Feb 2020 12:32:57 GMT
vary
Accept-Encoding
x-vtex-cache-backend-header-time
0.008
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=3600
x-powered-by-vtex-cache
2.3.2
x-vtex-cache-status-janus-apicache
REVALIDATED
x-amz-cf-id
sQt2jXQnUmPIQfhzoqaERKdnSTTxo_65UUH3joCubehyLQ0cdfsz7w==
x-vtex-cache-backend-connect-time
0.000
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfd0b97efa726442bc23bf496482901d0c0d3a52b82dcce326990db0c4559a7c

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Content-Type
image/svg+xml
truncated
/ 		796 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
39080bbf7ee5d15488433098dfc06b97ddf6d533cc0be184492032a5f573ae66

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Content-Type
image/svg+xml
truncated
/ 		784 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
65a6fc8d6e9a44a7369b8b98527462b853ec3678691b601dfa35f436720a773a

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Content-Type
image/svg+xml
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v30/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,900?v=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://promo-quemdisseberenice.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 07 May 2024 08:16:56 GMT
x-content-type-options
nosniff
age
549618
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11040
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 May 2025 08:16:56 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v30/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,900?v=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://promo-quemdisseberenice.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 07 May 2024 07:45:36 GMT
x-content-type-options
nosniff
age
551498
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11028
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 May 2025 07:45:36 GMT
maybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom-4.jpg
epocacosmeticos.vteximg.com.br/arquivos/ids/467697-500-500/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epocacosmeticos.vteximg.com.br/arquivos/ids/467697-500-500/maybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom-4.jpg?v=637740434060300000
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.7.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-28.fra56.r.cloudfront.net
Software
/
Resource Hash
50eabe06389ff423e278bfa271f67314243a3d48d692a7d6f0ca227bb9e104c5

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-vtex-apicache-time
388800
date
Fri, 10 May 2024 20:31:27 GMT
x-vtex-cache-server
apicache4
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
age
246347
x-amz-cf-pop
FRA56-P6
x-vtex-processed-at
Wed, 08 May 2024 21:05:24 GMT
x-cache
Hit from cloudfront
x-vtex-janus-router-backend-app
prtarq-v1.48.2+1482
alt-svc
h3=":443"; ma=86400
content-length
4918
x-vtex-cache-time
0.000
last-modified
Thu, 02 Dec 2021 12:03:34 GMT
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=345600
x-powered-by-vtex-cache
2.3.2
x-vtex-cache-status-janus-apicache
HIT
x-amz-cf-id
Ej6vn57NvVi7xgcQ8vw4C7_44dS83hhe4bVEAQ0368ZVI67phN8IIw==
maybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom.jpg
epocacosmeticos.vteximg.com.br/arquivos/ids/467694-500-500/ 		20 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epocacosmeticos.vteximg.com.br/arquivos/ids/467694-500-500/maybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom.jpg?v=637740433670030000
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.7.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-28.fra56.r.cloudfront.net
Software
/
Resource Hash
1806237c0a8921c2a82387b39f689875d57ebf4ffc7830591d6871dfbfc9e6bf

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-vtex-apicache-time
388800
date
Fri, 10 May 2024 20:31:27 GMT
x-vtex-cache-server
apicache8
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
age
246347
x-amz-cf-pop
FRA56-P6
x-vtex-processed-at
Mon, 06 Jun 2022 21:39:35 GMT
x-cache
Hit from cloudfront
x-vtex-janus-router-backend-app
prtarq-v1.48.2+1482
alt-svc
h3=":443"; ma=86400
content-length
20944
x-vtex-cache-time
0.003
last-modified
Thu, 02 Dec 2021 12:02:55 GMT
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=345600
x-powered-by-vtex-cache
2.3.2
x-vtex-cache-status-janus-apicache
HIT
x-amz-cf-id
bMey1dvNQNbwBS9ri2O2HDI-UQAPataXBE0P0954TCaRsmBYy870lw==
truncated
/ 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9d7fa38f8bd553288a80e000fcaf9635975a1f74e08020d2556f7921b833177c

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Content-Type
image/svg+xml
truncated
/ 		400 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8af4f33059d204a6a9d35b76e5f59e3382d132f8e129098ffdcabc628dcde95a

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Content-Type
image/svg+xml
truncated
/ 		846 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9f5a2faa501c6bd19af3fd00be93bfffe128a88cdc89bce1185107cac7ef384c

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Content-Type
image/svg+xml
imgpsh_fullsize.png
epocacosmeticos.vteximg.com.br/arquivos/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epocacosmeticos.vteximg.com.br/arquivos/imgpsh_fullsize.png
Requested by
Host: epocacosmeticos.vteximg.com.br
URL: https://epocacosmeticos.vteximg.com.br/arquivos/product-v2-mobile.min.css?v=202404222345
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.7.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-28.fra56.r.cloudfront.net
Software
/
Resource Hash
eece87273bbb4ecad0712636c15d935a65770d29f7a17f532de18d1cb81ad30a

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://epocacosmeticos.vteximg.com.br/arquivos/product-v2-mobile.min.css?v=202404222345
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-vtex-apicache-time
5400
date
Mon, 13 May 2024 16:37:17 GMT
x-vtex-cache-server
apicache6
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
age
3319
x-amz-cf-pop
FRA56-P6
x-vtex-processed-at
Mon, 30 May 2022 14:26:24 GMT
x-cache
Hit from cloudfront
x-vtex-janus-router-backend-app
prtarq-v1.48.2+1482
alt-svc
h3=":443"; ma=86400
content-length
1868
x-vtex-cache-time
0.001
last-modified
Wed, 29 Nov 2017 16:12:10 GMT
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=3600
x-powered-by-vtex-cache
2.3.2
x-vtex-cache-status-janus-apicache
HIT
x-amz-cf-id
rUYAv7hWFjAbTS9w0JeStSXWewbXUV4_jjG0ZNMhmPTimbBbGdbzJA==
maybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom-2.jpg
epocacosmeticos.vteximg.com.br/arquivos/ids/467695-500-500/ 		8 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epocacosmeticos.vteximg.com.br/arquivos/ids/467695-500-500/maybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom-2.jpg?v=637740433797800000
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.7.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-28.fra56.r.cloudfront.net
Software
/
Resource Hash
13cf82a2d5030c083ce6ffdfb29eddb35a31d982e8a54a95a2d9e2440d812041

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-vtex-apicache-time
388800
date
Fri, 10 May 2024 20:31:27 GMT
x-vtex-cache-server
apicache17
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
age
246347
x-amz-cf-pop
FRA56-P6
x-vtex-processed-at
Thu, 15 Sep 2022 16:02:52 GMT
x-cache
Hit from cloudfront
x-vtex-janus-router-backend-app
prtarq-v1.48.2+1482
alt-svc
h3=":443"; ma=86400
content-length
7872
x-vtex-cache-time
0.004
last-modified
Thu, 02 Dec 2021 12:03:07 GMT
x-vtex-cache-backend-header-time
0.004
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=345600
x-powered-by-vtex-cache
2.3.2
x-vtex-cache-status-janus-apicache
REVALIDATED
x-amz-cf-id
aVUZSixNd5xN_4xHoPZJ-5wjh6JZi7BH-5KyZosG56DpV71Leh7bQQ==
x-vtex-cache-backend-connect-time
0.000
maybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom-3.jpg
epocacosmeticos.vteximg.com.br/arquivos/ids/467696-500-500/ 		8 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epocacosmeticos.vteximg.com.br/arquivos/ids/467696-500-500/maybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom-3.jpg?v=637740433913570000
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.7.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-28.fra56.r.cloudfront.net
Software
/
Resource Hash
5e9a6f78de7e218c337dea8b60dd5386645c656a02e9fd18616d1fd68e708568

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-vtex-apicache-time
388800
date
Fri, 10 May 2024 20:31:27 GMT
x-vtex-cache-server
apicache8
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
age
246347
x-amz-cf-pop
FRA56-P6
x-vtex-processed-at
Mon, 06 Jun 2022 21:39:35 GMT
x-cache
Hit from cloudfront
x-vtex-janus-router-backend-app
prtarq-v1.48.2+1482
alt-svc
h3=":443"; ma=86400
content-length
7934
x-vtex-cache-time
0.000
last-modified
Thu, 02 Dec 2021 12:03:19 GMT
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=345600
x-powered-by-vtex-cache
2.3.2
x-vtex-cache-status-janus-apicache
HIT
x-amz-cf-id
ikOJ9_Rmkxh0qIKScNGegMJj58JIIhubWIAVJb3Iys5rr2JsuLtXKw==
49436
promo-quemdisseberenice.com/api/catalog_system/pub/products/variations/ 		289 B
647 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://promo-quemdisseberenice.com/api/catalog_system/pub/products/variations/49436
Requested by
Host: io.vtex.com.br
URL: https://io.vtex.com.br/front-libs/jquery/1.8.3/jquery-1.8.3.min.js?v=1.0.0.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f054889c4fddfe9aa2ae95481fa32122d11c2418a5dabb0a4ceb11f6d25b490

Request headers

Accept
*/*
Referer
https://promo-quemdisseberenice.com/quiz-maybe/premio/
X-Requested-With
XMLHttpRequest
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:15 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8x5dTHJ1tGXKB3LgUFblXSlPmsgpNYYjhcSX3yfN%2BK2hl0f5%2BNM0L%2Fu7QfhsSnBqE2Uy%2BUnkDEU2TWRyPzhDwARXw8%2Bz%2FX8wiiK561q81k7VsDzZEoc8J67WqdhdCYbcW2lpYlI55%2BaRe%2BFOqJ0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cf-ray
88342fbbd81e9fc4-AMS
alt-svc
h3=":443"; ma=86400
554260_2
epocacosmeticos.vteximg.com.br/arquivos/ids/ 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epocacosmeticos.vteximg.com.br/arquivos/ids/554260_2
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.7.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-28.fra56.r.cloudfront.net
Software
/
Resource Hash
d4e929c91c53f1ae75502a8e9eaf1307d2d9e9792e84a4c73f140882138129ef

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-vtex-apicache-time
5400
date
Mon, 13 May 2024 16:55:19 GMT
x-vtex-cache-server
apicache14
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
age
115
x-amz-cf-pop
FRA56-P6
x-vtex-processed-at
Thu, 25 Jan 2024 15:12:30 GMT
x-cache
Hit from cloudfront
x-vtex-janus-router-backend-app
prtarq-v1.48.2+1482
alt-svc
h3=":443"; ma=86400
content-length
5716
x-vtex-cache-time
0.000
last-modified
Thu, 01 Jun 2023 12:55:25 GMT
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=3600
x-powered-by-vtex-cache
2.3.2
x-vtex-cache-status-janus-apicache
HIT
x-amz-cf-id
56NQb97pqMz2L-gFFYE1vPtFkZc12cOZO6NePcqVg0wgeUz7Gf8OCw==
564646_2
epocacosmeticos.vteximg.com.br/arquivos/ids/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epocacosmeticos.vteximg.com.br/arquivos/ids/564646_2
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.7.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-28.fra56.r.cloudfront.net
Software
/
Resource Hash
be06f65b0d196fcb058b74eb3f402324c5a093d756f19aa2faceffb2c7bf708d

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-vtex-apicache-time
5400
date
Mon, 13 May 2024 16:55:20 GMT
x-vtex-cache-server
apicache8
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
age
114
x-amz-cf-pop
FRA56-P6
x-vtex-processed-at
Sat, 11 Nov 2023 19:47:12 GMT
x-cache
Hit from cloudfront
x-vtex-janus-router-backend-app
prtarq-v1.48.2+1482
alt-svc
h3=":443"; ma=86400
content-length
4858
x-vtex-cache-time
0.000
last-modified
Wed, 16 Aug 2023 12:38:53 GMT
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=3600
x-powered-by-vtex-cache
2.3.2
x-vtex-cache-status-janus-apicache
HIT
x-amz-cf-id
dB2qmbiTRFLsiGWtWYKtiprkqHEh_V0WZTMhYGL2zIvF3fRZJ8_g9Q==
564455_2
epocacosmeticos.vteximg.com.br/arquivos/ids/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epocacosmeticos.vteximg.com.br/arquivos/ids/564455_2
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.7.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-28.fra56.r.cloudfront.net
Software
/
Resource Hash
1bdacc95db59bc5c6286f3bf6a088065977f56cd9b103a318476d955e33db484

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-vtex-apicache-time
5400
date
Mon, 13 May 2024 16:55:19 GMT
x-vtex-cache-server
apicache3
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
age
115
x-amz-cf-pop
FRA56-P6
x-vtex-processed-at
Sat, 11 Nov 2023 00:00:16 GMT
x-cache
Hit from cloudfront
x-vtex-janus-router-backend-app
prtarq-v1.48.2+1482
alt-svc
h3=":443"; ma=86400
content-length
4742
x-vtex-cache-time
0.000
last-modified
Mon, 14 Aug 2023 16:52:49 GMT
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=3600
x-powered-by-vtex-cache
2.3.2
x-vtex-cache-status-janus-apicache
HIT
x-amz-cf-id
rgrO9l-UE_5t73eSAa6MKey62wVHOVXVr9VtHyTIsRopHHVBxQZX0Q==
589041_2
epocacosmeticos.vteximg.com.br/arquivos/ids/ 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epocacosmeticos.vteximg.com.br/arquivos/ids/589041_2
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.7.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-28.fra56.r.cloudfront.net
Software
/
Resource Hash
69952c1defd9897b5611e32c51331e4ab985e3d8b3fad54f0c0a149647c92ad9

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-vtex-apicache-time
5400
date
Mon, 13 May 2024 16:55:20 GMT
x-vtex-cache-server
apicache7
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
age
114
x-amz-cf-pop
FRA56-P6
x-vtex-processed-at
Thu, 15 Feb 2024 01:33:24 GMT
x-cache
Hit from cloudfront
x-vtex-janus-router-backend-app
prtarq-v1.48.2+1482
alt-svc
h3=":443"; ma=86400
content-length
5896
x-vtex-cache-time
0.000
last-modified
Fri, 12 Jan 2024 18:23:35 GMT
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=3600
x-powered-by-vtex-cache
2.3.2
x-vtex-cache-status-janus-apicache
HIT
x-amz-cf-id
S88ggUYuH6N_UNG2F3-2zJFAmfj3arbelE24QI1qtvNVactdFU1aHA==
564657_2
epocacosmeticos.vteximg.com.br/arquivos/ids/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epocacosmeticos.vteximg.com.br/arquivos/ids/564657_2
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.7.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-28.fra56.r.cloudfront.net
Software
/
Resource Hash
81cc7b233791c4d3075b5d154876b70b11c27296f5da08bb6d5b2919ec74643f

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-vtex-apicache-time
5400
date
Mon, 13 May 2024 16:55:19 GMT
x-vtex-cache-server
apicache18
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
age
115
x-amz-cf-pop
FRA56-P6
x-vtex-processed-at
Fri, 10 Nov 2023 23:25:10 GMT
x-cache
Hit from cloudfront
x-vtex-janus-router-backend-app
prtarq-v1.48.2+1482
alt-svc
h3=":443"; ma=86400
content-length
5410
x-vtex-cache-time
0.000
last-modified
Wed, 16 Aug 2023 12:47:16 GMT
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=3600
x-powered-by-vtex-cache
2.3.2
x-vtex-cache-status-janus-apicache
HIT
x-amz-cf-id
fMJKIZvz-WfJ8UYPZNibRO0gSn9L0mwIm8BE-xhTrAdpyu1TbBBjCQ==
564637_2
epocacosmeticos.vteximg.com.br/arquivos/ids/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epocacosmeticos.vteximg.com.br/arquivos/ids/564637_2
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.7.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-28.fra56.r.cloudfront.net
Software
/
Resource Hash
2b60968bc284a4ceda9275d30adacce5291aec401811f086bdd5e19388078c00

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-vtex-apicache-time
5400
date
Mon, 13 May 2024 16:55:20 GMT
x-vtex-cache-server
apicache9
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
age
114
x-amz-cf-pop
FRA56-P6
x-vtex-processed-at
Wed, 08 May 2024 18:19:47 GMT
x-cache
Hit from cloudfront
x-vtex-janus-router-backend-app
prtarq-v1.48.2+1482
alt-svc
h3=":443"; ma=86400
content-length
3310
x-vtex-cache-time
0.000
last-modified
Wed, 16 Aug 2023 11:58:03 GMT
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=3600
x-powered-by-vtex-cache
2.3.2
x-vtex-cache-status-janus-apicache
HIT
x-amz-cf-id
E9Jn7cf1Drl5MS5mtmV4j3ZXb-427jC4i_QrxBClpkiVc_B_Ae0F9w==
554234_2
epocacosmeticos.vteximg.com.br/arquivos/ids/ 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epocacosmeticos.vteximg.com.br/arquivos/ids/554234_2
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.7.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-28.fra56.r.cloudfront.net
Software
/
Resource Hash
0a32efb04949de6ac3bbc515350c363587f3632f56d7f65ddf4a95899f490b13

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-vtex-apicache-time
5400
date
Mon, 13 May 2024 16:55:20 GMT
x-vtex-cache-server
apicache7
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
age
114
x-amz-cf-pop
FRA56-P6
x-vtex-processed-at
Tue, 26 Mar 2024 11:53:26 GMT
x-cache
Hit from cloudfront
x-vtex-janus-router-backend-app
prtarq-v1.48.2+1482
alt-svc
h3=":443"; ma=86400
content-length
6042
x-vtex-cache-time
0.000
last-modified
Thu, 01 Jun 2023 12:33:10 GMT
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=3600
x-powered-by-vtex-cache
2.3.2
x-vtex-cache-status-janus-apicache
HIT
x-amz-cf-id
N6QkNdMiIEI5BjLZPRDDSS0gDabokVpgJixK_qsbUbgLDjIMvfGOCg==
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7e8c612f61f1ea2aff1c19c5f057df44bd840a57e290e331c164fc4c2b242c61

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Content-Type
image/png
base-liquida-niina-secrets-by-eudora-hidra-glow-45.jpg
epocacosmeticos.vteximg.com.br/arquivos/ids/406538-300-300/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epocacosmeticos.vteximg.com.br/arquivos/ids/406538-300-300/base-liquida-niina-secrets-by-eudora-hidra-glow-45.jpg?v=637383638653470000
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.7.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-28.fra56.r.cloudfront.net
Software
/
Resource Hash
b0ca5f6fc10633e6e48e8c671f96158bf88f0b55cf1af8403d0d2a57bc2609db

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-vtex-apicache-time
388800
date
Mon, 13 May 2024 11:36:43 GMT
x-vtex-cache-server
apicache17
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
age
19231
x-amz-cf-pop
FRA56-P6
x-vtex-processed-at
Wed, 01 May 2024 11:12:38 GMT
x-cache
Hit from cloudfront
x-vtex-janus-router-backend-app
prtarq-v1.48.2+1482
alt-svc
h3=":443"; ma=86400
content-length
3254
x-vtex-cache-time
0.000
last-modified
Thu, 15 Oct 2020 13:04:33 GMT
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=345600
x-powered-by-vtex-cache
2.3.2
x-vtex-cache-status-janus-apicache
HIT
x-amz-cf-id
JOQQxomEXBF-bC2cN4coiZuKMkoXurkedgy2aDZC1_9_YWmSRGIQ8A==
3106.jpg
epocacosmeticos.vteximg.com.br/arquivos/ids/265372-300-300/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epocacosmeticos.vteximg.com.br/arquivos/ids/265372-300-300/3106.jpg?v=638240099902300000
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.7.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-28.fra56.r.cloudfront.net
Software
/
Resource Hash
89408df3bdee538e056f7f14b02a70197d73b0e7ee3d44bca8a5fe0855b1f86e

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-vtex-apicache-time
388800
date
Fri, 10 May 2024 04:15:12 GMT
x-vtex-cache-server
apicache3
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
age
304921
x-amz-cf-pop
FRA56-P6
x-vtex-processed-at
Mon, 03 Jul 2023 19:50:23 GMT
x-cache
Hit from cloudfront
x-vtex-janus-router-backend-app
prtarq-v1.48.2+1482
alt-svc
h3=":443"; ma=86400
content-length
3656
x-vtex-cache-time
0.001
last-modified
Mon, 03 Jul 2023 19:39:58 GMT
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=345600
x-powered-by-vtex-cache
2.3.2
x-vtex-cache-status-janus-apicache
HIT
x-amz-cf-id
jfyEb95qc-51PKBZLD8eHk5EMvD-Hc2k1fTakbHCOrsmEFypISaKRA==
Mascara-de-Cilios-Colossal-Super-Filme-Maybelline.jpg
epocacosmeticos.vteximg.com.br/arquivos/ids/441786-300-300/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epocacosmeticos.vteximg.com.br/arquivos/ids/441786-300-300/Mascara-de-Cilios-Colossal-Super-Filme-Maybelline.jpg?v=637613054031130000
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.7.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-28.fra56.r.cloudfront.net
Software
/
Resource Hash
9909cacc4ffffc1bbbf3231bdac4b533f481fd5d13919ed11cf34910e2147f99

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-vtex-apicache-time
388800
date
Sun, 12 May 2024 00:56:39 GMT
x-vtex-cache-server
apicache8
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
age
144035
x-amz-cf-pop
FRA56-P6
x-vtex-processed-at
Thu, 08 Jul 2021 10:23:57 GMT
x-cache
Hit from cloudfront
x-vtex-janus-router-backend-app
prtarq-v1.48.2+1482
alt-svc
h3=":443"; ma=86400
content-length
3642
x-vtex-cache-time
0.001
last-modified
Thu, 08 Jul 2021 01:43:31 GMT
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=345600
x-powered-by-vtex-cache
2.3.2
x-vtex-cache-status-janus-apicache
HIT
x-amz-cf-id
S-ABJU223crP9qgp_8x3w36j4Mjk5pKC5IydPmWTa-2xEQwS_CSvWQ==
7899026456051_2.jpg
epocacosmeticos.vteximg.com.br/arquivos/ids/595090-300-300/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epocacosmeticos.vteximg.com.br/arquivos/ids/595090-300-300/7899026456051_2.jpg?v=638447475276070000
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.7.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-28.fra56.r.cloudfront.net
Software
/
Resource Hash
e98e8c5a981aa8a0e8b847397442dfb434f978bbc895bea2dc9759a03cc8c1a0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-vtex-apicache-time
388800
date
Mon, 13 May 2024 16:55:55 GMT
x-vtex-cache-server
apicache4
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
age
11828
x-amz-cf-pop
FRA56-P6
x-vtex-processed-at
Wed, 08 May 2024 18:45:23 GMT
x-cache
Hit from cloudfront
x-vtex-janus-router-backend-app
prtarq-v1.48.2+1482
alt-svc
h3=":443"; ma=86400
content-length
3000
x-vtex-cache-time
0.087
last-modified
Wed, 28 Feb 2024 20:05:35 GMT
vary
Accept-Encoding
x-vtex-cache-backend-header-time
0.084
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=345600
x-powered-by-vtex-cache
2.3.2
x-vtex-cache-status-janus-apicache
MISS
x-amz-cf-id
A2aZw1EfMEmZP1bL_8_WOmKjFbFdXzVAJ6g-ifgPDYKUme2xMT-Jvw==
x-vtex-cache-backend-connect-time
0.000
corretivo-multifuncional-givenchy-prisme-libre-skin-caring-concealer--1-.jpg
epocacosmeticos.vteximg.com.br/arquivos/ids/527511-1000-1000/ 		17 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epocacosmeticos.vteximg.com.br/arquivos/ids/527511-1000-1000/corretivo-multifuncional-givenchy-prisme-libre-skin-caring-concealer--1-.jpg?v=638073170631770000
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.7.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-28.fra56.r.cloudfront.net
Software
/
Resource Hash
fe8c733145ffed84e3e2b484dbfb8c3c1912ed5892ff343f1f9e0e5f7648ba08

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-vtex-apicache-time
388800
date
Mon, 13 May 2024 03:03:50 GMT
x-vtex-cache-server
apicache18
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
age
50004
x-amz-cf-pop
FRA56-P6
x-vtex-processed-at
Fri, 08 Mar 2024 14:44:33 GMT
x-cache
Hit from cloudfront
x-vtex-janus-router-backend-app
prtarq-v1.48.2+1482
alt-svc
h3=":443"; ma=86400
content-length
17114
x-vtex-cache-time
0.000
last-modified
Thu, 22 Dec 2022 14:44:31 GMT
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=345600
x-powered-by-vtex-cache
2.3.2
x-vtex-cache-status-janus-apicache
HIT
x-amz-cf-id
3eeFYn9FLRTe9aeK3bNXU8uZPHsRVRyXN_LERZSD2Y419HI8l2eVuw==
po-solto-facial-givenchy-prisme-libre-loose-powder-n01.jpg
epocacosmeticos.vteximg.com.br/arquivos/ids/446211-1000-1000/ 		52 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epocacosmeticos.vteximg.com.br/arquivos/ids/446211-1000-1000/po-solto-facial-givenchy-prisme-libre-loose-powder-n01.jpg?v=637637039266130000
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.7.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-28.fra56.r.cloudfront.net
Software
/
Resource Hash
b62dbc10fce192f0806a0a31f10fba8a2c875030a080dbdec9638406ce809b89

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-vtex-apicache-time
388800
date
Sun, 12 May 2024 03:29:30 GMT
x-vtex-cache-server
apicache12
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
age
134864
x-amz-cf-pop
FRA56-P6
x-vtex-processed-at
Thu, 28 Mar 2024 14:59:50 GMT
x-cache
Hit from cloudfront
x-vtex-janus-router-backend-app
prtarq-v1.48.2+1482
alt-svc
h3=":443"; ma=86400
content-length
52804
x-vtex-cache-time
0.000
last-modified
Wed, 04 Aug 2021 19:58:54 GMT
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=345600
x-powered-by-vtex-cache
2.3.2
x-vtex-cache-status-janus-apicache
HIT
x-amz-cf-id
XlhqUDbuw9suiAzHqHKX9WBiozijqOn9SxtrRJjnZllsvk_UJQAKUg==
3274872458376.2.jpg
epocacosmeticos.vteximg.com.br/arquivos/ids/579067-1000-1000/ 		13 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epocacosmeticos.vteximg.com.br/arquivos/ids/579067-1000-1000/3274872458376.2.jpg?v=638351612017170000
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.7.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-28.fra56.r.cloudfront.net
Software
/
Resource Hash
ae1d59ddb29bed9e4400c841953b979211023752019f9de666f056f49dd3c71f

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-vtex-apicache-time
388800
date
Fri, 10 May 2024 03:34:01 GMT
x-vtex-cache-server
apicache4
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
age
307393
x-amz-cf-pop
FRA56-P6
x-vtex-processed-at
Thu, 09 May 2024 02:21:57 GMT
x-cache
Hit from cloudfront
x-vtex-janus-router-backend-app
prtarq-v1.48.2+1482
alt-svc
h3=":443"; ma=86400
content-length
13746
x-vtex-cache-time
0.000
last-modified
Thu, 09 Nov 2023 21:13:29 GMT
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=345600
x-powered-by-vtex-cache
2.3.2
x-vtex-cache-status-janus-apicache
HIT
x-amz-cf-id
gdrbny9nCv7-lIaDQqbTSKoZ7bGUDEViIs2rSJEmyv8wihrfedbOlQ==
po-compacto-givenchy-prisme-libre-n03.jpg
epocacosmeticos.vteximg.com.br/arquivos/ids/504540-1000-1000/ 		68 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epocacosmeticos.vteximg.com.br/arquivos/ids/504540-1000-1000/po-compacto-givenchy-prisme-libre-n03.jpg?v=637968636058630000
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.7.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-28.fra56.r.cloudfront.net
Software
/
Resource Hash
bc351362281d37d8ed19acd66323afb821bf3a72c5db711d8709e32473618595

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-vtex-apicache-time
388800
date
Sun, 12 May 2024 03:29:29 GMT
x-vtex-cache-server
apicache6
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
age
134864
x-amz-cf-pop
FRA56-P6
x-vtex-processed-at
Wed, 07 Feb 2024 03:02:10 GMT
x-cache
Hit from cloudfront
x-vtex-janus-router-backend-app
prtarq-v1.48.2+1482
alt-svc
h3=":443"; ma=86400
content-length
69364
x-vtex-cache-time
0.000
last-modified
Tue, 23 Aug 2022 15:00:13 GMT
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=345600
x-powered-by-vtex-cache
2.3.2
x-vtex-cache-status-janus-apicache
HIT
x-amz-cf-id
Xt3u_Y-jNpYyH0YusXYR6vSkDuj2HNHJTFv7oyLEs-QG2EE-_jRXvg==
base-liquida-givenchy-prisme-libre-skin-caring-glow-n280.jpg
epocacosmeticos.vteximg.com.br/arquivos/ids/446168-1000-1000/ 		13 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epocacosmeticos.vteximg.com.br/arquivos/ids/446168-1000-1000/base-liquida-givenchy-prisme-libre-skin-caring-glow-n280.jpg?v=637636997886470000
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.7.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-28.fra56.r.cloudfront.net
Software
/
Resource Hash
3320c00131ba3f97b68fb9372b7124fd8ee19260566d7c43c4930a13af1e1d3e

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-vtex-apicache-time
388800
date
Sun, 12 May 2024 03:29:30 GMT
x-vtex-cache-server
apicache12
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
age
134864
x-amz-cf-pop
FRA56-P6
x-vtex-processed-at
Wed, 08 May 2024 03:02:37 GMT
x-cache
Hit from cloudfront
x-vtex-janus-router-backend-app
prtarq-v1.48.2+1482
alt-svc
h3=":443"; ma=86400
content-length
12892
x-vtex-cache-time
0.000
last-modified
Wed, 04 Aug 2021 18:49:56 GMT
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=345600
x-powered-by-vtex-cache
2.3.2
x-vtex-cache-status-janus-apicache
HIT
x-amz-cf-id
1cjnNZYFsxuAn3O-22R22NP323n_ZCehEmkgmJtS2bif0k6cRaEHcA==
batom-givenchy-le-rouge-interdit-intense-silk--1-.jpg
epocacosmeticos.vteximg.com.br/arquivos/ids/527663-1000-1000/ 		45 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epocacosmeticos.vteximg.com.br/arquivos/ids/527663-1000-1000/batom-givenchy-le-rouge-interdit-intense-silk--1-.jpg?v=638073929316000000
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.7.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-28.fra56.r.cloudfront.net
Software
/
Resource Hash
d31b9a0d12f3d7745943404e597674300af2c98bf6d4dda0f34fc25f67b2bba2

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-vtex-apicache-time
388800
date
Fri, 10 May 2024 03:53:09 GMT
x-vtex-cache-server
apicache14
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
age
306245
x-amz-cf-pop
FRA56-P6
x-vtex-processed-at
Sun, 17 Mar 2024 03:02:31 GMT
x-cache
Hit from cloudfront
x-vtex-janus-router-backend-app
prtarq-v1.48.2+1482
alt-svc
h3=":443"; ma=86400
content-length
45610
x-vtex-cache-time
0.000
last-modified
Fri, 23 Dec 2022 11:48:59 GMT
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=345600
x-powered-by-vtex-cache
2.3.2
x-vtex-cache-status-janus-apicache
HIT
x-amz-cf-id
6Y5BIBzyw2FdI9WBKxuoywJJ8BPWqLMCYr5LzJDRsM09lIZZERgyIQ==
_bifr.htm
i.btg360.com.br/ Frame 3976 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://i.btg360.com.br/_bifr.htm?rand=1715619434910&rand2=0.4391764881646678
Requested by
Host: epocacosmeticos.vteximg.com.br
URL: https://epocacosmeticos.vteximg.com.br/arquivos/product-v2-mobile.min.js?v=202405061900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

cf-cache-status
DYNAMIC
cf-ray
88342fbcec0e66bd-AMS
content-encoding
br
content-type
text/html
date
Mon, 13 May 2024 16:57:15 GMT
last-modified
Thu, 11 Apr 2024 19:40:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sogyn4n0CmwVf8YZ99CW%2Fgw5Om36w5x8DNwaqSwpkOn9pxsIBiM0q%2FiJkR2tF3A5mPsZMT%2BlzfCARM%2F7Ry8on6zPdn0ZcrRCr3oX5O5MMLvZXDMnOjOnEnHhPyYlmQvXkQ6r%2B4Ce%2BYYwJZUZqA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-amz-id-2
HBF3zEabQ8iIBwGx2Cfs6RKMZMpTeB+OV9eyax0DoTBEJGE9O2TX/zwCSPseh5vqpbKeSw3SCy8=
x-amz-request-id
N8PVRAXT2VBY0EN7
orderForm
promo-quemdisseberenice.com/api/checkout/pub/ 		289 B
639 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://promo-quemdisseberenice.com/api/checkout/pub/orderForm?refreshOutdatedData=true
Requested by
Host: io.vtex.com.br
URL: https://io.vtex.com.br/front-libs/jquery/1.8.3/jquery-1.8.3.min.js?v=1.0.0.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f054889c4fddfe9aa2ae95481fa32122d11c2418a5dabb0a4ceb11f6d25b490

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://promo-quemdisseberenice.com/quiz-maybe/premio/
X-Requested-With
XMLHttpRequest
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type
application/json; charset=UTF-8

Response headers

date
Mon, 13 May 2024 16:57:15 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ov8yNo97k7SatqgjU7MAFgML3YxbSHfHHC2gb1x7z0TueKVDWNVa6NhYtTq%2FODxKaLmjqbgZsPM1Qmow2dtcA%2Fw7o%2BjgftruU45UYQM1dBJmSc7f6R0z6pdwih3MDUdgLzMl2oZY%2BpGi5fMV1Xc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cf-ray
88342fbc79319fc4-AMS
alt-svc
h3=":443"; ma=86400
user
promo-quemdisseberenice.com/api/vtexid/pub/authenticated/ 		289 B
638 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://promo-quemdisseberenice.com/api/vtexid/pub/authenticated/user
Requested by
Host: io.vtex.com.br
URL: https://io.vtex.com.br/front-libs/jquery/1.8.3/jquery-1.8.3.min.js?v=1.0.0.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f054889c4fddfe9aa2ae95481fa32122d11c2418a5dabb0a4ceb11f6d25b490

Request headers

Accept
*/*
Referer
https://promo-quemdisseberenice.com/quiz-maybe/premio/
X-Requested-With
XMLHttpRequest
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:15 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A21QP%2F1UQTUzCnX7P4R3xlB3sLMoq0c8kvsCeAV13ZMjV16tjH5AD4thiRd5pAQE6nHjfjuSpKsN%2Bww4YiS5tdQ63G30eszV50lHZn7p0rTN4IqyWLppo1QRG1%2B6U39WQFOfe3Vx7oJyvHrmK7g%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cf-ray
88342fbc89389fc4-AMS
alt-svc
h3=":443"; ma=86400
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
df52d3d933fc937537ef869db4b354268940f17751780318f4e4cc74980453cd

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Content-Type
image/svg+xml
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
21abdf9ad9ac8007b6350decadae6f4b1f59f471eb753f1ee347d458b04f17d7

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Content-Type
image/svg+xml
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
40630e788377cb29255356e9aa0db2d1b8f1e8f8b82b57255645c0b05644728e

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Content-Type
image/svg+xml
icons-s5b18c583da.png
epocacosmeticos.vteximg.com.br/arquivos/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epocacosmeticos.vteximg.com.br/arquivos/icons-s5b18c583da.png
Requested by
Host: epocacosmeticos.vteximg.com.br
URL: https://epocacosmeticos.vteximg.com.br/arquivos/product-v2-mobile.min.css?v=202404222345
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.7.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-28.fra56.r.cloudfront.net
Software
/
Resource Hash
fd686be4e4ce2e6705fcbffd70b6302832aa32dd176f919a1072e9de5cdcc555

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://epocacosmeticos.vteximg.com.br/arquivos/product-v2-mobile.min.css?v=202404222345
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-vtex-apicache-time
5400
date
Mon, 13 May 2024 16:55:15 GMT
x-vtex-cache-server
apicache2
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
age
119
x-amz-cf-pop
FRA56-P6
x-vtex-processed-at
Mon, 08 Apr 2024 15:12:47 GMT
x-cache
Hit from cloudfront
x-vtex-janus-router-backend-app
prtarq-v1.48.2+1482
alt-svc
h3=":443"; ma=86400
content-length
19923
x-vtex-cache-time
0.000
last-modified
Mon, 30 Mar 2020 18:15:17 GMT
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=3600
x-powered-by-vtex-cache
2.3.2
x-vtex-cache-status-janus-apicache
HIT
x-amz-cf-id
FMzS-542r7u4KqCp_CILiCH9wsqlSQJDrLmiZzwbbLM_-XIcUxk02w==
truncated
/ 		661 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7217d053441b7176990371e4fcc5d2496bd5f7cfa75a9fd4e811dbe35616c282

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Content-Type
image/svg+xml
KFOlCnqEu92Fr1MmEU9fBBc4.css
epocacosmeticos.vteximg.com.br/arquivos/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://epocacosmeticos.vteximg.com.br/arquivos/KFOlCnqEu92Fr1MmEU9fBBc4.css
Requested by
Host: epocacosmeticos.vteximg.com.br
URL: https://epocacosmeticos.vteximg.com.br/arquivos/product-v2-mobile.min.css?v=202404222345
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.7.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-28.fra56.r.cloudfront.net
Software
/
Resource Hash
4032c98561e17a8b4d52117cce03bc961d4f05d5ceb86163dfbe962e1c92aa32
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://epocacosmeticos.vteximg.com.br/arquivos/product-v2-mobile.min.css?v=202404222345
Origin
https://promo-quemdisseberenice.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-vtex-apicache-time
5400
date
Mon, 13 May 2024 15:57:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-vtex-cache-server
apicache17
age
3559
x-amz-cf-pop
FRA56-P6
x-vtex-processed-at
Tue, 13 Sep 2022 16:40:17 GMT
via
1.1 3a4987afa567e120a2fa0d82969d4c0a.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-vtex-janus-router-backend-app
prtarq-v1.48.2+1482
alt-svc
h3=":443"; ma=86400
x-vtex-cache-time
0.000
last-modified
Wed, 09 Jun 2021 13:39:22 GMT
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=3600
x-powered-by-vtex-cache
2.3.2
x-vtex-cache-status-janus-apicache
HIT
x-amz-cf-id
JwyCCF-BlXLGeToCxvUYmDmop-VosW92a2W1EfYz4A0yjOCDRuYlOA==
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2
fonts.gstatic.com/s/opensans/v40/ 		42 KB
42 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500;600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94a23e7f96fbde62943e5fc93c59212f68a57d2587fe51f056d20ce802e8249c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://promo-quemdisseberenice.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 07 May 2024 08:10:57 GMT
x-content-type-options
nosniff
age
549978
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43068
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:05:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 May 2025 08:10:57 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2
fonts.gstatic.com/s/materialicons/v142/ 		126 KB
126 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a4dbc62fa335e411b94a532be091c58c0c0c4fa731339f11722577d3cf6443b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://promo-quemdisseberenice.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 07 May 2024 03:41:07 GMT
x-content-type-options
nosniff
age
566168
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128616
x-xss-protection
0
last-modified
Mon, 08 Apr 2024 19:04:51 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 May 2025 03:41:07 GMT
rul
td.doubleclick.net/td/ga/ Frame E4D4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-G20C9N71BZ&gacid=956626974.1715315959&gtm=45je4580v877287869z8850186639za200&dma=0&gcd=13l3l3l3l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&z=88995449
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 13 May 2024 16:57:15 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activityi;src=5454431;type=invmedia;cat=o2rgnkah;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord='%201676830933777.671%20'
5454431.fls.doubleclick.net/ Frame EA74 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://5454431.fls.doubleclick.net/activityi;src=5454431;type=invmedia;cat=o2rgnkah;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord='%201676830933777.671%20'?
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
194
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 13 May 2024 16:57:15 GMT
expires
Mon, 13 May 2024 16:57:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activityi;src=5454431;type=invmedia;cat=o2rgnkah;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord='%20810831801212.1462%20'
5454431.fls.doubleclick.net/ Frame F25B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://5454431.fls.doubleclick.net/activityi;src=5454431;type=invmedia;cat=o2rgnkah;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord='%20810831801212.1462%20'?
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
193
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 13 May 2024 16:57:15 GMT
expires
Mon, 13 May 2024 16:57:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/ 		221 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-601624232
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f2ad1d5cc9d20f044f560c9ba2964e9fda2366cfe4fa8cc76b622ef44054e593
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:14 GMT
content-encoding
br
last-modified
Mon, 13 May 2024 16:10:41 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81827
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 13 May 2024 16:57:14 GMT
collect
region1.analytics.google.com/g/ 		0
262 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-G20C9N71BZ&gtm=45je4580v877287869z8850186639za200&_p=1715619433916&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1635439330.1715619435&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&frm=0&pscdl=noapi&_s=1&uid=&sid=1715619435&sct=1&seg=0&dl=https%3A%2F%2Fpromo-quemdisseberenice.com%2Fquiz-maybe%2Fpremio%2F&dt=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&en=page_view&_fv=2&_ss=2&up.client_id=1635439330.1715619435&up.ref=&up.versao_site=&up.page_type=&up.usario_logado=&tfd=1774
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-G20C9N71BZ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Mon, 13 May 2024 16:57:15 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://promo-quemdisseberenice.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
253 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-G20C9N71BZ&cid=1635439330.1715619435&gtm=45je4580v877287869z8850186639za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-G20C9N71BZ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Mon, 13 May 2024 16:57:15 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://promo-quemdisseberenice.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
core.js
s.pinimg.com/ct/ 		5 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/core.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PXJPWLP
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:888::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
0882be2bb685d64ae46b56574b330fb1afe5dfef39f940d12ca776475248eaa8

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

content-encoding
br
x-cdn
akamai
etag
"c292daff66d2a9db8fb67b7807bf3c7b"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-expose-headers
X-CDN
cache-control
max-age=7200
accept-ranges
bytes
content-length
1881
activityi;src=5454431;type=invmedia;cat=o2rgnkah;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord='%204342241185821.2827%20'
5454431.fls.doubleclick.net/ Frame 7EFE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://5454431.fls.doubleclick.net/activityi;src=5454431;type=invmedia;cat=o2rgnkah;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord='%204342241185821.2827%20'?
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
193
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 13 May 2024 16:57:15 GMT
expires
Mon, 13 May 2024 16:57:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
js
www.google-analytics.com/gtm/ 		173 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-WTFPLQG&cid=1635439330.1715619435
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f14.1e100.net
Software
Google Tag Manager /
Resource Hash
b6c1833026dfdb9f7cf539dc00d8a78317c84b793e7686b69a1d9425e6e3e656
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64374
x-xss-protection
0
last-modified
Mon, 13 May 2024 16:10:41 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 13 May 2024 16:57:15 GMT
ga-audiences
www.google.nl/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-G20C9N71BZ&cid=1635439330.1715619435&gtm=45je4580v877287869z8850186639za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=1447500721
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Mon, 13 May 2024 16:57:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
p
consent.linksynergy.com/consent/v3/ 		37 B
290 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consent.linksynergy.com/consent/v3/p?rmch=cs&domain=promo-quemdisseberenice.com&sought=false&tp=gdpr&attr_sid=126194&aff_mid=52840&purposes=&vendors=&ext_id=6aac64f2-b329-4525-9c08-41e29ab70075
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
3.67.98.34.bc.googleusercontent.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

content-type
image/gif
date
Mon, 13 May 2024 16:57:15 GMT
via
1.1 google
strict-transport-security
max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
x-samesite
secure
sincero.css
static.trustvox.com.br/sincero/css/ 		62 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.trustvox.com.br/sincero/css/sincero.css
Requested by
Host: static.trustvox.com.br
URL: https://static.trustvox.com.br/sincero/sincero.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1baf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76c20b6db9a18d0e9a11f16fa05f90666dc839c12771dabea5c8ff7e9b3ffa6d

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:14 GMT
content-encoding
gzip
cf-cache-status
HIT
age
3968
x-guploader-uploadid
ABPtcPr6mvwaXvdkon6fZkkIez1mbJD6csy4IR0vt9sRAW6ugntrmAEHvZB3Ow2U-3rLQx7BkBw
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
8653
last-modified
Mon, 22 Apr 2024 17:30:29 GMT
server
cloudflare
etag
"dafc8a7e4df36f90774110eced9a5779"
vary
Accept-Encoding
x-goog-generation
1713807029663149
content-type
text/css; charset=utf-8
x-goog-hash
crc32c=2+H6oQ==, md5=2vyKfk3zb5B3QRDs7ZpXeQ==
cache-control
public, max-age=14400
x-goog-stored-content-length
8653
accept-ranges
bytes
cf-ray
88342fb72ed76702-AMS
expires
Mon, 13 May 2024 20:57:14 GMT
collect
region1.google-analytics.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-B0521B3853&gtm=45je4580v9115668478za200&_p=1715619433916&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=1635439330.1715619435&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&frm=0&pscdl=noapi&_s=1&sid=1715619435&sct=1&seg=0&dl=https%3A%2F%2Fpromo-quemdisseberenice.com%2Fquiz-maybe%2Fpremio%2F&dt=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1957
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B0521B3853&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Mon, 13 May 2024 16:57:15 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://promo-quemdisseberenice.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
spinner.gif
static.trustvox.com.br/sincero/img/ 		14 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.trustvox.com.br/sincero/img/spinner.gif
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1baf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c9997ee06bb8311dd5477e3254dd168382c52a49b967661f4bbf9ad433514fd

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:15 GMT
content-encoding
gzip
cf-cache-status
HIT
age
4541
x-guploader-uploadid
ABPtcPq26aL3Z1ZuwHv0liHWvriG3LnmxlqQtVrnBgyy0J7X6MHtw8IPxcmMhn6BMFIE6QScfgI
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
8378
last-modified
Thu, 01 Feb 2024 20:23:34 GMT
server
cloudflare
etag
"5ca95104d55fddf31cbbd7254e23117a"
vary
Accept-Encoding
x-goog-generation
1706819013992656
content-type
image/gif; charset=utf-8
x-goog-hash
crc32c=UrZAgQ==, md5=XKlRBNVf3fMcu9clTiMReg==
cache-control
public, max-age=14400
x-goog-stored-content-length
8378
accept-ranges
bytes
cf-ray
88342fbeb95c6702-AMS
expires
Mon, 13 May 2024 20:57:15 GMT
root
trustvox.com.br/widget/ 		9 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trustvox.com.br/widget/root?&code=6152&store_id=393&url=https:%2F%2Fpromo-quemdisseberenice.com%2Fquiz-maybe%2Fpremio%2F&name=M%C3%A1scara+de+C%C3%ADlios+Maybelline+The+Colossal+Volum%27+Express+Lav%C3%A1vel+Preto&photos_urls[]=https:%2F%2Fepocacosmeticos.vteximg.com.br%2Farquivos%2Fids%2F595082-320-320%2F7899026456020_2.jpg%3Fv%3D638447471803570000
Requested by
Host: static.trustvox.com.br
URL: https://static.trustvox.com.br/sincero/sincero.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1baf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a72fd752c867cf1c4a100b830d7419426f637f9474edd650bf09b99ff8031e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/vnd.trustvox-v2+json
Referer
https://promo-quemdisseberenice.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
gzip
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
c0b2fffea8a62cce8e7524ae01003d92
x-runtime
0.055396
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"3a72fd752c867cf1c4a100b830d74194"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS, PUT
content-type
application/json; charset=utf-8
access-control-allow-origin
https://promo-quemdisseberenice.com
access-control-expose-headers
cache-control
public, max-age=14400
access-control-allow-credentials
true
access-control-max-age
1728000
cf-ray
88342fbefb7c0e90-AMS
vary
Origin, Accept-Encoding
expires
Mon, 13 May 2024 20:57:15 GMT
5061910
www.clarity.ms/tag/uet/ 		844 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/uet/5061910
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/5061910.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
96bc15f860c2155f5a9ecb304eb30c615a25269430cf6ca9b51f5e6b5df43846

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

expires
-1
date
Mon, 13 May 2024 16:57:15 GMT
x-azure-ref
20240513T165715Z-1577bc5fdd5dxrn64qwqfptkdc000000040000000000hhdc
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
844
request-context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
collect
www.google-analytics.com/j/ 		3 B
23 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2019370462&t=pageview&_s=1&dl=https%3A%2F%2Fpromo-quemdisseberenice.com%2Fquiz-maybe%2Fpremio%2F&ul=nl-nl&de=UTF-8&dt=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KHBAAEADQAAAACAAI~&jid=2022793225&gjid=1767851514&cid=1635439330.1715619435&tid=UA-2774154-1&_gid=1983990534.1715619435&_r=1&_slc=1&z=1705275000
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://promo-quemdisseberenice.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 13 May 2024 16:57:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://promo-quemdisseberenice.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
rm.js
d.criteo.com/Delivery/ClientPaths/Library/ 		786 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.criteo.com/Delivery/ClientPaths/Library/rm.js?a=9137&855164541
Requested by
Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=9137
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
7b26f488918984eb6994ec65b7b50646a9d531ef371ea1cf19e099eb539cb048
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:15 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 09 May 2024 19:06:04 GMT
server
nginx
etag
W/"663d1e9c-c4701"
content-type
application/javascript; charset=UTF-8
pixel.gif
static.criteo.net/images/ 		43 B
366 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=9137
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:15 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Thu, 08 May 2025 16:57:15 GMT
pixel.gif
static.criteo.net/images/ 		43 B
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=9137
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:15 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Thu, 08 May 2025 16:57:15 GMT
bat.js
bat.bing.com/ 		45 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:14 GMT
content-encoding
gzip
last-modified
Thu, 29 Feb 2024 19:58:06 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 2EA9FB591FA046FDB636026A1ABC80AC Ref B: BRU30EDGE0519 Ref C: 2024-05-13T16:57:14Z
etag
"01b4e9c496bda1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13261
main.2bdc3040.js
s.pinimg.com/ct/lib/ 		69 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/lib/main.2bdc3040.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:888::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
32d720cede6dadc60f848ff6670b767292e508c5ec392ef64ffd4fd46982e565

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

content-encoding
br
x-cdn
akamai
etag
"12a8f2d3ddbe2363a4a569b085d70d28"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-expose-headers
X-CDN
cache-control
max-age=1209600
accept-ranges
bytes
alt-svc
h3=":443"; ma=600
content-length
19942
/
www.google.com/pagead/1p-user-list/601624232/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/601624232/?random=1715372382381&cv=11&fst=1715371200000&bg=ffffff&guid=ON&async=1&gtm=45be4580za200&gcd=13l3l3l3l1&dma=0&u_w=375&u_h=667&url=https%3A%2F%2Fwww.epocacosmeticos.com.br%2Fmaybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom%2Fp%3Fidsku%3D65884%26utm_content%3D65884%26utm_medium%3Dcpc%26utm_source%3Dgoogle%26utmi_cp%3Dpla%26gad_source%3D1%26gclid%3DCj0KCQjwxeyxBhC7ARIsAC7dS3_w1fBtzQPFXN_Mh9YXzcGNcD1TigVLwUAhZUwpgrTxSY7MTO_0rogaAv-7EALw_wcB%26gclsrc%3Daw.ds%26uam%3Dtrue%26mobile%3D2&ref=https%3A%2F%2Fwww.epocacosmeticos.com.br%2Fmaybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom%2Fp%3Fidsku%3D65884%26utm_content%3D65884%26utm_medium%3Dcpc%26utm_source%3Dgoogle%26utmi_cp%3Dpla%26gad_source%3D1%26gclid%3DCj0KCQjwxeyxBhC7ARIsAC7dS3_w1fBtzQPFXN_Mh9YXzcGNcD1TigVLwUAhZUwpgrTxSY7MTO_0rogaAv-7EALw_wcB%26gclsrc%3Daw.ds&hn=www.googleadservices.com&frm=0&tiba=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&ga_uid=G-G20C9N71BZ.undefined&npa=0&pscdl=noapi&auid=283673711.1714267076&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqEMdh4wKTKCeBVEkWR7AWxgwC_eLf0A&random=3872845563&rmt_tld=0&ipr=y
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Mon, 13 May 2024 16:57:15 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.nl/pagead/1p-user-list/601624232/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.nl/pagead/1p-user-list/601624232/?random=1715372382381&cv=11&fst=1715371200000&bg=ffffff&guid=ON&async=1&gtm=45be4580za200&gcd=13l3l3l3l1&dma=0&u_w=375&u_h=667&url=https%3A%2F%2Fwww.epocacosmeticos.com.br%2Fmaybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom%2Fp%3Fidsku%3D65884%26utm_content%3D65884%26utm_medium%3Dcpc%26utm_source%3Dgoogle%26utmi_cp%3Dpla%26gad_source%3D1%26gclid%3DCj0KCQjwxeyxBhC7ARIsAC7dS3_w1fBtzQPFXN_Mh9YXzcGNcD1TigVLwUAhZUwpgrTxSY7MTO_0rogaAv-7EALw_wcB%26gclsrc%3Daw.ds%26uam%3Dtrue%26mobile%3D2&ref=https%3A%2F%2Fwww.epocacosmeticos.com.br%2Fmaybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom%2Fp%3Fidsku%3D65884%26utm_content%3D65884%26utm_medium%3Dcpc%26utm_source%3Dgoogle%26utmi_cp%3Dpla%26gad_source%3D1%26gclid%3DCj0KCQjwxeyxBhC7ARIsAC7dS3_w1fBtzQPFXN_Mh9YXzcGNcD1TigVLwUAhZUwpgrTxSY7MTO_0rogaAv-7EALw_wcB%26gclsrc%3Daw.ds&hn=www.googleadservices.com&frm=0&tiba=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&ga_uid=G-G20C9N71BZ.undefined&npa=0&pscdl=noapi&auid=283673711.1714267076&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqEMdh4wKTKCeBVEkWR7AWxgwC_eLf0A&random=3872845563&rmt_tld=1&ipr=y
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Mon, 13 May 2024 16:57:15 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/976458679/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/976458679/?random=1715372383782&cv=11&fst=1715371200000&bg=ffffff&guid=ON&async=1&gtm=45be4580v872370555za200&gcd=13l3l3l3l1&dma=0&u_w=375&u_h=667&url=https%3A%2F%2Fwww.epocacosmeticos.com.br%2Fmaybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom%2Fp%3Fidsku%3D65884%26utm_content%3D65884%26utm_medium%3Dcpc%26utm_source%3Dgoogle%26utmi_cp%3Dpla%26gad_source%3D1%26gclid%3DCj0KCQjwxeyxBhC7ARIsAC7dS3_w1fBtzQPFXN_Mh9YXzcGNcD1TigVLwUAhZUwpgrTxSY7MTO_0rogaAv-7EALw_wcB%26gclsrc%3Daw.ds%26uam%3Dtrue%26mobile%3D2&ref=https%3A%2F%2Fwww.epocacosmeticos.com.br%2Fmaybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom%2Fp%3Fidsku%3D65884%26utm_content%3D65884%26utm_medium%3Dcpc%26utm_source%3Dgoogle%26utmi_cp%3Dpla%26gad_source%3D1%26gclid%3DCj0KCQjwxeyxBhC7ARIsAC7dS3_w1fBtzQPFXN_Mh9YXzcGNcD1TigVLwUAhZUwpgrTxSY7MTO_0rogaAv-7EALw_wcB%26gclsrc%3Daw.ds&hn=www.googleadservices.com&frm=0&tiba=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&ga_uid=G-G20C9N71BZ.undefined&npa=0&pscdl=noapi&auid=283673711.1714267076&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqGQiYUoFWbggJm37Cv-sB4hxNc--sxg&random=3765862743&rmt_tld=0&ipr=y
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Mon, 13 May 2024 16:57:15 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.nl/pagead/1p-user-list/976458679/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.nl/pagead/1p-user-list/976458679/?random=1715372383782&cv=11&fst=1715371200000&bg=ffffff&guid=ON&async=1&gtm=45be4580v872370555za200&gcd=13l3l3l3l1&dma=0&u_w=375&u_h=667&url=https%3A%2F%2Fwww.epocacosmeticos.com.br%2Fmaybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom%2Fp%3Fidsku%3D65884%26utm_content%3D65884%26utm_medium%3Dcpc%26utm_source%3Dgoogle%26utmi_cp%3Dpla%26gad_source%3D1%26gclid%3DCj0KCQjwxeyxBhC7ARIsAC7dS3_w1fBtzQPFXN_Mh9YXzcGNcD1TigVLwUAhZUwpgrTxSY7MTO_0rogaAv-7EALw_wcB%26gclsrc%3Daw.ds%26uam%3Dtrue%26mobile%3D2&ref=https%3A%2F%2Fwww.epocacosmeticos.com.br%2Fmaybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom%2Fp%3Fidsku%3D65884%26utm_content%3D65884%26utm_medium%3Dcpc%26utm_source%3Dgoogle%26utmi_cp%3Dpla%26gad_source%3D1%26gclid%3DCj0KCQjwxeyxBhC7ARIsAC7dS3_w1fBtzQPFXN_Mh9YXzcGNcD1TigVLwUAhZUwpgrTxSY7MTO_0rogaAv-7EALw_wcB%26gclsrc%3Daw.ds&hn=www.googleadservices.com&frm=0&tiba=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&ga_uid=G-G20C9N71BZ.undefined&npa=0&pscdl=noapi&auid=283673711.1714267076&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqGQiYUoFWbggJm37Cv-sB4hxNc--sxg&random=3765862743&rmt_tld=1&ipr=y
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Mon, 13 May 2024 16:57:15 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
ct.pinterest.com/user/ 		325 B
610 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/user/?tid=2614047153729&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1715619435397&dep=2%2CPAGE_LOAD
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.2bdc3040.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e781dd5b9ca502edc933e1290054b72b9e4d3b592d481d78827363acb8ad1621

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:15 GMT
content-encoding
gzip
x-cdn
fastly
x-envoy-upstream-service-time
0
alt-svc
h3=":443";ma=600
x-pinterest-rid
8180062338158439
content-length
188
pin-unauth
dWlkPU5qa3hPR0U1WkRndE5UUmtOeTAwTWpVMkxXSTJaREV0TW1SaFlUSmtOVFF5TVRJNA
pragma
no-cache
referrer-policy
origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://promo-quemdisseberenice.com
access-control-expose-headers
Epik,Pin-Unauth
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
pinterest-version
9ab3886c06a794ff1d841687ae65f5a1cfdbcfc8
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/976458679/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/976458679/?random=1715372383947&cv=11&fst=1715371200000&bg=ffffff&guid=ON&async=1&gtm=45be4580v872370555za200&gcd=13l3l3l3l1&dma=0&u_w=375&u_h=667&url=https%3A%2F%2Fwww.epocacosmeticos.com.br%2Fmaybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom%2Fp%3Fidsku%3D65884%26utm_content%3D65884%26utm_medium%3Dcpc%26utm_source%3Dgoogle%26utmi_cp%3Dpla%26gad_source%3D1%26gclid%3DCj0KCQjwxeyxBhC7ARIsAC7dS3_w1fBtzQPFXN_Mh9YXzcGNcD1TigVLwUAhZUwpgrTxSY7MTO_0rogaAv-7EALw_wcB%26gclsrc%3Daw.ds%26uam%3Dtrue%26mobile%3D2&ref=https%3A%2F%2Fwww.epocacosmeticos.com.br%2Fmaybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom%2Fp%3Fidsku%3D65884%26utm_content%3D65884%26utm_medium%3Dcpc%26utm_source%3Dgoogle%26utmi_cp%3Dpla%26gad_source%3D1%26gclid%3DCj0KCQjwxeyxBhC7ARIsAC7dS3_w1fBtzQPFXN_Mh9YXzcGNcD1TigVLwUAhZUwpgrTxSY7MTO_0rogaAv-7EALw_wcB%26gclsrc%3Daw.ds&hn=www.googleadservices.com&frm=0&tiba=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&value=186.9&ga_uid=G-G20C9N71BZ.undefined&npa=0&pscdl=noapi&auid=283673711.1714267076&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dview_item%3Bgoogle_business_vertical%3Dretail%3Bid%3D6152&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqcpSIeBMsVgShEkjtHRIgXDot9Im4ew&random=4186913539&rmt_tld=0&ipr=y
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Mon, 13 May 2024 16:57:15 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.nl/pagead/1p-user-list/976458679/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.nl/pagead/1p-user-list/976458679/?random=1715372383947&cv=11&fst=1715371200000&bg=ffffff&guid=ON&async=1&gtm=45be4580v872370555za200&gcd=13l3l3l3l1&dma=0&u_w=375&u_h=667&url=https%3A%2F%2Fwww.epocacosmeticos.com.br%2Fmaybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom%2Fp%3Fidsku%3D65884%26utm_content%3D65884%26utm_medium%3Dcpc%26utm_source%3Dgoogle%26utmi_cp%3Dpla%26gad_source%3D1%26gclid%3DCj0KCQjwxeyxBhC7ARIsAC7dS3_w1fBtzQPFXN_Mh9YXzcGNcD1TigVLwUAhZUwpgrTxSY7MTO_0rogaAv-7EALw_wcB%26gclsrc%3Daw.ds%26uam%3Dtrue%26mobile%3D2&ref=https%3A%2F%2Fwww.epocacosmeticos.com.br%2Fmaybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom%2Fp%3Fidsku%3D65884%26utm_content%3D65884%26utm_medium%3Dcpc%26utm_source%3Dgoogle%26utmi_cp%3Dpla%26gad_source%3D1%26gclid%3DCj0KCQjwxeyxBhC7ARIsAC7dS3_w1fBtzQPFXN_Mh9YXzcGNcD1TigVLwUAhZUwpgrTxSY7MTO_0rogaAv-7EALw_wcB%26gclsrc%3Daw.ds&hn=www.googleadservices.com&frm=0&tiba=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&value=186.9&ga_uid=G-G20C9N71BZ.undefined&npa=0&pscdl=noapi&auid=283673711.1714267076&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dview_item%3Bgoogle_business_vertical%3Dretail%3Bid%3D6152&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqcpSIeBMsVgShEkjtHRIgXDot9Im4ew&random=4186913539&rmt_tld=1&ipr=y
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Mon, 13 May 2024 16:57:15 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/601624232/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/601624232/?random=1715372383897&cv=11&fst=1715371200000&bg=ffffff&guid=ON&async=1&gtm=45be4580za200&gcd=13l3l3l3l1&dma=0&u_w=375&u_h=667&url=https%3A%2F%2Fwww.epocacosmeticos.com.br%2Fmaybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom%2Fp%3Fidsku%3D65884%26utm_content%3D65884%26utm_medium%3Dcpc%26utm_source%3Dgoogle%26utmi_cp%3Dpla%26gad_source%3D1%26gclid%3DCj0KCQjwxeyxBhC7ARIsAC7dS3_w1fBtzQPFXN_Mh9YXzcGNcD1TigVLwUAhZUwpgrTxSY7MTO_0rogaAv-7EALw_wcB%26gclsrc%3Daw.ds%26uam%3Dtrue%26mobile%3D2&ref=https%3A%2F%2Fwww.epocacosmeticos.com.br%2Fmaybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom%2Fp%3Fidsku%3D65884%26utm_content%3D65884%26utm_medium%3Dcpc%26utm_source%3Dgoogle%26utmi_cp%3Dpla%26gad_source%3D1%26gclid%3DCj0KCQjwxeyxBhC7ARIsAC7dS3_w1fBtzQPFXN_Mh9YXzcGNcD1TigVLwUAhZUwpgrTxSY7MTO_0rogaAv-7EALw_wcB%26gclsrc%3Daw.ds&hn=www.googleadservices.com&frm=0&tiba=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&value=186.9&ga_uid=G-G20C9N71BZ.undefined&npa=0&pscdl=noapi&auid=283673711.1714267076&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dview_item%3Bgoogle_business_vertical%3Dretail%3Bid%3D6152&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqqkg7HPqIwW2RskH2QIlR0r8U9sJQ9Q&random=1320427518&rmt_tld=0&ipr=y
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Mon, 13 May 2024 16:57:15 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.nl/pagead/1p-user-list/601624232/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.nl/pagead/1p-user-list/601624232/?random=1715372383897&cv=11&fst=1715371200000&bg=ffffff&guid=ON&async=1&gtm=45be4580za200&gcd=13l3l3l3l1&dma=0&u_w=375&u_h=667&url=https%3A%2F%2Fwww.epocacosmeticos.com.br%2Fmaybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom%2Fp%3Fidsku%3D65884%26utm_content%3D65884%26utm_medium%3Dcpc%26utm_source%3Dgoogle%26utmi_cp%3Dpla%26gad_source%3D1%26gclid%3DCj0KCQjwxeyxBhC7ARIsAC7dS3_w1fBtzQPFXN_Mh9YXzcGNcD1TigVLwUAhZUwpgrTxSY7MTO_0rogaAv-7EALw_wcB%26gclsrc%3Daw.ds%26uam%3Dtrue%26mobile%3D2&ref=https%3A%2F%2Fwww.epocacosmeticos.com.br%2Fmaybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom%2Fp%3Fidsku%3D65884%26utm_content%3D65884%26utm_medium%3Dcpc%26utm_source%3Dgoogle%26utmi_cp%3Dpla%26gad_source%3D1%26gclid%3DCj0KCQjwxeyxBhC7ARIsAC7dS3_w1fBtzQPFXN_Mh9YXzcGNcD1TigVLwUAhZUwpgrTxSY7MTO_0rogaAv-7EALw_wcB%26gclsrc%3Daw.ds&hn=www.googleadservices.com&frm=0&tiba=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&value=186.9&ga_uid=G-G20C9N71BZ.undefined&npa=0&pscdl=noapi&auid=283673711.1714267076&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dview_item%3Bgoogle_business_vertical%3Dretail%3Bid%3D6152&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqqkg7HPqIwW2RskH2QIlR0r8U9sJQ9Q&random=1320427518&rmt_tld=1&ipr=y
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Mon, 13 May 2024 16:57:15 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/976458679/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/976458679/?random=1715372395950&cv=11&fst=1715371200000&bg=ffffff&guid=ON&async=1&gtm=45be4580v872370555za200&gcd=13l3l3l3l1&dma=0&u_w=375&u_h=667&url=https%3A%2F%2Fwww.epocacosmeticos.com.br%2Fmaybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom%2Fp%3Fidsku%3D65884%26utm_content%3D65884%26utm_medium%3Dcpc%26utm_source%3Dgoogle%26utmi_cp%3Dpla%26gad_source%3D1%26gclid%3DCj0KCQjwxeyxBhC7ARIsAC7dS3_w1fBtzQPFXN_Mh9YXzcGNcD1TigVLwUAhZUwpgrTxSY7MTO_0rogaAv-7EALw_wcB%26gclsrc%3Daw.ds%26uam%3Dtrue%26mobile%3D2&ref=https%3A%2F%2Fwww.epocacosmeticos.com.br%2Fmaybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom%2Fp%3Fidsku%3D65884%26utm_content%3D65884%26utm_medium%3Dcpc%26utm_source%3Dgoogle%26utmi_cp%3Dpla%26gad_source%3D1%26gclid%3DCj0KCQjwxeyxBhC7ARIsAC7dS3_w1fBtzQPFXN_Mh9YXzcGNcD1TigVLwUAhZUwpgrTxSY7MTO_0rogaAv-7EALw_wcB%26gclsrc%3Daw.ds&hn=www.googleadservices.com&frm=0&tiba=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&ga_uid=G-G20C9N71BZ.undefined&npa=0&pscdl=noapi&auid=283673711.1714267076&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3DVisualizou%20o%20widget%3Bcategory%3DTrustvox%20%3C%3E%20Sincero%3BproductName%3DM%C3%A1scara%20de%20C%C3%ADlios%20Maybelline%20The%20Colossal%20Volum%27%20Express%20Lav%C3%A1vel%20Preto%3Bnon_interaction%3Dtrue&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqdfGltTacoh9k8otn0rHUuDpzgte_dw&random=3411076483&rmt_tld=0&ipr=y
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Mon, 13 May 2024 16:57:15 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.nl/pagead/1p-user-list/976458679/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.nl/pagead/1p-user-list/976458679/?random=1715372395950&cv=11&fst=1715371200000&bg=ffffff&guid=ON&async=1&gtm=45be4580v872370555za200&gcd=13l3l3l3l1&dma=0&u_w=375&u_h=667&url=https%3A%2F%2Fwww.epocacosmeticos.com.br%2Fmaybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom%2Fp%3Fidsku%3D65884%26utm_content%3D65884%26utm_medium%3Dcpc%26utm_source%3Dgoogle%26utmi_cp%3Dpla%26gad_source%3D1%26gclid%3DCj0KCQjwxeyxBhC7ARIsAC7dS3_w1fBtzQPFXN_Mh9YXzcGNcD1TigVLwUAhZUwpgrTxSY7MTO_0rogaAv-7EALw_wcB%26gclsrc%3Daw.ds%26uam%3Dtrue%26mobile%3D2&ref=https%3A%2F%2Fwww.epocacosmeticos.com.br%2Fmaybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom%2Fp%3Fidsku%3D65884%26utm_content%3D65884%26utm_medium%3Dcpc%26utm_source%3Dgoogle%26utmi_cp%3Dpla%26gad_source%3D1%26gclid%3DCj0KCQjwxeyxBhC7ARIsAC7dS3_w1fBtzQPFXN_Mh9YXzcGNcD1TigVLwUAhZUwpgrTxSY7MTO_0rogaAv-7EALw_wcB%26gclsrc%3Daw.ds&hn=www.googleadservices.com&frm=0&tiba=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&ga_uid=G-G20C9N71BZ.undefined&npa=0&pscdl=noapi&auid=283673711.1714267076&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3DVisualizou%20o%20widget%3Bcategory%3DTrustvox%20%3C%3E%20Sincero%3BproductName%3DM%C3%A1scara%20de%20C%C3%ADlios%20Maybelline%20The%20Colossal%20Volum%27%20Express%20Lav%C3%A1vel%20Preto%3Bnon_interaction%3Dtrue&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqdfGltTacoh9k8otn0rHUuDpzgte_dw&random=3411076483&rmt_tld=1&ipr=y
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Mon, 13 May 2024 16:57:15 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/601624232/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/601624232/?random=1715410880110&cv=11&fst=1715410800000&bg=ffffff&guid=ON&async=1&gtm=45be4580za200&gcd=13l3l3l3l1&dma=0&u_w=375&u_h=667&url=https%3A%2F%2Fofertas-maybelyne.com%2Fquiz-maybe%2Fpremio%2F&hn=www.googleadservices.com&frm=0&tiba=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&ga_uid=G-G20C9N71BZ.undefined&npa=0&pscdl=noapi&auid=1346515874.1715315959&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqoBEPRl5uwsFY3jgWYqxliuOPKmxmfQ&random=2894853050&rmt_tld=0&ipr=y
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Mon, 13 May 2024 16:57:15 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.nl/pagead/1p-user-list/601624232/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.nl/pagead/1p-user-list/601624232/?random=1715410880110&cv=11&fst=1715410800000&bg=ffffff&guid=ON&async=1&gtm=45be4580za200&gcd=13l3l3l3l1&dma=0&u_w=375&u_h=667&url=https%3A%2F%2Fofertas-maybelyne.com%2Fquiz-maybe%2Fpremio%2F&hn=www.googleadservices.com&frm=0&tiba=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&ga_uid=G-G20C9N71BZ.undefined&npa=0&pscdl=noapi&auid=1346515874.1715315959&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqoBEPRl5uwsFY3jgWYqxliuOPKmxmfQ&random=2894853050&rmt_tld=1&ipr=y
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Mon, 13 May 2024 16:57:15 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/601624232/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/601624232/?random=1715410881556&cv=11&fst=1715410800000&bg=ffffff&guid=ON&async=1&gtm=45be4580za200&gcd=13l3l3l3l1&dma=0&u_w=375&u_h=667&url=https%3A%2F%2Fofertas-maybelyne.com%2Fquiz-maybe%2Fpremio%2F&hn=www.googleadservices.com&frm=0&tiba=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&value=186.9&ga_uid=G-G20C9N71BZ.undefined&npa=0&pscdl=noapi&auid=1346515874.1715315959&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dview_item%3Bgoogle_business_vertical%3Dretail%3Bid%3D6152&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqtJVQCMSeDpBIweZMtvsNobuWd6BJlw&random=832473053&rmt_tld=0&ipr=y
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Mon, 13 May 2024 16:57:15 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.nl/pagead/1p-user-list/601624232/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.nl/pagead/1p-user-list/601624232/?random=1715410881556&cv=11&fst=1715410800000&bg=ffffff&guid=ON&async=1&gtm=45be4580za200&gcd=13l3l3l3l1&dma=0&u_w=375&u_h=667&url=https%3A%2F%2Fofertas-maybelyne.com%2Fquiz-maybe%2Fpremio%2F&hn=www.googleadservices.com&frm=0&tiba=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&value=186.9&ga_uid=G-G20C9N71BZ.undefined&npa=0&pscdl=noapi&auid=1346515874.1715315959&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dview_item%3Bgoogle_business_vertical%3Dretail%3Bid%3D6152&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqtJVQCMSeDpBIweZMtvsNobuWd6BJlw&random=832473053&rmt_tld=1&ipr=y
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Mon, 13 May 2024 16:57:15 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/601624232/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/601624232/?random=1715372395912&cv=11&fst=1715371200000&bg=ffffff&guid=ON&async=1&gtm=45be4580za200&gcd=13l3l3l3l1&dma=0&u_w=375&u_h=667&url=https%3A%2F%2Fwww.epocacosmeticos.com.br%2Fmaybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom%2Fp%3Fidsku%3D65884%26utm_content%3D65884%26utm_medium%3Dcpc%26utm_source%3Dgoogle%26utmi_cp%3Dpla%26gad_source%3D1%26gclid%3DCj0KCQjwxeyxBhC7ARIsAC7dS3_w1fBtzQPFXN_Mh9YXzcGNcD1TigVLwUAhZUwpgrTxSY7MTO_0rogaAv-7EALw_wcB%26gclsrc%3Daw.ds%26uam%3Dtrue%26mobile%3D2&ref=https%3A%2F%2Fwww.epocacosmeticos.com.br%2Fmaybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom%2Fp%3Fidsku%3D65884%26utm_content%3D65884%26utm_medium%3Dcpc%26utm_source%3Dgoogle%26utmi_cp%3Dpla%26gad_source%3D1%26gclid%3DCj0KCQjwxeyxBhC7ARIsAC7dS3_w1fBtzQPFXN_Mh9YXzcGNcD1TigVLwUAhZUwpgrTxSY7MTO_0rogaAv-7EALw_wcB%26gclsrc%3Daw.ds&hn=www.googleadservices.com&frm=0&tiba=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&ga_uid=G-G20C9N71BZ.undefined&npa=0&pscdl=noapi&auid=283673711.1714267076&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3DVisualizou%20o%20widget%3Bcategory%3DTrustvox%20%3C%3E%20Sincero%3BproductName%3DM%C3%A1scara%20de%20C%C3%ADlios%20Maybelline%20The%20Colossal%20Volum%27%20Express%20Lav%C3%A1vel%20Preto%3Bnon_interaction%3Dtrue&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqWkglgQyI__31ti4Z85x-OkPfaFLIJw&random=1652241592&rmt_tld=0&ipr=y
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Mon, 13 May 2024 16:57:15 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.nl/pagead/1p-user-list/601624232/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.nl/pagead/1p-user-list/601624232/?random=1715372395912&cv=11&fst=1715371200000&bg=ffffff&guid=ON&async=1&gtm=45be4580za200&gcd=13l3l3l3l1&dma=0&u_w=375&u_h=667&url=https%3A%2F%2Fwww.epocacosmeticos.com.br%2Fmaybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom%2Fp%3Fidsku%3D65884%26utm_content%3D65884%26utm_medium%3Dcpc%26utm_source%3Dgoogle%26utmi_cp%3Dpla%26gad_source%3D1%26gclid%3DCj0KCQjwxeyxBhC7ARIsAC7dS3_w1fBtzQPFXN_Mh9YXzcGNcD1TigVLwUAhZUwpgrTxSY7MTO_0rogaAv-7EALw_wcB%26gclsrc%3Daw.ds%26uam%3Dtrue%26mobile%3D2&ref=https%3A%2F%2Fwww.epocacosmeticos.com.br%2Fmaybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom%2Fp%3Fidsku%3D65884%26utm_content%3D65884%26utm_medium%3Dcpc%26utm_source%3Dgoogle%26utmi_cp%3Dpla%26gad_source%3D1%26gclid%3DCj0KCQjwxeyxBhC7ARIsAC7dS3_w1fBtzQPFXN_Mh9YXzcGNcD1TigVLwUAhZUwpgrTxSY7MTO_0rogaAv-7EALw_wcB%26gclsrc%3Daw.ds&hn=www.googleadservices.com&frm=0&tiba=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&ga_uid=G-G20C9N71BZ.undefined&npa=0&pscdl=noapi&auid=283673711.1714267076&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3DVisualizou%20o%20widget%3Bcategory%3DTrustvox%20%3C%3E%20Sincero%3BproductName%3DM%C3%A1scara%20de%20C%C3%ADlios%20Maybelline%20The%20Colossal%20Volum%27%20Express%20Lav%C3%A1vel%20Preto%3Bnon_interaction%3Dtrue&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqWkglgQyI__31ti4Z85x-OkPfaFLIJw&random=1652241592&rmt_tld=1&ipr=y
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Mon, 13 May 2024 16:57:15 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/976458679/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/976458679/?random=1715410880616&cv=11&fst=1715410800000&bg=ffffff&guid=ON&async=1&gtm=45be4580v872370555za200&gcd=13l3l3l3l1&dma=0&u_w=375&u_h=667&url=https%3A%2F%2Fofertas-maybelyne.com%2Fquiz-maybe%2Fpremio%2F&hn=www.googleadservices.com&frm=0&tiba=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&ga_uid=G-G20C9N71BZ.undefined&npa=0&pscdl=noapi&auid=1346515874.1715315959&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dview_item%3Bgoogle_business_vertical%3Dretail&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqgkQT1YCrT3QIGJ6m85zwGlU-QVY2pQ&random=3504325169&rmt_tld=0&ipr=y
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Mon, 13 May 2024 16:57:15 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.nl/pagead/1p-user-list/976458679/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.nl/pagead/1p-user-list/976458679/?random=1715410880616&cv=11&fst=1715410800000&bg=ffffff&guid=ON&async=1&gtm=45be4580v872370555za200&gcd=13l3l3l3l1&dma=0&u_w=375&u_h=667&url=https%3A%2F%2Fofertas-maybelyne.com%2Fquiz-maybe%2Fpremio%2F&hn=www.googleadservices.com&frm=0&tiba=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&ga_uid=G-G20C9N71BZ.undefined&npa=0&pscdl=noapi&auid=1346515874.1715315959&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dview_item%3Bgoogle_business_vertical%3Dretail&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqgkQT1YCrT3QIGJ6m85zwGlU-QVY2pQ&random=3504325169&rmt_tld=1&ipr=y
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Mon, 13 May 2024 16:57:15 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/976458679/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/976458679/?random=1715410881527&cv=11&fst=1715410800000&bg=ffffff&guid=ON&async=1&gtm=45be4580v872370555za200&gcd=13l3l3l3l1&dma=0&u_w=375&u_h=667&url=https%3A%2F%2Fofertas-maybelyne.com%2Fquiz-maybe%2Fpremio%2F&hn=www.googleadservices.com&frm=0&tiba=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&ga_uid=G-G20C9N71BZ.undefined&npa=0&pscdl=noapi&auid=1346515874.1715315959&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqHsOkYWQtxu86g22WQkwxicYZm4kdeA&random=2231448493&rmt_tld=0&ipr=y
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Mon, 13 May 2024 16:57:15 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.nl/pagead/1p-user-list/976458679/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.nl/pagead/1p-user-list/976458679/?random=1715410881527&cv=11&fst=1715410800000&bg=ffffff&guid=ON&async=1&gtm=45be4580v872370555za200&gcd=13l3l3l3l1&dma=0&u_w=375&u_h=667&url=https%3A%2F%2Fofertas-maybelyne.com%2Fquiz-maybe%2Fpremio%2F&hn=www.googleadservices.com&frm=0&tiba=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&ga_uid=G-G20C9N71BZ.undefined&npa=0&pscdl=noapi&auid=1346515874.1715315959&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqHsOkYWQtxu86g22WQkwxicYZm4kdeA&random=2231448493&rmt_tld=1&ipr=y
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Mon, 13 May 2024 16:57:15 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/601624232/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/601624232/?random=1715372392807&cv=11&fst=1715371200000&bg=ffffff&guid=ON&async=1&gtm=45be4580za200&gcd=13l3l3l3l1&dma=0&u_w=375&u_h=667&url=https%3A%2F%2Fwww.epocacosmeticos.com.br%2Fmaybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom%2Fp%3Fidsku%3D65884%26utm_content%3D65884%26utm_medium%3Dcpc%26utm_source%3Dgoogle%26utmi_cp%3Dpla%26gad_source%3D1%26gclid%3DCj0KCQjwxeyxBhC7ARIsAC7dS3_w1fBtzQPFXN_Mh9YXzcGNcD1TigVLwUAhZUwpgrTxSY7MTO_0rogaAv-7EALw_wcB%26gclsrc%3Daw.ds%26uam%3Dtrue%26mobile%3D2&ref=https%3A%2F%2Fwww.epocacosmeticos.com.br%2Fmaybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom%2Fp%3Fidsku%3D65884%26utm_content%3D65884%26utm_medium%3Dcpc%26utm_source%3Dgoogle%26utmi_cp%3Dpla%26gad_source%3D1%26gclid%3DCj0KCQjwxeyxBhC7ARIsAC7dS3_w1fBtzQPFXN_Mh9YXzcGNcD1TigVLwUAhZUwpgrTxSY7MTO_0rogaAv-7EALw_wcB%26gclsrc%3Daw.ds&hn=www.googleadservices.com&frm=0&tiba=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&ga_uid=G-G20C9N71BZ.undefined&npa=0&pscdl=noapi&auid=283673711.1714267076&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3DVisualizou%20o%20widget%3Bcategory%3DTrustvox%20%3C%3E%20Sincero%3BproductName%3DM%C3%A1scara%20de%20C%C3%ADlios%20Maybelline%20The%20Colossal%20Volum%27%20Express%20Lav%C3%A1vel%20Preto%3Bnon_interaction%3Dtrue&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqbFlGFIr5_4YlbHoDUgVlrnFsU1RD5A&random=2042026659&rmt_tld=0&ipr=y
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Mon, 13 May 2024 16:57:15 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.nl/pagead/1p-user-list/601624232/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.nl/pagead/1p-user-list/601624232/?random=1715372392807&cv=11&fst=1715371200000&bg=ffffff&guid=ON&async=1&gtm=45be4580za200&gcd=13l3l3l3l1&dma=0&u_w=375&u_h=667&url=https%3A%2F%2Fwww.epocacosmeticos.com.br%2Fmaybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom%2Fp%3Fidsku%3D65884%26utm_content%3D65884%26utm_medium%3Dcpc%26utm_source%3Dgoogle%26utmi_cp%3Dpla%26gad_source%3D1%26gclid%3DCj0KCQjwxeyxBhC7ARIsAC7dS3_w1fBtzQPFXN_Mh9YXzcGNcD1TigVLwUAhZUwpgrTxSY7MTO_0rogaAv-7EALw_wcB%26gclsrc%3Daw.ds%26uam%3Dtrue%26mobile%3D2&ref=https%3A%2F%2Fwww.epocacosmeticos.com.br%2Fmaybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom%2Fp%3Fidsku%3D65884%26utm_content%3D65884%26utm_medium%3Dcpc%26utm_source%3Dgoogle%26utmi_cp%3Dpla%26gad_source%3D1%26gclid%3DCj0KCQjwxeyxBhC7ARIsAC7dS3_w1fBtzQPFXN_Mh9YXzcGNcD1TigVLwUAhZUwpgrTxSY7MTO_0rogaAv-7EALw_wcB%26gclsrc%3Daw.ds&hn=www.googleadservices.com&frm=0&tiba=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&ga_uid=G-G20C9N71BZ.undefined&npa=0&pscdl=noapi&auid=283673711.1714267076&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3DVisualizou%20o%20widget%3Bcategory%3DTrustvox%20%3C%3E%20Sincero%3BproductName%3DM%C3%A1scara%20de%20C%C3%ADlios%20Maybelline%20The%20Colossal%20Volum%27%20Express%20Lav%C3%A1vel%20Preto%3Bnon_interaction%3Dtrue&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqbFlGFIr5_4YlbHoDUgVlrnFsU1RD5A&random=2042026659&rmt_tld=1&ipr=y
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Mon, 13 May 2024 16:57:15 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/601624232/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/601624232/?random=1715410880565&cv=11&fst=1715410800000&bg=ffffff&guid=ON&async=1&gtm=45be4580za200&gcd=13l3l3l3l1&dma=0&u_w=375&u_h=667&url=https%3A%2F%2Fofertas-maybelyne.com%2Fquiz-maybe%2Fpremio%2F&hn=www.googleadservices.com&frm=0&tiba=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&ga_uid=G-G20C9N71BZ.undefined&npa=0&pscdl=noapi&auid=1346515874.1715315959&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dview_item%3Bgoogle_business_vertical%3Dretail&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwB7FLtq2eL8FcPd_MQiUszMNFqgW-8AMDfWxg&random=567544164&rmt_tld=0&ipr=y
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Mon, 13 May 2024 16:57:15 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.nl/pagead/1p-user-list/601624232/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.nl/pagead/1p-user-list/601624232/?random=1715410880565&cv=11&fst=1715410800000&bg=ffffff&guid=ON&async=1&gtm=45be4580za200&gcd=13l3l3l3l1&dma=0&u_w=375&u_h=667&url=https%3A%2F%2Fofertas-maybelyne.com%2Fquiz-maybe%2Fpremio%2F&hn=www.googleadservices.com&frm=0&tiba=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&ga_uid=G-G20C9N71BZ.undefined&npa=0&pscdl=noapi&auid=1346515874.1715315959&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dview_item%3Bgoogle_business_vertical%3Dretail&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwB7FLtq2eL8FcPd_MQiUszMNFqgW-8AMDfWxg&random=567544164&rmt_tld=1&ipr=y
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Mon, 13 May 2024 16:57:15 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/601624232/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/601624232/?random=1715410880254&cv=11&fst=1715410800000&bg=ffffff&guid=ON&async=1&gtm=45be4580za200&gcd=13l3l3l3l1&dma=0&u_w=375&u_h=667&url=https%3A%2F%2Fofertas-maybelyne.com%2Fquiz-maybe%2Fpremio%2F&hn=www.googleadservices.com&frm=0&tiba=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&ga_uid=G-G20C9N71BZ.undefined&npa=0&pscdl=noapi&auid=1346515874.1715315959&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwB7FLtq1gpqfQHTSSffGWSUijynGxYra9QjPA&random=416675289&rmt_tld=0&ipr=y
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Mon, 13 May 2024 16:57:15 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.nl/pagead/1p-user-list/601624232/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.nl/pagead/1p-user-list/601624232/?random=1715410880254&cv=11&fst=1715410800000&bg=ffffff&guid=ON&async=1&gtm=45be4580za200&gcd=13l3l3l3l1&dma=0&u_w=375&u_h=667&url=https%3A%2F%2Fofertas-maybelyne.com%2Fquiz-maybe%2Fpremio%2F&hn=www.googleadservices.com&frm=0&tiba=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&ga_uid=G-G20C9N71BZ.undefined&npa=0&pscdl=noapi&auid=1346515874.1715315959&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwB7FLtq1gpqfQHTSSffGWSUijynGxYra9QjPA&random=416675289&rmt_tld=1&ipr=y
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Mon, 13 May 2024 16:57:15 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/976458679/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/976458679/?random=1715372392844&cv=11&fst=1715371200000&bg=ffffff&guid=ON&async=1&gtm=45be4580v872370555za200&gcd=13l3l3l3l1&dma=0&u_w=375&u_h=667&url=https%3A%2F%2Fwww.epocacosmeticos.com.br%2Fmaybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom%2Fp%3Fidsku%3D65884%26utm_content%3D65884%26utm_medium%3Dcpc%26utm_source%3Dgoogle%26utmi_cp%3Dpla%26gad_source%3D1%26gclid%3DCj0KCQjwxeyxBhC7ARIsAC7dS3_w1fBtzQPFXN_Mh9YXzcGNcD1TigVLwUAhZUwpgrTxSY7MTO_0rogaAv-7EALw_wcB%26gclsrc%3Daw.ds%26uam%3Dtrue%26mobile%3D2&ref=https%3A%2F%2Fwww.epocacosmeticos.com.br%2Fmaybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom%2Fp%3Fidsku%3D65884%26utm_content%3D65884%26utm_medium%3Dcpc%26utm_source%3Dgoogle%26utmi_cp%3Dpla%26gad_source%3D1%26gclid%3DCj0KCQjwxeyxBhC7ARIsAC7dS3_w1fBtzQPFXN_Mh9YXzcGNcD1TigVLwUAhZUwpgrTxSY7MTO_0rogaAv-7EALw_wcB%26gclsrc%3Daw.ds&hn=www.googleadservices.com&frm=0&tiba=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&ga_uid=G-G20C9N71BZ.undefined&npa=0&pscdl=noapi&auid=283673711.1714267076&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3DVisualizou%20o%20widget%3Bcategory%3DTrustvox%20%3C%3E%20Sincero%3BproductName%3DM%C3%A1scara%20de%20C%C3%ADlios%20Maybelline%20The%20Colossal%20Volum%27%20Express%20Lav%C3%A1vel%20Preto%3Bnon_interaction%3Dtrue&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqXHwlmr-KIGQpsa418yVKZPpBzvWXZw&random=2316653300&rmt_tld=0&ipr=y
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Mon, 13 May 2024 16:57:15 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.nl/pagead/1p-user-list/976458679/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.nl/pagead/1p-user-list/976458679/?random=1715372392844&cv=11&fst=1715371200000&bg=ffffff&guid=ON&async=1&gtm=45be4580v872370555za200&gcd=13l3l3l3l1&dma=0&u_w=375&u_h=667&url=https%3A%2F%2Fwww.epocacosmeticos.com.br%2Fmaybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom%2Fp%3Fidsku%3D65884%26utm_content%3D65884%26utm_medium%3Dcpc%26utm_source%3Dgoogle%26utmi_cp%3Dpla%26gad_source%3D1%26gclid%3DCj0KCQjwxeyxBhC7ARIsAC7dS3_w1fBtzQPFXN_Mh9YXzcGNcD1TigVLwUAhZUwpgrTxSY7MTO_0rogaAv-7EALw_wcB%26gclsrc%3Daw.ds%26uam%3Dtrue%26mobile%3D2&ref=https%3A%2F%2Fwww.epocacosmeticos.com.br%2Fmaybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom%2Fp%3Fidsku%3D65884%26utm_content%3D65884%26utm_medium%3Dcpc%26utm_source%3Dgoogle%26utmi_cp%3Dpla%26gad_source%3D1%26gclid%3DCj0KCQjwxeyxBhC7ARIsAC7dS3_w1fBtzQPFXN_Mh9YXzcGNcD1TigVLwUAhZUwpgrTxSY7MTO_0rogaAv-7EALw_wcB%26gclsrc%3Daw.ds&hn=www.googleadservices.com&frm=0&tiba=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&ga_uid=G-G20C9N71BZ.undefined&npa=0&pscdl=noapi&auid=283673711.1714267076&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3DVisualizou%20o%20widget%3Bcategory%3DTrustvox%20%3C%3E%20Sincero%3BproductName%3DM%C3%A1scara%20de%20C%C3%ADlios%20Maybelline%20The%20Colossal%20Volum%27%20Express%20Lav%C3%A1vel%20Preto%3Bnon_interaction%3Dtrue&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqXHwlmr-KIGQpsa418yVKZPpBzvWXZw&random=2316653300&rmt_tld=1&ipr=y
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Mon, 13 May 2024 16:57:15 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/976458679/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/976458679/?random=1715410881602&cv=11&fst=1715410800000&bg=ffffff&guid=ON&async=1&gtm=45be4580v872370555za200&gcd=13l3l3l3l1&dma=0&u_w=375&u_h=667&url=https%3A%2F%2Fofertas-maybelyne.com%2Fquiz-maybe%2Fpremio%2F&hn=www.googleadservices.com&frm=0&tiba=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&value=186.9&ga_uid=G-G20C9N71BZ.undefined&npa=0&pscdl=noapi&auid=1346515874.1715315959&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dview_item%3Bgoogle_business_vertical%3Dretail%3Bid%3D6152&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqsAfRvEYSj5Rd_jM7gnB3Nz1ZeJROkA&random=3847272608&rmt_tld=0&ipr=y
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Mon, 13 May 2024 16:57:15 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.nl/pagead/1p-user-list/976458679/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.nl/pagead/1p-user-list/976458679/?random=1715410881602&cv=11&fst=1715410800000&bg=ffffff&guid=ON&async=1&gtm=45be4580v872370555za200&gcd=13l3l3l3l1&dma=0&u_w=375&u_h=667&url=https%3A%2F%2Fofertas-maybelyne.com%2Fquiz-maybe%2Fpremio%2F&hn=www.googleadservices.com&frm=0&tiba=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&value=186.9&ga_uid=G-G20C9N71BZ.undefined&npa=0&pscdl=noapi&auid=1346515874.1715315959&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dview_item%3Bgoogle_business_vertical%3Dretail%3Bid%3D6152&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqsAfRvEYSj5Rd_jM7gnB3Nz1ZeJROkA&random=3847272608&rmt_tld=1&ipr=y
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Mon, 13 May 2024 16:57:15 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/976458679/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/976458679/?random=1715410880506&cv=11&fst=1715410800000&bg=ffffff&guid=ON&async=1&gtm=45be4580v872370555za200&gcd=13l3l3l3l1&dma=0&u_w=375&u_h=667&url=https%3A%2F%2Fofertas-maybelyne.com%2Fquiz-maybe%2Fpremio%2F&hn=www.googleadservices.com&frm=0&tiba=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&ga_uid=G-G20C9N71BZ.undefined&npa=0&pscdl=noapi&auid=1346515874.1715315959&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwB7FLtq-eLH-M5B82xuFjMPm-fSVX4XNuEM5A&random=86079042&rmt_tld=0&ipr=y
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Mon, 13 May 2024 16:57:15 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.nl/pagead/1p-user-list/976458679/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.nl/pagead/1p-user-list/976458679/?random=1715410880506&cv=11&fst=1715410800000&bg=ffffff&guid=ON&async=1&gtm=45be4580v872370555za200&gcd=13l3l3l3l1&dma=0&u_w=375&u_h=667&url=https%3A%2F%2Fofertas-maybelyne.com%2Fquiz-maybe%2Fpremio%2F&hn=www.googleadservices.com&frm=0&tiba=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&ga_uid=G-G20C9N71BZ.undefined&npa=0&pscdl=noapi&auid=1346515874.1715315959&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwB7FLtq-eLH-M5B82xuFjMPm-fSVX4XNuEM5A&random=86079042&rmt_tld=1&ipr=y
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Mon, 13 May 2024 16:57:15 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
syncframe
gum.criteo.com/ Frame 0ECA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=promo-quemdisseberenice.com&origin=onetag
Requested by
Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=9137
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 13 May 2024 16:57:15 GMT
server
Kestrel
server-processing-duration-in-ticks
300835
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
601624232
td.doubleclick.net/td/rul/ Frame 8E23 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/rul/601624232?random=1715410880110&cv=11&fst=1715410880110&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4580za200&gcd=13l3l3l3l1&dma=0&u_w=375&u_h=667&url=https%3A%2F%2Fofertas-maybelyne.com%2Fquiz-maybe%2Fpremio%2F&hn=www.googleadservices.com&frm=0&tiba=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&ga_uid=G-G20C9N71BZ.undefined&npa=0&pscdl=noapi&auid=1346515874.1715315959&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 13 May 2024 16:57:15 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
601624232
td.doubleclick.net/td/rul/ Frame 46D8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/rul/601624232?random=1715372382381&cv=11&fst=1715372382381&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4580za200&gcd=13l3l3l3l1&dma=0&u_w=375&u_h=667&url=https%3A%2F%2Fwww.epocacosmeticos.com.br%2Fmaybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom%2Fp%3Fidsku%3D65884%26utm_content%3D65884%26utm_medium%3Dcpc%26utm_source%3Dgoogle%26utmi_cp%3Dpla%26gad_source%3D1%26gclid%3DCj0KCQjwxeyxBhC7ARIsAC7dS3_w1fBtzQPFXN_Mh9YXzcGNcD1TigVLwUAhZUwpgrTxSY7MTO_0rogaAv-7EALw_wcB%26gclsrc%3Daw.ds%26uam%3Dtrue%26mobile%3D2&ref=https%3A%2F%2Fwww.epocacosmeticos.com.br%2Fmaybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom%2Fp%3Fidsku%3D65884%26utm_content%3D65884%26utm_medium%3Dcpc%26utm_source%3Dgoogle%26utmi_cp%3Dpla%26gad_source%3D1%26gclid%3DCj0KCQjwxeyxBhC7ARIsAC7dS3_w1fBtzQPFXN_Mh9YXzcGNcD1TigVLwUAhZUwpgrTxSY7MTO_0rogaAv-7EALw_wcB%26gclsrc%3Daw.ds&hn=www.googleadservices.com&frm=0&tiba=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&ga_uid=G-G20C9N71BZ.undefined&npa=0&pscdl=noapi&auid=283673711.1714267076&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 13 May 2024 16:57:15 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
601624232
td.doubleclick.net/td/rul/ Frame B20C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/rul/601624232?random=1715410880254&cv=11&fst=1715410880254&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4580za200&gcd=13l3l3l3l1&dma=0&u_w=375&u_h=667&url=https%3A%2F%2Fofertas-maybelyne.com%2Fquiz-maybe%2Fpremio%2F&hn=www.googleadservices.com&frm=0&tiba=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&ga_uid=G-G20C9N71BZ.undefined&npa=0&pscdl=noapi&auid=1346515874.1715315959&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 13 May 2024 16:57:15 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
ct.pinterest.com/v3/ 		35 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/v3/?tid=2614047153729&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fpromo-quemdisseberenice.com%2Fquiz-maybe%2Fpremio%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%222bdc3040%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1715619435485
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.2bdc3040.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.64.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Mon, 13 May 2024 16:57:15 GMT
referrer-policy
origin
x-cdn
fastly
content-type
image/gif
access-control-allow-origin
https://promo-quemdisseberenice.com
pinterest-version
9ab3886c06a794ff1d841687ae65f5a1cfdbcfc8
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
alt-svc
h3=":443";ma=600
content-length
35
x-pinterest-rid
1044636374068518
expires
Sat, 01 Jan 2000 00:00:00 GMT
epc-swb-app-60x60.png
epocacosmeticos.vteximg.com.br/arquivos/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://epocacosmeticos.vteximg.com.br/arquivos/epc-swb-app-60x60.png
Requested by
Host: epocacosmeticos.vteximg.com.br
URL: https://epocacosmeticos.vteximg.com.br/arquivos/product-v2-mobile.min.css?v=202404222345
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.7.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-28.fra56.r.cloudfront.net
Software
/
Resource Hash
5e416132995e7744327f429f8852385ca1c7404cba78dd1ece7c8dd3901ca453

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://epocacosmeticos.vteximg.com.br/arquivos/product-v2-mobile.min.css?v=202404222345
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-vtex-apicache-time
5400
date
Mon, 13 May 2024 16:37:14 GMT
x-vtex-cache-server
apicache13
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
age
3326
x-amz-cf-pop
FRA56-P6
x-vtex-processed-at
Thu, 18 Nov 2021 15:59:32 GMT
x-cache
Hit from cloudfront
x-vtex-janus-router-backend-app
prtarq-v1.48.2+1482
alt-svc
h3=":443"; ma=86400
content-length
1400
x-vtex-cache-time
0.000
last-modified
Mon, 03 Aug 2020 15:12:27 GMT
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=3600
x-powered-by-vtex-cache
2.3.2
x-vtex-cache-status-janus-apicache
HIT
x-amz-cf-id
AyX3_PrOr1OhhXu67Hbe7QZsGQeM9I0-tAXbaLC53GjcWagIaIFhCw==
droz.js
chat-app.meudroz.com/v1/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://chat-app.meudroz.com/v1/droz.js?i=9d8ec964788d7819cdac497969b23b0cf0ed73ce&u=https://chat-app.meudroz.com&v=140512
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f71c6fd702841dd80a37e8762ad1c6d0dbfe8210f9bbeca88c2fb70f5f2a86d
Security Headers
Name Value
Content-Security-Policy default-src *; font-src *;img-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; frame-ancestors *
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src *; font-src *;img-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; frame-ancestors *
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 18 Apr 2024 21:31:50 GMT
server
cloudflare
etag
W/"9936-1713475910000"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4ZDQRWOaFGqMSmOEXX2s0NtDfbGbxi4csVYWmh82oIY6Lmrr3odng3KBXgdsb8clQrIaMNLl82BuvFBiRDYO6HTwt1WzwmYnHr039064OmGPohZwO4eg9KAapoF60KuIirfvJ86BxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=2073600
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
cf-ray
88342fbff9a86643-AMS
priority
u=3,i=?0
976458679
td.doubleclick.net/td/rul/ Frame 4369 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/rul/976458679?random=1715372383782&cv=11&fst=1715372383782&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4580v872370555za200&gcd=13l3l3l3l1&dma=0&u_w=375&u_h=667&url=https%3A%2F%2Fwww.epocacosmeticos.com.br%2Fmaybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom%2Fp%3Fidsku%3D65884%26utm_content%3D65884%26utm_medium%3Dcpc%26utm_source%3Dgoogle%26utmi_cp%3Dpla%26gad_source%3D1%26gclid%3DCj0KCQjwxeyxBhC7ARIsAC7dS3_w1fBtzQPFXN_Mh9YXzcGNcD1TigVLwUAhZUwpgrTxSY7MTO_0rogaAv-7EALw_wcB%26gclsrc%3Daw.ds%26uam%3Dtrue%26mobile%3D2&ref=https%3A%2F%2Fwww.epocacosmeticos.com.br%2Fmaybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom%2Fp%3Fidsku%3D65884%26utm_content%3D65884%26utm_medium%3Dcpc%26utm_source%3Dgoogle%26utmi_cp%3Dpla%26gad_source%3D1%26gclid%3DCj0KCQjwxeyxBhC7ARIsAC7dS3_w1fBtzQPFXN_Mh9YXzcGNcD1TigVLwUAhZUwpgrTxSY7MTO_0rogaAv-7EALw_wcB%26gclsrc%3Daw.ds&hn=www.googleadservices.com&frm=0&tiba=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&ga_uid=G-G20C9N71BZ.undefined&npa=0&pscdl=noapi&auid=283673711.1714267076&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 13 May 2024 16:57:15 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
601624232
td.doubleclick.net/td/rul/ Frame 0763 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/rul/601624232?random=1715372383897&cv=11&fst=1715372383897&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4580za200&gcd=13l3l3l3l1&dma=0&u_w=375&u_h=667&url=https%3A%2F%2Fwww.epocacosmeticos.com.br%2Fmaybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom%2Fp%3Fidsku%3D65884%26utm_content%3D65884%26utm_medium%3Dcpc%26utm_source%3Dgoogle%26utmi_cp%3Dpla%26gad_source%3D1%26gclid%3DCj0KCQjwxeyxBhC7ARIsAC7dS3_w1fBtzQPFXN_Mh9YXzcGNcD1TigVLwUAhZUwpgrTxSY7MTO_0rogaAv-7EALw_wcB%26gclsrc%3Daw.ds%26uam%3Dtrue%26mobile%3D2&ref=https%3A%2F%2Fwww.epocacosmeticos.com.br%2Fmaybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom%2Fp%3Fidsku%3D65884%26utm_content%3D65884%26utm_medium%3Dcpc%26utm_source%3Dgoogle%26utmi_cp%3Dpla%26gad_source%3D1%26gclid%3DCj0KCQjwxeyxBhC7ARIsAC7dS3_w1fBtzQPFXN_Mh9YXzcGNcD1TigVLwUAhZUwpgrTxSY7MTO_0rogaAv-7EALw_wcB%26gclsrc%3Daw.ds&hn=www.googleadservices.com&frm=0&tiba=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&value=186.9&ga_uid=G-G20C9N71BZ.undefined&npa=0&pscdl=noapi&auid=283673711.1714267076&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dview_item%3Bgoogle_business_vertical%3Dretail%3Bid%3D6152
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 13 May 2024 16:57:15 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
976458679
td.doubleclick.net/td/rul/ Frame 7834 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/rul/976458679?random=1715372383947&cv=11&fst=1715372383947&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4580v872370555za200&gcd=13l3l3l3l1&dma=0&u_w=375&u_h=667&url=https%3A%2F%2Fwww.epocacosmeticos.com.br%2Fmaybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom%2Fp%3Fidsku%3D65884%26utm_content%3D65884%26utm_medium%3Dcpc%26utm_source%3Dgoogle%26utmi_cp%3Dpla%26gad_source%3D1%26gclid%3DCj0KCQjwxeyxBhC7ARIsAC7dS3_w1fBtzQPFXN_Mh9YXzcGNcD1TigVLwUAhZUwpgrTxSY7MTO_0rogaAv-7EALw_wcB%26gclsrc%3Daw.ds%26uam%3Dtrue%26mobile%3D2&ref=https%3A%2F%2Fwww.epocacosmeticos.com.br%2Fmaybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom%2Fp%3Fidsku%3D65884%26utm_content%3D65884%26utm_medium%3Dcpc%26utm_source%3Dgoogle%26utmi_cp%3Dpla%26gad_source%3D1%26gclid%3DCj0KCQjwxeyxBhC7ARIsAC7dS3_w1fBtzQPFXN_Mh9YXzcGNcD1TigVLwUAhZUwpgrTxSY7MTO_0rogaAv-7EALw_wcB%26gclsrc%3Daw.ds&hn=www.googleadservices.com&frm=0&tiba=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&value=186.9&ga_uid=G-G20C9N71BZ.undefined&npa=0&pscdl=noapi&auid=283673711.1714267076&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dview_item%3Bgoogle_business_vertical%3Dretail%3Bid%3D6152
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 13 May 2024 16:57:15 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
976458679
td.doubleclick.net/td/rul/ Frame 68A5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/rul/976458679?random=1715410880506&cv=11&fst=1715410880506&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4580v872370555za200&gcd=13l3l3l3l1&dma=0&u_w=375&u_h=667&url=https%3A%2F%2Fofertas-maybelyne.com%2Fquiz-maybe%2Fpremio%2F&hn=www.googleadservices.com&frm=0&tiba=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&ga_uid=G-G20C9N71BZ.undefined&npa=0&pscdl=noapi&auid=1346515874.1715315959&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 13 May 2024 16:57:15 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
601624232
td.doubleclick.net/td/rul/ Frame BAF2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/rul/601624232?random=1715410880565&cv=11&fst=1715410880565&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4580za200&gcd=13l3l3l3l1&dma=0&u_w=375&u_h=667&url=https%3A%2F%2Fofertas-maybelyne.com%2Fquiz-maybe%2Fpremio%2F&hn=www.googleadservices.com&frm=0&tiba=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&ga_uid=G-G20C9N71BZ.undefined&npa=0&pscdl=noapi&auid=1346515874.1715315959&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dview_item%3Bgoogle_business_vertical%3Dretail
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 13 May 2024 16:57:15 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
976458679
td.doubleclick.net/td/rul/ Frame D09D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/rul/976458679?random=1715410880616&cv=11&fst=1715410880616&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4580v872370555za200&gcd=13l3l3l3l1&dma=0&u_w=375&u_h=667&url=https%3A%2F%2Fofertas-maybelyne.com%2Fquiz-maybe%2Fpremio%2F&hn=www.googleadservices.com&frm=0&tiba=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&ga_uid=G-G20C9N71BZ.undefined&npa=0&pscdl=noapi&auid=1346515874.1715315959&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dview_item%3Bgoogle_business_vertical%3Dretail
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 13 May 2024 16:57:15 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ig-membership
us.creativecdn.com/ Frame C3E3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.creativecdn.com/ig-membership?ntk=TIT-D_riVatJ57hIBScFMp7hEsKrPb-_yw3MZjG9f9MCbmtmH9e7Jsp8v3EGZFv6w_ETzqTQobrNNItni3iq_4aYh9jMfi2MjLcEB2yFnWk
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.10.30 , Cyprus, ASN203690 (RTB-HOUSE-ASH, CY),
Reverse DNS
ip-185-184-10-30.rtbhouse.net
Software
/
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

cache-control
public, max-age=86400
content-encoding
gzip
content-length
570
content-type
text/html;charset=utf-8
date
Mon, 13 May 2024 16:57:15 GMT Mon, 13 May 2024 16:57:15 GMT
expires
Tue, 14 May 2024 16:57:15 GMT
vary
Accept-Encoding
976458679
google.com/ccm/form-data/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://google.com/ccm/form-data/976458679?gtm=45be4580v872370555za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&frm=0&pscdl=noapi&auid=349169782.1715619435&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&em=tv.1~em.tada2d3fvRV5mFSgy_yKNWKRlCiCwtJLyKktlM6FQcw&ecsid=1944058580.1715619436
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-976458679
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Mon, 13 May 2024 16:57:15 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://promo-quemdisseberenice.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
topics-membership
us.creativecdn.com/ Frame C5C6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.creativecdn.com/topics-membership?ntk=ERVpUFX2Mgf1uFCxWMkzdAcx5AwbsUu7shZdcHKetJD6hTeRZ6IB0NCyJkkYLoq642BLQN9k9xEDT670QVa-IO11CkboPqGq9hRUrQke1s0
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.10.30 , Cyprus, ASN203690 (RTB-HOUSE-ASH, CY),
Reverse DNS
ip-185-184-10-30.rtbhouse.net
Software
/
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

cache-control
public, max-age=86400
content-encoding
gzip
content-length
487
content-type
text/html;charset=utf-8
date
Mon, 13 May 2024 16:57:15 GMT Mon, 13 May 2024 16:57:15 GMT
expires
Tue, 14 May 2024 16:57:15 GMT
vary
Accept-Encoding
orderForm
promo-quemdisseberenice.com/api/checkout/pub/ 		289 B
647 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://promo-quemdisseberenice.com/api/checkout/pub/orderForm?refreshOutdatedData=true
Requested by
Host: io.vtex.com.br
URL: https://io.vtex.com.br/front-libs/jquery/1.8.3/jquery-1.8.3.min.js?v=1.0.0.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f054889c4fddfe9aa2ae95481fa32122d11c2418a5dabb0a4ceb11f6d25b490

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://promo-quemdisseberenice.com/quiz-maybe/premio/
X-Requested-With
XMLHttpRequest
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type
application/json; charset=UTF-8

Response headers

date
Mon, 13 May 2024 16:57:15 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LlT3ukSnSch9Da8Wnp6I0jZu3JOJH%2BCegjlKaWe1Shz9wO0AyrSAQvMLy7qMGtKWt5GwNFIJ5RH4%2BfYBrOcqHnxJyW3j4QNr%2FRyXq32N93mrU6qC5EFinX3IK8h%2FXUfxt%2BieT5o%2Bb%2FK2Z%2BOqhM0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cf-ray
88342fc06ff19fc4-AMS
alt-svc
h3=":443"; ma=86400
btg360-2.0.1.min.js
i.btg360.com.br/ 		12 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://i.btg360.com.br/btg360-2.0.1.min.js
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca5c12fa2a2fdc26de649d2e849008083ee8671790948ba832c84d5a2cd5dbbc

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:14 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 11 Apr 2024 19:40:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-amz-request-id
TMV76N0HRHT5HE34
age
6404
etag
W/"479693e69031f0fcc929a4cf65dbe90e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g0KX6R7%2Fw92TjVTJtiKlEfzZ4uxZm29ABYi6a%2F4Jq4q0N%2BUMj0utnHowLjN9EQqd6kVui7RIgsHe%2BzL9YumQi%2BaxIFXpf9FpDX%2BX5AGv9VfV4fY2rXSm2FKV4BdeAmuURM7HFJu8s3fPrZ%2BJyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
88342fbbffaf0e50-AMS
x-amz-id-2
TxxdW+Ny24pmJpansB9XM/LXduTfztAUqf/nr9J6rsukz3rwh5JRnkLqAvo/yZzZeAIe4N02Kuk=
5061910
www.clarity.ms/tag/uet/ 		843 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/uet/5061910
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/5061910.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3ed4e7cc355fb537415da321a14652d9b37ad58040ba1bd2ca29b23ec8ab4bda

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

expires
-1
date
Mon, 13 May 2024 16:57:15 GMT
x-azure-ref
20240513T165715Z-1577bc5fdd5dxrn64qwqfptkdc000000040000000000hhdv
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
843
request-context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
fbevents.js
connect.facebook.net/en_US/ 		218 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 13 May 2024 16:57:14 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57845
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=21, rtx=0, c=14, mss=1294, tbw=2822, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma
public
x-fb-debug
1ZPg5NNZz1LZLSmAM5jhxZ6ud5dY6jKJOXppQbM8ObGFX+p+welL+AxtUoLj0WkPtsFBLsdi92gp8aT3tJZNVQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
tracker.min.js
tracker.pensebig.com.br/scripts/ 		5 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tracker.pensebig.com.br/scripts/tracker.min.js
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
169.55.209.190 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
be.d1.37a9.ip4.static.sl-reverse.com
Software
Microsoft-IIS/10.0 /
Resource Hash
95167664226c09c2a69097d4af4fb5e3e5c0f753d5f1a698845d5a4377211d76

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:15 GMT
content-encoding
br
last-modified
Tue, 23 Feb 2021 10:01:08 GMT
server
Microsoft-IIS/10.0
etag
"1d709cace4e5f0a"
vary
Accept-Encoding
content-type
text/javascript
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400; persistir=1
info
seal.siteblindado.com/v1/promo-quemdisseberenice.com/ 		26 B
586 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://seal.siteblindado.com/v1/promo-quemdisseberenice.com/info
Requested by
Host: cdn.siteblindado.com
URL: https://cdn.siteblindado.com/aw.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
istio-envoy /
Resource Hash
086650f1f98acc74306206f2f32fe38f6101711b9ffbaa8664559ed92931418d

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-origin
*
date
Mon, 13 May 2024 16:57:16 GMT
x-envoy-upstream-service-time
12
server
istio-envoy
content-length
26
content-type
application/json
bg.png
s3-sa-east-1.amazonaws.com/frame-image-br/ 		0
516 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-sa-east-1.amazonaws.com/frame-image-br/bg.png?x-id=d27636b60c50ac7303b1234bd85271b3&x-r=
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
16.12.0.84 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-sa-east-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date
Mon, 13 May 2024 16:57:16 GMT
Last-Modified
Thu, 04 May 2017 08:21:21 GMT
Server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:502/gname:staff/uname:user/gid:20/mode:33188/mtime:1493416832/atime:1493796970/md5:d41d8cd98f00b204e9800998ecf8427e/ctime:1493416832
x-amz-request-id
N8PQBAYA41MMWVSV
ETag
"d41d8cd98f00b204e9800998ecf8427e"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
0
x-amz-id-2
9Gk6hhZsdc2KjOzJZqUuB4ZVQHMM+sHixjKPRKt1F+UyJkm7GXnGVegc1b1GrkBfOZ4WCKXEOUg=
events.js
analytics.tiktok.com/i18n/pixel/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C3VI4K9U9OSLU1GC5NK0&lib=ttq
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-162.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5f8f22596378b5d23a6b81b40784be4ab5be224a6914f3733ba13a610992eb24

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-akamai-request-id
1f559b51.aaf330e8
date
Mon, 13 May 2024 16:57:15 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-24051316571591D39C18E61D72B6AA7E-7FADB92752976E88-00
x-cache
TCP_MISS from a104-126-37-158.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
x-parent-response-time
91,104.126.37.158
server-timing
cdn-cache; desc=MISS, edge; dur=85, origin; dur=7, inner; dur=3
content-length
1980
pragma
no-cache
server
nginx
x-tt-logid
2024051316571591D39C18E61D72B6AA7E
x-cache-remote
TCP_MISS from a184-28-17-145.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
7,184.28.17.145
x-tt-trace-host
01e623bd4a1a6771e371d4afb544e9cc0b4525732b068c3e63166adabc622bbc0bae1669389b9b3832f94736b55422981e204cf5a1050e38d3f25e5bbb197b0f9c53525827f50d0dbfde1b00f0e20fd4445fc88e9e763766361a05ac05b4b9074099369aac6be7154a28d9dcba3411be5d
expires
Mon, 13 May 2024 16:57:15 GMT
aperture.js
cdn.perfdrive.com/aperture/ 		26 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.perfdrive.com/aperture/aperture.js
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.29.114 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
114.29.211.130.bc.googleusercontent.com
Software
nginx/1.10.1 /
Resource Hash
9fb91ff0e8c179aea40dbe6842b36fd201654f5647c21dcec41fd18be535d506

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:13:04 GMT
content-encoding
gzip
via
1.1 google
last-modified
Mon, 13 May 2024 04:56:42 GMT
server
nginx/1.10.1
age
2649
etag
W/"66419d8a-6844"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7938
__product.gif
c.btg360.com.br/ 		50 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.btg360.com.br/__product.gif?btgId=34:1&cookieBid=41ac31e8-709f-4ce5-9fd8-2ffcfc1d5d1b&url=https%3A%2F%2Fpromo-quemdisseberenice.com%2Fquiz-maybe%2Fpremio%2F&rand=5091552935303483&email=&id=&name=&price=43.9&department=&category=&subcategory=&brand=
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
177.153.231.53 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips / ASP.NET
Resource Hash
36f31c1f33d0142aeb0c9991af345e4996eb53cb3ed1c8571e1dabcb05ea8adf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Pragma
no-cache
Date
Mon, 13 May 2024 16:57:16 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sat, 04 Jan 2004 22:22:22 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips
Age
51243
X-Powered-By
ASP.NET
Content-Type
image/gif
Cache-Control
no-cache=Set-Cookie, no-cache, private,proxy-revalidate
Connection
close
Content-Length
50
Expires
Sat, 31 Jul 1999 05:00:00 GMT
tag.js
syndi.webcollage.net/site/epocacosmeticos-br-pt/ 		436 B
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://syndi.webcollage.net/site/epocacosmeticos-br-pt/tag.js?cv=19856
Requested by
Host: scontent.webcollage.net
URL: https://scontent.webcollage.net/api/v2/product-content
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e7d55e2b66b9b53f333287501f4068a1ffdd7b562a554bca7b99e431cffda6a3

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits
53713, 0
x-ms-blob-type
BlockBlob
date
Mon, 13 May 2024 16:57:15 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
content-md5
bPuXUaNzWio9HHa8Hn2FBQ==
age
3045906
x-ms-server-encrypted
true
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
268
x-ms-lease-state
available
x-served-by
cache-den8263-DEN, cache-ams21037-AMS
x-ms-lease-status
unlocked
x-ms-creation-time
Mon, 24 Aug 2020 22:00:18 GMT
last-modified
Wed, 26 Aug 2020 22:54:19 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-timer
S1715619436.700601,VS0,VE2
etag
"0x8D84A12F7B0FD09"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
d7df1b6e-f01e-0029-7aa2-893667000000
cache-control
max-age=31536000
x-ms-version
2021-12-02
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-PINGOTHER, Range
expires
Tue, 13 May 2025 16:57:15 GMT
profile
collect.vendavalida.com.br/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://collect.vendavalida.com.br/profile?domain=promo-quemdisseberenice.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.70.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://promo-quemdisseberenice.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
88342fc138b1b8df-AMS
content-length
0
date
Mon, 13 May 2024 16:57:15 GMT
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1715619435&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=rA09yIbKTpft6Qgp7l4%2BFIv9%2F0z66OgYi9Q6vYR5y5E%3D"}]}
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1715619435&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=rA09yIbKTpft6Qgp7l4%2BFIv9%2F0z66OgYi9Q6vYR5y5E%3D
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Access-Control-Request-Headers
via
1.1 vegur
x-content-type-options
nosniff
profile
collect.vendavalida.com.br/ 		76 B
739 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collect.vendavalida.com.br/profile?domain=promo-quemdisseberenice.com
Requested by
Host: collect.vendavalida.com.br
URL: https://collect.vendavalida.com.br/push.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.70.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
558ca53e417b382ca4a74d6ed724325c665be536dd624bdb69773a17ecdc90a1
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://promo-quemdisseberenice.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type
application/json;charset=UTF-8

Response headers

date
Mon, 13 May 2024 16:57:16 GMT
via
1.1 vegur
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1715619436&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=21z9xuna1b4cYnLZBKPj7Z8BVT1l9FZiHzL3AYfv40U%3D
server
cloudflare
etag
W/"4c-kyuq0NZzbkzh63pRe4TEbuGpHIQ"
x-ratelimit-remaining
2494
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1715619436&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=21z9xuna1b4cYnLZBKPj7Z8BVT1l9FZiHzL3AYfv40U%3D"}]}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-ratelimit-reset
1715619482
x-ratelimit-limit
2500
cf-ray
88342fc31a87b8df-AMS
601624232
td.doubleclick.net/td/rul/ Frame 399D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/rul/601624232?random=1715372392807&cv=11&fst=1715372392807&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4580za200&gcd=13l3l3l3l1&dma=0&u_w=375&u_h=667&url=https%3A%2F%2Fwww.epocacosmeticos.com.br%2Fmaybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom%2Fp%3Fidsku%3D65884%26utm_content%3D65884%26utm_medium%3Dcpc%26utm_source%3Dgoogle%26utmi_cp%3Dpla%26gad_source%3D1%26gclid%3DCj0KCQjwxeyxBhC7ARIsAC7dS3_w1fBtzQPFXN_Mh9YXzcGNcD1TigVLwUAhZUwpgrTxSY7MTO_0rogaAv-7EALw_wcB%26gclsrc%3Daw.ds%26uam%3Dtrue%26mobile%3D2&ref=https%3A%2F%2Fwww.epocacosmeticos.com.br%2Fmaybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom%2Fp%3Fidsku%3D65884%26utm_content%3D65884%26utm_medium%3Dcpc%26utm_source%3Dgoogle%26utmi_cp%3Dpla%26gad_source%3D1%26gclid%3DCj0KCQjwxeyxBhC7ARIsAC7dS3_w1fBtzQPFXN_Mh9YXzcGNcD1TigVLwUAhZUwpgrTxSY7MTO_0rogaAv-7EALw_wcB%26gclsrc%3Daw.ds&hn=www.googleadservices.com&frm=0&tiba=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&ga_uid=G-G20C9N71BZ.undefined&npa=0&pscdl=noapi&auid=283673711.1714267076&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3DVisualizou%20o%20widget%3Bcategory%3DTrustvox%20%3C%3E%20Sincero%3BproductName%3DM%C3%A1scara%20de%20C%C3%ADlios%20Maybelline%20The%20Colossal%20Volum%27%20Express%20Lav%C3%A1vel%20Preto%3Bnon_interaction%3Dtrue
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 13 May 2024 16:57:15 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
976458679
td.doubleclick.net/td/rul/ Frame C304 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/rul/976458679?random=1715372392844&cv=11&fst=1715372392844&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4580v872370555za200&gcd=13l3l3l3l1&dma=0&u_w=375&u_h=667&url=https%3A%2F%2Fwww.epocacosmeticos.com.br%2Fmaybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom%2Fp%3Fidsku%3D65884%26utm_content%3D65884%26utm_medium%3Dcpc%26utm_source%3Dgoogle%26utmi_cp%3Dpla%26gad_source%3D1%26gclid%3DCj0KCQjwxeyxBhC7ARIsAC7dS3_w1fBtzQPFXN_Mh9YXzcGNcD1TigVLwUAhZUwpgrTxSY7MTO_0rogaAv-7EALw_wcB%26gclsrc%3Daw.ds%26uam%3Dtrue%26mobile%3D2&ref=https%3A%2F%2Fwww.epocacosmeticos.com.br%2Fmaybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom%2Fp%3Fidsku%3D65884%26utm_content%3D65884%26utm_medium%3Dcpc%26utm_source%3Dgoogle%26utmi_cp%3Dpla%26gad_source%3D1%26gclid%3DCj0KCQjwxeyxBhC7ARIsAC7dS3_w1fBtzQPFXN_Mh9YXzcGNcD1TigVLwUAhZUwpgrTxSY7MTO_0rogaAv-7EALw_wcB%26gclsrc%3Daw.ds&hn=www.googleadservices.com&frm=0&tiba=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&ga_uid=G-G20C9N71BZ.undefined&npa=0&pscdl=noapi&auid=283673711.1714267076&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3DVisualizou%20o%20widget%3Bcategory%3DTrustvox%20%3C%3E%20Sincero%3BproductName%3DM%C3%A1scara%20de%20C%C3%ADlios%20Maybelline%20The%20Colossal%20Volum%27%20Express%20Lav%C3%A1vel%20Preto%3Bnon_interaction%3Dtrue
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 13 May 2024 16:57:15 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
601624232
td.doubleclick.net/td/rul/ Frame F0AD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/rul/601624232?random=1715372395912&cv=11&fst=1715372395912&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4580za200&gcd=13l3l3l3l1&dma=0&u_w=375&u_h=667&url=https%3A%2F%2Fwww.epocacosmeticos.com.br%2Fmaybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom%2Fp%3Fidsku%3D65884%26utm_content%3D65884%26utm_medium%3Dcpc%26utm_source%3Dgoogle%26utmi_cp%3Dpla%26gad_source%3D1%26gclid%3DCj0KCQjwxeyxBhC7ARIsAC7dS3_w1fBtzQPFXN_Mh9YXzcGNcD1TigVLwUAhZUwpgrTxSY7MTO_0rogaAv-7EALw_wcB%26gclsrc%3Daw.ds%26uam%3Dtrue%26mobile%3D2&ref=https%3A%2F%2Fwww.epocacosmeticos.com.br%2Fmaybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom%2Fp%3Fidsku%3D65884%26utm_content%3D65884%26utm_medium%3Dcpc%26utm_source%3Dgoogle%26utmi_cp%3Dpla%26gad_source%3D1%26gclid%3DCj0KCQjwxeyxBhC7ARIsAC7dS3_w1fBtzQPFXN_Mh9YXzcGNcD1TigVLwUAhZUwpgrTxSY7MTO_0rogaAv-7EALw_wcB%26gclsrc%3Daw.ds&hn=www.googleadservices.com&frm=0&tiba=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&ga_uid=G-G20C9N71BZ.undefined&npa=0&pscdl=noapi&auid=283673711.1714267076&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3DVisualizou%20o%20widget%3Bcategory%3DTrustvox%20%3C%3E%20Sincero%3BproductName%3DM%C3%A1scara%20de%20C%C3%ADlios%20Maybelline%20The%20Colossal%20Volum%27%20Express%20Lav%C3%A1vel%20Preto%3Bnon_interaction%3Dtrue
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 13 May 2024 16:57:15 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
976458679
td.doubleclick.net/td/rul/ Frame 25F6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/rul/976458679?random=1715372395950&cv=11&fst=1715372395950&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4580v872370555za200&gcd=13l3l3l3l1&dma=0&u_w=375&u_h=667&url=https%3A%2F%2Fwww.epocacosmeticos.com.br%2Fmaybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom%2Fp%3Fidsku%3D65884%26utm_content%3D65884%26utm_medium%3Dcpc%26utm_source%3Dgoogle%26utmi_cp%3Dpla%26gad_source%3D1%26gclid%3DCj0KCQjwxeyxBhC7ARIsAC7dS3_w1fBtzQPFXN_Mh9YXzcGNcD1TigVLwUAhZUwpgrTxSY7MTO_0rogaAv-7EALw_wcB%26gclsrc%3Daw.ds%26uam%3Dtrue%26mobile%3D2&ref=https%3A%2F%2Fwww.epocacosmeticos.com.br%2Fmaybelline-colossal-age-rewind-matte-ink-kit-mascara-de-cilios-corretivo-batom%2Fp%3Fidsku%3D65884%26utm_content%3D65884%26utm_medium%3Dcpc%26utm_source%3Dgoogle%26utmi_cp%3Dpla%26gad_source%3D1%26gclid%3DCj0KCQjwxeyxBhC7ARIsAC7dS3_w1fBtzQPFXN_Mh9YXzcGNcD1TigVLwUAhZUwpgrTxSY7MTO_0rogaAv-7EALw_wcB%26gclsrc%3Daw.ds&hn=www.googleadservices.com&frm=0&tiba=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&ga_uid=G-G20C9N71BZ.undefined&npa=0&pscdl=noapi&auid=283673711.1714267076&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3DVisualizou%20o%20widget%3Bcategory%3DTrustvox%20%3C%3E%20Sincero%3BproductName%3DM%C3%A1scara%20de%20C%C3%ADlios%20Maybelline%20The%20Colossal%20Volum%27%20Express%20Lav%C3%A1vel%20Preto%3Bnon_interaction%3Dtrue
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 13 May 2024 16:57:15 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/ 		258 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-976458679
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cd738ebe6342e73063d0af3b66bf945a7e3e1dd9f3c5976044941c3cf346dcdf
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:14 GMT
content-encoding
br
last-modified
Mon, 13 May 2024 16:10:41 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91162
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 13 May 2024 16:57:14 GMT
269861466524501
connect.facebook.net/signals/config/ 		56 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/269861466524501?v=2.9.156&r=stable&domain=promo-quemdisseberenice.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra3.fbcdn.net
Software
/
Resource Hash
89a94ebeba29a6eaa70ef306c35089141dd69c16b509e08420c0c3898577a1be
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 13 May 2024 16:57:15 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=25, rtx=0, c=23, mss=1232, tbw=4331, tp=9, tpl=0, uplat=67, ullat=0
pragma
public
x-fb-debug
LghpsoiKTZfwnNAuvUETSDbvyEyp+gCeJekaNJWRNfl0j3w82yra8L6oOow0FBIAeL5mdemMs9tiX+TIltKzaA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
syndi.min.mjs
content.syndigo.com/site/42d4ffdb-629b-4589-8de5-89db87ce4a34/ 		146 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://content.syndigo.com/site/42d4ffdb-629b-4589-8de5-89db87ce4a34/syndi.min.mjs?cv=476560
Requested by
Host: syndi.webcollage.net
URL: https://syndi.webcollage.net/site/epocacosmeticos-br-pt/tag.js?cv=19856
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
dd635ee1177fbbe7726c35d75313262468318b59acaa4ce15a3779fe44785cd4

Request headers

Referer
https://promo-quemdisseberenice.com/
Origin
https://promo-quemdisseberenice.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits
10636, 0
x-ms-blob-type
BlockBlob
date
Mon, 13 May 2024 16:57:15 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
content-md5
LNRdAtROf/zZxpnw5R883g==
age
2675933
x-ms-server-encrypted
true
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
44429
x-ms-lease-state
available
x-served-by
cache-den8257-DEN, cache-ams21020-AMS
x-ms-lease-status
unlocked
x-ms-creation-time
Mon, 24 Aug 2020 22:00:17 GMT
last-modified
Fri, 12 Apr 2024 17:38:22 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-timer
S1715619436.854266,VS0,VE1
etag
"0x8DC5B17594E27D0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
f6959bf0-c01e-00c6-2800-8dc392000000
cache-control
max-age=31536000
x-ms-version
2021-12-02
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-PINGOTHER, Range
expires
Tue, 13 May 2025 16:57:15 GMT
main.MWNkMWZjOGNjMQ.js
analytics.tiktok.com/i18n/pixel/static/ 		431 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MWNkMWZjOGNjMQ.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C3VI4K9U9OSLU1GC5NK0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-162.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
25c8e105aed1fd7c0e7869d4e5cdc896fc4f74a2e6a24428711da23557cb98d3

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-akamai-request-id
aaf3327a
date
Mon, 13 May 2024 16:57:15 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20240509122017C6A3DA942D378CD1D659
x-tt-trace-id
00-240509122017C6A3DA942D378CD1D659-0B62F12BEBA5E9FA-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a104-126-37-158.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01962ca1e2245776b4610c8927232fc2114567e60f2a10616198c2fda75c67df31c81031e80bafc03a007b9bec2104bf830d5ce2202febecd0c7248b77de308d6d03cc20374a0280e6af819cf409c096d6b202c98d5ff3134a8d9b9c99f65aaa7a
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
content-length
116266
droz.js
chat-app.meudroz.com/v1/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://chat-app.meudroz.com/v1/droz.js?i=9d8ec964788d7819cdac497969b23b0cf0ed73ce&u=https://chat-app.meudroz.com&v=856081
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f71c6fd702841dd80a37e8762ad1c6d0dbfe8210f9bbeca88c2fb70f5f2a86d
Security Headers
Name Value
Content-Security-Policy default-src *; font-src *;img-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; frame-ancestors *
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src *; font-src *;img-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; frame-ancestors *
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 18 Apr 2024 21:31:50 GMT
server
cloudflare
etag
W/"9936-1713475910000"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OYv36BHFxELac3tJO14kArsaR8LRTyKVjSyuR0peRvYiMHT92YEcslyOdfwOd%2BfKBmbYy%2Fc5yGq8o4rwTVfREx4J2kbQFjWEb5x8IkWpQ2T0gh%2Byq1Nf75wXCeiLrYcFtEqWLDPCVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=2073600
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
cf-ray
88342fc19b746643-AMS
priority
u=3,i=?0
976458679
td.doubleclick.net/td/rul/ Frame FC04 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/rul/976458679?random=1715410881527&cv=11&fst=1715410881527&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4580v872370555za200&gcd=13l3l3l3l1&dma=0&u_w=375&u_h=667&url=https%3A%2F%2Fofertas-maybelyne.com%2Fquiz-maybe%2Fpremio%2F&hn=www.googleadservices.com&frm=0&tiba=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&ga_uid=G-G20C9N71BZ.undefined&npa=0&pscdl=noapi&auid=1346515874.1715315959&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 13 May 2024 16:57:15 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
601624232
td.doubleclick.net/td/rul/ Frame 6BE0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/rul/601624232?random=1715410881556&cv=11&fst=1715410881556&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4580za200&gcd=13l3l3l3l1&dma=0&u_w=375&u_h=667&url=https%3A%2F%2Fofertas-maybelyne.com%2Fquiz-maybe%2Fpremio%2F&hn=www.googleadservices.com&frm=0&tiba=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&value=186.9&ga_uid=G-G20C9N71BZ.undefined&npa=0&pscdl=noapi&auid=1346515874.1715315959&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dview_item%3Bgoogle_business_vertical%3Dretail%3Bid%3D6152
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 13 May 2024 16:57:15 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
976458679
td.doubleclick.net/td/rul/ Frame 3985 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/rul/976458679?random=1715410881602&cv=11&fst=1715410881602&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4580v872370555za200&gcd=13l3l3l3l1&dma=0&u_w=375&u_h=667&url=https%3A%2F%2Fofertas-maybelyne.com%2Fquiz-maybe%2Fpremio%2F&hn=www.googleadservices.com&frm=0&tiba=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&value=186.9&ga_uid=G-G20C9N71BZ.undefined&npa=0&pscdl=noapi&auid=1346515874.1715315959&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dview_item%3Bgoogle_business_vertical%3Dretail%3Bid%3D6152
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 13 May 2024 16:57:15 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7e8c612f61f1ea2aff1c19c5f057df44bd840a57e290e331c164fc4c2b242c61

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Content-Type
image/png
product
trustvox.com.br/products/v1/ 		46 B
193 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trustvox.com.br/products/v1/product?store_id=393&product_id=6152
Requested by
Host: static.trustvox.com.br
URL: https://static.trustvox.com.br/sincero/sincero.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1baf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab91baeefb0bd7ba337280b2aed426319f7c4ebcf441db7eba9eb19b65666b9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/vnd.trustvox-v2+json
Referer
https://promo-quemdisseberenice.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
gzip
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
bf5b842755ad12a378bbd00ac040cd28
x-runtime
0.008023
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"ab91baeefb0bd7ba337280b2aed42631"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://promo-quemdisseberenice.com
access-control-expose-headers
cache-control
public, max-age=14400
access-control-allow-credentials
true
access-control-max-age
1728000
cf-ray
88342fc1cf440e90-AMS
vary
Origin, Accept-Encoding
expires
Mon, 13 May 2024 20:57:16 GMT
recommendations_summaries
trustvox.com.br/opinions/ 		43 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trustvox.com.br/opinions/recommendations_summaries?store_id=393&product_id=6152
Requested by
Host: static.trustvox.com.br
URL: https://static.trustvox.com.br/sincero/sincero.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1baf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e944c7701d0304ddfc6c47eaf1b0edde37e6abd13b15c0c97b421ee3dc2cb362
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/vnd.trustvox-v2+json
Referer
https://promo-quemdisseberenice.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
gzip
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
5e3ed525f438d112e719cdf7f2186fa3
x-runtime
0.008689
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"e944c7701d0304ddfc6c47eaf1b0edde"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://promo-quemdisseberenice.com
access-control-expose-headers
access-control-max-age
1728000
cache-control
public, max-age=14400
access-control-allow-credentials
true
vary
Origin, Accept-Encoding
cf-ray
88342fc1cf4a0e90-AMS
access-control-allow-headers
Origin, Content-Type, Accept, Authorization, Token
expires
Mon, 13 May 2024 20:57:16 GMT
opinions
trustvox.com.br/widget/ 		3 KB
843 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trustvox.com.br/widget/opinions?code=6152&store_id=393&url=https:%2F%2Fpromo-quemdisseberenice.com%2Fquiz-maybe%2Fpremio%2F&name=M%C3%A1scara+de+C%C3%ADlios+Maybelline+The+Colossal+Volum%27+Express+Lav%C3%A1vel+Preto&photos_urls[]=https:%2F%2Fepocacosmeticos.vteximg.com.br%2Farquivos%2Fids%2F595082-320-320%2F7899026456020_2.jpg%3Fv%3D638447471803570000&page=1&per=4&order_by=-created_at
Requested by
Host: static.trustvox.com.br
URL: https://static.trustvox.com.br/sincero/sincero.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1baf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bc9127dccff4b93138095c03c90576659fdcb3b3208ee09d8b781f5807b6ca5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/vnd.trustvox-v2+json
Referer
https://promo-quemdisseberenice.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
gzip
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
83044b1332a0a54206034ae2ed22a519
x-runtime
0.110236
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"9bc9127dccff4b93138095c03c905766"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS, PUT
content-type
application/json; charset=utf-8
access-control-allow-origin
https://promo-quemdisseberenice.com
access-control-expose-headers
cache-control
public, max-age=14400
access-control-allow-credentials
true
access-control-max-age
1728000
cf-ray
88342fc1df4b0e90-AMS
vary
Origin, Accept-Encoding
expires
Mon, 13 May 2024 20:57:16 GMT
976458679
google.com/ccm/form-data/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://google.com/ccm/form-data/976458679?gtm=45be4580v872370555za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&frm=0&pscdl=noapi&auid=349169782.1715619435&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&em=tv.1~em.tada2d3fvRV5mFSgy_yKNWKRlCiCwtJLyKktlM6FQcw&ecsid=1944058580.1715619436
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-976458679
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Mon, 13 May 2024 16:57:15 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://promo-quemdisseberenice.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
g.js
static.percycle.com/epocacosmeticos/ 		80 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://static.percycle.com/epocacosmeticos/g.js
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237d:f600:f:5081:d8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d2f6018fd92177216c51daee33a41a82af1b556c64653ff2a57a247d1039788f

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 03:39:24 GMT
content-encoding
gzip
via
1.1 67393fa6b3a865c1a8252acac0aa5cbc.cloudfront.net (CloudFront)
x-amz-version-id
Y1zNUyIvk25F1Z9Uc22wbgJav_Omp9FH
last-modified
Fri, 05 Apr 2024 00:11:24 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P2
age
47870
etag
"4d964f2ef4173bfe1b594ea9621b170b"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
20880
x-amz-cf-id
oxB9WQKrwAxaCcThbD9re6hxImrJ0e6q6bqgI1uNhxrAk7Ug_JW69w==
orderForm
promo-quemdisseberenice.com/api/checkout/pub/ 		289 B
634 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://promo-quemdisseberenice.com/api/checkout/pub/orderForm?refreshOutdatedData=true
Requested by
Host: io.vtex.com.br
URL: https://io.vtex.com.br/front-libs/jquery/1.8.3/jquery-1.8.3.min.js?v=1.0.0.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f054889c4fddfe9aa2ae95481fa32122d11c2418a5dabb0a4ceb11f6d25b490

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://promo-quemdisseberenice.com/quiz-maybe/premio/
X-Requested-With
XMLHttpRequest
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type
application/json; charset=UTF-8

Response headers

date
Mon, 13 May 2024 16:57:16 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W4rgOr3D3FG9d7qGdFr6UFrpHJqPo9WZK4CnjsfLGcpfwuV7JZDk2wJfslKjQWz0aelZygI2fDsXADalRLnog06LcpUXY6FnJGtlBaFiS4nTSn7vAFUhsqpLdrseyLDqAY28pnyjSNCeBdQWaq0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cf-ray
88342fc20a869fc4-AMS
alt-svc
h3=":443"; ma=86400
0
bat.bing.com/actionp/ 		0
238 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/actionp/0?ti=5061910&Ver=2&mid=42a3650d-55c9-4447-8ef3-f5a2565fa6bc&evt=dedup
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 13 May 2024 16:57:15 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: D7B88C09355545FBABD9F14465A9F9B4 Ref B: BRU30EDGE0519 Ref C: 2024-05-13T16:57:15Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
aw.js
cdn.siteblindado.com/ 		4 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.siteblindado.com/aw.js
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::214:8e70 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
istio-envoy /
Resource Hash
6ee55ce73cc6f064f248d71356dfc718115c906839e9018eb9af78240a5f76db

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:14 GMT
content-encoding
gzip
last-modified
Wed, 20 Mar 2024 23:22:12 GMT
server
istio-envoy
etag
"65fb6fa4-10ac"
vary
Accept-Encoding
content-type
application/javascript
x-envoy-upstream-service-time
0
accept-ranges
bytes
content-length
1170
pixel
analytics.tiktok.com/api/v2/ 		0
850 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNkMWZjOGNjMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-162.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://promo-quemdisseberenice.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
75d3ef46.aaf333a4
date
Mon, 13 May 2024 16:57:16 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2405131657158D6E36BA5B46CEB54734-0EF4BE7C3DDA7B28-00
x-cache
TCP_MISS from a104-126-37-158.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
x-parent-response-time
232,104.126.37.158
server-timing
cdn-cache; desc=MISS, edge; dur=99, origin; dur=142, inner; dur=137
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202405131657158D6E36BA5B46CEB54734
x-cache-remote
TCP_MISS from a23-220-104-16.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
142,23.220.104.16
x-tt-trace-host
01e623bd4a1a6771e371d4afb544e9cc0b4525732b068c3e63166adabc622bbc0b8153f98a0c09c3dd0f6eadcba2b5c42c3119d84612c604062e19d569cc7bd8a22c405d032e2c6ef57fe22e8c2ee9182a46bb9b0907152d5f9ab0fcb15b4601ea8dd2c82f8dfabfc8261480cf3e767be6
access-control-allow-headers
Authorization,*
expires
Mon, 13 May 2024 16:57:16 GMT
info
seal.siteblindado.com/v1/promo-quemdisseberenice.com/ 		26 B
588 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://seal.siteblindado.com/v1/promo-quemdisseberenice.com/info
Requested by
Host: cdn.siteblindado.com
URL: https://cdn.siteblindado.com/aw.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
istio-envoy /
Resource Hash
086650f1f98acc74306206f2f32fe38f6101711b9ffbaa8664559ed92931418d

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-origin
*
date
Mon, 13 May 2024 16:57:16 GMT
x-envoy-upstream-service-time
12
server
istio-envoy
content-length
26
content-type
application/json
trustvox-selo.css
promo-quemdisseberenice.com/arquivos/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://promo-quemdisseberenice.com/arquivos/trustvox-selo.css?v=123
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/quiz-maybe/premio/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:14 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BvoERxExnmDccpQBTy454%2BXw04QVjoHKTfXdd7d1pTnurbk88ferJ68tr70hSMtPb8LhMATvq5M0nIf9zxSDkyz7l8iBXws4q3g%2B1%2FjCestb8BlNGyHy7esShhdowWlw%2FyouzVMmyl6qd%2BKpBEv0HcAyrWmVgM2HKL8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
88342fb58d9f9fed-AMS
alt-svc
h3=":443"; ma=86400
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=269861466524501&ev=PageView&dl=https%3A%2F%2Fpromo-quemdisseberenice.com%2Fquiz-maybe%2Fpremio%2F&rl=&if=false&ts=1715619435877&sw=1600&sh=1200&v=2.9.156&r=stable&ec=0&o=4126&fbp=fb.1.1715619435876.109357981&ler=empty&cdl=API_unavailable&it=1715619435754&coo=false&rqm=GET
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=21, rtx=0, c=10, mss=1294, tbw=2847, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 13 May 2024 16:57:15 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
32 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=269861466524501&ev=ViewContent&dl=https%3A%2F%2Fpromo-quemdisseberenice.com%2Fquiz-maybe%2Fpremio%2F&rl=&if=false&ts=1715619435878&cd[content_ids]=%5Bnull%5D&cd[content_type]=product&cd[contents]=%5B%7B%22id%22%3Anull%2C%22quantity%22%3A1%7D%5D&cd[currency]=BRL&sw=1600&sh=1200&v=2.9.156&r=stable&ec=1&o=4126&fbp=fb.1.1715619435876.109357981&ler=empty&cdl=API_unavailable&it=1715619435754&coo=false&rqm=GET
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=21, rtx=0, c=10, mss=1294, tbw=3134, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 13 May 2024 16:57:15 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=269861466524501&ev=ViewContent&dl=https%3A%2F%2Fpromo-quemdisseberenice.com%2Fquiz-maybe%2Fpremio%2F&rl=&if=false&ts=1715619435879&cd[content_ids]=%5Bnull%5D&cd[content_type]=product&cd[contents]=%5B%7B%22id%22%3Anull%2C%22quantity%22%3A1%7D%5D&cd[currency]=BRL&sw=1600&sh=1200&v=2.9.156&r=stable&ec=2&o=4126&fbp=fb.1.1715619435876.109357981&ler=empty&cdl=API_unavailable&it=1715619435754&coo=false&rqm=GET
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=21, rtx=0, c=10, mss=1294, tbw=3134, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 13 May 2024 16:57:15 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
bg.png
s3-sa-east-1.amazonaws.com/frame-image-br/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-sa-east-1.amazonaws.com/frame-image-br/bg.png?x-id=d27636b60c50ac7303b1234bd85271b3&x-r=
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
16.12.0.84 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-sa-east-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date
Mon, 13 May 2024 16:57:16 GMT
Last-Modified
Thu, 04 May 2017 08:21:21 GMT
Server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:502/gname:staff/uname:user/gid:20/mode:33188/mtime:1493416832/atime:1493796970/md5:d41d8cd98f00b204e9800998ecf8427e/ctime:1493416832
x-amz-request-id
N8PQBAYA41MMWVSV
ETag
"d41d8cd98f00b204e9800998ecf8427e"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
0
x-amz-id-2
9Gk6hhZsdc2KjOzJZqUuB4ZVQHMM+sHixjKPRKt1F+UyJkm7GXnGVegc1b1GrkBfOZ4WCKXEOUg=
events.js
analytics.tiktok.com/i18n/pixel/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C3VI4K9U9OSLU1GC5NK0&lib=ttq
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-162.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
29b2023a8daea64d6f19cf354552e1197b55fa12d4a42b3216be93a6e9cff899

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-akamai-request-id
6d4f5373.aaf333d0
date
Mon, 13 May 2024 16:57:15 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240513165715814E4D2B852C74B39A4B-5919B11C47C01999-00
x-cache
TCP_MISS from a104-126-37-158.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
x-parent-response-time
94,104.126.37.158
server-timing
cdn-cache; desc=MISS, edge; dur=87, origin; dur=8, inner; dur=3
content-length
2014
pragma
no-cache
server
nginx
x-tt-logid
20240513165715814E4D2B852C74B39A4B
x-cache-remote
TCP_MISS from a23-48-200-13.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
8,23.48.200.13
x-tt-trace-host
01e623bd4a1a6771e371d4afb544e9cc0b4525732b068c3e63166adabc622bbc0bb939952d87de05d0811652e414942a60b5014441edc5b9afa69f3605a70e5340005ee261c149b865e35dc15f5ff2b8174129e8cf3afc131279ca3127608aa73bc063f95daedc196c4e1e430bbf44a632
expires
Mon, 13 May 2024 16:57:15 GMT
__product.gif
c.btg360.com.br/ 		50 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.btg360.com.br/__product.gif?btgId=34:1&cookieBid=41ac31e8-709f-4ce5-9fd8-2ffcfc1d5d1b&url=https%3A%2F%2Fpromo-quemdisseberenice.com%2Fquiz-maybe%2Fpremio%2F&rand=3902773580060257&email=&id=&name=&price=43.9&department=&category=&subcategory=&brand=
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
177.153.231.53 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips / ASP.NET
Resource Hash
36f31c1f33d0142aeb0c9991af345e4996eb53cb3ed1c8571e1dabcb05ea8adf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Pragma
no-cache
Date
Mon, 13 May 2024 16:57:16 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sat, 04 Jan 2004 22:22:22 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips
Age
51243
X-Powered-By
ASP.NET
Content-Type
image/gif
Cache-Control
no-cache=Set-Cookie, no-cache, private,proxy-revalidate
Connection
close
Content-Length
50
Expires
Sat, 31 Jul 1999 05:00:00 GMT
push.js
collect.vendavalida.com.br/ 		8 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://collect.vendavalida.com.br/push.js
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.70.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73c08bb0bea7efeeec695fec69c1239bf7388d308088e4a6e23838c4c9a91afd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:14 GMT
via
1.1 vegur
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age
10542
content-encoding
br
alt-svc
h3=":443"; ma=86400
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1715551244&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=yMl7tUm2GwgB6ZK6wlf60SvnPE%2F1%2B%2BH46kPxx%2FUZm%2Fg%3D
cf-bgj
minify
last-modified
Fri, 10 May 2024 20:55:26 GMT
server
cloudflare
etag
W/"1e5c-18f644a0e30"
vary
Accept-Encoding
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1715551244&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=yMl7tUm2GwgB6ZK6wlf60SvnPE%2F1%2B%2BH46kPxx%2FUZm%2Fg%3D"}]}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=28800
cf-ray
88342fbb4ecdb8f4-AMS
profile
collect.vendavalida.com.br/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://collect.vendavalida.com.br/profile?domain=promo-quemdisseberenice.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.70.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://promo-quemdisseberenice.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
88342fc259e8b8df-AMS
content-length
0
date
Mon, 13 May 2024 16:57:16 GMT
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1715619436&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=21z9xuna1b4cYnLZBKPj7Z8BVT1l9FZiHzL3AYfv40U%3D"}]}
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1715619436&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=21z9xuna1b4cYnLZBKPj7Z8BVT1l9FZiHzL3AYfv40U%3D
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Access-Control-Request-Headers
via
1.1 vegur
x-content-type-options
nosniff
profile
collect.vendavalida.com.br/ 		76 B
636 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collect.vendavalida.com.br/profile?domain=promo-quemdisseberenice.com
Requested by
Host: collect.vendavalida.com.br
URL: https://collect.vendavalida.com.br/push.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.70.13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
558ca53e417b382ca4a74d6ed724325c665be536dd624bdb69773a17ecdc90a1
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://promo-quemdisseberenice.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type
application/json;charset=UTF-8

Response headers

date
Mon, 13 May 2024 16:57:16 GMT
via
1.1 vegur
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
strict-transport-security
max-age=2592000; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1715619436&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=21z9xuna1b4cYnLZBKPj7Z8BVT1l9FZiHzL3AYfv40U%3D
server
cloudflare
etag
W/"4c-kyuq0NZzbkzh63pRe4TEbuGpHIQ"
x-ratelimit-remaining
2483
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1715619436&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=21z9xuna1b4cYnLZBKPj7Z8BVT1l9FZiHzL3AYfv40U%3D"}]}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-ratelimit-reset
1715619465
x-ratelimit-limit
2500
cf-ray
88342fc43bcfb8df-AMS
styles.json
content.syndigo.com/site/42d4ffdb-629b-4589-8de5-89db87ce4a34/ 		11 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://content.syndigo.com/site/42d4ffdb-629b-4589-8de5-89db87ce4a34/styles.json?cv=19856
Requested by
Host: content.syndigo.com
URL: https://content.syndigo.com/site/42d4ffdb-629b-4589-8de5-89db87ce4a34/syndi.min.mjs?cv=476560
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
83207ca98c3800828aebe520736c5167791284c454812722169d01d6a729ee98

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits
145, 0
x-ms-blob-type
BlockBlob
date
Mon, 13 May 2024 16:57:15 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
content-md5
T3iNdb/wISK6hJJmjiZ5ag==
age
2675934
x-ms-server-encrypted
true
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
2169
x-ms-lease-state
available
x-served-by
cache-den8221-DEN, cache-ams21020-AMS
x-ms-lease-status
unlocked
x-ms-creation-time
Fri, 04 Sep 2020 02:42:27 GMT
last-modified
Fri, 12 Apr 2024 17:38:22 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-timer
S1715619436.898606,VS0,VE1
etag
"0x8DC5B17595FB156"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
066957bf-e01e-000a-2d00-8daca4000000
cache-control
max-age=31536000
x-ms-version
2021-12-02
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-PINGOTHER, Range
expires
Tue, 13 May 2025 16:57:15 GMT
showcase
api-ads.percycle.com/ 		937 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-ads.percycle.com/showcase?widgets=native_double,40_all&types=native&productTypes=half&custom_placements=product&superads=xxx&campaignIds=xxx&hash=29a4dfb26cd5e0b7f64acf410a01eacc3a0e8798b37db7dfa60a4fbd03c2160f&id=49436&categories=Maquiagem&remarketingProductPrice=186.9&placement=product
Requested by
Host: static.percycle.com
URL: https://static.percycle.com/epocacosmeticos/g.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.234.179.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-234-179-32.compute-1.amazonaws.com
Software
/
Resource Hash
51620829280e2e70a5d6150fe901cf2c7fbcc74497310958f9d532ec289c41f3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://promo-quemdisseberenice.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date
Mon, 13 May 2024 16:57:16 GMT
x-has-products
false
X-Content-Type-Options
nosniff
ETag
W/"3a9-CQaSiR3xCAuDbkT7S4Vtrg"
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://promo-quemdisseberenice.com
Access-Control-Expose-Headers
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
937
search
promo-quemdisseberenice.com/api/catalog_system/pub/products/ 		289 B
641 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://promo-quemdisseberenice.com/api/catalog_system/pub/products/search?fq=skuId:undefined
Requested by
Host: io.vtex.com.br
URL: https://io.vtex.com.br/front-libs/jquery/1.8.3/jquery-1.8.3.min.js?v=1.0.0.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f054889c4fddfe9aa2ae95481fa32122d11c2418a5dabb0a4ceb11f6d25b490

Request headers

Accept
*/*
Referer
https://promo-quemdisseberenice.com/quiz-maybe/premio/
X-Requested-With
XMLHttpRequest
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:16 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OcFJym5RDOb6TAMFN4bAFU0Ec8iCe764R3k0ZK1Sq8Z9NZHkscBz6STDFT4A5cyXC4uX8yTlJJp%2FF3sNBe0KjxYDUCHJwf7H7XKyeP%2FydQZE%2BbWmzYpBx9dVZNk4PyAIrxx0Oo08ooMjnQILH3g%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cf-ray
88342fc26b0d9fc4-AMS
alt-svc
h3=":443"; ma=86400
Track.aspx
promo-quemdisseberenice.com/Site/ 		289 B
647 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://promo-quemdisseberenice.com/Site/Track.aspx?referrer=
Requested by
Host: io.vtex.com.br
URL: https://io.vtex.com.br/front-libs/jquery/1.8.3/jquery-1.8.3.min.js?v=1.0.0.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f054889c4fddfe9aa2ae95481fa32122d11c2418a5dabb0a4ceb11f6d25b490

Request headers

Accept
*/*
Referer
https://promo-quemdisseberenice.com/quiz-maybe/premio/
X-Requested-With
XMLHttpRequest
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:16 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FEX%2B%2FqURfXdbc3ZDtzvmLFjb%2FOZo%2FRpP6Q8jpXC86UKbC5ELUCu4EmKL%2FSWXqlTbUg7w6rZkEwNWitDOuo2J0Sik%2Bzr7ppyv6Zmk9r5oNOkFtIYQhCzflbx0qY79ndF1zLL%2F4MfGqCufpAPqyps%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cf-ray
88342fc26b109fc4-AMS
alt-svc
h3=":443"; ma=86400
client.js
promo-quemdisseberenice.com/api/sessions/files/ 		289 B
660 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://promo-quemdisseberenice.com/api/sessions/files/client.js?_=1715619435903
Requested by
Host: io.vtex.com.br
URL: https://io.vtex.com.br/front-libs/jquery/1.8.3/jquery-1.8.3.min.js?v=1.0.0.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f054889c4fddfe9aa2ae95481fa32122d11c2418a5dabb0a4ceb11f6d25b490

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://promo-quemdisseberenice.com/quiz-maybe/premio/
X-Requested-With
XMLHttpRequest
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:16 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eNBrM0INmMuMXzUgSaNTojJcjfcznVgRCxVn7NDhV9HR6wMReFD%2BmJjfIYAi5eWKFeM5jW%2Fimzz4sKvO0VYAqeN0XIaj47gfNMcNEJiAcD0OS8ADzSd9Tfqh34eHCaO7QfktwQzV1hMigdxIPH4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
88342fc26b149fc4-AMS
alt-svc
h3=":443"; ma=86400
disclaimer
promo-quemdisseberenice.com/no-cache/callcenter/ 		289 B
640 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://promo-quemdisseberenice.com/no-cache/callcenter/disclaimer?&h=1715619435903
Requested by
Host: io.vtex.com.br
URL: https://io.vtex.com.br/front-libs/jquery/1.8.3/jquery-1.8.3.min.js?v=1.0.0.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f054889c4fddfe9aa2ae95481fa32122d11c2418a5dabb0a4ceb11f6d25b490

Request headers

Accept
text/html, */*; q=0.01
Referer
https://promo-quemdisseberenice.com/quiz-maybe/premio/
X-Requested-With
XMLHttpRequest
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:16 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jpi8%2BxwlSBjin1hrIXdPJVJoNv7JqgXAs2QoF6zrwonTcbQUhapvMQPhYnTebwaUFBwV6D8XTYAQ%2BG2YU1V3Irr1YtvyzpcRfFUAa6HzAh7gY%2BwuZmbJx9LUFwobOAw4PDQqZzMPwbaSXG1NU7I%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cf-ray
88342fc26b189fc4-AMS
alt-svc
h3=":443"; ma=86400
welcome
promo-quemdisseberenice.com/no-cache/user/ 		289 B
641 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://promo-quemdisseberenice.com/no-cache/user/welcome?&h=1715619435903
Requested by
Host: io.vtex.com.br
URL: https://io.vtex.com.br/front-libs/jquery/1.8.3/jquery-1.8.3.min.js?v=1.0.0.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f054889c4fddfe9aa2ae95481fa32122d11c2418a5dabb0a4ceb11f6d25b490

Request headers

Accept
text/html, */*; q=0.01
Referer
https://promo-quemdisseberenice.com/quiz-maybe/premio/
X-Requested-With
XMLHttpRequest
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:16 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8rA95qwf7lZSACNsbYAQVaUi3F%2FdAZekGANGlgpwHvHvkA4vXvtCHOvGiqVRTbbnKdhY7FH26bzqD7g%2Bd5mgl3dVcuCA95mkFMq5Svm0eZRmF4rM1eryBxY%2BwDYO3%2BmJoW3u8J3eiwO5AnXCx5Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cf-ray
88342fc26b1a9fc4-AMS
alt-svc
h3=":443"; ma=86400
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2019370462&t=event&ni=1&_s=1&dl=https%3A%2F%2Fpromo-quemdisseberenice.com%2Fquiz-maybe%2Fpremio%2F&ul=nl-nl&de=UTF-8&dt=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Enhanced%20Ecommerce&ea=Detalhe%20de%20Produto&el=Kit%20Especial%20Ludmila%20%26amp%3B%20MAYBELLINE_undefined&_u=aHDAAEADQAAAACAMI~&jid=178102492&gjid=682669033&cid=1635439330.1715619435&tid=UA-2774154-1&_gid=1983990534.1715619435&_r=1&gtm=45He4580n81PXJPWLPv78349010za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&pa=detail&pr1nm=Kit%20Especial%20Ludmila%20%26amp%3B%20MAYBELLINE&pr1pr=R%24%20186%2C90&pr1br=Maybelline&pr1ca=M%C3%A1scara%20para%20C%C3%ADlios&pr1ps=0&npa=1&z=1572595689
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://promo-quemdisseberenice.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 13 May 2024 16:57:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://promo-quemdisseberenice.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		52 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PXJPWLP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:07:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
2965
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 13 May 2024 18:07:49 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2019370462&t=event&ni=1&_s=1&dl=https%3A%2F%2Fpromo-quemdisseberenice.com%2Fquiz-maybe%2Fpremio%2F&ul=nl-nl&de=UTF-8&dt=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=P%C3%A1gina%20de%20Produto&ea=Impress%C3%A3o%20Banner%20Tripa&el=Promo%20do%20Dia%20_cupom-AMOBOLSA&_u=aHDAAEADQAAAACAMI~&jid=889981202&gjid=1549787322&cid=1635439330.1715619435&tid=UA-2774154-1&_gid=1983990534.1715619435&_r=1&gtm=45He4580n81PXJPWLPv78349010za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&pa=detail&pr1nm=Kit%20Especial%20Ludmila%20%26amp%3B%20MAYBELLINE&pr1pr=R%24%20186%2C90&pr1br=Maybelline&pr1ca=M%C3%A1scara%20para%20C%C3%ADlios&pr1ps=0&npa=1&z=1020407424
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://promo-quemdisseberenice.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 13 May 2024 16:57:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://promo-quemdisseberenice.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2019370462&t=event&ni=1&_s=1&dl=https%3A%2F%2Fpromo-quemdisseberenice.com%2Fquiz-maybe%2Fpremio%2F&ul=nl-nl&de=UTF-8&dt=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=P%C3%A1gina%20de%20Produto&ea=Impress%C3%A3o%20Brinde&el=%3Cp%3EBrinde%20Maybelline%20Caixa%20Presente%C3%A1vel%20(Imagem%20ilustrativa)%20undefinedundefined%3C%2Fp%3E%3Cspan%3Eundefined%3C%2Fspan%3E&_u=aHDAAEADQAAAACAMI~&jid=1820809440&gjid=1525150846&cid=1635439330.1715619435&tid=UA-2774154-1&_gid=1983990534.1715619435&_r=1&gtm=45He4580n81PXJPWLPv78349010za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&pa=detail&pr1nm=Kit%20Especial%20Ludmila%20%26amp%3B%20MAYBELLINE&pr1pr=R%24%20186%2C90&pr1br=Maybelline&pr1ca=M%C3%A1scara%20para%20C%C3%ADlios&pr1ps=0&npa=1&z=1471408455
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://promo-quemdisseberenice.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 13 May 2024 16:57:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://promo-quemdisseberenice.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2019370462&t=event&ni=1&_s=1&dl=https%3A%2F%2Fpromo-quemdisseberenice.com%2Fquiz-maybe%2Fpremio%2F&ul=nl-nl&de=UTF-8&dt=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=P%C3%A1gina%20de%20Produto&ea=Impress%C3%A3o%20Recomendados&el=Kit%20Especial%20Ludmila%20%26amp%3B%20MAYBELLINE_undefined&_u=aHDAAEADQAAAACAMI~&jid=2023532406&gjid=166859049&cid=1635439330.1715619435&tid=UA-2774154-1&_gid=1983990534.1715619435&_r=1&gtm=45He4580n81PXJPWLPv78349010za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&pa=detail&pr1nm=Kit%20Especial%20Ludmila%20%26amp%3B%20MAYBELLINE&pr1pr=R%24%20186%2C90&pr1br=Maybelline&pr1ca=M%C3%A1scara%20para%20C%C3%ADlios&pr1ps=0&npa=1&z=1602261829
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://promo-quemdisseberenice.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 13 May 2024 16:57:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://promo-quemdisseberenice.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2019370462&t=event&ni=1&_s=1&dl=https%3A%2F%2Fpromo-quemdisseberenice.com%2Fquiz-maybe%2Fpremio%2F&ul=nl-nl&de=UTF-8&dt=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Enhanced%20Ecommerce&ea=Detalhe%20de%20Produto&el=Kit%20Especial%20Ludmila%20%26amp%3B%20MAYBELLINE_undefined&_u=aHDAAEADQAAAACAMI~&jid=319813018&gjid=616540937&cid=1635439330.1715619435&tid=UA-2774154-1&_gid=1983990534.1715619435&_r=1&gtm=45He4580n81PXJPWLPv78349010za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&pa=detail&pr1nm=Kit%20Especial%20Ludmila%20%26amp%3B%20MAYBELLINE&pr1pr=R%24%20186%2C90&pr1br=Maybelline&pr1ca=M%C3%A1scara%20para%20C%C3%ADlios&pr1ps=0&npa=1&z=1099860335
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://promo-quemdisseberenice.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 13 May 2024 16:57:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://promo-quemdisseberenice.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2019370462&t=event&ni=1&_s=1&dl=https%3A%2F%2Fpromo-quemdisseberenice.com%2Fquiz-maybe%2Fpremio%2F&ul=nl-nl&de=UTF-8&dt=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=P%C3%A1gina%20de%20Produto&ea=Impress%C3%A3o%20Banner%20Tripa&el=Promo%20do%20Dia%20_cupom-AMOBOLSA&_u=aHDAAEADQAAAACAMI~&jid=946399812&gjid=1482401563&cid=1635439330.1715619435&tid=UA-2774154-1&_gid=1983990534.1715619435&_r=1&gtm=45He4580n81PXJPWLPv78349010za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&pa=detail&pr1nm=Kit%20Especial%20Ludmila%20%26amp%3B%20MAYBELLINE&pr1pr=R%24%20186%2C90&pr1br=Maybelline&pr1ca=M%C3%A1scara%20para%20C%C3%ADlios&pr1ps=0&npa=1&z=871847828
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://promo-quemdisseberenice.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 13 May 2024 16:57:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://promo-quemdisseberenice.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2019370462&t=event&ni=1&_s=1&dl=https%3A%2F%2Fpromo-quemdisseberenice.com%2Fquiz-maybe%2Fpremio%2F&ul=nl-nl&de=UTF-8&dt=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=P%C3%A1gina%20de%20Produto&ea=Impress%C3%A3o%20Brinde&el=%3Cp%3EBrinde%20Maybelline%20Caixa%20Presente%C3%A1vel%20(Imagem%20ilustrativa)%20undefinedundefined%3C%2Fp%3E%3Cspan%3Eundefined%3C%2Fspan%3E&_u=aHDAAEADQAAAACAMI~&jid=526421653&gjid=1140637778&cid=1635439330.1715619435&tid=UA-2774154-1&_gid=1983990534.1715619435&_r=1&gtm=45He4580n81PXJPWLPv78349010za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&pa=detail&pr1nm=Kit%20Especial%20Ludmila%20%26amp%3B%20MAYBELLINE&pr1pr=R%24%20186%2C90&pr1br=Maybelline&pr1ca=M%C3%A1scara%20para%20C%C3%ADlios&pr1ps=0&npa=1&z=1595877448
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://promo-quemdisseberenice.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 13 May 2024 16:57:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://promo-quemdisseberenice.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2019370462&t=event&ni=1&_s=1&dl=https%3A%2F%2Fpromo-quemdisseberenice.com%2Fquiz-maybe%2Fpremio%2F&ul=nl-nl&de=UTF-8&dt=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=P%C3%A1gina%20de%20Produto&ea=Impress%C3%A3o%20Recomendados&el=Kit%20Especial%20Ludmila%20%26amp%3B%20MAYBELLINE_undefined&_u=aHDAAEADQAAAACAMI~&jid=971404020&gjid=822433249&cid=1635439330.1715619435&tid=UA-2774154-1&_gid=1983990534.1715619435&_r=1&gtm=45He4580n81PXJPWLPv78349010za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&pa=detail&pr1nm=Kit%20Especial%20Ludmila%20%26amp%3B%20MAYBELLINE&pr1pr=R%24%20186%2C90&pr1br=Maybelline&pr1ca=M%C3%A1scara%20para%20C%C3%ADlios&pr1ps=0&npa=1&z=1610982509
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://promo-quemdisseberenice.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 13 May 2024 16:57:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://promo-quemdisseberenice.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
MdhW45gp5T3Lc9HKO0hl.js
tags.creativecdn.com/ 		4 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.creativecdn.com/MdhW45gp5T3Lc9HKO0hl.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PXJPWLP
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
a18ebd731b20d7404e2eed45ad15a0e9068ec7c4eb6d95da6727c086e366227d

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-77-pop
frankfurtDE
date
Mon, 13 May 2024 16:57:14 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPqeweNEBtJ9ULRbi2payp1yatQXPdg899-5bgb1StJRe-mw-Q1pz40PFQZgZSvE_x_BG0Mr-wXX
x-77-cache
HIT
x-cache
HIT
x-goog-storage-class
STANDARD
x-guploader-response-body-transformations
gunzipped
x-goog-metageneration
4
x-goog-stored-content-encoding
gzip
x-age
177
x-accel-date
1715619257
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-77-nzt
EgwBw7WqEQH3sQAAAAwBJRPCNAH3tQ0AAA
x-accel-expires
@1715622597
x-77-age
177
last-modified
Tue, 20 Sep 2022 08:47:43 GMT
server
CDN77-Turbo
etag
W/"7dd71e4b922b44d4a1b639cea2047fcd"
x-77-nzt-ray
4c1562249357729a6a464266156a3a34
vary
Accept-Encoding, Accept-Encoding
x-goog-generation
1663663663138166
content-type
application/javascript
x-goog-hash
crc32c=U/iOdA==, md5=fdceS5IrRNShtjnOogR/zQ==
cache-control
public, max-age=3600
warning
214 UploadServer gunzipped
x-goog-stored-content-length
1741
expires
Sun, 05 May 2024 18:19:54 GMT
126194.ct.js
tag.rmp.rakuten.com/ 		40 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.rmp.rakuten.com/126194.ct.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PXJPWLP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.147.248 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
248.147.102.34.bc.googleusercontent.com
Software
/
Resource Hash
6e182aa05ac5c63b1b4af578c441b688e61900898a593c80cc2a587a4c0ab3ce

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:14 GMT
content-encoding
gzip
via
1.1 google
last-modified
Mon, 13 May 2024 16:57:14 GMT
x-cache
hit
x-samesite
secure
content-type
text/javascript
cache-control
max-age=86400
x-dyn
0
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
droz.js
chat-app.meudroz.com/v1/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://chat-app.meudroz.com/v1/droz.js?i=9d8ec964788d7819cdac497969b23b0cf0ed73ce&u=https://chat-app.meudroz.com&v=749336
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f71c6fd702841dd80a37e8762ad1c6d0dbfe8210f9bbeca88c2fb70f5f2a86d
Security Headers
Name Value
Content-Security-Policy default-src *; font-src *;img-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; frame-ancestors *
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src *; font-src *;img-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; frame-ancestors *
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 18 Apr 2024 21:31:50 GMT
server
cloudflare
etag
W/"9936-1713475910000"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E2CVE1i2ptu4lVkELS%2F0kFXhzhrIvmmabfcj7wmEKITeOqaGDqaSaQIOfT7Sdw0saQIszNAEYCwzYNOIBvxNuKzKcb0NEasgolZs1pIOKNovk1EiuIR5F%2BknS1sgRtstciBobNfzeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=2073600
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
cf-ray
88342fc2ccf46643-AMS
priority
u=3,i=?0
0
bat.bing.com/action/ 		0
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5061910&Ver=2&mid=42a3650d-55c9-4447-8ef3-f5a2565fa6bc&sid=da0389c0114911ef919c716a1fae3450&vid=da03afc0114911efbdeded80c73eabf8&vids=1&msclkid=N&pi=918639831&lg=nl-NL&sw=1600&sh=1200&sc=24&tl=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&p=https%3A%2F%2Fpromo-quemdisseberenice.com%2Fquiz-maybe%2Fpremio%2F&r=&lt=2613&evt=pageLoad&sv=1&rn=945501
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 13 May 2024 16:57:15 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: E8A0BE0EED3941DD870DABC1910AC8D9 Ref B: BRU30EDGE0519 Ref C: 2024-05-13T16:57:15Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
0
bat.bing.com/action/ 		0
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5061910&Ver=2&mid=42a3650d-55c9-4447-8ef3-f5a2565fa6bc&sid=da0389c0114911ef919c716a1fae3450&vid=da03afc0114911efbdeded80c73eabf8&vids=0&msclkid=N&pagetype=product&en=Y&p=https%3A%2F%2Fpromo-quemdisseberenice.com%2Fquiz-maybe%2Fpremio%2F&sw=1600&sh=1200&sc=24&evt=custom&rn=76435
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 13 May 2024 16:57:15 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 4CC49ACF3ED4401B9C03ED6F0938CF9A Ref B: BRU30EDGE0519 Ref C: 2024-05-13T16:57:15Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
976458679
google.com/ccm/form-data/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://google.com/ccm/form-data/976458679?gtm=45be4580v872370555za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&frm=0&pscdl=noapi&auid=349169782.1715619435&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&em=tv.1~em.tada2d3fvRV5mFSgy_yKNWKRlCiCwtJLyKktlM6FQcw&ecsid=1944058580.1715619436
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-976458679
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Mon, 13 May 2024 16:57:16 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://promo-quemdisseberenice.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
producthero.min.mjs
content.syndigo.com/site/common/1.0.439/specific/epoca/anchor/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://content.syndigo.com/site/common/1.0.439/specific/epoca/anchor/producthero.min.mjs
Requested by
Host: content.syndigo.com
URL: https://content.syndigo.com/site/42d4ffdb-629b-4589-8de5-89db87ce4a34/syndi.min.mjs?cv=476560
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.129.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d6e1eca389a34604bc7660a09d990d3941cc817b6cdbe2a7edefb157ed445a30

Request headers

Referer
https://content.syndigo.com/site/42d4ffdb-629b-4589-8de5-89db87ce4a34/syndi.min.mjs?cv=476560
Origin
https://promo-quemdisseberenice.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits
22722, 0
x-ms-blob-type
BlockBlob
date
Mon, 13 May 2024 16:57:16 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
content-md5
1h6B0upK826dloVccIBwBw==
age
2675932
x-ms-server-encrypted
true
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
4248
x-ms-lease-state
available
x-served-by
cache-den8276-DEN, cache-ams21068-AMS
x-ms-lease-status
unlocked
x-ms-creation-time
Fri, 05 Apr 2024 19:38:23 GMT
last-modified
Fri, 05 Apr 2024 19:38:23 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-timer
S1715619436.021005,VS0,VE1
etag
"0x8DC55A7F4EA4FBA"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
24adb51b-001e-00bb-1900-8db2b1000000
cache-control
max-age=31536000
x-ms-version
2021-12-02
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-PINGOTHER, Range
expires
Tue, 13 May 2025 16:57:16 GMT
inline.min.mjs
content.syndigo.com/site/common/1.0.439/site/anchor/ 		9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://content.syndigo.com/site/common/1.0.439/site/anchor/inline.min.mjs
Requested by
Host: content.syndigo.com
URL: https://content.syndigo.com/site/42d4ffdb-629b-4589-8de5-89db87ce4a34/syndi.min.mjs?cv=476560
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.129.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
df29e247d735d508465e0f050c06b55fccaf94d863965ed8194cdc979fc0e80b

Request headers

Referer
https://content.syndigo.com/site/42d4ffdb-629b-4589-8de5-89db87ce4a34/syndi.min.mjs?cv=476560
Origin
https://promo-quemdisseberenice.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits
11986, 57862
x-ms-blob-type
BlockBlob
date
Mon, 13 May 2024 16:57:16 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
content-md5
zmjkvOJgOjeQot4c1VkPTg==
age
3272251
x-ms-server-encrypted
true
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
4051
x-ms-lease-state
available
x-served-by
cache-den8244-DEN, cache-ams21068-AMS
x-ms-lease-status
unlocked
x-ms-creation-time
Fri, 05 Apr 2024 19:38:22 GMT
last-modified
Fri, 05 Apr 2024 19:38:22 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-timer
S1715619436.021766,VS0,VE0
etag
"0x8DC55A7F4452840"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
d6357fba-801e-0051-4093-87959f000000
cache-control
max-age=31536000
x-ms-version
2021-12-02
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-PINGOTHER, Range
expires
Tue, 13 May 2025 16:57:16 GMT
local.min.mjs
content.syndigo.com/site/common/1.0.439/tracking/storage/ 		654 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://content.syndigo.com/site/common/1.0.439/tracking/storage/local.min.mjs
Requested by
Host: content.syndigo.com
URL: https://content.syndigo.com/site/42d4ffdb-629b-4589-8de5-89db87ce4a34/syndi.min.mjs?cv=476560
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.129.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
15a707542349f19a6fb57826ae7c864586488ad393ac26e2d2ae74739509271a

Request headers

Referer
https://content.syndigo.com/site/42d4ffdb-629b-4589-8de5-89db87ce4a34/syndi.min.mjs?cv=476560
Origin
https://promo-quemdisseberenice.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits
523, 55878
x-ms-blob-type
BlockBlob
date
Mon, 13 May 2024 16:57:16 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
content-md5
v4gQDNYUYszG9ZnI9yNtkQ==
age
3272251
x-ms-server-encrypted
true
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
403
x-ms-lease-state
available
x-served-by
cache-den8242-DEN, cache-ams21068-AMS
x-ms-lease-status
unlocked
x-ms-creation-time
Fri, 05 Apr 2024 19:38:22 GMT
last-modified
Fri, 05 Apr 2024 19:38:22 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-timer
S1715619436.021742,VS0,VE0
etag
"0x8DC55A7F44C0508"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
13ada2c4-701e-0055-7b93-871898000000
cache-control
max-age=31536000
x-ms-version
2021-12-02
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-PINGOTHER, Range
expires
Tue, 13 May 2025 16:57:16 GMT
addtocart.min.mjs
content.syndigo.com/site/common/1.0.439/specific/epoca/tracking/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://content.syndigo.com/site/common/1.0.439/specific/epoca/tracking/addtocart.min.mjs
Requested by
Host: content.syndigo.com
URL: https://content.syndigo.com/site/42d4ffdb-629b-4589-8de5-89db87ce4a34/syndi.min.mjs?cv=476560
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.129.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d4f69a3cfacaa577de1cc7bdc664fdb00d87eb708e58183c0a8362fec63b7882

Request headers

Referer
https://content.syndigo.com/site/42d4ffdb-629b-4589-8de5-89db87ce4a34/syndi.min.mjs?cv=476560
Origin
https://promo-quemdisseberenice.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits
10023, 0
x-ms-blob-type
BlockBlob
date
Mon, 13 May 2024 16:57:16 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
content-md5
Cks/3Y+ozWdsH/xiep0sAA==
age
2199168
x-ms-server-encrypted
true
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1629
x-ms-lease-state
available
x-served-by
cache-den8270-DEN, cache-ams21068-AMS
x-ms-lease-status
unlocked
x-ms-creation-time
Fri, 05 Apr 2024 19:38:23 GMT
last-modified
Fri, 05 Apr 2024 19:38:23 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-timer
S1715619436.021999,VS0,VE1
etag
"0x8DC55A7F4E8F062"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
d0769506-e01e-0035-4d56-916407000000
cache-control
max-age=31536000
x-ms-version
2021-12-02
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-PINGOTHER, Range
expires
Tue, 13 May 2025 16:57:16 GMT
event.min.mjs
content.syndigo.com/site/common/1.0.439/tracking/event/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://content.syndigo.com/site/common/1.0.439/tracking/event/event.min.mjs
Requested by
Host: content.syndigo.com
URL: https://content.syndigo.com/site/42d4ffdb-629b-4589-8de5-89db87ce4a34/syndi.min.mjs?cv=476560
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.129.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
3d49358b16e5d156c6c25a9187ac30437e84cb9516bfd4cb99128ccbb7cd1ce8

Request headers

Referer
https://content.syndigo.com/site/42d4ffdb-629b-4589-8de5-89db87ce4a34/syndi.min.mjs?cv=476560
Origin
https://promo-quemdisseberenice.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits
194575, 58362
x-ms-blob-type
BlockBlob
date
Mon, 13 May 2024 16:57:16 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
content-md5
2g+AuR/9E5mhpVwIT0LHfg==
age
3272251
x-ms-server-encrypted
true
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1453
x-ms-lease-state
available
x-served-by
cache-den8233-DEN, cache-ams21068-AMS
x-ms-lease-status
unlocked
x-ms-creation-time
Fri, 05 Apr 2024 19:38:22 GMT
last-modified
Fri, 05 Apr 2024 19:38:22 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-timer
S1715619436.021983,VS0,VE0
etag
"0x8DC55A7F44C0508"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
0ff0e5e9-701e-0008-0f93-87121c000000
cache-control
max-age=31536000
x-ms-version
2021-12-02
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-PINGOTHER, Range
expires
Tue, 13 May 2025 16:57:16 GMT
pt-br.min.mjs
content.syndigo.com/site/common/1.0.439/translations/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://content.syndigo.com/site/common/1.0.439/translations/pt-br.min.mjs
Requested by
Host: content.syndigo.com
URL: https://content.syndigo.com/site/42d4ffdb-629b-4589-8de5-89db87ce4a34/syndi.min.mjs?cv=476560
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.129.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
33755d599540c2a68497474f07326808aa1c3c129b048272e30bcc54374f76c2

Request headers

Referer
https://content.syndigo.com/site/42d4ffdb-629b-4589-8de5-89db87ce4a34/syndi.min.mjs?cv=476560
Origin
https://promo-quemdisseberenice.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits
35, 107
x-ms-blob-type
BlockBlob
date
Mon, 13 May 2024 16:57:16 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
content-md5
GY3iwqCQ6XebN66rU4LPAg==
age
2675973
x-ms-server-encrypted
true
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
2082
x-ms-lease-state
available
x-served-by
cache-den8263-DEN, cache-ams21068-AMS
x-ms-lease-status
unlocked
x-ms-creation-time
Fri, 05 Apr 2024 19:38:21 GMT
last-modified
Fri, 05 Apr 2024 19:38:21 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-timer
S1715619436.022243,VS0,VE0
etag
"0x8DC55A7F38D17EE"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
d12e090c-d01e-004c-6600-8d9823000000
cache-control
max-age=31536000
x-ms-version
2021-12-02
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-PINGOTHER, Range
expires
Tue, 13 May 2025 16:57:16 GMT
pageid.min.mjs
content.syndigo.com/site/common/1.0.439/site/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://content.syndigo.com/site/common/1.0.439/site/pageid.min.mjs
Requested by
Host: content.syndigo.com
URL: https://content.syndigo.com/site/42d4ffdb-629b-4589-8de5-89db87ce4a34/syndi.min.mjs?cv=476560
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.129.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
9e13aca1f88f2192cadb233eb053036901b76bf8c3e9e056806f89a3df70e10a

Request headers

Referer
https://content.syndigo.com/site/42d4ffdb-629b-4589-8de5-89db87ce4a34/syndi.min.mjs?cv=476560
Origin
https://promo-quemdisseberenice.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits
242264, 57274
x-ms-blob-type
BlockBlob
date
Mon, 13 May 2024 16:57:16 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
content-md5
1Kc/fpAGZ3FnaQmEYOFZ7A==
age
3272250
x-ms-server-encrypted
true
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1324
x-ms-lease-state
available
x-served-by
cache-den8281-DEN, cache-ams21068-AMS
x-ms-lease-status
unlocked
x-ms-creation-time
Fri, 05 Apr 2024 19:38:21 GMT
last-modified
Fri, 05 Apr 2024 19:38:21 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-timer
S1715619436.022332,VS0,VE0
etag
"0x8DC55A7F3837C73"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
fb9009a7-601e-002b-5b93-8788df000000
cache-control
max-age=31536000
x-ms-version
2021-12-02
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-PINGOTHER, Range
expires
Tue, 13 May 2025 16:57:16 GMT
v2
us.creativecdn.com/tags/
Redirect Chain
  • https://us.creativecdn.com/tags/v2?type=json
  • https://us.creativecdn.com/tags/v2?type=json&tc=1
0
181 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://us.creativecdn.com/tags/v2?type=json&tc=1
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Server
185.184.10.30 , Cyprus, ASN203690 (RTB-HOUSE-ASH, CY),
Reverse DNS
ip-185-184-10-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/quiz-maybe/premio/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-origin
https://promo-quemdisseberenice.com
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS

Redirect headers

pragma
no-cache
date
Mon, 13 May 2024 16:57:16 GMT, Mon, 13 May 2024 16:57:16 GMT
access-control-max-age
3600
vary
Origin
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
access-control-allow-origin
https://promo-quemdisseberenice.com
access-control-allow-methods
GET, POST
location
https://us.creativecdn.com/tags/v2?type=json&tc=1
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
v2
us.creativecdn.com/tags/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://us.creativecdn.com/tags/v2?type=json
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.10.30 , Cyprus, ASN203690 (RTB-HOUSE-ASH, CY),
Reverse DNS
ip-185-184-10-30.rtbhouse.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://promo-quemdisseberenice.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET, POST
access-control-allow-origin
https://promo-quemdisseberenice.com
access-control-max-age
3600
content-length
0
date
Mon, 13 May 2024 16:57:16 GMT
vary
Origin
6152.json
content.syndigo.com/page/42d4ffdb-629b-4589-8de5-89db87ce4a34/ 		28 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://content.syndigo.com/page/42d4ffdb-629b-4589-8de5-89db87ce4a34/6152.json?u=95747D42-119F-4179-A2D5-3D688E4B590E&siteid=42d4ffdb-629b-4589-8de5-89db87ce4a34&pageid=6152&s=1715619436042&v=v1.0.439&visitid=D46E3568-CD73-4E36-8790-35A7CC1FA237&ref=&pageurl=https%3A%2F%2Fpromo-quemdisseberenice.com%2Fquiz-maybe%2Fpremio%2F
Requested by
Host: content.syndigo.com
URL: https://content.syndigo.com/site/42d4ffdb-629b-4589-8de5-89db87ce4a34/syndi.min.mjs?cv=476560
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.129.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
709689000888d5c967058ac3d744197a4318e42762346e302da0f38f3a72ffa5

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits
32, 0
x-ms-blob-type
BlockBlob
date
Mon, 13 May 2024 16:57:16 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
content-md5
ZPFLUg/zhsGUkSoIPmBZMQ==
age
540869
x-ms-server-encrypted
true
x-cache
HIT, MISS
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
3854
x-ms-lease-state
available
x-served-by
cache-den8265-DEN, cache-ams21068-AMS
x-ms-lease-status
unlocked
x-ms-creation-time
Fri, 19 May 2023 18:43:12 GMT
last-modified
Thu, 28 Sep 2023 23:24:20 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-timer
S1715619436.051385,VS0,VE117
etag
"0x8DBC07A0AB40961"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
cae7239b-d01e-00f5-096b-a09c39000000
cache-control
max-age=31536000
x-ms-version
2021-12-02
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-PINGOTHER, Range
expires
Tue, 13 May 2025 16:57:16 GMT
6152.json
content.syndigo.com/page/42d4ffdb-629b-4589-8de5-89db87ce4a34/ 		28 KB
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://content.syndigo.com/page/42d4ffdb-629b-4589-8de5-89db87ce4a34/6152.json?u=95747D42-119F-4179-A2D5-3D688E4B590E&siteid=42d4ffdb-629b-4589-8de5-89db87ce4a34&pageid=6152&s=1715619436042&v=v1.0.439&visitid=D46E3568-CD73-4E36-8790-35A7CC1FA237&ref=&pageurl=https%3A%2F%2Fpromo-quemdisseberenice.com%2Fquiz-maybe%2Fpremio%2F
Requested by
Host: content.syndigo.com
URL: https://content.syndigo.com/site/42d4ffdb-629b-4589-8de5-89db87ce4a34/syndi.min.mjs?cv=476560
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.129.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
709689000888d5c967058ac3d744197a4318e42762346e302da0f38f3a72ffa5

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits
32, 0
x-ms-blob-type
BlockBlob
date
Mon, 13 May 2024 16:57:16 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
content-md5
ZPFLUg/zhsGUkSoIPmBZMQ==
age
540869
x-ms-server-encrypted
true
x-cache
HIT, MISS
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
3854
x-ms-lease-state
available
x-served-by
cache-den8265-DEN, cache-ams21068-AMS
x-ms-lease-status
unlocked
x-ms-creation-time
Fri, 19 May 2023 18:43:12 GMT
last-modified
Thu, 28 Sep 2023 23:24:20 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-timer
S1715619436.051385,VS0,VE117
etag
"0x8DBC07A0AB40961"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
cae7239b-d01e-00f5-096b-a09c39000000
cache-control
max-age=31536000
x-ms-version
2021-12-02
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-PINGOTHER, Range
expires
Tue, 13 May 2025 16:57:16 GMT
6152.json
content.syndigo.com/page/42d4ffdb-629b-4589-8de5-89db87ce4a34/ 		28 KB
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://content.syndigo.com/page/42d4ffdb-629b-4589-8de5-89db87ce4a34/6152.json?u=95747D42-119F-4179-A2D5-3D688E4B590E&siteid=42d4ffdb-629b-4589-8de5-89db87ce4a34&pageid=6152&s=1715619436042&v=v1.0.439&visitid=D46E3568-CD73-4E36-8790-35A7CC1FA237&ref=&pageurl=https%3A%2F%2Fpromo-quemdisseberenice.com%2Fquiz-maybe%2Fpremio%2F
Requested by
Host: content.syndigo.com
URL: https://content.syndigo.com/site/42d4ffdb-629b-4589-8de5-89db87ce4a34/syndi.min.mjs?cv=476560
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.129.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
709689000888d5c967058ac3d744197a4318e42762346e302da0f38f3a72ffa5

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits
32, 0
x-ms-blob-type
BlockBlob
date
Mon, 13 May 2024 16:57:16 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
content-md5
ZPFLUg/zhsGUkSoIPmBZMQ==
age
540869
x-ms-server-encrypted
true
x-cache
HIT, MISS
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
3854
x-ms-lease-state
available
x-served-by
cache-den8265-DEN, cache-ams21068-AMS
x-ms-lease-status
unlocked
x-ms-creation-time
Fri, 19 May 2023 18:43:12 GMT
last-modified
Thu, 28 Sep 2023 23:24:20 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-timer
S1715619436.051385,VS0,VE117
etag
"0x8DBC07A0AB40961"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
cae7239b-d01e-00f5-096b-a09c39000000
cache-control
max-age=31536000
x-ms-version
2021-12-02
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-PINGOTHER, Range
expires
Tue, 13 May 2025 16:57:16 GMT
6152.json
content.syndigo.com/page/42d4ffdb-629b-4589-8de5-89db87ce4a34/ 		28 KB
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://content.syndigo.com/page/42d4ffdb-629b-4589-8de5-89db87ce4a34/6152.json?u=95747D42-119F-4179-A2D5-3D688E4B590E&siteid=42d4ffdb-629b-4589-8de5-89db87ce4a34&pageid=6152&s=1715619436042&v=v1.0.439&visitid=D46E3568-CD73-4E36-8790-35A7CC1FA237&ref=&pageurl=https%3A%2F%2Fpromo-quemdisseberenice.com%2Fquiz-maybe%2Fpremio%2F
Requested by
Host: content.syndigo.com
URL: https://content.syndigo.com/site/42d4ffdb-629b-4589-8de5-89db87ce4a34/syndi.min.mjs?cv=476560
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.129.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
709689000888d5c967058ac3d744197a4318e42762346e302da0f38f3a72ffa5

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits
32, 0
x-ms-blob-type
BlockBlob
date
Mon, 13 May 2024 16:57:16 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
content-md5
ZPFLUg/zhsGUkSoIPmBZMQ==
age
540869
x-ms-server-encrypted
true
x-cache
HIT, MISS
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
3854
x-ms-lease-state
available
x-served-by
cache-den8265-DEN, cache-ams21068-AMS
x-ms-lease-status
unlocked
x-ms-creation-time
Fri, 19 May 2023 18:43:12 GMT
last-modified
Thu, 28 Sep 2023 23:24:20 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-timer
S1715619436.051385,VS0,VE117
etag
"0x8DBC07A0AB40961"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
cae7239b-d01e-00f5-096b-a09c39000000
cache-control
max-age=31536000
x-ms-version
2021-12-02
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-PINGOTHER, Range
expires
Tue, 13 May 2025 16:57:16 GMT
6152.json
content.syndigo.com/page/42d4ffdb-629b-4589-8de5-89db87ce4a34/ 		28 KB
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://content.syndigo.com/page/42d4ffdb-629b-4589-8de5-89db87ce4a34/6152.json?u=95747D42-119F-4179-A2D5-3D688E4B590E&siteid=42d4ffdb-629b-4589-8de5-89db87ce4a34&pageid=6152&s=1715619436042&v=v1.0.439&visitid=D46E3568-CD73-4E36-8790-35A7CC1FA237&ref=&pageurl=https%3A%2F%2Fpromo-quemdisseberenice.com%2Fquiz-maybe%2Fpremio%2F
Requested by
Host: content.syndigo.com
URL: https://content.syndigo.com/site/42d4ffdb-629b-4589-8de5-89db87ce4a34/syndi.min.mjs?cv=476560
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.129.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
709689000888d5c967058ac3d744197a4318e42762346e302da0f38f3a72ffa5

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits
32, 0
x-ms-blob-type
BlockBlob
date
Mon, 13 May 2024 16:57:16 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
content-md5
ZPFLUg/zhsGUkSoIPmBZMQ==
age
540869
x-ms-server-encrypted
true
x-cache
HIT, MISS
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
3854
x-ms-lease-state
available
x-served-by
cache-den8265-DEN, cache-ams21068-AMS
x-ms-lease-status
unlocked
x-ms-creation-time
Fri, 19 May 2023 18:43:12 GMT
last-modified
Thu, 28 Sep 2023 23:24:20 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-timer
S1715619436.051385,VS0,VE117
etag
"0x8DBC07A0AB40961"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
cae7239b-d01e-00f5-096b-a09c39000000
cache-control
max-age=31536000
x-ms-version
2021-12-02
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-PINGOTHER, Range
expires
Tue, 13 May 2025 16:57:16 GMT
6152.json
content.syndigo.com/page/42d4ffdb-629b-4589-8de5-89db87ce4a34/ 		28 KB
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://content.syndigo.com/page/42d4ffdb-629b-4589-8de5-89db87ce4a34/6152.json?u=95747D42-119F-4179-A2D5-3D688E4B590E&siteid=42d4ffdb-629b-4589-8de5-89db87ce4a34&pageid=6152&s=1715619436042&v=v1.0.439&visitid=D46E3568-CD73-4E36-8790-35A7CC1FA237&ref=&pageurl=https%3A%2F%2Fpromo-quemdisseberenice.com%2Fquiz-maybe%2Fpremio%2F
Requested by
Host: content.syndigo.com
URL: https://content.syndigo.com/site/42d4ffdb-629b-4589-8de5-89db87ce4a34/syndi.min.mjs?cv=476560
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.129.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
709689000888d5c967058ac3d744197a4318e42762346e302da0f38f3a72ffa5

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits
32, 0
x-ms-blob-type
BlockBlob
date
Mon, 13 May 2024 16:57:16 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
content-md5
ZPFLUg/zhsGUkSoIPmBZMQ==
age
540869
x-ms-server-encrypted
true
x-cache
HIT, MISS
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
3854
x-ms-lease-state
available
x-served-by
cache-den8265-DEN, cache-ams21068-AMS
x-ms-lease-status
unlocked
x-ms-creation-time
Fri, 19 May 2023 18:43:12 GMT
last-modified
Thu, 28 Sep 2023 23:24:20 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-timer
S1715619436.051385,VS0,VE117
etag
"0x8DBC07A0AB40961"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
cae7239b-d01e-00f5-096b-a09c39000000
cache-control
max-age=31536000
x-ms-version
2021-12-02
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-PINGOTHER, Range
expires
Tue, 13 May 2025 16:57:16 GMT
6152.json
content.syndigo.com/page/42d4ffdb-629b-4589-8de5-89db87ce4a34/ 		28 KB
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://content.syndigo.com/page/42d4ffdb-629b-4589-8de5-89db87ce4a34/6152.json?u=95747D42-119F-4179-A2D5-3D688E4B590E&siteid=42d4ffdb-629b-4589-8de5-89db87ce4a34&pageid=6152&s=1715619436042&v=v1.0.439&visitid=D46E3568-CD73-4E36-8790-35A7CC1FA237&ref=&pageurl=https%3A%2F%2Fpromo-quemdisseberenice.com%2Fquiz-maybe%2Fpremio%2F
Requested by
Host: content.syndigo.com
URL: https://content.syndigo.com/site/42d4ffdb-629b-4589-8de5-89db87ce4a34/syndi.min.mjs?cv=476560
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.129.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
709689000888d5c967058ac3d744197a4318e42762346e302da0f38f3a72ffa5

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits
32, 0
x-ms-blob-type
BlockBlob
date
Mon, 13 May 2024 16:57:16 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
content-md5
ZPFLUg/zhsGUkSoIPmBZMQ==
age
540869
x-ms-server-encrypted
true
x-cache
HIT, MISS
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
3854
x-ms-lease-state
available
x-served-by
cache-den8265-DEN, cache-ams21068-AMS
x-ms-lease-status
unlocked
x-ms-creation-time
Fri, 19 May 2023 18:43:12 GMT
last-modified
Thu, 28 Sep 2023 23:24:20 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-timer
S1715619436.051385,VS0,VE117
etag
"0x8DBC07A0AB40961"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
cae7239b-d01e-00f5-096b-a09c39000000
cache-control
max-age=31536000
x-ms-version
2021-12-02
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-PINGOTHER, Range
expires
Tue, 13 May 2025 16:57:16 GMT
p.gif
event.syndigo.cloud/event/ 		43 B
695 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://event.syndigo.cloud/event/p.gif?u=95747D42-119F-4179-A2D5-3D688E4B590E&siteid=42d4ffdb-629b-4589-8de5-89db87ce4a34&pageid=6152&s=1715619436042&v=v1.0.439&visitid=D46E3568-CD73-4E36-8790-35A7CC1FA237&dt=0&ref=&r=0.803700468266767&pageurl=https%3A%2F%2Fpromo-quemdisseberenice.com%2Fquiz-maybe%2Fpremio%2F
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits
28, 29136
x-ms-blob-type
BlockBlob
date
Mon, 13 May 2024 16:57:16 GMT
via
1.1 varnish, 1.1 varnish
content-md5
3z5WfW8W0EAybHoOoppPQQ==
age
354926
x-ms-server-encrypted
true
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
43
x-ms-lease-state
available
x-served-by
cache-den8225-DEN, cache-ams21056-AMS
x-ms-lease-status
unlocked
x-ms-creation-time
Mon, 24 Aug 2020 21:14:54 GMT
last-modified
Thu, 09 May 2024 14:21:49 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-timer
S1715619436.101300,VS0,VE0
etag
"0x8DC70335DADAE9E"
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
1a92a776-a01e-000b-3b1c-a2f378000000
cache-control
max-age=31536000
x-ms-version
2021-12-02
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-PINGOTHER, Range
expires
Tue, 13 May 2025 16:57:16 GMT
orderForm
promo-quemdisseberenice.com/api/checkout/pub/ 		289 B
646 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://promo-quemdisseberenice.com/api/checkout/pub/orderForm?refreshOutdatedData=true
Requested by
Host: io.vtex.com.br
URL: https://io.vtex.com.br/front-libs/jquery/1.8.3/jquery-1.8.3.min.js?v=1.0.0.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f054889c4fddfe9aa2ae95481fa32122d11c2418a5dabb0a4ceb11f6d25b490

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://promo-quemdisseberenice.com/quiz-maybe/premio/
X-Requested-With
XMLHttpRequest
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type
application/json; charset=UTF-8

Response headers

date
Mon, 13 May 2024 16:57:16 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C%2BUieeDKbr5h3Yi3brEuKZkXGHA%2BTeHjBVKLEJqRz3i7PC4OkqIb9eYX86W%2FDRvQ8xcvE2YqI69C0wfHf%2Bu8IkfRW5LVQK06b%2BC3vE%2FMPeAyDUSA1jnUWaKRpkndXiYFjXO3tV9WH3kVQmnlLqA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cf-ray
88342fc36c8f9fc4-AMS
alt-svc
h3=":443"; ma=86400
main.js
chat-app.meudroz.com/iframe/ 		63 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://chat-app.meudroz.com/iframe/main.js?v=547064
Requested by
Host: chat-app.meudroz.com
URL: https://chat-app.meudroz.com/v1/droz.js?i=9d8ec964788d7819cdac497969b23b0cf0ed73ce&u=https://chat-app.meudroz.com&v=564343
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63c02ad54dc396aa2e0bd9fecee4ea05461f1bc15ad6c752eb886458cf50bb91
Security Headers
Name Value
Content-Security-Policy default-src *; font-src *;img-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; frame-ancestors *
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:14 GMT
content-security-policy
default-src *; font-src *;img-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; frame-ancestors *
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 18 Apr 2024 21:31:48 GMT
server
cloudflare
etag
W/"64363-1713475908000"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vKYJFPMaFHXssWLwY%2BAR%2BuIGfJcsiCd7bhkBWghAA%2F3YaMHYF%2BHFxzQsWPiM3ehQLYSVseotDaOAOg1ntZMC7Y1htKGvCFE%2BLpFucDfo7tWVClm%2F%2FmEgtqAHQB5TiYyr76qzj1I6BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=2073600
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
cf-ray
88342fb71f006643-AMS
priority
u=1,i=?0
icon-minimized-20200918113245043-313.png
s3.sa-east-1.amazonaws.com/chatbot-droz/chatbot-droz-prod/attachment/9d8ec964788d7819cdac497969b23b0cf0ed73ce/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.sa-east-1.amazonaws.com/chatbot-droz/chatbot-droz-prod/attachment/9d8ec964788d7819cdac497969b23b0cf0ed73ce/icon-minimized-20200918113245043-313.png
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.165.80 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-sa-east-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
406cb6f4517e483d3c94c50f38c4c291d3057c955a696685e97727edb75c5573

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date
Mon, 13 May 2024 16:57:16 GMT
Last-Modified
Fri, 18 Sep 2020 14:32:46 GMT
Server
AmazonS3
x-amz-request-id
N8PK6E5MPR9EDX0N
ETag
"77696db7316beec9faa8a3ad481cc735"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
1421
x-amz-id-2
H4ujMhlbezglhBVsXONaOWG8qwRwHwYL1j2t6vRLdUzMfCZ6XuBOSCpChULUxOHCVG29f8ijtoQ=
icon-minimized-20200918113245043-313.p
promo-quemdisseberenice.com/quiz-maybe/premio/s3.sa-east-1.amazonaws.com/chatbot-droz/chatbot-droz-prod/attachment/9d8ec964788d7819cdac497969b23b0cf0ed73ce/ 		289 B
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://promo-quemdisseberenice.com/quiz-maybe/premio/s3.sa-east-1.amazonaws.com/chatbot-droz/chatbot-droz-prod/attachment/9d8ec964788d7819cdac497969b23b0cf0ed73ce/icon-minimized-20200918113245043-313.p
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f054889c4fddfe9aa2ae95481fa32122d11c2418a5dabb0a4ceb11f6d25b490

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/quiz-maybe/premio/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:16 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=co6PfeIQbYcAj%2BlY1Wr4tjWL5K2rXd6EIxClE73RIbbIyOTERletQOPnBzydJwfgOVmsRsWXEnmsC92uW0GuhmJteN43r5LjZAIzPHJEsF1rMLYoae9dparsdYcMlUEBuVRGcBVPdMERvaVrkTk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cf-ray
88342fc3fd4c9fc4-AMS
alt-svc
h3=":443"; ma=86400
x.gif
event.syndigo.cloud/event/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://event.syndigo.cloud/event/x.gif?u=95747D42-119F-4179-A2D5-3D688E4B590E&siteid=42d4ffdb-629b-4589-8de5-89db87ce4a34&pageid=6152&s=1715619436042&v=v1.0.439&visitid=D46E3568-CD73-4E36-8790-35A7CC1FA237&ci=d5a035be-c421-a5bf-20ad-276451f132e3&epci=0e8153c9-baee-634a-8fc7-2aad323a9267&display=true&userExcludeGroup=1&bucketExpires=1715623036192&experimentExpires=1747155436192&dt=0.143&ref=&r=0.735488078903695&pageurl=https%3A%2F%2Fpromo-quemdisseberenice.com%2Fquiz-maybe%2Fpremio%2F
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits
27, 1672
x-ms-blob-type
BlockBlob
date
Mon, 13 May 2024 16:57:16 GMT
via
1.1 varnish, 1.1 varnish
content-md5
3z5WfW8W0EAybHoOoppPQQ==
age
354927
x-ms-server-encrypted
true
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
43
x-ms-lease-state
available
x-served-by
cache-den8248-DEN, cache-ams21056-AMS
x-ms-lease-status
unlocked
x-ms-creation-time
Mon, 24 Aug 2020 21:14:54 GMT
last-modified
Thu, 09 May 2024 14:21:49 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-timer
S1715619436.198169,VS0,VE0
etag
"0x8DC70335DAD6088"
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
8e301095-601e-00ad-121c-a24466000000
cache-control
max-age=31536000
x-ms-version
2021-12-02
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-PINGOTHER, Range
expires
Tue, 13 May 2025 16:57:16 GMT
main-v1.js
s3-sa-east-1.amazonaws.com/chatbot-droz/chatbot-droz-prod/attachment/9d8ec964788d7819cdac497969b23b0cf0ed73ce/ 		2 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://s3-sa-east-1.amazonaws.com/chatbot-droz/chatbot-droz-prod/attachment/9d8ec964788d7819cdac497969b23b0cf0ed73ce/main-v1.js?v=547064
Requested by
Host: chat-app.meudroz.com
URL: https://chat-app.meudroz.com/v1/droz.js?i=9d8ec964788d7819cdac497969b23b0cf0ed73ce&u=https://chat-app.meudroz.com&v=140512
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
16.12.0.84 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-sa-east-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
79bb9daacad4452d5b73011c68f6de54b945524e6d510285ec4cd7f92febdd49

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date
Mon, 13 May 2024 16:57:15 GMT
Last-Modified
Tue, 06 Jun 2023 16:24:39 GMT
Server
AmazonS3
x-amz-request-id
2AP578Z8MJ6WKDMN
ETag
"be570b28d341e20041a42ab1910e3935"
x-amz-server-side-encryption
AES256
Content-Type
text/javascript
Accept-Ranges
bytes
Content-Length
2065
x-amz-id-2
T06RM3AP+WwQmLFhd9hEYVvZtBkMCg27lqH3OmHYwgBnGJhMslMke2oVzg3GAGcQQ0vtgxmbzIY=
x.gif
event.syndigo.cloud/event/ 		43 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://event.syndigo.cloud/event/x.gif?u=95747D42-119F-4179-A2D5-3D688E4B590E&siteid=42d4ffdb-629b-4589-8de5-89db87ce4a34&pageid=6152&s=1715619436042&v=v1.0.439&visitid=D46E3568-CD73-4E36-8790-35A7CC1FA237&ci=d5a035be-c421-a5bf-20ad-276451f132e3&epci=0e8153c9-baee-634a-8fc7-2aad323a9267&display=true&userExcludeGroup=1&bucketExpires=1715623036192&experimentExpires=1747155436192&dt=0.145&ref=&r=0.06741523103102143&pageurl=https%3A%2F%2Fpromo-quemdisseberenice.com%2Fquiz-maybe%2Fpremio%2F
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits
27, 1673
x-ms-blob-type
BlockBlob
date
Mon, 13 May 2024 16:57:16 GMT
via
1.1 varnish, 1.1 varnish
content-md5
3z5WfW8W0EAybHoOoppPQQ==
age
354927
x-ms-server-encrypted
true
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
43
x-ms-lease-state
available
x-served-by
cache-den8248-DEN, cache-ams21056-AMS
x-ms-lease-status
unlocked
x-ms-creation-time
Mon, 24 Aug 2020 21:14:54 GMT
last-modified
Thu, 09 May 2024 14:21:49 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-timer
S1715619436.199751,VS0,VE0
etag
"0x8DC70335DAD6088"
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
8e301095-601e-00ad-121c-a24466000000
cache-control
max-age=31536000
x-ms-version
2021-12-02
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-PINGOTHER, Range
expires
Tue, 13 May 2025 16:57:16 GMT
x.gif
event.syndigo.cloud/event/ 		43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://event.syndigo.cloud/event/x.gif?u=95747D42-119F-4179-A2D5-3D688E4B590E&siteid=42d4ffdb-629b-4589-8de5-89db87ce4a34&pageid=6152&s=1715619436042&v=v1.0.439&visitid=D46E3568-CD73-4E36-8790-35A7CC1FA237&ci=d5a035be-c421-a5bf-20ad-276451f132e3&epci=0e8153c9-baee-634a-8fc7-2aad323a9267&display=true&userExcludeGroup=1&bucketExpires=1715623036192&experimentExpires=1747155436192&dt=0.148&ref=&r=0.43549737448934933&pageurl=https%3A%2F%2Fpromo-quemdisseberenice.com%2Fquiz-maybe%2Fpremio%2F
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits
27, 1674
x-ms-blob-type
BlockBlob
date
Mon, 13 May 2024 16:57:16 GMT
via
1.1 varnish, 1.1 varnish
content-md5
3z5WfW8W0EAybHoOoppPQQ==
age
354927
x-ms-server-encrypted
true
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
43
x-ms-lease-state
available
x-served-by
cache-den8248-DEN, cache-ams21056-AMS
x-ms-lease-status
unlocked
x-ms-creation-time
Mon, 24 Aug 2020 21:14:54 GMT
last-modified
Thu, 09 May 2024 14:21:49 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-timer
S1715619436.202840,VS0,VE0
etag
"0x8DC70335DAD6088"
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
8e301095-601e-00ad-121c-a24466000000
cache-control
max-age=31536000
x-ms-version
2021-12-02
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-PINGOTHER, Range
expires
Tue, 13 May 2025 16:57:16 GMT
hotspots.min.mjs
content.syndigo.com/site/common/1.0.439/experience/hotspots-element/hotspots/ 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://content.syndigo.com/site/common/1.0.439/experience/hotspots-element/hotspots/hotspots.min.mjs
Requested by
Host: content.syndigo.com
URL: https://content.syndigo.com/site/42d4ffdb-629b-4589-8de5-89db87ce4a34/syndi.min.mjs?cv=476560
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.129.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
111e7f709abfa6d975971ea4619c55a4d966c9632bf73b97e6cd17e82431e3a7

Request headers

Referer
https://content.syndigo.com/site/42d4ffdb-629b-4589-8de5-89db87ce4a34/syndi.min.mjs?cv=476560
Origin
https://promo-quemdisseberenice.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits
99900, 0
x-ms-blob-type
BlockBlob
date
Mon, 13 May 2024 16:57:16 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
content-md5
ZQIucbNCDLpq+8lg/+NNgA==
age
3271935
x-ms-server-encrypted
true
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
28546
x-ms-lease-state
available
x-served-by
cache-den8250-DEN, cache-ams21068-AMS
x-ms-lease-status
unlocked
x-ms-creation-time
Fri, 05 Apr 2024 19:38:26 GMT
last-modified
Fri, 05 Apr 2024 19:38:26 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-timer
S1715619436.206703,VS0,VE1
etag
"0x8DC55A7F6D114E8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
609a312a-101e-000e-1794-8721a3000000
cache-control
max-age=31536000
x-ms-version
2021-12-02
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-PINGOTHER, Range
expires
Tue, 13 May 2025 16:57:16 GMT
x.gif
event.syndigo.cloud/event/ 		43 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://event.syndigo.cloud/event/x.gif?u=95747D42-119F-4179-A2D5-3D688E4B590E&siteid=42d4ffdb-629b-4589-8de5-89db87ce4a34&pageid=6152&s=1715619436042&v=v1.0.439&visitid=D46E3568-CD73-4E36-8790-35A7CC1FA237&ci=d5a035be-c421-a5bf-20ad-276451f132e3&epci=0e8153c9-baee-634a-8fc7-2aad323a9267&display=true&userExcludeGroup=1&bucketExpires=1715623036192&experimentExpires=1747155436192&dt=0.152&ref=&r=0.011302171672153305&pageurl=https%3A%2F%2Fpromo-quemdisseberenice.com%2Fquiz-maybe%2Fpremio%2F
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits
27, 1675
x-ms-blob-type
BlockBlob
date
Mon, 13 May 2024 16:57:16 GMT
via
1.1 varnish, 1.1 varnish
content-md5
3z5WfW8W0EAybHoOoppPQQ==
age
354927
x-ms-server-encrypted
true
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
43
x-ms-lease-state
available
x-served-by
cache-den8248-DEN, cache-ams21056-AMS
x-ms-lease-status
unlocked
x-ms-creation-time
Mon, 24 Aug 2020 21:14:54 GMT
last-modified
Thu, 09 May 2024 14:21:49 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-timer
S1715619436.207567,VS0,VE0
etag
"0x8DC70335DAD6088"
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
8e301095-601e-00ad-121c-a24466000000
cache-control
max-age=31536000
x-ms-version
2021-12-02
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-PINGOTHER, Range
expires
Tue, 13 May 2025 16:57:16 GMT
x.gif
event.syndigo.cloud/event/ 		43 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://event.syndigo.cloud/event/x.gif?u=95747D42-119F-4179-A2D5-3D688E4B590E&siteid=42d4ffdb-629b-4589-8de5-89db87ce4a34&pageid=6152&s=1715619436042&v=v1.0.439&visitid=D46E3568-CD73-4E36-8790-35A7CC1FA237&ci=d5a035be-c421-a5bf-20ad-276451f132e3&epci=0e8153c9-baee-634a-8fc7-2aad323a9267&display=true&userExcludeGroup=1&bucketExpires=1715623036192&experimentExpires=1747155436192&dt=0.153&ref=&r=0.1958555428933766&pageurl=https%3A%2F%2Fpromo-quemdisseberenice.com%2Fquiz-maybe%2Fpremio%2F
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits
27, 1676
x-ms-blob-type
BlockBlob
date
Mon, 13 May 2024 16:57:16 GMT
via
1.1 varnish, 1.1 varnish
content-md5
3z5WfW8W0EAybHoOoppPQQ==
age
354927
x-ms-server-encrypted
true
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
43
x-ms-lease-state
available
x-served-by
cache-den8248-DEN, cache-ams21056-AMS
x-ms-lease-status
unlocked
x-ms-creation-time
Mon, 24 Aug 2020 21:14:54 GMT
last-modified
Thu, 09 May 2024 14:21:49 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-timer
S1715619436.208187,VS0,VE0
etag
"0x8DC70335DAD6088"
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
8e301095-601e-00ad-121c-a24466000000
cache-control
max-age=31536000
x-ms-version
2021-12-02
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-PINGOTHER, Range
expires
Tue, 13 May 2025 16:57:16 GMT
x.gif
event.syndigo.cloud/event/ 		43 B
221 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://event.syndigo.cloud/event/x.gif?u=95747D42-119F-4179-A2D5-3D688E4B590E&siteid=42d4ffdb-629b-4589-8de5-89db87ce4a34&pageid=6152&s=1715619436042&v=v1.0.439&visitid=D46E3568-CD73-4E36-8790-35A7CC1FA237&ci=d5a035be-c421-a5bf-20ad-276451f132e3&epci=0e8153c9-baee-634a-8fc7-2aad323a9267&display=true&userExcludeGroup=1&bucketExpires=1715623036192&experimentExpires=1747155436192&dt=0.155&ref=&r=0.23642755125496384&pageurl=https%3A%2F%2Fpromo-quemdisseberenice.com%2Fquiz-maybe%2Fpremio%2F
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits
27, 1677
x-ms-blob-type
BlockBlob
date
Mon, 13 May 2024 16:57:16 GMT
via
1.1 varnish, 1.1 varnish
content-md5
3z5WfW8W0EAybHoOoppPQQ==
age
354927
x-ms-server-encrypted
true
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
43
x-ms-lease-state
available
x-served-by
cache-den8248-DEN, cache-ams21056-AMS
x-ms-lease-status
unlocked
x-ms-creation-time
Mon, 24 Aug 2020 21:14:54 GMT
last-modified
Thu, 09 May 2024 14:21:49 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-timer
S1715619436.209821,VS0,VE0
etag
"0x8DC70335DAD6088"
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
8e301095-601e-00ad-121c-a24466000000
cache-control
max-age=31536000
x-ms-version
2021-12-02
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-PINGOTHER, Range
expires
Tue, 13 May 2025 16:57:16 GMT
x.gif
event.syndigo.cloud/event/ 		43 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://event.syndigo.cloud/event/x.gif?u=95747D42-119F-4179-A2D5-3D688E4B590E&siteid=42d4ffdb-629b-4589-8de5-89db87ce4a34&pageid=6152&s=1715619436042&v=v1.0.439&visitid=D46E3568-CD73-4E36-8790-35A7CC1FA237&ci=d5a035be-c421-a5bf-20ad-276451f132e3&epci=0e8153c9-baee-634a-8fc7-2aad323a9267&display=true&userExcludeGroup=1&bucketExpires=1715623036192&experimentExpires=1747155436192&dt=0.157&ref=&r=0.39848046407818427&pageurl=https%3A%2F%2Fpromo-quemdisseberenice.com%2Fquiz-maybe%2Fpremio%2F
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits
27, 1678
x-ms-blob-type
BlockBlob
date
Mon, 13 May 2024 16:57:16 GMT
via
1.1 varnish, 1.1 varnish
content-md5
3z5WfW8W0EAybHoOoppPQQ==
age
354927
x-ms-server-encrypted
true
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
43
x-ms-lease-state
available
x-served-by
cache-den8248-DEN, cache-ams21056-AMS
x-ms-lease-status
unlocked
x-ms-creation-time
Mon, 24 Aug 2020 21:14:54 GMT
last-modified
Thu, 09 May 2024 14:21:49 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-timer
S1715619436.211804,VS0,VE0
etag
"0x8DC70335DAD6088"
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
8e301095-601e-00ad-121c-a24466000000
cache-control
max-age=31536000
x-ms-version
2021-12-02
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-PINGOTHER, Range
expires
Tue, 13 May 2025 16:57:16 GMT
6152.json
content.syndigo.com/page/42d4ffdb-629b-4589-8de5-89db87ce4a34/ 		28 KB
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://content.syndigo.com/page/42d4ffdb-629b-4589-8de5-89db87ce4a34/6152.json?u=95747D42-119F-4179-A2D5-3D688E4B590E&siteid=42d4ffdb-629b-4589-8de5-89db87ce4a34&pageid=6152&s=1715619436042&v=v1.0.439&visitid=D46E3568-CD73-4E36-8790-35A7CC1FA237&ref=&pageurl=https%3A%2F%2Fpromo-quemdisseberenice.com%2Fquiz-maybe%2Fpremio%2F
Requested by
Host: content.syndigo.com
URL: https://content.syndigo.com/site/42d4ffdb-629b-4589-8de5-89db87ce4a34/syndi.min.mjs?cv=476560
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.129.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
709689000888d5c967058ac3d744197a4318e42762346e302da0f38f3a72ffa5

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits
32, 0
x-ms-blob-type
BlockBlob
date
Mon, 13 May 2024 16:57:16 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
content-md5
ZPFLUg/zhsGUkSoIPmBZMQ==
age
540869
x-ms-server-encrypted
true
x-cache
HIT, MISS
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
3854
x-ms-lease-state
available
x-served-by
cache-den8265-DEN, cache-ams21068-AMS
x-ms-lease-status
unlocked
x-ms-creation-time
Fri, 19 May 2023 18:43:12 GMT
last-modified
Thu, 28 Sep 2023 23:24:20 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-timer
S1715619436.051385,VS0,VE117
etag
"0x8DBC07A0AB40961"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
cae7239b-d01e-00f5-096b-a09c39000000
cache-control
max-age=31536000
x-ms-version
2021-12-02
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-PINGOTHER, Range
expires
Tue, 13 May 2025 16:57:16 GMT
act
analytics.tiktok.com/api/v2/pixel/ 		0
849 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNkMWZjOGNjMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-162.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://promo-quemdisseberenice.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
4e903a18.aaf337f3
date
Mon, 13 May 2024 16:57:16 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240513165716EE4034AED4D2C9A08195-4B82CD5457E48AC7-00
x-cache
TCP_MISS from a104-126-37-158.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
x-parent-response-time
347,104.126.37.158
server-timing
cdn-cache; desc=MISS, edge; dur=117, origin; dur=259, inner; dur=29
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20240513165716EE4034AED4D2C9A08195
x-cache-remote
TCP_MISS from a23-220-107-209.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
259,23.220.107.209
x-tt-trace-host
01e623bd4a1a6771e371d4afb544e9cc0b4525732b068c3e63166adabc622bbc0bd28836353a7ec09027fc28ffc0a4f68fb012d863bb470003843e1cd980a0dce0c41f3fb6b8b1e9b5bca1072e6c0ae85278eee01d0466a5671c6a51dd82a6000de09f7304794276187bd93dab965863e8
access-control-allow-headers
Authorization,*
expires
Mon, 13 May 2024 16:57:16 GMT
x.gif
event.syndigo.cloud/event/ 		43 B
650 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://event.syndigo.cloud/event/x.gif?u=95747D42-119F-4179-A2D5-3D688E4B590E&siteid=42d4ffdb-629b-4589-8de5-89db87ce4a34&pageid=6152&s=1715619436042&v=v1.0.439&visitid=D46E3568-CD73-4E36-8790-35A7CC1FA237&ci=d5a035be-c421-a5bf-20ad-276451f132e3&epci=0e8153c9-baee-634a-8fc7-2aad323a9267&display=true&userExcludeGroup=1&bucketExpires=1715623036192&experimentExpires=1747155436192&dt=0.219&ref=&r=0.8561000678180957&pageurl=https%3A%2F%2Fpromo-quemdisseberenice.com%2Fquiz-maybe%2Fpremio%2F
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits
27, 1841
x-ms-blob-type
BlockBlob
date
Mon, 13 May 2024 16:57:16 GMT
via
1.1 varnish, 1.1 varnish
content-md5
3z5WfW8W0EAybHoOoppPQQ==
age
354927
x-ms-server-encrypted
true
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
43
x-ms-lease-state
available
x-served-by
cache-den8248-DEN, cache-ams21046-AMS
x-ms-lease-status
unlocked
x-ms-creation-time
Mon, 24 Aug 2020 21:14:54 GMT
last-modified
Thu, 09 May 2024 14:21:49 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-timer
S1715619436.274922,VS0,VE0
etag
"0x8DC70335DAD6088"
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
8e301095-601e-00ad-121c-a24466000000
cache-control
max-age=31536000
x-ms-version
2021-12-02
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-PINGOTHER, Range
expires
Tue, 13 May 2025 16:57:16 GMT
info-circle.svg
content.syndigo.com/asset/icons/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://content.syndigo.com/asset/icons/info-circle.svg
Requested by
Host: content.syndigo.com
URL: https://content.syndigo.com/site/42d4ffdb-629b-4589-8de5-89db87ce4a34/syndi.min.mjs?cv=476560
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.129.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
9b6008acdc892596eb825b22e34bdd817564ed903fa413f5610287e500024f3a

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits
130, 0
x-ms-blob-type
BlockBlob
date
Mon, 13 May 2024 16:57:16 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
content-md5
9CJUF+6h9xNqixnDBoHMIQ==
age
354926
x-ms-server-encrypted
true
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1121
x-ms-lease-state
available
x-served-by
cache-den8258-DEN, cache-ams21068-AMS
x-ms-lease-status
unlocked
x-ms-creation-time
Sat, 18 Jul 2020 06:30:26 GMT
last-modified
Thu, 09 May 2024 14:21:47 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-timer
S1715619436.278688,VS0,VE1
etag
"0x8DC70335C8CBF0B"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
11e55783-101e-00ea-671c-a22f3d000000
cache-control
max-age=31536000
x-ms-version
2021-12-02
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-PINGOTHER, Range
expires
Tue, 13 May 2025 16:57:16 GMT
info-circle.svg
content.syndigo.com/asset/icons/ 		3 KB
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://content.syndigo.com/asset/icons/info-circle.svg
Requested by
Host: content.syndigo.com
URL: https://content.syndigo.com/site/42d4ffdb-629b-4589-8de5-89db87ce4a34/syndi.min.mjs?cv=476560
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.129.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
9b6008acdc892596eb825b22e34bdd817564ed903fa413f5610287e500024f3a

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits
130, 0
x-ms-blob-type
BlockBlob
date
Mon, 13 May 2024 16:57:16 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
content-md5
9CJUF+6h9xNqixnDBoHMIQ==
age
354926
x-ms-server-encrypted
true
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1121
x-ms-lease-state
available
x-served-by
cache-den8258-DEN, cache-ams21068-AMS
x-ms-lease-status
unlocked
x-ms-creation-time
Sat, 18 Jul 2020 06:30:26 GMT
last-modified
Thu, 09 May 2024 14:21:47 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-timer
S1715619436.278688,VS0,VE1
etag
"0x8DC70335C8CBF0B"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
11e55783-101e-00ea-671c-a22f3d000000
cache-control
max-age=31536000
x-ms-version
2021-12-02
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-PINGOTHER, Range
expires
Tue, 13 May 2025 16:57:16 GMT
play-circle.svg
content.syndigo.com/asset/icons/ 		424 B
891 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://content.syndigo.com/asset/icons/play-circle.svg
Requested by
Host: content.syndigo.com
URL: https://content.syndigo.com/site/42d4ffdb-629b-4589-8de5-89db87ce4a34/syndi.min.mjs?cv=476560
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.129.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
7ade8760f5c15a16b7f5d2b3a495b9de4d05564096f1b1c80c2f485d46b49999

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits
6, 96
x-ms-blob-type
BlockBlob
date
Mon, 13 May 2024 16:57:16 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
content-md5
zB7tXhrv8zpyuE3wfymPcg==
age
354928
x-ms-server-encrypted
true
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
255
x-ms-lease-state
available
x-served-by
cache-den8250-DEN, cache-ams21068-AMS
x-ms-lease-status
unlocked
x-ms-creation-time
Sat, 18 Jul 2020 06:30:26 GMT
last-modified
Thu, 09 May 2024 14:21:48 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-timer
S1715619436.282041,VS0,VE0
etag
"0x8DC70335D32D1B1"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
fd9bfd50-701e-00ec-541c-a21c82000000
cache-control
max-age=31536000
x-ms-version
2021-12-02
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-PINGOTHER, Range
expires
Tue, 13 May 2025 16:57:16 GMT
chevron-right.svg
content.syndigo.com/asset/icons/ 		238 B
841 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://content.syndigo.com/asset/icons/chevron-right.svg
Requested by
Host: content.syndigo.com
URL: https://content.syndigo.com/site/42d4ffdb-629b-4589-8de5-89db87ce4a34/syndi.min.mjs?cv=476560
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.129.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
21e39a0f3f251de96105d9e916292bd5bb0036755ea711e5974ac89258b51729

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits
12, 156
x-ms-blob-type
BlockBlob
date
Mon, 13 May 2024 16:57:16 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
content-md5
2Wz+q7/cdOY8bIuCk4a9Jg==
age
354928
x-ms-server-encrypted
true
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
204
x-ms-lease-state
available
x-served-by
cache-den8256-DEN, cache-ams21068-AMS
x-ms-lease-status
unlocked
x-ms-creation-time
Sat, 18 Jul 2020 06:30:26 GMT
last-modified
Thu, 09 May 2024 14:21:48 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-timer
S1715619436.282792,VS0,VE0
etag
"0x8DC70335CE58065"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
fca4175f-201e-003a-611c-a2126b000000
cache-control
max-age=31536000
x-ms-version
2021-12-02
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-PINGOTHER, Range
expires
Tue, 13 May 2025 16:57:16 GMT
chevron-left.svg
content.syndigo.com/asset/icons/ 		246 B
843 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://content.syndigo.com/asset/icons/chevron-left.svg
Requested by
Host: content.syndigo.com
URL: https://content.syndigo.com/site/42d4ffdb-629b-4589-8de5-89db87ce4a34/syndi.min.mjs?cv=476560
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.129.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d90559f637847e17a2266d9683a5caa060e8ef23ee2fb42219c824065c2dee62

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits
9, 157
x-ms-blob-type
BlockBlob
date
Mon, 13 May 2024 16:57:16 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
content-md5
oo/oVdLsYGpMVehK2YsMBQ==
age
354927
x-ms-server-encrypted
true
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
208
x-ms-lease-state
available
x-served-by
cache-den8232-DEN, cache-ams21068-AMS
x-ms-lease-status
unlocked
x-ms-creation-time
Sat, 18 Jul 2020 06:30:26 GMT
last-modified
Thu, 09 May 2024 14:21:49 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-timer
S1715619436.282771,VS0,VE0
etag
"0x8DC70335D70BBF9"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
4fbf28c0-501e-006d-461c-a2bc58000000
cache-control
max-age=31536000
x-ms-version
2021-12-02
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-PINGOTHER, Range
expires
Tue, 13 May 2025 16:57:16 GMT
next-circle.svg
content.syndigo.com/asset/icons/ 		693 B
1004 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://content.syndigo.com/asset/icons/next-circle.svg
Requested by
Host: content.syndigo.com
URL: https://content.syndigo.com/site/42d4ffdb-629b-4589-8de5-89db87ce4a34/syndi.min.mjs?cv=476560
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.129.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
501c75d4239c3de510e78f241ac23e8dc1c0310c1e277bbb0928b30c5208d7e7

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits
72, 1
x-ms-blob-type
BlockBlob
date
Mon, 13 May 2024 16:57:16 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
content-md5
OsZbaJuu/Ad1Wo1AveafWQ==
age
354929
x-ms-server-encrypted
true
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
369
x-ms-lease-state
available
x-served-by
cache-den8236-DEN, cache-ams21068-AMS
x-ms-lease-status
unlocked
x-ms-creation-time
Sat, 18 Jul 2020 06:30:25 GMT
last-modified
Thu, 09 May 2024 14:21:47 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-timer
S1715619436.282775,VS0,VE2
etag
"0x8DC70335C9D5E68"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
7d8dfd57-001e-0094-201c-a2bf7a000000
cache-control
max-age=31536000
x-ms-version
2021-12-02
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-PINGOTHER, Range
expires
Tue, 13 May 2025 16:57:16 GMT
prev-circle.svg
content.syndigo.com/asset/icons/ 		704 B
1015 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://content.syndigo.com/asset/icons/prev-circle.svg
Requested by
Host: content.syndigo.com
URL: https://content.syndigo.com/site/42d4ffdb-629b-4589-8de5-89db87ce4a34/syndi.min.mjs?cv=476560
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.129.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
5f77539b742fdd04535c662a509559a01cfa41a229c62aa4f2ccc8c9f7b65dbe

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits
72, 0
x-ms-blob-type
BlockBlob
date
Mon, 13 May 2024 16:57:16 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
content-md5
GVOiRMm4nPksGNDCcB7j8g==
age
354928
x-ms-server-encrypted
true
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
379
x-ms-lease-state
available
x-served-by
cache-den8236-DEN, cache-ams21068-AMS
x-ms-lease-status
unlocked
x-ms-creation-time
Sat, 18 Jul 2020 06:30:26 GMT
last-modified
Thu, 09 May 2024 14:21:48 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-timer
S1715619436.282760,VS0,VE1
etag
"0x8DC70335CDC5A13"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
4fbf261f-501e-006d-361c-a2bc58000000
cache-control
max-age=31536000
x-ms-version
2021-12-02
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-PINGOTHER, Range
expires
Tue, 13 May 2025 16:57:16 GMT
a.gif
event.syndigo.cloud/event/ 		43 B
650 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://event.syndigo.cloud/event/a.gif?u=95747D42-119F-4179-A2D5-3D688E4B590E&siteid=42d4ffdb-629b-4589-8de5-89db87ce4a34&pageid=6152&s=1715619436042&v=v0.4.605&visitid=D46E3568-CD73-4E36-8790-35A7CC1FA237&a=load&dt=2.9281000003814697&xt=hotspots&epci=0e8153c9-baee-634a-8fc7-2aad323a9267&ci=d5a035be-c421-a5bf-20ad-276451f132e3&ref=&r=0.8548237849056173&pageurl=https%3A%2F%2Fpromo-quemdisseberenice.com%2Fquiz-maybe%2Fpremio%2F
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits
65, 1232
x-ms-blob-type
BlockBlob
date
Mon, 13 May 2024 16:57:16 GMT
via
1.1 varnish, 1.1 varnish
content-md5
3z5WfW8W0EAybHoOoppPQQ==
age
354926
x-ms-server-encrypted
true
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
43
x-ms-lease-state
available
x-served-by
cache-den8222-DEN, cache-ams21046-AMS
x-ms-lease-status
unlocked
x-ms-creation-time
Mon, 24 Aug 2020 21:14:54 GMT
last-modified
Thu, 09 May 2024 14:21:49 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-timer
S1715619436.282604,VS0,VE0
etag
"0x8DC70335DB4164D"
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
5b6f2eba-901e-002f-381c-a205d8000000
cache-control
max-age=31536000
x-ms-version
2021-12-02
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-PINGOTHER, Range
expires
Tue, 13 May 2025 16:57:16 GMT
info-circle.svg
content.syndigo.com/asset/icons/ 		3 KB
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://content.syndigo.com/asset/icons/info-circle.svg
Requested by
Host: content.syndigo.com
URL: https://content.syndigo.com/site/42d4ffdb-629b-4589-8de5-89db87ce4a34/syndi.min.mjs?cv=476560
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.129.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
9b6008acdc892596eb825b22e34bdd817564ed903fa413f5610287e500024f3a

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits
130, 0
x-ms-blob-type
BlockBlob
date
Mon, 13 May 2024 16:57:16 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
content-md5
9CJUF+6h9xNqixnDBoHMIQ==
age
354926
x-ms-server-encrypted
true
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1121
x-ms-lease-state
available
x-served-by
cache-den8258-DEN, cache-ams21068-AMS
x-ms-lease-status
unlocked
x-ms-creation-time
Sat, 18 Jul 2020 06:30:26 GMT
last-modified
Thu, 09 May 2024 14:21:47 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-timer
S1715619436.278688,VS0,VE1
etag
"0x8DC70335C8CBF0B"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
11e55783-101e-00ea-671c-a22f3d000000
cache-control
max-age=31536000
x-ms-version
2021-12-02
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-PINGOTHER, Range
expires
Tue, 13 May 2025 16:57:16 GMT
info-circle.svg
content.syndigo.com/asset/icons/ 		3 KB
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://content.syndigo.com/asset/icons/info-circle.svg
Requested by
Host: content.syndigo.com
URL: https://content.syndigo.com/site/42d4ffdb-629b-4589-8de5-89db87ce4a34/syndi.min.mjs?cv=476560
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.129.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
9b6008acdc892596eb825b22e34bdd817564ed903fa413f5610287e500024f3a

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits
130, 0
x-ms-blob-type
BlockBlob
date
Mon, 13 May 2024 16:57:16 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
content-md5
9CJUF+6h9xNqixnDBoHMIQ==
age
354926
x-ms-server-encrypted
true
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1121
x-ms-lease-state
available
x-served-by
cache-den8258-DEN, cache-ams21068-AMS
x-ms-lease-status
unlocked
x-ms-creation-time
Sat, 18 Jul 2020 06:30:26 GMT
last-modified
Thu, 09 May 2024 14:21:47 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-timer
S1715619436.278688,VS0,VE1
etag
"0x8DC70335C8CBF0B"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
11e55783-101e-00ea-671c-a22f3d000000
cache-control
max-age=31536000
x-ms-version
2021-12-02
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-PINGOTHER, Range
expires
Tue, 13 May 2025 16:57:16 GMT
play-circle.svg
content.syndigo.com/asset/icons/ 		424 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://content.syndigo.com/asset/icons/play-circle.svg
Requested by
Host: content.syndigo.com
URL: https://content.syndigo.com/site/42d4ffdb-629b-4589-8de5-89db87ce4a34/syndi.min.mjs?cv=476560
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.129.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
7ade8760f5c15a16b7f5d2b3a495b9de4d05564096f1b1c80c2f485d46b49999

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits
6, 96
x-ms-blob-type
BlockBlob
date
Mon, 13 May 2024 16:57:16 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
content-md5
zB7tXhrv8zpyuE3wfymPcg==
age
354928
x-ms-server-encrypted
true
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
255
x-ms-lease-state
available
x-served-by
cache-den8250-DEN, cache-ams21068-AMS
x-ms-lease-status
unlocked
x-ms-creation-time
Sat, 18 Jul 2020 06:30:26 GMT
last-modified
Thu, 09 May 2024 14:21:48 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-timer
S1715619436.282041,VS0,VE0
etag
"0x8DC70335D32D1B1"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
fd9bfd50-701e-00ec-541c-a21c82000000
cache-control
max-age=31536000
x-ms-version
2021-12-02
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-PINGOTHER, Range
expires
Tue, 13 May 2025 16:57:16 GMT
chevron-right.svg
content.syndigo.com/asset/icons/ 		238 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://content.syndigo.com/asset/icons/chevron-right.svg
Requested by
Host: content.syndigo.com
URL: https://content.syndigo.com/site/42d4ffdb-629b-4589-8de5-89db87ce4a34/syndi.min.mjs?cv=476560
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.129.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
21e39a0f3f251de96105d9e916292bd5bb0036755ea711e5974ac89258b51729

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits
12, 156
x-ms-blob-type
BlockBlob
date
Mon, 13 May 2024 16:57:16 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
content-md5
2Wz+q7/cdOY8bIuCk4a9Jg==
age
354928
x-ms-server-encrypted
true
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
204
x-ms-lease-state
available
x-served-by
cache-den8256-DEN, cache-ams21068-AMS
x-ms-lease-status
unlocked
x-ms-creation-time
Sat, 18 Jul 2020 06:30:26 GMT
last-modified
Thu, 09 May 2024 14:21:48 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-timer
S1715619436.282792,VS0,VE0
etag
"0x8DC70335CE58065"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
fca4175f-201e-003a-611c-a2126b000000
cache-control
max-age=31536000
x-ms-version
2021-12-02
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-PINGOTHER, Range
expires
Tue, 13 May 2025 16:57:16 GMT
chevron-left.svg
content.syndigo.com/asset/icons/ 		246 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://content.syndigo.com/asset/icons/chevron-left.svg
Requested by
Host: content.syndigo.com
URL: https://content.syndigo.com/site/42d4ffdb-629b-4589-8de5-89db87ce4a34/syndi.min.mjs?cv=476560
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.129.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d90559f637847e17a2266d9683a5caa060e8ef23ee2fb42219c824065c2dee62

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits
9, 157
x-ms-blob-type
BlockBlob
date
Mon, 13 May 2024 16:57:16 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
content-md5
oo/oVdLsYGpMVehK2YsMBQ==
age
354927
x-ms-server-encrypted
true
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
208
x-ms-lease-state
available
x-served-by
cache-den8232-DEN, cache-ams21068-AMS
x-ms-lease-status
unlocked
x-ms-creation-time
Sat, 18 Jul 2020 06:30:26 GMT
last-modified
Thu, 09 May 2024 14:21:49 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-timer
S1715619436.282771,VS0,VE0
etag
"0x8DC70335D70BBF9"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
4fbf28c0-501e-006d-461c-a2bc58000000
cache-control
max-age=31536000
x-ms-version
2021-12-02
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-PINGOTHER, Range
expires
Tue, 13 May 2025 16:57:16 GMT
next-circle.svg
content.syndigo.com/asset/icons/ 		693 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://content.syndigo.com/asset/icons/next-circle.svg
Requested by
Host: content.syndigo.com
URL: https://content.syndigo.com/site/42d4ffdb-629b-4589-8de5-89db87ce4a34/syndi.min.mjs?cv=476560
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.129.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
501c75d4239c3de510e78f241ac23e8dc1c0310c1e277bbb0928b30c5208d7e7

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits
72, 1
x-ms-blob-type
BlockBlob
date
Mon, 13 May 2024 16:57:16 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
content-md5
OsZbaJuu/Ad1Wo1AveafWQ==
age
354929
x-ms-server-encrypted
true
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
369
x-ms-lease-state
available
x-served-by
cache-den8236-DEN, cache-ams21068-AMS
x-ms-lease-status
unlocked
x-ms-creation-time
Sat, 18 Jul 2020 06:30:25 GMT
last-modified
Thu, 09 May 2024 14:21:47 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-timer
S1715619436.282775,VS0,VE2
etag
"0x8DC70335C9D5E68"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
7d8dfd57-001e-0094-201c-a2bf7a000000
cache-control
max-age=31536000
x-ms-version
2021-12-02
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-PINGOTHER, Range
expires
Tue, 13 May 2025 16:57:16 GMT
prev-circle.svg
content.syndigo.com/asset/icons/ 		704 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://content.syndigo.com/asset/icons/prev-circle.svg
Requested by
Host: content.syndigo.com
URL: https://content.syndigo.com/site/42d4ffdb-629b-4589-8de5-89db87ce4a34/syndi.min.mjs?cv=476560
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.129.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
5f77539b742fdd04535c662a509559a01cfa41a229c62aa4f2ccc8c9f7b65dbe

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits
72, 0
x-ms-blob-type
BlockBlob
date
Mon, 13 May 2024 16:57:16 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
content-md5
GVOiRMm4nPksGNDCcB7j8g==
age
354928
x-ms-server-encrypted
true
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
379
x-ms-lease-state
available
x-served-by
cache-den8236-DEN, cache-ams21068-AMS
x-ms-lease-status
unlocked
x-ms-creation-time
Sat, 18 Jul 2020 06:30:26 GMT
last-modified
Thu, 09 May 2024 14:21:48 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-timer
S1715619436.282760,VS0,VE1
etag
"0x8DC70335CDC5A13"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
4fbf261f-501e-006d-361c-a2bc58000000
cache-control
max-age=31536000
x-ms-version
2021-12-02
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-PINGOTHER, Range
expires
Tue, 13 May 2025 16:57:16 GMT
a.gif
event.syndigo.cloud/event/ 		43 B
650 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://event.syndigo.cloud/event/a.gif?u=95747D42-119F-4179-A2D5-3D688E4B590E&siteid=42d4ffdb-629b-4589-8de5-89db87ce4a34&pageid=6152&s=1715619436042&v=v0.4.605&visitid=D46E3568-CD73-4E36-8790-35A7CC1FA237&a=load&dt=2.9302999992370604&xt=hotspots&epci=0e8153c9-baee-634a-8fc7-2aad323a9267&ci=d5a035be-c421-a5bf-20ad-276451f132e3&ref=&r=0.6991764942998537&pageurl=https%3A%2F%2Fpromo-quemdisseberenice.com%2Fquiz-maybe%2Fpremio%2F
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits
65, 1233
x-ms-blob-type
BlockBlob
date
Mon, 13 May 2024 16:57:16 GMT
via
1.1 varnish, 1.1 varnish
content-md5
3z5WfW8W0EAybHoOoppPQQ==
age
354926
x-ms-server-encrypted
true
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
43
x-ms-lease-state
available
x-served-by
cache-den8222-DEN, cache-ams21046-AMS
x-ms-lease-status
unlocked
x-ms-creation-time
Mon, 24 Aug 2020 21:14:54 GMT
last-modified
Thu, 09 May 2024 14:21:49 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-timer
S1715619436.282896,VS0,VE0
etag
"0x8DC70335DB4164D"
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
5b6f2eba-901e-002f-381c-a205d8000000
cache-control
max-age=31536000
x-ms-version
2021-12-02
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-PINGOTHER, Range
expires
Tue, 13 May 2025 16:57:16 GMT
orderForm
promo-quemdisseberenice.com/api/checkout/pub/ 		289 B
636 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://promo-quemdisseberenice.com/api/checkout/pub/orderForm?refreshOutdatedData=true
Requested by
Host: io.vtex.com.br
URL: https://io.vtex.com.br/front-libs/jquery/1.8.3/jquery-1.8.3.min.js?v=1.0.0.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f054889c4fddfe9aa2ae95481fa32122d11c2418a5dabb0a4ceb11f6d25b490

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://promo-quemdisseberenice.com/quiz-maybe/premio/
X-Requested-With
XMLHttpRequest
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type
application/json; charset=UTF-8

Response headers

date
Mon, 13 May 2024 16:57:16 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ebhUUnLA2vBF2lWZO1Qkcfoohx4EPPQRmCgQqWSGlpESiL4dagOrNNUvs24DffQ21lIF0JwzbNGLdi5mjiz7yaei1jyD7I78EIqIwFB4ZopzXXHX96WWzrspcs03%2BttWBLpgw4tDW3XSM7yKHMg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cf-ray
88342fc4de799fc4-AMS
alt-svc
h3=":443"; ma=86400
main-v1.js
s3-sa-east-1.amazonaws.com/chatbot-droz/chatbot-droz-prod/attachment/9d8ec964788d7819cdac497969b23b0cf0ed73ce/ 		2 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://s3-sa-east-1.amazonaws.com/chatbot-droz/chatbot-droz-prod/attachment/9d8ec964788d7819cdac497969b23b0cf0ed73ce/main-v1.js?v=547064
Requested by
Host: chat-app.meudroz.com
URL: https://chat-app.meudroz.com/v1/droz.js?i=9d8ec964788d7819cdac497969b23b0cf0ed73ce&u=https://chat-app.meudroz.com&v=856081
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
16.12.0.84 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-sa-east-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
79bb9daacad4452d5b73011c68f6de54b945524e6d510285ec4cd7f92febdd49

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date
Mon, 13 May 2024 16:57:15 GMT
Last-Modified
Tue, 06 Jun 2023 16:24:39 GMT
Server
AmazonS3
x-amz-request-id
2AP578Z8MJ6WKDMN
ETag
"be570b28d341e20041a42ab1910e3935"
x-amz-server-side-encryption
AES256
Content-Type
text/javascript
Accept-Ranges
bytes
Content-Length
2065
x-amz-id-2
T06RM3AP+WwQmLFhd9hEYVvZtBkMCg27lqH3OmHYwgBnGJhMslMke2oVzg3GAGcQQ0vtgxmbzIY=
6152.json
content.syndigo.com/page/42d4ffdb-629b-4589-8de5-89db87ce4a34/ 		28 KB
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://content.syndigo.com/page/42d4ffdb-629b-4589-8de5-89db87ce4a34/6152.json?u=95747D42-119F-4179-A2D5-3D688E4B590E&siteid=42d4ffdb-629b-4589-8de5-89db87ce4a34&pageid=6152&s=1715619436042&v=v1.0.439&visitid=D46E3568-CD73-4E36-8790-35A7CC1FA237&ref=&pageurl=https%3A%2F%2Fpromo-quemdisseberenice.com%2Fquiz-maybe%2Fpremio%2F
Requested by
Host: content.syndigo.com
URL: https://content.syndigo.com/site/42d4ffdb-629b-4589-8de5-89db87ce4a34/syndi.min.mjs?cv=476560
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.129.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
709689000888d5c967058ac3d744197a4318e42762346e302da0f38f3a72ffa5

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits
32, 0
x-ms-blob-type
BlockBlob
date
Mon, 13 May 2024 16:57:16 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
content-md5
ZPFLUg/zhsGUkSoIPmBZMQ==
age
540869
x-ms-server-encrypted
true
x-cache
HIT, MISS
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
3854
x-ms-lease-state
available
x-served-by
cache-den8265-DEN, cache-ams21068-AMS
x-ms-lease-status
unlocked
x-ms-creation-time
Fri, 19 May 2023 18:43:12 GMT
last-modified
Thu, 28 Sep 2023 23:24:20 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-timer
S1715619436.051385,VS0,VE117
etag
"0x8DBC07A0AB40961"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
cae7239b-d01e-00f5-096b-a09c39000000
cache-control
max-age=31536000
x-ms-version
2021-12-02
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-PINGOTHER, Range
expires
Tue, 13 May 2025 16:57:16 GMT
6152.json
content.syndigo.com/page/42d4ffdb-629b-4589-8de5-89db87ce4a34/ 		28 KB
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://content.syndigo.com/page/42d4ffdb-629b-4589-8de5-89db87ce4a34/6152.json?u=95747D42-119F-4179-A2D5-3D688E4B590E&siteid=42d4ffdb-629b-4589-8de5-89db87ce4a34&pageid=6152&s=1715619436042&v=v1.0.439&visitid=D46E3568-CD73-4E36-8790-35A7CC1FA237&ref=&pageurl=https%3A%2F%2Fpromo-quemdisseberenice.com%2Fquiz-maybe%2Fpremio%2F
Requested by
Host: content.syndigo.com
URL: https://content.syndigo.com/site/42d4ffdb-629b-4589-8de5-89db87ce4a34/syndi.min.mjs?cv=476560
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.129.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
709689000888d5c967058ac3d744197a4318e42762346e302da0f38f3a72ffa5

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits
32, 0
x-ms-blob-type
BlockBlob
date
Mon, 13 May 2024 16:57:16 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
content-md5
ZPFLUg/zhsGUkSoIPmBZMQ==
age
540869
x-ms-server-encrypted
true
x-cache
HIT, MISS
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
3854
x-ms-lease-state
available
x-served-by
cache-den8265-DEN, cache-ams21068-AMS
x-ms-lease-status
unlocked
x-ms-creation-time
Fri, 19 May 2023 18:43:12 GMT
last-modified
Thu, 28 Sep 2023 23:24:20 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-timer
S1715619436.051385,VS0,VE117
etag
"0x8DBC07A0AB40961"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
cae7239b-d01e-00f5-096b-a09c39000000
cache-control
max-age=31536000
x-ms-version
2021-12-02
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-PINGOTHER, Range
expires
Tue, 13 May 2025 16:57:16 GMT
x.gif
event.syndigo.cloud/event/ 		43 B
650 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://event.syndigo.cloud/event/x.gif?u=95747D42-119F-4179-A2D5-3D688E4B590E&siteid=42d4ffdb-629b-4589-8de5-89db87ce4a34&pageid=6152&s=1715619436042&v=v1.0.439&visitid=D46E3568-CD73-4E36-8790-35A7CC1FA237&ci=d5a035be-c421-a5bf-20ad-276451f132e3&epci=0e8153c9-baee-634a-8fc7-2aad323a9267&display=true&userExcludeGroup=1&bucketExpires=1715623036192&experimentExpires=1747155436192&dt=0.362&ref=&r=0.059267242290685695&pageurl=https%3A%2F%2Fpromo-quemdisseberenice.com%2Fquiz-maybe%2Fpremio%2F
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits
27, 1842
x-ms-blob-type
BlockBlob
date
Mon, 13 May 2024 16:57:16 GMT
via
1.1 varnish, 1.1 varnish
content-md5
3z5WfW8W0EAybHoOoppPQQ==
age
354927
x-ms-server-encrypted
true
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
43
x-ms-lease-state
available
x-served-by
cache-den8248-DEN, cache-ams21046-AMS
x-ms-lease-status
unlocked
x-ms-creation-time
Mon, 24 Aug 2020 21:14:54 GMT
last-modified
Thu, 09 May 2024 14:21:49 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-timer
S1715619436.417576,VS0,VE0
etag
"0x8DC70335DAD6088"
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
8e301095-601e-00ad-121c-a24466000000
cache-control
max-age=31536000
x-ms-version
2021-12-02
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-PINGOTHER, Range
expires
Tue, 13 May 2025 16:57:16 GMT
x.gif
event.syndigo.cloud/event/ 		43 B
650 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://event.syndigo.cloud/event/x.gif?u=95747D42-119F-4179-A2D5-3D688E4B590E&siteid=42d4ffdb-629b-4589-8de5-89db87ce4a34&pageid=6152&s=1715619436042&v=v1.0.439&visitid=D46E3568-CD73-4E36-8790-35A7CC1FA237&ci=d5a035be-c421-a5bf-20ad-276451f132e3&epci=0e8153c9-baee-634a-8fc7-2aad323a9267&display=true&userExcludeGroup=1&bucketExpires=1715623036192&experimentExpires=1747155436192&dt=0.365&ref=&r=0.2734669427457799&pageurl=https%3A%2F%2Fpromo-quemdisseberenice.com%2Fquiz-maybe%2Fpremio%2F
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits
27, 1843
x-ms-blob-type
BlockBlob
date
Mon, 13 May 2024 16:57:16 GMT
via
1.1 varnish, 1.1 varnish
content-md5
3z5WfW8W0EAybHoOoppPQQ==
age
354927
x-ms-server-encrypted
true
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
43
x-ms-lease-state
available
x-served-by
cache-den8248-DEN, cache-ams21046-AMS
x-ms-lease-status
unlocked
x-ms-creation-time
Mon, 24 Aug 2020 21:14:54 GMT
last-modified
Thu, 09 May 2024 14:21:49 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-timer
S1715619436.420527,VS0,VE0
etag
"0x8DC70335DAD6088"
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
8e301095-601e-00ad-121c-a24466000000
cache-control
max-age=31536000
x-ms-version
2021-12-02
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-PINGOTHER, Range
expires
Tue, 13 May 2025 16:57:16 GMT
info-circle.svg
content.syndigo.com/asset/icons/ 		3 KB
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://content.syndigo.com/asset/icons/info-circle.svg
Requested by
Host: content.syndigo.com
URL: https://content.syndigo.com/site/42d4ffdb-629b-4589-8de5-89db87ce4a34/syndi.min.mjs?cv=476560
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.129.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
9b6008acdc892596eb825b22e34bdd817564ed903fa413f5610287e500024f3a

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits
130, 0
x-ms-blob-type
BlockBlob
date
Mon, 13 May 2024 16:57:16 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
content-md5
9CJUF+6h9xNqixnDBoHMIQ==
age
354926
x-ms-server-encrypted
true
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1121
x-ms-lease-state
available
x-served-by
cache-den8258-DEN, cache-ams21068-AMS
x-ms-lease-status
unlocked
x-ms-creation-time
Sat, 18 Jul 2020 06:30:26 GMT
last-modified
Thu, 09 May 2024 14:21:47 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-timer
S1715619436.278688,VS0,VE1
etag
"0x8DC70335C8CBF0B"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
11e55783-101e-00ea-671c-a22f3d000000
cache-control
max-age=31536000
x-ms-version
2021-12-02
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-PINGOTHER, Range
expires
Tue, 13 May 2025 16:57:16 GMT
info-circle.svg
content.syndigo.com/asset/icons/ 		3 KB
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://content.syndigo.com/asset/icons/info-circle.svg
Requested by
Host: content.syndigo.com
URL: https://content.syndigo.com/site/42d4ffdb-629b-4589-8de5-89db87ce4a34/syndi.min.mjs?cv=476560
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.129.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
9b6008acdc892596eb825b22e34bdd817564ed903fa413f5610287e500024f3a

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits
130, 0
x-ms-blob-type
BlockBlob
date
Mon, 13 May 2024 16:57:16 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
content-md5
9CJUF+6h9xNqixnDBoHMIQ==
age
354926
x-ms-server-encrypted
true
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1121
x-ms-lease-state
available
x-served-by
cache-den8258-DEN, cache-ams21068-AMS
x-ms-lease-status
unlocked
x-ms-creation-time
Sat, 18 Jul 2020 06:30:26 GMT
last-modified
Thu, 09 May 2024 14:21:47 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-timer
S1715619436.278688,VS0,VE1
etag
"0x8DC70335C8CBF0B"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
11e55783-101e-00ea-671c-a22f3d000000
cache-control
max-age=31536000
x-ms-version
2021-12-02
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-PINGOTHER, Range
expires
Tue, 13 May 2025 16:57:16 GMT
play-circle.svg
content.syndigo.com/asset/icons/ 		424 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://content.syndigo.com/asset/icons/play-circle.svg
Requested by
Host: content.syndigo.com
URL: https://content.syndigo.com/site/42d4ffdb-629b-4589-8de5-89db87ce4a34/syndi.min.mjs?cv=476560
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.129.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
7ade8760f5c15a16b7f5d2b3a495b9de4d05564096f1b1c80c2f485d46b49999

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits
6, 96
x-ms-blob-type
BlockBlob
date
Mon, 13 May 2024 16:57:16 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
content-md5
zB7tXhrv8zpyuE3wfymPcg==
age
354928
x-ms-server-encrypted
true
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
255
x-ms-lease-state
available
x-served-by
cache-den8250-DEN, cache-ams21068-AMS
x-ms-lease-status
unlocked
x-ms-creation-time
Sat, 18 Jul 2020 06:30:26 GMT
last-modified
Thu, 09 May 2024 14:21:48 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-timer
S1715619436.282041,VS0,VE0
etag
"0x8DC70335D32D1B1"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
fd9bfd50-701e-00ec-541c-a21c82000000
cache-control
max-age=31536000
x-ms-version
2021-12-02
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-PINGOTHER, Range
expires
Tue, 13 May 2025 16:57:16 GMT
chevron-right.svg
content.syndigo.com/asset/icons/ 		238 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://content.syndigo.com/asset/icons/chevron-right.svg
Requested by
Host: content.syndigo.com
URL: https://content.syndigo.com/site/42d4ffdb-629b-4589-8de5-89db87ce4a34/syndi.min.mjs?cv=476560
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.129.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
21e39a0f3f251de96105d9e916292bd5bb0036755ea711e5974ac89258b51729

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits
12, 156
x-ms-blob-type
BlockBlob
date
Mon, 13 May 2024 16:57:16 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
content-md5
2Wz+q7/cdOY8bIuCk4a9Jg==
age
354928
x-ms-server-encrypted
true
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
204
x-ms-lease-state
available
x-served-by
cache-den8256-DEN, cache-ams21068-AMS
x-ms-lease-status
unlocked
x-ms-creation-time
Sat, 18 Jul 2020 06:30:26 GMT
last-modified
Thu, 09 May 2024 14:21:48 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-timer
S1715619436.282792,VS0,VE0
etag
"0x8DC70335CE58065"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
fca4175f-201e-003a-611c-a2126b000000
cache-control
max-age=31536000
x-ms-version
2021-12-02
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-PINGOTHER, Range
expires
Tue, 13 May 2025 16:57:16 GMT
chevron-left.svg
content.syndigo.com/asset/icons/ 		246 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://content.syndigo.com/asset/icons/chevron-left.svg
Requested by
Host: content.syndigo.com
URL: https://content.syndigo.com/site/42d4ffdb-629b-4589-8de5-89db87ce4a34/syndi.min.mjs?cv=476560
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.129.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d90559f637847e17a2266d9683a5caa060e8ef23ee2fb42219c824065c2dee62

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits
9, 157
x-ms-blob-type
BlockBlob
date
Mon, 13 May 2024 16:57:16 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
content-md5
oo/oVdLsYGpMVehK2YsMBQ==
age
354927
x-ms-server-encrypted
true
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
208
x-ms-lease-state
available
x-served-by
cache-den8232-DEN, cache-ams21068-AMS
x-ms-lease-status
unlocked
x-ms-creation-time
Sat, 18 Jul 2020 06:30:26 GMT
last-modified
Thu, 09 May 2024 14:21:49 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-timer
S1715619436.282771,VS0,VE0
etag
"0x8DC70335D70BBF9"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
4fbf28c0-501e-006d-461c-a2bc58000000
cache-control
max-age=31536000
x-ms-version
2021-12-02
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-PINGOTHER, Range
expires
Tue, 13 May 2025 16:57:16 GMT
next-circle.svg
content.syndigo.com/asset/icons/ 		693 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://content.syndigo.com/asset/icons/next-circle.svg
Requested by
Host: content.syndigo.com
URL: https://content.syndigo.com/site/42d4ffdb-629b-4589-8de5-89db87ce4a34/syndi.min.mjs?cv=476560
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.129.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
501c75d4239c3de510e78f241ac23e8dc1c0310c1e277bbb0928b30c5208d7e7

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits
72, 1
x-ms-blob-type
BlockBlob
date
Mon, 13 May 2024 16:57:16 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
content-md5
OsZbaJuu/Ad1Wo1AveafWQ==
age
354929
x-ms-server-encrypted
true
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
369
x-ms-lease-state
available
x-served-by
cache-den8236-DEN, cache-ams21068-AMS
x-ms-lease-status
unlocked
x-ms-creation-time
Sat, 18 Jul 2020 06:30:25 GMT
last-modified
Thu, 09 May 2024 14:21:47 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-timer
S1715619436.282775,VS0,VE2
etag
"0x8DC70335C9D5E68"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
7d8dfd57-001e-0094-201c-a2bf7a000000
cache-control
max-age=31536000
x-ms-version
2021-12-02
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-PINGOTHER, Range
expires
Tue, 13 May 2025 16:57:16 GMT
prev-circle.svg
content.syndigo.com/asset/icons/ 		704 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://content.syndigo.com/asset/icons/prev-circle.svg
Requested by
Host: content.syndigo.com
URL: https://content.syndigo.com/site/42d4ffdb-629b-4589-8de5-89db87ce4a34/syndi.min.mjs?cv=476560
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.129.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
5f77539b742fdd04535c662a509559a01cfa41a229c62aa4f2ccc8c9f7b65dbe

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits
72, 0
x-ms-blob-type
BlockBlob
date
Mon, 13 May 2024 16:57:16 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
content-md5
GVOiRMm4nPksGNDCcB7j8g==
age
354928
x-ms-server-encrypted
true
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
379
x-ms-lease-state
available
x-served-by
cache-den8236-DEN, cache-ams21068-AMS
x-ms-lease-status
unlocked
x-ms-creation-time
Sat, 18 Jul 2020 06:30:26 GMT
last-modified
Thu, 09 May 2024 14:21:48 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-timer
S1715619436.282760,VS0,VE1
etag
"0x8DC70335CDC5A13"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
4fbf261f-501e-006d-361c-a2bc58000000
cache-control
max-age=31536000
x-ms-version
2021-12-02
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-PINGOTHER, Range
expires
Tue, 13 May 2025 16:57:16 GMT
a.gif
event.syndigo.cloud/event/ 		43 B
650 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://event.syndigo.cloud/event/a.gif?u=95747D42-119F-4179-A2D5-3D688E4B590E&siteid=42d4ffdb-629b-4589-8de5-89db87ce4a34&pageid=6152&s=1715619436042&v=v0.4.605&visitid=D46E3568-CD73-4E36-8790-35A7CC1FA237&a=load&dt=3.070199998855591&xt=hotspots&epci=0e8153c9-baee-634a-8fc7-2aad323a9267&ci=d5a035be-c421-a5bf-20ad-276451f132e3&ref=&r=0.08340114888783945&pageurl=https%3A%2F%2Fpromo-quemdisseberenice.com%2Fquiz-maybe%2Fpremio%2F
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits
65, 1234
x-ms-blob-type
BlockBlob
date
Mon, 13 May 2024 16:57:16 GMT
via
1.1 varnish, 1.1 varnish
content-md5
3z5WfW8W0EAybHoOoppPQQ==
age
354927
x-ms-server-encrypted
true
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
43
x-ms-lease-state
available
x-served-by
cache-den8222-DEN, cache-ams21046-AMS
x-ms-lease-status
unlocked
x-ms-creation-time
Mon, 24 Aug 2020 21:14:54 GMT
last-modified
Thu, 09 May 2024 14:21:49 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-timer
S1715619436.423474,VS0,VE0
etag
"0x8DC70335DB4164D"
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
5b6f2eba-901e-002f-381c-a205d8000000
cache-control
max-age=31536000
x-ms-version
2021-12-02
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-PINGOTHER, Range
expires
Tue, 13 May 2025 16:57:16 GMT
v2
us.creativecdn.com/tags/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://us.creativecdn.com/tags/v2?type=json&tc=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.10.30 , Cyprus, ASN203690 (RTB-HOUSE-ASH, CY),
Reverse DNS
ip-185-184-10-30.rtbhouse.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://promo-quemdisseberenice.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET, POST
access-control-allow-origin
https://promo-quemdisseberenice.com
access-control-max-age
3600
content-length
0
date
Mon, 13 May 2024 16:57:16 GMT
vary
Origin
token_create.js
ct.pinterest.com/static/ct/ 		4 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/static/ct/token_create.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.2bdc3040.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cd56592299c1c670fb97ef28bcb50048508c01879ecb23b71364aecc0483e202

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:13 GMT
x-cdn
fastly
age
4574
etag
"19c94b308deaf8fbf050b4fca2fa21b7"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=7200
timing-allow-origin
https://ct.pinterest.com
alt-svc
h3=":443";ma=600
content-length
4103
ct.html
ct.pinterest.com/ Frame EEAD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/ct.html
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.2bdc3040.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

alt-svc
h3=":443";ma=600
cache-control
max-age=86400
content-encoding
gzip
content-length
323
content-type
text/html; charset=utf-8
date
Mon, 13 May 2024 16:57:16 GMT
pinterest-version
9ab3886c06a794ff1d841687ae65f5a1cfdbcfc8
referrer-policy
origin
x-cdn
fastly
x-envoy-upstream-service-time
0
x-pinterest-rid
4883596240563841
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=7507EE6988D04B719C38DFF8D2A3A7C7&RedC=c.clarity.ms&MXFR=1C39368A95FF65082D2622F491FF6B02
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=7507EE6988D04B719C38DFF8D2A3A7C7&MUID=22A32BE7B4D96AFF1A583F99B5B56BFF
42 B
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=7507EE6988D04B719C38DFF8D2A3A7C7&MUID=22A32BE7B4D96AFF1A583F99B5B56BFF
Protocol
H2
Server
68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Mon, 13 May 2024 16:57:16 GMT
last-modified
Fri, 01 Mar 2024 22:54:48 GMT
server
Microsoft-IIS/10.0
etag
"3e26b762b6cda1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Mon, 13 May 2024 16:57:16 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 99B28FE85A33401AB965DE02AB1B2906 Ref B: BRU30EDGE0519 Ref C: 2024-05-13T16:57:16Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=7507EE6988D04B719C38DFF8D2A3A7C7&MUID=22A32BE7B4D96AFF1A583F99B5B56BFF
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
bat.js
bat.bing.com/ 		45 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:14 GMT
content-encoding
gzip
last-modified
Thu, 29 Feb 2024 19:58:06 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 2EA9FB591FA046FDB636026A1ABC80AC Ref B: BRU30EDGE0519 Ref C: 2024-05-13T16:57:14Z
etag
"01b4e9c496bda1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13261
orderForm
promo-quemdisseberenice.com/api/checkout/pub/ 		289 B
644 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://promo-quemdisseberenice.com/api/checkout/pub/orderForm?refreshOutdatedData=true
Requested by
Host: io.vtex.com.br
URL: https://io.vtex.com.br/front-libs/jquery/1.8.3/jquery-1.8.3.min.js?v=1.0.0.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f054889c4fddfe9aa2ae95481fa32122d11c2418a5dabb0a4ceb11f6d25b490

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://promo-quemdisseberenice.com/quiz-maybe/premio/
X-Requested-With
XMLHttpRequest
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type
application/json; charset=UTF-8

Response headers

date
Mon, 13 May 2024 16:57:16 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7ohkYD0wf3YZ9ZWBFzLb9svUmd7YjxjEv6nVfydWm%2F%2BRveb4lR45sUXfPduDxI4QLYnAec9KFVGM2KNe0QQ%2FhuNe9dQ9zGi8AB5WAFLHp3TpAKZPAGtpEgx%2BNDFSmZTY%2BMCBNxkIoB4StIMZN9w%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cf-ray
88342fc74afc9fc4-AMS
alt-svc
h3=":443"; ma=86400
g.js
static.percycle.com/epocacosmeticos/ 		0
0
btg360-2.0.1.min.js
i.btg360.com.br/ 		12 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://i.btg360.com.br/btg360-2.0.1.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PXJPWLP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca5c12fa2a2fdc26de649d2e849008083ee8671790948ba832c84d5a2cd5dbbc

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:14 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 11 Apr 2024 19:40:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-amz-request-id
TMV76N0HRHT5HE34
age
6404
etag
W/"479693e69031f0fcc929a4cf65dbe90e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g0KX6R7%2Fw92TjVTJtiKlEfzZ4uxZm29ABYi6a%2F4Jq4q0N%2BUMj0utnHowLjN9EQqd6kVui7RIgsHe%2BzL9YumQi%2BaxIFXpf9FpDX%2BX5AGv9VfV4fY2rXSm2FKV4BdeAmuURM7HFJu8s3fPrZ%2BJyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
88342fbbffaf0e50-AMS
x-amz-id-2
TxxdW+Ny24pmJpansB9XM/LXduTfztAUqf/nr9J6rsukz3rwh5JRnkLqAvo/yZzZeAIe4N02Kuk=
hotjar-700264.js
static.hotjar.com/c/ 		9 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-700264.js?sv=6
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-51.fra56.r.cloudfront.net
Software
/
Resource Hash
bd884404c1bb5915f953c7f3e922982d6b26448a78a8b3445b15c2641aeb1115
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:15 GMT
content-encoding
br
x-content-type-options
nosniff
via
1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
etag
W/725d601b52275eb0ad12cd3b1b718473
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
cross-origin-resource-policy
cross-origin
x-amz-cf-id
RjPxI9qkPJdmvoUGLZaqHqHuwXxpWQIbZpNuIcUjcfqWdO-bpnXBxw==
tracker.min.js
tracker.pensebig.com.br/scripts/ 		5 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tracker.pensebig.com.br/scripts/tracker.min.js
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
169.55.209.190 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
be.d1.37a9.ip4.static.sl-reverse.com
Software
Microsoft-IIS/10.0 /
Resource Hash
95167664226c09c2a69097d4af4fb5e3e5c0f753d5f1a698845d5a4377211d76

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:15 GMT
content-encoding
br
last-modified
Tue, 23 Feb 2021 10:01:08 GMT
server
Microsoft-IIS/10.0
etag
"1d709cace4e5f0a"
vary
Accept-Encoding
content-type
text/javascript
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400; persistir=1
aw.js
cdn.siteblindado.com/ 		4 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.siteblindado.com/aw.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PXJPWLP
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::214:8e70 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
istio-envoy /
Resource Hash
6ee55ce73cc6f064f248d71356dfc718115c906839e9018eb9af78240a5f76db

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:14 GMT
content-encoding
gzip
last-modified
Wed, 20 Mar 2024 23:22:12 GMT
server
istio-envoy
etag
"65fb6fa4-10ac"
vary
Accept-Encoding
content-type
application/javascript
x-envoy-upstream-service-time
0
accept-ranges
bytes
content-length
1170
trustvox-selo.css
promo-quemdisseberenice.com/arquivos/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://promo-quemdisseberenice.com/arquivos/trustvox-selo.css?v=123
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PXJPWLP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/quiz-maybe/premio/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:14 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BvoERxExnmDccpQBTy454%2BXw04QVjoHKTfXdd7d1pTnurbk88ferJ68tr70hSMtPb8LhMATvq5M0nIf9zxSDkyz7l8iBXws4q3g%2B1%2FjCestb8BlNGyHy7esShhdowWlw%2FyouzVMmyl6qd%2BKpBEv0HcAyrWmVgM2HKL8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
88342fb58d9f9fed-AMS
alt-svc
h3=":443"; ma=86400
events.js
analytics.tiktok.com/i18n/pixel/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C3VI4K9U9OSLU1GC5NK0&lib=ttq
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-162.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e9bcd4196c5a7fea7308ff49a3dbd2979ca38f86bd4e8d7f2c7d1141211282b4

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-akamai-request-id
1fd7d138.aaf33d18
date
Mon, 13 May 2024 16:57:16 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2405131657169F31C961C8F53EBB833D-6BA8701E1ABEC291-00
x-cache
TCP_MISS from a104-126-37-158.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
x-parent-response-time
120,104.126.37.158
server-timing
cdn-cache; desc=MISS, edge; dur=112, origin; dur=8, inner; dur=3
content-length
2014
pragma
no-cache
server
nginx
x-tt-logid
202405131657169F31C961C8F53EBB833D
x-cache-remote
TCP_MISS from a23-15-7-192.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
8,23.15.7.192
x-tt-trace-host
01e623bd4a1a6771e371d4afb544e9cc0b4525732b068c3e63166adabc622bbc0b83a450e8bb7a1de956006500c4c63ccce727e1eb928762a0dd368f22ed7da794aa979253c4c23484303c8faf053aaa383447ce358a6e3010838817fe871df4efe8d20caf7441cffdd09905476345b841
expires
Mon, 13 May 2024 16:57:16 GMT
aperture.js
cdn.perfdrive.com/aperture/ 		26 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.perfdrive.com/aperture/aperture.js
Requested by
Host: promo-quemdisseberenice.com
URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.29.114 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
114.29.211.130.bc.googleusercontent.com
Software
nginx/1.10.1 /
Resource Hash
9fb91ff0e8c179aea40dbe6842b36fd201654f5647c21dcec41fd18be535d506

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:13:04 GMT
content-encoding
gzip
via
1.1 google
last-modified
Mon, 13 May 2024 04:56:42 GMT
server
nginx/1.10.1
age
2649
etag
W/"66419d8a-6844"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7938
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2019370462&t=event&ni=1&_s=1&dl=https%3A%2F%2Fpromo-quemdisseberenice.com%2Fquiz-maybe%2Fpremio%2F&ul=nl-nl&de=UTF-8&dt=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Enhanced%20Ecommerce&ea=Detalhe%20de%20Produto&el=Kit%20Especial%20Ludmila%20%26amp%3B%20MAYBELLINE_undefined&_u=6HDAAEADQAAAACAcI~&jid=174556059&gjid=1310710547&cid=1635439330.1715619435&tid=UA-2774154-1&_gid=1983990534.1715619435&_r=1&gtm=45He4580n81PXJPWLPv78349010za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&pa=detail&pr1nm=Kit%20Especial%20Ludmila%20%26amp%3B%20MAYBELLINE&pr1pr=R%24%20186%2C90&pr1br=Maybelline&pr1ca=M%C3%A1scara%20para%20C%C3%ADlios&pr1ps=0&npa=1&z=1397833355
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://promo-quemdisseberenice.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 13 May 2024 16:57:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://promo-quemdisseberenice.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2019370462&t=event&ni=1&_s=1&dl=https%3A%2F%2Fpromo-quemdisseberenice.com%2Fquiz-maybe%2Fpremio%2F&ul=nl-nl&de=UTF-8&dt=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=P%C3%A1gina%20de%20Produto&ea=Impress%C3%A3o%20Banner%20Tripa&el=Promo%20do%20Dia%20_cupom-AMOBOLSA&_u=6HDAAEADQAAAACAcI~&jid=14886963&gjid=1659954912&cid=1635439330.1715619435&tid=UA-2774154-1&_gid=1983990534.1715619435&_r=1&gtm=45He4580n81PXJPWLPv78349010za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&pa=detail&pr1nm=Kit%20Especial%20Ludmila%20%26amp%3B%20MAYBELLINE&pr1pr=R%24%20186%2C90&pr1br=Maybelline&pr1ca=M%C3%A1scara%20para%20C%C3%ADlios&pr1ps=0&npa=1&z=1956062107
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://promo-quemdisseberenice.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 13 May 2024 16:57:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://promo-quemdisseberenice.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2019370462&t=event&ni=1&_s=1&dl=https%3A%2F%2Fpromo-quemdisseberenice.com%2Fquiz-maybe%2Fpremio%2F&ul=nl-nl&de=UTF-8&dt=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=P%C3%A1gina%20de%20Produto&ea=Impress%C3%A3o%20Brinde&el=%3Cp%3EBrinde%20Maybelline%20Caixa%20Presente%C3%A1vel%20(Imagem%20ilustrativa)%20undefinedundefined%3C%2Fp%3E%3Cspan%3Eundefined%3C%2Fspan%3E&_u=6HDAAEADQAAAACAcI~&jid=2096417377&gjid=122559380&cid=1635439330.1715619435&tid=UA-2774154-1&_gid=1983990534.1715619435&_r=1&gtm=45He4580n81PXJPWLPv78349010za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&pa=detail&pr1nm=Kit%20Especial%20Ludmila%20%26amp%3B%20MAYBELLINE&pr1pr=R%24%20186%2C90&pr1br=Maybelline&pr1ca=M%C3%A1scara%20para%20C%C3%ADlios&pr1ps=0&npa=1&z=974958409
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://promo-quemdisseberenice.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 13 May 2024 16:57:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://promo-quemdisseberenice.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2019370462&t=event&ni=1&_s=1&dl=https%3A%2F%2Fpromo-quemdisseberenice.com%2Fquiz-maybe%2Fpremio%2F&ul=nl-nl&de=UTF-8&dt=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=P%C3%A1gina%20de%20Produto&ea=Impress%C3%A3o%20Recomendados&el=Kit%20Especial%20Ludmila%20%26amp%3B%20MAYBELLINE_undefined&_u=6HDAAEADQAAAACAcI~&jid=1327456750&gjid=2031771256&cid=1635439330.1715619435&tid=UA-2774154-1&_gid=1983990534.1715619435&_r=1&gtm=45He4580n81PXJPWLPv78349010za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&pa=detail&pr1nm=Kit%20Especial%20Ludmila%20%26amp%3B%20MAYBELLINE&pr1pr=R%24%20186%2C90&pr1br=Maybelline&pr1ca=M%C3%A1scara%20para%20C%C3%ADlios&pr1ps=0&npa=1&z=1913537103
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://promo-quemdisseberenice.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 13 May 2024 16:57:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://promo-quemdisseberenice.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=269861466524501&ev=ViewContent&dl=https%3A%2F%2Fpromo-quemdisseberenice.com%2Fquiz-maybe%2Fpremio%2F&rl=&if=false&ts=1715619436679&cd[content_ids]=%5Bnull%5D&cd[content_type]=product&cd[value]=186.9&cd[contents]=%5B%7B%22id%22%3Anull%2C%22quantity%22%3A1%2C%22item_price%22%3A%22186.9%22%7D%5D&cd[currency]=BRL&sw=1600&sh=1200&v=2.9.156&r=stable&ec=3&o=4126&fbp=fb.1.1715619435876.109357981&ler=empty&cdl=API_unavailable&it=1715619435754&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=26, rtx=0, c=10, mss=1294, tbw=3357, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 13 May 2024 16:57:16 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
bg.png
s3-sa-east-1.amazonaws.com/frame-image-br/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3-sa-east-1.amazonaws.com/frame-image-br/bg.png?x-id=d27636b60c50ac7303b1234bd85271b3&x-r=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
16.12.0.84 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-sa-east-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date
Mon, 13 May 2024 16:57:16 GMT
Last-Modified
Thu, 04 May 2017 08:21:21 GMT
Server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:502/gname:staff/uname:user/gid:20/mode:33188/mtime:1493416832/atime:1493796970/md5:d41d8cd98f00b204e9800998ecf8427e/ctime:1493416832
x-amz-request-id
N8PQBAYA41MMWVSV
ETag
"d41d8cd98f00b204e9800998ecf8427e"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
0
x-amz-id-2
9Gk6hhZsdc2KjOzJZqUuB4ZVQHMM+sHixjKPRKt1F+UyJkm7GXnGVegc1b1GrkBfOZ4WCKXEOUg=
catchtagGeralExata.php
standout.com.br/epocacosmeticos/ 		150 B
404 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://standout.com.br/epocacosmeticos/catchtagGeralExata.php?distributor=epocacosmeticos&sku=&url=https%3A%2F%2Fpromo-quemdisseberenice.com%2Fquiz-maybe%2Fpremio%2F&action=PageView&variableValue=&browserName=Safari&browserVersion=14.1.2&geolocation=undefined&language=nl-NL&plataform=undefined&monitored=false&preco=&disponibilidade=0&bot=false
Requested by
Host: s3-sa-east-1.amazonaws.com
URL: https://s3-sa-east-1.amazonaws.com/assets.standout.com.br/js/script-standout-epocacosmeticos.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.229.209.188 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-229-209-188.sa-east-1.compute.amazonaws.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
d33c27df695e83eff233aa2586f666d4957ea94bed65fd2f3c62f75b4aaeb550

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:17 GMT
x-standout-cached
Yes
x-standout-cached-reload
No
server
Apache/2.4.38 (Debian)
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-standout-time
29.409885406494
access-control-allow-headers
Content-Type
content-length
150
x-request-processing-time
D=30371
__product.gif
c.btg360.com.br/ 		50 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.btg360.com.br/__product.gif?btgId=34:1&cookieBid=41ac31e8-709f-4ce5-9fd8-2ffcfc1d5d1b&url=https%3A%2F%2Fpromo-quemdisseberenice.com%2Fquiz-maybe%2Fpremio%2F&rand=7054863773222708&email=&id=6152&name=M%C3%A1scara%20de%20C%C3%ADlios%20Maybelline%20The%20Colossal%20Volum%27%20Express%20Lav%C3%A1vel%20Preto&price=43.9&department=Maquiagem&category=M%C3%A1scara%20para%20C%C3%ADlios&subcategory=&brand=Maybelline
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
177.153.231.53 , Brazil, ASN27715 (Locaweb Servicos de Internet SA, BR),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips / ASP.NET
Resource Hash
36f31c1f33d0142aeb0c9991af345e4996eb53cb3ed1c8571e1dabcb05ea8adf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Pragma
no-cache
Date
Mon, 13 May 2024 16:57:17 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sat, 04 Jan 2004 22:22:22 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips
Age
51243
X-Powered-By
ASP.NET
Content-Type
image/gif
Cache-Control
no-cache=Set-Cookie, no-cache, private,proxy-revalidate
Connection
close
Content-Length
50
Expires
Sat, 31 Jul 1999 05:00:00 GMT
5061910.js
bat.bing.com/p/action/ 		4 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/5061910.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c313eec4e95dde04ddcc53a36b3a6a2cc8920d7342347fbe9528c21c899bb178

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:14 GMT
content-encoding
br
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 92046B4CAD2D4E129E32FDF58B5A317C Ref B: BRU30EDGE0519 Ref C: 2024-05-13T16:57:14Z
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
cache-control
private,max-age=60
0
bat.bing.com/action/ 		0
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5061910&Ver=2&mid=51a1549c-d725-43af-8121-e77cb583c913&sid=da0389c0114911ef919c716a1fae3450&vid=da03afc0114911efbdeded80c73eabf8&vids=0&msclkid=N&pi=918639831&lg=nl-NL&sw=1600&sh=1200&sc=24&tl=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&p=https%3A%2F%2Fpromo-quemdisseberenice.com%2Fquiz-maybe%2Fpremio%2F&r=&lt=3322&evt=pageLoad&sv=1&rn=627532
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 13 May 2024 16:57:16 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: F8B876D0CF5A449686157DF5563702A5 Ref B: BRU30EDGE0519 Ref C: 2024-05-13T16:57:16Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
info
seal.siteblindado.com/v1/promo-quemdisseberenice.com/ 		26 B
591 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://seal.siteblindado.com/v1/promo-quemdisseberenice.com/info
Requested by
Host: cdn.siteblindado.com
URL: https://cdn.siteblindado.com/aw.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::214:8e59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
istio-envoy /
Resource Hash
086650f1f98acc74306206f2f32fe38f6101711b9ffbaa8664559ed92931418d

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-origin
*
date
Mon, 13 May 2024 16:57:16 GMT
x-envoy-upstream-service-time
12
server
istio-envoy
content-length
26
content-type
application/json
catchtagGeralExata.php
standout.com.br/epocacosmeticos/ 		150 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://standout.com.br/epocacosmeticos/catchtagGeralExata.php?distributor=epocacosmeticos&sku=&url=https%3A%2F%2Fpromo-quemdisseberenice.com%2Fquiz-maybe%2Fpremio%2F&action=PageView&variableValue=&browserName=Safari&browserVersion=14.1.2&geolocation=undefined&language=nl-NL&plataform=undefined&monitored=false&preco=&disponibilidade=0&bot=false
Requested by
Host: s3-sa-east-1.amazonaws.com
URL: https://s3-sa-east-1.amazonaws.com/assets.standout.com.br/js/script-standout-epocacosmeticos.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.229.209.188 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-229-209-188.sa-east-1.compute.amazonaws.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
d33c27df695e83eff233aa2586f666d4957ea94bed65fd2f3c62f75b4aaeb550

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:17 GMT
x-standout-cached
Yes
x-standout-cached-reload
No
server
Apache/2.4.38 (Debian)
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-standout-time
69.721937179565
access-control-allow-headers
Content-Type
content-length
150
x-request-processing-time
D=70703
main.js
chat-app.meudroz.com/iframe/ 		63 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://chat-app.meudroz.com/iframe/main.js?v=547064
Requested by
Host: chat-app.meudroz.com
URL: https://chat-app.meudroz.com/v1/droz.js?i=9d8ec964788d7819cdac497969b23b0cf0ed73ce&u=https://chat-app.meudroz.com&v=749336
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63c02ad54dc396aa2e0bd9fecee4ea05461f1bc15ad6c752eb886458cf50bb91
Security Headers
Name Value
Content-Security-Policy default-src *; font-src *;img-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; frame-ancestors *
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:14 GMT
content-security-policy
default-src *; font-src *;img-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; frame-ancestors *
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 18 Apr 2024 21:31:48 GMT
server
cloudflare
etag
W/"64363-1713475908000"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vKYJFPMaFHXssWLwY%2BAR%2BuIGfJcsiCd7bhkBWghAA%2F3YaMHYF%2BHFxzQsWPiM3ehQLYSVseotDaOAOg1ntZMC7Y1htKGvCFE%2BLpFucDfo7tWVClm%2F%2FmEgtqAHQB5TiYyr76qzj1I6BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=2073600
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
cf-ray
88342fb71f006643-AMS
priority
u=1,i=?0
5061910
www.clarity.ms/tag/uet/ 		843 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/uet/5061910
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/5061910.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3ed4e7cc355fb537415da321a14652d9b37ad58040ba1bd2ca29b23ec8ab4bda

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

expires
-1
date
Mon, 13 May 2024 16:57:17 GMT
x-azure-ref
20240513T165716Z-1577bc5fdd5dxrn64qwqfptkdc000000040000000000hhf7
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
843
request-context
appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
droz.css
chat-app.meudroz.com//v1/ 		10 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://chat-app.meudroz.com//v1/droz.css?v=1
Requested by
Host: chat-app.meudroz.com
URL: https://chat-app.meudroz.com/iframe/main.js?v=547064
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47bb1e860b10c1705406bb14f24fe00ea5422b7cf9c83cb99f373095cd7fc8c1
Security Headers
Name Value
Content-Security-Policy default-src *; font-src *;img-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; frame-ancestors *
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:13 GMT
content-security-policy
default-src *; font-src *;img-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; frame-ancestors *
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6332
cf-polished
origSize=10056
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin
cf-bgj
minify
last-modified
Thu, 18 Apr 2024 21:31:50 GMT
server
cloudflare
etag
W/"10056-1713475910000"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KU2nu5kXd5LZuXqJasQxbBK4MOlP7l5I4ZU5UHYm8YJWqjyvRYDzFvcXkV6QQXQffJqqbM14OBwG8UcS9bReBMn39liVpJK0oM%2BG5pQAmKQtyz8ey7SBsWG2UysEIYq5N2tgeKB3QA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2073600
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
cf-ray
88342fb5edce6643-AMS
priority
u=0,i=?0
css
fonts.googleapis.com/ 		6 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,700,900?v=1
Requested by
Host: chat-app.meudroz.com
URL: https://chat-app.meudroz.com/iframe/main.js?v=547064
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
437989feebcf325430945e4224d167e7660faa3f4f09c7330807f1d49031c405
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
expires
Mon, 13 May 2024 16:57:13 GMT
main-v1.css
s3-sa-east-1.amazonaws.com/chatbot-droz/chatbot-droz-prod/attachment/9d8ec964788d7819cdac497969b23b0cf0ed73ce/ 		31 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s3-sa-east-1.amazonaws.com/chatbot-droz/chatbot-droz-prod/attachment/9d8ec964788d7819cdac497969b23b0cf0ed73ce/main-v1.css?v=547064
Requested by
Host: chat-app.meudroz.com
URL: https://chat-app.meudroz.com/iframe/main.js?v=547064
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
16.12.0.84 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-sa-east-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
5e7b26a6b26ac59880286ea3a557b4f1a64f81091dca9573f3748c1d70d7c1c9

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date
Mon, 13 May 2024 16:57:15 GMT
Last-Modified
Wed, 14 Apr 2021 19:06:50 GMT
Server
AmazonS3
x-amz-request-id
2APD9F3ERRDXTNSQ
ETag
"08c3ac04f0cac20811f3ccf85c43035a"
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
32063
x-amz-id-2
ng7Zr/ZV887qZ8cStJsR5P2q9Jt2juTQm5yqLtrIzMK3pmxOlbjVZ+XOQCq5Q74vJdJUNubOyxc=
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v30/ 		11 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,900?v=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://promo-quemdisseberenice.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 07 May 2024 08:16:56 GMT
x-content-type-options
nosniff
age
549618
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11040
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 May 2025 08:16:56 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v30/ 		11 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,900?v=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://promo-quemdisseberenice.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 07 May 2024 07:45:36 GMT
x-content-type-options
nosniff
age
551498
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11028
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 May 2025 07:45:36 GMT
icon-minimized-20200918113245043-313.png
s3.sa-east-1.amazonaws.com/chatbot-droz/chatbot-droz-prod/attachment/9d8ec964788d7819cdac497969b23b0cf0ed73ce/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.sa-east-1.amazonaws.com/chatbot-droz/chatbot-droz-prod/attachment/9d8ec964788d7819cdac497969b23b0cf0ed73ce/icon-minimized-20200918113245043-313.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.165.80 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-sa-east-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
406cb6f4517e483d3c94c50f38c4c291d3057c955a696685e97727edb75c5573

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date
Mon, 13 May 2024 16:57:16 GMT
Last-Modified
Fri, 18 Sep 2020 14:32:46 GMT
Server
AmazonS3
x-amz-request-id
N8PK6E5MPR9EDX0N
ETag
"77696db7316beec9faa8a3ad481cc735"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
1421
x-amz-id-2
H4ujMhlbezglhBVsXONaOWG8qwRwHwYL1j2t6vRLdUzMfCZ6XuBOSCpChULUxOHCVG29f8ijtoQ=
main.MWNkMWZjOGNjMQ.js
analytics.tiktok.com/i18n/pixel/static/ 		431 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MWNkMWZjOGNjMQ.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C3VI4K9U9OSLU1GC5NK0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-162.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
25c8e105aed1fd7c0e7869d4e5cdc896fc4f74a2e6a24428711da23557cb98d3

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-akamai-request-id
aaf3327a
date
Mon, 13 May 2024 16:57:15 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20240509122017C6A3DA942D378CD1D659
x-tt-trace-id
00-240509122017C6A3DA942D378CD1D659-0B62F12BEBA5E9FA-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a104-126-37-158.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01962ca1e2245776b4610c8927232fc2114567e60f2a10616198c2fda75c67df31c81031e80bafc03a007b9bec2104bf830d5ce2202febecd0c7248b77de308d6d03cc20374a0280e6af819cf409c096d6b202c98d5ff3134a8d9b9c99f65aaa7a
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
content-length
116266
main.js
chat-app.meudroz.com/iframe/ 		63 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://chat-app.meudroz.com/iframe/main.js?v=547064
Requested by
Host: chat-app.meudroz.com
URL: https://chat-app.meudroz.com/v1/droz.js?i=9d8ec964788d7819cdac497969b23b0cf0ed73ce&u=https://chat-app.meudroz.com&v=749336
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63c02ad54dc396aa2e0bd9fecee4ea05461f1bc15ad6c752eb886458cf50bb91
Security Headers
Name Value
Content-Security-Policy default-src *; font-src *;img-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; frame-ancestors *
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:14 GMT
content-security-policy
default-src *; font-src *;img-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; frame-ancestors *
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 18 Apr 2024 21:31:48 GMT
server
cloudflare
etag
W/"64363-1713475908000"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vKYJFPMaFHXssWLwY%2BAR%2BuIGfJcsiCd7bhkBWghAA%2F3YaMHYF%2BHFxzQsWPiM3ehQLYSVseotDaOAOg1ntZMC7Y1htKGvCFE%2BLpFucDfo7tWVClm%2F%2FmEgtqAHQB5TiYyr76qzj1I6BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=2073600
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
cf-ray
88342fb71f006643-AMS
priority
u=1,i=?0
droz.css
chat-app.meudroz.com//v1/ 		10 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://chat-app.meudroz.com//v1/droz.css?v=1
Requested by
Host: chat-app.meudroz.com
URL: https://chat-app.meudroz.com/iframe/main.js?v=547064
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47bb1e860b10c1705406bb14f24fe00ea5422b7cf9c83cb99f373095cd7fc8c1
Security Headers
Name Value
Content-Security-Policy default-src *; font-src *;img-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; frame-ancestors *
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:13 GMT
content-security-policy
default-src *; font-src *;img-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; frame-ancestors *
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6332
cf-polished
origSize=10056
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin
cf-bgj
minify
last-modified
Thu, 18 Apr 2024 21:31:50 GMT
server
cloudflare
etag
W/"10056-1713475910000"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KU2nu5kXd5LZuXqJasQxbBK4MOlP7l5I4ZU5UHYm8YJWqjyvRYDzFvcXkV6QQXQffJqqbM14OBwG8UcS9bReBMn39liVpJK0oM%2BG5pQAmKQtyz8ey7SBsWG2UysEIYq5N2tgeKB3QA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2073600
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
cf-ray
88342fb5edce6643-AMS
priority
u=0,i=?0
css
fonts.googleapis.com/ 		6 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,700,900?v=1
Requested by
Host: chat-app.meudroz.com
URL: https://chat-app.meudroz.com/iframe/main.js?v=547064
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
437989feebcf325430945e4224d167e7660faa3f4f09c7330807f1d49031c405
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
expires
Mon, 13 May 2024 16:57:13 GMT
main-v1.css
s3-sa-east-1.amazonaws.com/chatbot-droz/chatbot-droz-prod/attachment/9d8ec964788d7819cdac497969b23b0cf0ed73ce/ 		31 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s3-sa-east-1.amazonaws.com/chatbot-droz/chatbot-droz-prod/attachment/9d8ec964788d7819cdac497969b23b0cf0ed73ce/main-v1.css?v=547064
Requested by
Host: chat-app.meudroz.com
URL: https://chat-app.meudroz.com/iframe/main.js?v=547064
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
16.12.0.84 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-sa-east-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
5e7b26a6b26ac59880286ea3a557b4f1a64f81091dca9573f3748c1d70d7c1c9

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date
Mon, 13 May 2024 16:57:15 GMT
Last-Modified
Wed, 14 Apr 2021 19:06:50 GMT
Server
AmazonS3
x-amz-request-id
2APD9F3ERRDXTNSQ
ETag
"08c3ac04f0cac20811f3ccf85c43035a"
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
32063
x-amz-id-2
ng7Zr/ZV887qZ8cStJsR5P2q9Jt2juTQm5yqLtrIzMK3pmxOlbjVZ+XOQCq5Q74vJdJUNubOyxc=
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v30/ 		11 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,900?v=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://promo-quemdisseberenice.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 07 May 2024 08:16:56 GMT
x-content-type-options
nosniff
age
549618
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11040
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 May 2025 08:16:56 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v30/ 		11 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,900?v=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://promo-quemdisseberenice.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 07 May 2024 07:45:36 GMT
x-content-type-options
nosniff
age
551498
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11028
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 May 2025 07:45:36 GMT
icon-minimized-20200918113245043-313.pn
s3.sa-east-1.amazonaws.com/chatbot-droz/chatbot-droz-prod/attachment/9d8ec964788d7819cdac497969b23b0cf0ed73ce/ 		0
0
c.gif
c.clarity.ms/ 		42 B
81 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Mon, 13 May 2024 16:57:16 GMT
last-modified
Fri, 01 Mar 2024 22:54:48 GMT
server
Microsoft-IIS/10.0
etag
"3e26b762b6cda1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
act
analytics.tiktok.com/api/v2/pixel/ 		0
845 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNkMWZjOGNjMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-162.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://promo-quemdisseberenice.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
6d4fb931.aaf34222
date
Mon, 13 May 2024 16:57:17 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240513165717374D9557822C40B81CA6-11F24C7F6AD9A538-00
x-cache
TCP_MISS from a104-126-37-158.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
x-parent-response-time
134,104.126.37.158
server-timing
cdn-cache; desc=MISS, edge; dur=96, origin; dur=51, inner; dur=45
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20240513165717374D9557822C40B81CA6
x-cache-remote
TCP_MISS from a23-48-200-13.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
51,23.48.200.13
x-tt-trace-host
01e623bd4a1a6771e371d4afb544e9cc0b4525732b068c3e63166adabc622bbc0bb939952d87de05d0811652e414942a60fbca52eb04329267dd88881b864f83e2173bc9293e11d19663ec9965e54afddd0edf80f04b5f8ad841c05fcec1db44b730e600b1611c645e1c181341a80e9859
access-control-allow-headers
Authorization,*
expires
Mon, 13 May 2024 16:57:17 GMT
main.js
chat-app.meudroz.com/iframe/ 		63 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://chat-app.meudroz.com/iframe/main.js?v=547064
Requested by
Host: chat-app.meudroz.com
URL: https://chat-app.meudroz.com/v1/droz.js?i=9d8ec964788d7819cdac497969b23b0cf0ed73ce&u=https://chat-app.meudroz.com&v=749336
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63c02ad54dc396aa2e0bd9fecee4ea05461f1bc15ad6c752eb886458cf50bb91
Security Headers
Name Value
Content-Security-Policy default-src *; font-src *;img-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; frame-ancestors *
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:14 GMT
content-security-policy
default-src *; font-src *;img-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; frame-ancestors *
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 18 Apr 2024 21:31:48 GMT
server
cloudflare
etag
W/"64363-1713475908000"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vKYJFPMaFHXssWLwY%2BAR%2BuIGfJcsiCd7bhkBWghAA%2F3YaMHYF%2BHFxzQsWPiM3ehQLYSVseotDaOAOg1ntZMC7Y1htKGvCFE%2BLpFucDfo7tWVClm%2F%2FmEgtqAHQB5TiYyr76qzj1I6BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=2073600
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
cf-ray
88342fb71f006643-AMS
priority
u=1,i=?0
droz.css
chat-app.meudroz.com//v1/ 		10 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://chat-app.meudroz.com//v1/droz.css?v=1
Requested by
Host: chat-app.meudroz.com
URL: https://chat-app.meudroz.com/iframe/main.js?v=547064
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47bb1e860b10c1705406bb14f24fe00ea5422b7cf9c83cb99f373095cd7fc8c1
Security Headers
Name Value
Content-Security-Policy default-src *; font-src *;img-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; frame-ancestors *
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:13 GMT
content-security-policy
default-src *; font-src *;img-src * data:; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; frame-ancestors *
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6332
cf-polished
origSize=10056
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin
cf-bgj
minify
last-modified
Thu, 18 Apr 2024 21:31:50 GMT
server
cloudflare
etag
W/"10056-1713475910000"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KU2nu5kXd5LZuXqJasQxbBK4MOlP7l5I4ZU5UHYm8YJWqjyvRYDzFvcXkV6QQXQffJqqbM14OBwG8UcS9bReBMn39liVpJK0oM%2BG5pQAmKQtyz8ey7SBsWG2UysEIYq5N2tgeKB3QA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2073600
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
cf-ray
88342fb5edce6643-AMS
priority
u=0,i=?0
css
fonts.googleapis.com/ 		6 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,700,900?v=1
Requested by
Host: chat-app.meudroz.com
URL: https://chat-app.meudroz.com/iframe/main.js?v=547064
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
437989feebcf325430945e4224d167e7660faa3f4f09c7330807f1d49031c405
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
expires
Mon, 13 May 2024 16:57:13 GMT
main-v1.css
s3-sa-east-1.amazonaws.com/chatbot-droz/chatbot-droz-prod/attachment/9d8ec964788d7819cdac497969b23b0cf0ed73ce/ 		31 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s3-sa-east-1.amazonaws.com/chatbot-droz/chatbot-droz-prod/attachment/9d8ec964788d7819cdac497969b23b0cf0ed73ce/main-v1.css?v=547064
Requested by
Host: chat-app.meudroz.com
URL: https://chat-app.meudroz.com/iframe/main.js?v=547064
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
16.12.0.84 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-sa-east-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
5e7b26a6b26ac59880286ea3a557b4f1a64f81091dca9573f3748c1d70d7c1c9

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date
Mon, 13 May 2024 16:57:15 GMT
Last-Modified
Wed, 14 Apr 2021 19:06:50 GMT
Server
AmazonS3
x-amz-request-id
2APD9F3ERRDXTNSQ
ETag
"08c3ac04f0cac20811f3ccf85c43035a"
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
32063
x-amz-id-2
ng7Zr/ZV887qZ8cStJsR5P2q9Jt2juTQm5yqLtrIzMK3pmxOlbjVZ+XOQCq5Q74vJdJUNubOyxc=
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v30/ 		11 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,900?v=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://promo-quemdisseberenice.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 07 May 2024 08:16:56 GMT
x-content-type-options
nosniff
age
549618
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11040
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 May 2025 08:16:56 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v30/ 		11 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,900?v=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://promo-quemdisseberenice.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 07 May 2024 07:45:36 GMT
x-content-type-options
nosniff
age
551498
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11028
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 May 2025 07:45:36 GMT
icon-minimized-20200918113245043-313.p
promo-quemdisseberenice.com/quiz-maybe/premio/s3.sa-east-1.amazonaws.com/chatbot-droz/chatbot-droz-prod/attachment/9d8ec964788d7819cdac497969b23b0cf0ed73ce/ 		289 B
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://promo-quemdisseberenice.com/quiz-maybe/premio/s3.sa-east-1.amazonaws.com/chatbot-droz/chatbot-droz-prod/attachment/9d8ec964788d7819cdac497969b23b0cf0ed73ce/icon-minimized-20200918113245043-313.p
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f054889c4fddfe9aa2ae95481fa32122d11c2418a5dabb0a4ceb11f6d25b490

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/quiz-maybe/premio/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:17 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F6avX%2BJu4vZva8ExW%2FPX93Q13wDIA%2FilnNzNoGuF7DfGA99fYX1nFWjKsjN8x4HCbLxTpwu%2Fjvz%2BcJySo%2Fgjg1jZGHS98fL7p5mwLwip2JrIhURYD2OySiATe13b%2BNxLI7eZeYpksMAv5qUleX4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cf-ray
88342fca28179fc4-AMS
alt-svc
h3=":443"; ma=86400
catchtagGeralExata.php
standout.com.br/epocacosmeticos/ 		150 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://standout.com.br/epocacosmeticos/catchtagGeralExata.php?distributor=epocacosmeticos&sku=&url=https%3A%2F%2Fpromo-quemdisseberenice.com%2Fquiz-maybe%2Fpremio%2F&action=PageView&variableValue=&browserName=Safari&browserVersion=14.1.2&geolocation=undefined&language=nl-NL&plataform=undefined&monitored=false&preco=&disponibilidade=0&bot=false
Requested by
Host: s3-sa-east-1.amazonaws.com
URL: https://s3-sa-east-1.amazonaws.com/assets.standout.com.br/js/script-standout-epocacosmeticos.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.229.209.188 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-229-209-188.sa-east-1.compute.amazonaws.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
d33c27df695e83eff233aa2586f666d4957ea94bed65fd2f3c62f75b4aaeb550

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 13 May 2024 16:57:17 GMT
x-standout-cached
Yes
x-standout-cached-reload
No
server
Apache/2.4.38 (Debian)
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-standout-time
37.508964538574
access-control-allow-headers
Content-Type
content-length
150
x-request-processing-time
D=38220
favicon.ico
epocacosmeticos.vteximg.com.br//arquivos/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://epocacosmeticos.vteximg.com.br//arquivos/favicon.ico?v=636953410385330000
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.7.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-28.fra56.r.cloudfront.net
Software
/
Resource Hash
2e9de09d2fc34136af669b078c428ca0244a1bcdcd17fbf7d165aa888f945f0a

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-vtex-apicache-time
388800
date
Mon, 13 May 2024 16:57:17 GMT
x-vtex-cache-server
apicache5
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
x-vtex-processed-at
Thu, 08 Dec 2022 17:45:16 GMT
x-cache
Miss from cloudfront
x-vtex-janus-router-backend-app
prtarq-v1.48.2+1482
alt-svc
h3=":443"; ma=86400
content-length
2020
x-vtex-cache-time
0.001
last-modified
Wed, 05 Jun 2019 14:17:26 GMT
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=345600
x-powered-by-vtex-cache
2.3.2
x-vtex-cache-status-janus-apicache
HIT
x-amz-cf-id
mbbBU_dKdefvoPGSmtmrSY7u97hxU8Z1Y21zjMlnDUZ82wHXJky7BA==
favicon.ico
epocacosmeticos.vteximg.com.br/arquivos/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://epocacosmeticos.vteximg.com.br/arquivos/favicon.ico?v=636953410385330000
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.7.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-28.fra56.r.cloudfront.net
Software
/
Resource Hash
2e9de09d2fc34136af669b078c428ca0244a1bcdcd17fbf7d165aa888f945f0a

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-vtex-apicache-time
388800
date
Mon, 13 May 2024 06:30:16 GMT
x-vtex-cache-server
apicache5
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
age
152285
x-amz-cf-pop
FRA56-P6
x-vtex-processed-at
Thu, 08 Dec 2022 17:45:16 GMT
x-cache
Hit from cloudfront
x-vtex-janus-router-backend-app
prtarq-v1.48.2+1482
alt-svc
h3=":443"; ma=86400
content-length
2020
x-vtex-cache-time
0.000
last-modified
Wed, 05 Jun 2019 14:17:26 GMT
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=345600
x-powered-by-vtex-cache
2.3.2
x-vtex-cache-status-janus-apicache
HIT
x-amz-cf-id
zE1K65UpnMeD_7W4MjLO63XU0nTruZRppBAaBrhuU8s4AcVTZ5zN9w==
favicon-32.png
epocacosmeticos.vteximg.com.br//arquivos/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://epocacosmeticos.vteximg.com.br//arquivos/favicon-32.png?v=636953410363230000
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.7.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-28.fra56.r.cloudfront.net
Software
/
Resource Hash
b6f3468a19d943ec9fb9aff4a1327fe8071461768623794fe3ff897c49815e75

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-vtex-apicache-time
388800
date
Mon, 13 May 2024 16:57:18 GMT
x-vtex-cache-server
apicache11
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
x-vtex-processed-at
Thu, 08 Dec 2022 17:04:08 GMT
x-cache
Miss from cloudfront
x-vtex-janus-router-backend-app
prtarq-v1.48.2+1482
alt-svc
h3=":443"; ma=86400
content-length
1592
x-vtex-cache-time
0.001
last-modified
Wed, 05 Jun 2019 14:17:24 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=345600
x-powered-by-vtex-cache
2.3.2
x-vtex-cache-status-janus-apicache
HIT
x-amz-cf-id
xZLOIuh4d7z-SFju7G7TftFkVAfqqum-ah3R3Q1Qnikt603aROKL1A==
orderForm
promo-quemdisseberenice.com/api/checkout/pub/ 		289 B
639 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://promo-quemdisseberenice.com/api/checkout/pub/orderForm?refreshOutdatedData=true
Requested by
Host: io.vtex.com.br
URL: https://io.vtex.com.br/front-libs/jquery/1.8.3/jquery-1.8.3.min.js?v=1.0.0.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f054889c4fddfe9aa2ae95481fa32122d11c2418a5dabb0a4ceb11f6d25b490

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://promo-quemdisseberenice.com/quiz-maybe/premio/
X-Requested-With
XMLHttpRequest
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type
application/json; charset=UTF-8

Response headers

date
Mon, 13 May 2024 16:57:18 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pG5siwFuF3DWMrt6i5wUY2MQYsX7hU8J5uTy8sG14TrK9olOvj%2FuHvAHHRbcRbWbUf8ElwAYds4hzbaCionxD0d2T5yE3F%2F31rjzr06Z3SSGfBCuJqxxyJdcXixSLZMBeI7UV2FmPZ4n2V8%2FdOc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cf-ray
88342fd379939fc4-AMS
alt-svc
h3=":443"; ma=86400
orderForm
promo-quemdisseberenice.com/api/checkout/pub/ 		289 B
644 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://promo-quemdisseberenice.com/api/checkout/pub/orderForm?refreshOutdatedData=true
Requested by
Host: io.vtex.com.br
URL: https://io.vtex.com.br/front-libs/jquery/1.8.3/jquery-1.8.3.min.js?v=1.0.0.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f054889c4fddfe9aa2ae95481fa32122d11c2418a5dabb0a4ceb11f6d25b490

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://promo-quemdisseberenice.com/quiz-maybe/premio/
X-Requested-With
XMLHttpRequest
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type
application/json; charset=UTF-8

Response headers

date
Mon, 13 May 2024 16:57:19 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fD3rgKKE55xfa0FlTdJ4cMGSFFt01UnSeRqMB47h7Y8ZRK%2BRgAbs4B8A%2FAV2OFbDDN5vS6fYCS1QvjSiRJvLvYbjAF45%2BVnyURnH5WalNugj5xN2qH9ZkLfND%2FkzQ3r8P46%2B09sZgDRH%2FFA8s7M%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cf-ray
88342fd50c3e9fc4-AMS
alt-svc
h3=":443"; ma=86400
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2019370462&t=event&ni=0&_s=1&dl=https%3A%2F%2Fpromo-quemdisseberenice.com%2Fquiz-maybe%2Fpremio%2F&ul=nl-nl&de=UTF-8&dt=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Enhanced%20Ecommerce&ea=promoView&el=banner%20PDP&_u=6HDAAEADQAAAACAcI~&jid=463852319&gjid=776775741&cid=1635439330.1715619435&tid=UA-2774154-1&_gid=1983990534.1715619435&_r=1&gtm=45He4580n81PXJPWLPv78349010za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&promo1nm=banner&promo1cr=banner.png&npa=1&z=45895219
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://promo-quemdisseberenice.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 13 May 2024 16:57:18 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://promo-quemdisseberenice.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=2019370462&t=event&ni=0&_s=1&dl=https%3A%2F%2Fpromo-quemdisseberenice.com%2Fquiz-maybe%2Fpremio%2F&ul=nl-nl&de=UTF-8&dt=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Enhanced%20Ecommerce&ea=promoView&el=banner%20PDP&_u=6HDAAEADQAAAACAcI~&jid=&gjid=&cid=1635439330.1715619435&tid=UA-2774154-1&_gid=1983990534.1715619435&gtm=45He4580n81PXJPWLPv78349010za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&promo1nm=banner&promo1cr=banner.png&npa=1&z=1555471472
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Mon, 13 May 2024 12:20:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
16585
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=2019370462&t=event&ni=0&_s=1&dl=https%3A%2F%2Fpromo-quemdisseberenice.com%2Fquiz-maybe%2Fpremio%2F&ul=nl-nl&de=UTF-8&dt=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Enhanced%20Ecommerce&ea=promoView&el=banner%20PDP&_u=6HDAAEADQAAAACAcI~&jid=&gjid=&cid=1635439330.1715619435&tid=UA-2774154-1&_gid=1983990534.1715619435&gtm=45He4580n81PXJPWLPv78349010za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&promo1nm=banner&promo1cr=banner.png&npa=1&z=230590188
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Mon, 13 May 2024 12:20:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
16586
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
orderForm
promo-quemdisseberenice.com/api/checkout/pub/ 		289 B
648 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://promo-quemdisseberenice.com/api/checkout/pub/orderForm?refreshOutdatedData=true
Requested by
Host: io.vtex.com.br
URL: https://io.vtex.com.br/front-libs/jquery/1.8.3/jquery-1.8.3.min.js?v=1.0.0.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f054889c4fddfe9aa2ae95481fa32122d11c2418a5dabb0a4ceb11f6d25b490

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://promo-quemdisseberenice.com/quiz-maybe/premio/
X-Requested-With
XMLHttpRequest
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type
application/json; charset=UTF-8

Response headers

date
Mon, 13 May 2024 16:57:19 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zbJw7F%2FIZfFPHvqYjw2%2FelDq2ht0qThWmm%2FjskwqzN2sUcjDq%2F%2FaUc4NsADW1gvV7lkdgEWGPM%2F6Qv6%2B%2BTuw82E7ouwR5nuVQnWXKbr47ZTv6hYzhto2nZUQ8ToFThwrgHp91R36sMKzcBn%2F6cE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cf-ray
88342fda8d3e9fc4-AMS
alt-svc
h3=":443"; ma=86400
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-G20C9N71BZ&gtm=45je4580v877287869z8850186639za200&_p=1715619433916&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1635439330.1715619435&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&frm=0&pscdl=noapi&_eu=YA&uid=&sid=1715619435&sct=1&seg=0&dl=https%3A%2F%2Fpromo-quemdisseberenice.com%2Fquiz-maybe%2Fpremio%2F&dt=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&_s=2&tfd=6571
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-G20C9N71BZ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://promo-quemdisseberenice.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 13 May 2024 16:57:19 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://promo-quemdisseberenice.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-G20C9N71BZ&gtm=45je4580v877287869z8850186639za200&_p=1715619433916&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1635439330.1715619435&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&frm=0&pscdl=noapi&_s=3&uid=&sid=1715619435&sct=1&seg=0&dl=https%3A%2F%2Fpromo-quemdisseberenice.com%2Fquiz-maybe%2Fpremio%2F&dt=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&en=view_item_list&_c=1&pr1=id6154~nmM%C3%A1scara%20de%20C%C3%ADlios%20Maybelline%20The%20Colossal%20Volum%27%20Express%20Super%20Filme~pr43.9~brMaybelline~lnLeve%20junto%20%3A)~lpNaN&pr2=id6153~nmM%C3%A1scara%20de%20C%C3%ADlios%20Maybelline%20The%20Colossal%20Volum%27%20Express%20%C3%A0%20Prova%20D%27%C3%A1gua~pr45~brMaybelline~lnLeve%20junto%20%3A)~lpNaN&tfd=6571
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-G20C9N71BZ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Mon, 13 May 2024 16:57:19 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://promo-quemdisseberenice.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=2019370462&t=event&ni=1&cu=BRL&_s=1&dl=https%3A%2F%2Fpromo-quemdisseberenice.com%2Fquiz-maybe%2Fpremio%2F&ul=nl-nl&de=UTF-8&dt=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Enhanced%20Ecommerce&ea=Impress%C3%A3o%20Vitrine&el=Leve%20junto%20%3A)&ev=0&_u=6HDAAEADQAAAACAcI~&jid=&gjid=&cid=1635439330.1715619435&tid=UA-2774154-1&_gid=1983990534.1715619435&gtm=45He4580n81PXJPWLPv78349010za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&il1nm=Leve%20junto%20%3A)&il1pi1nm=M%C3%A1scara%20de%20C%C3%ADlios%20Maybelline%20The%20Colossal%20Volum%27%20Express%20Super%20Filme&il1pi1id=6154&il1pi1pr=43.9&il1pi1br=Maybelline&il1pi1ps=NaN&il1pi2nm=M%C3%A1scara%20de%20C%C3%ADlios%20Maybelline%20The%20Colossal%20Volum%27%20Express%20%C3%A0%20Prova%20D%27%C3%A1gua&il1pi2id=6153&il1pi2pr=45&il1pi2br=Maybelline&il1pi2ps=NaN&npa=1&z=864237257
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Mon, 13 May 2024 12:20:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
16586
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-G20C9N71BZ&gtm=45je4580v877287869z8850186639za200&_p=1715619433916&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1635439330.1715619435&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&frm=0&pscdl=noapi&_eu=YA&_s=4&uid=&sid=1715619435&sct=1&seg=0&dl=https%3A%2F%2Fpromo-quemdisseberenice.com%2Fquiz-maybe%2Fpremio%2F&dt=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&en=view_promotion&pr1=cnbanner.png~pibanner~pnbanner&_et=16&tfd=6593
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-G20C9N71BZ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Mon, 13 May 2024 16:57:19 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://promo-quemdisseberenice.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-G20C9N71BZ&gtm=45je4580v877287869z8850186639za200&_p=1715619433916&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1635439330.1715619435&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&frm=0&pscdl=noapi&_s=5&uid=&sid=1715619435&sct=1&seg=0&dl=https%3A%2F%2Fpromo-quemdisseberenice.com%2Fquiz-maybe%2Fpremio%2F&dt=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&en=view_item_list&_c=1&pr1=id6154~nmM%C3%A1scara%20de%20C%C3%ADlios%20Maybelline%20The%20Colossal%20Volum%27%20Express%20Super%20Filme~pr43.9~brMaybelline~lnLeve%20junto%20%3A)~lpNaN&pr2=id6153~nmM%C3%A1scara%20de%20C%C3%ADlios%20Maybelline%20The%20Colossal%20Volum%27%20Express%20%C3%A0%20Prova%20D%27%C3%A1gua~pr45~brMaybelline~lnLeve%20junto%20%3A)~lpNaN&_et=1&tfd=6593
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-G20C9N71BZ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Mon, 13 May 2024 16:57:19 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://promo-quemdisseberenice.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=2019370462&t=event&ni=1&cu=BRL&_s=1&dl=https%3A%2F%2Fpromo-quemdisseberenice.com%2Fquiz-maybe%2Fpremio%2F&ul=nl-nl&de=UTF-8&dt=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Enhanced%20Ecommerce&ea=Impress%C3%A3o%20Vitrine&el=Leve%20junto%20%3A)&ev=0&_u=6HDAAEADQAAAACAcI~&jid=&gjid=&cid=1635439330.1715619435&tid=UA-2774154-1&_gid=1983990534.1715619435&gtm=45He4580n81PXJPWLPv78349010za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&il1nm=Leve%20junto%20%3A)&il1pi1nm=M%C3%A1scara%20de%20C%C3%ADlios%20Maybelline%20The%20Colossal%20Volum%27%20Express%20Super%20Filme&il1pi1id=6154&il1pi1pr=43.9&il1pi1br=Maybelline&il1pi1ps=NaN&il1pi2nm=M%C3%A1scara%20de%20C%C3%ADlios%20Maybelline%20The%20Colossal%20Volum%27%20Express%20%C3%A0%20Prova%20D%27%C3%A1gua&il1pi2id=6153&il1pi2pr=45&il1pi2br=Maybelline&il1pi2ps=NaN&npa=1&z=470846020
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Mon, 13 May 2024 12:20:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
16586
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-B0521B3853&gtm=45je4580v9115668478za200&_p=1715619433916&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=1635439330.1715619435&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&frm=0&pscdl=noapi&sid=1715619435&sct=1&seg=0&dl=https%3A%2F%2Fpromo-quemdisseberenice.com%2Fquiz-maybe%2Fpremio%2F&dt=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&_s=2&tfd=7190
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B0521B3853&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://promo-quemdisseberenice.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 13 May 2024 16:57:20 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://promo-quemdisseberenice.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-G20C9N71BZ&gtm=45je4580v877287869z8850186639za200&_p=1715619433916&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1635439330.1715619435&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&frm=0&pscdl=noapi&_eu=YA&_s=6&uid=&sid=1715619435&sct=1&seg=0&dl=https%3A%2F%2Fpromo-quemdisseberenice.com%2Fquiz-maybe%2Fpremio%2F&dt=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&en=view_promotion&pr1=cnbanner.png~pibanner~pnbanner&_et=746&tfd=7344
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-G20C9N71BZ&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Mon, 13 May 2024 16:57:20 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://promo-quemdisseberenice.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-G20C9N71BZ&gtm=45je4580v877287869z8850186639za200&_p=1715619433916&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1635439330.1715619435&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&frm=0&pscdl=noapi&_s=7&uid=&sid=1715619435&sct=1&seg=0&dl=https%3A%2F%2Fpromo-quemdisseberenice.com%2Fquiz-maybe%2Fpremio%2F&dt=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&en=view_item_list&_c=1&pr1=id6154~nmM%C3%A1scara%20de%20C%C3%ADlios%20Maybelline%20The%20Colossal%20Volum%27%20Express%20Super%20Filme~pr43.9~brMaybelline~lnLeve%20junto%20%3A)~lpNaN&pr2=id6153~nmM%C3%A1scara%20de%20C%C3%ADlios%20Maybelline%20The%20Colossal%20Volum%27%20Express%20%C3%A0%20Prova%20D%27%C3%A1gua~pr45~brMaybelline~lnLeve%20junto%20%3A)~lpNaN&tfd=7344
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-G20C9N71BZ&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Mon, 13 May 2024 16:57:20 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://promo-quemdisseberenice.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=2019370462&t=event&ni=1&cu=BRL&_s=1&dl=https%3A%2F%2Fpromo-quemdisseberenice.com%2Fquiz-maybe%2Fpremio%2F&ul=nl-nl&de=UTF-8&dt=Kit%20Maybelline%20Colossal%20Age%20Rewind%20Matte%20Ink%20%E2%80%93%20M%C3%A1scara%20de%20C%C3%ADlios%20%2B%20Corretivo%20%2B%20Batom%20-%20%C3%89poca%20Cosm%C3%A9ticos&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Enhanced%20Ecommerce&ea=Impress%C3%A3o%20Vitrine&el=Leve%20junto%20%3A)&ev=0&_u=6HDAAEADQAAAACAcI~&jid=&gjid=&cid=1635439330.1715619435&tid=UA-2774154-1&_gid=1983990534.1715619435&gtm=45He4580n81PXJPWLPv78349010za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&il1nm=Leve%20junto%20%3A)&il1pi1nm=M%C3%A1scara%20de%20C%C3%ADlios%20Maybelline%20The%20Colossal%20Volum%27%20Express%20Super%20Filme&il1pi1id=6154&il1pi1pr=43.9&il1pi1br=Maybelline&il1pi1ps=NaN&il1pi2nm=M%C3%A1scara%20de%20C%C3%ADlios%20Maybelline%20The%20Colossal%20Volum%27%20Express%20%C3%A0%20Prova%20D%27%C3%A1gua&il1pi2id=6153&il1pi2pr=45&il1pi2br=Maybelline&il1pi2ps=NaN&npa=1&z=129257076
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Mon, 13 May 2024 12:20:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
16587
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
h.gif
event.syndigo.cloud/event/ 		43 B
651 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://event.syndigo.cloud/event/h.gif?u=95747D42-119F-4179-A2D5-3D688E4B590E&siteid=42d4ffdb-629b-4589-8de5-89db87ce4a34&pageid=6152&s=1715619436042&v=v1.0.439&visitid=D46E3568-CD73-4E36-8790-35A7CC1FA237&t=6&dt=5.993&ref=&r=0.2638942522662724&pageurl=https%3A%2F%2Fpromo-quemdisseberenice.com%2Fquiz-maybe%2Fpremio%2F
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://promo-quemdisseberenice.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

x-cache-hits
27, 24367
x-ms-blob-type
BlockBlob
date
Mon, 13 May 2024 16:57:22 GMT
via
1.1 varnish, 1.1 varnish
content-md5
3z5WfW8W0EAybHoOoppPQQ==
age
434710
x-ms-server-encrypted
true
x-cache
HIT, HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
43
x-ms-lease-state
available
x-served-by
cache-den8276-DEN, cache-ams21046-AMS
x-ms-lease-status
unlocked
x-ms-creation-time
Mon, 24 Aug 2020 21:14:54 GMT
last-modified
Wed, 08 May 2024 16:12:11 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-timer
S1715619442.047983,VS0,VE0
etag
"0x8DC6F799E738AB0"
content-type
image/gif
access-control-allow-origin
*
x-ms-request-id
b68665d1-b01e-00f3-1b62-a1af86000000
cache-control
max-age=31536000
x-ms-version
2021-12-02
accept-ranges
bytes
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-PINGOTHER, Range
expires
Tue, 13 May 2025 16:57:22 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
static.percycle.com
URL
http://static.percycle.com/epocacosmeticos/g.js
Domain
s3.sa-east-1.amazonaws.com
URL
s://s3.sa-east-1.amazonaws.com/chatbot-droz/chatbot-droz-prod/attachment/9d8ec964788d7819cdac497969b23b0cf0ed73ce/icon-minimized-20200918113245043-313.pn

Verdicts & Comments Add Verdict or Comment

506 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| 34 object| 35 object| 36 object| 37 object| 38 object| 39 object| 40 object| 41 object| 42 object| 43 object| 44 string| GoogleAnalyticsObject function| ga object| dataLayer object| ssTimeLogs object| BrowserStyle string| j object| SSJSConnectorObj function| ssJSActionTaker function| ssJSConnWriteCookies object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge object| html5 object| Modernizr string| jscheckoutUrl string| jscheckoutAddUrl string| jscheckoutGiftListId string| jsnomeSite string| jsnomeLoja string| jssalesChannel string| defaultStoreCurrency object| localeInfo object| vtxctx function| $ function| jQuery object| swfobject object| Class object| Namespace function| addSeparators function| GetCartAddLink function| RenderExtensionLoader function| _toArray function| _iterableToArray function| _slicedToArray function| _nonIterableRest function| _unsupportedIterableToArray function| _arrayLikeToArray function| _iterableToArrayLimit function| _arrayWithHoles object| vtex object| NavigationCapture function| _typeof function| _regeneratorRuntime function| vtexTagManagerHelper function| eventData object| jQuery183016940613102359325 object| _ string| currencySymbol object| currencyFormat string| groupSeparator string| decimalSeparator number| decimalDigits number| groupSize boolean| startsWithCurrencySymbol object| dust object| CATALOG_SDK function| AjaxQueue object| vtexjs object| vtexid string| vtexIdVersion function| Cookies object| EVENT_HISTORY function| ProductComponent string| ___scriptPath string| ___scriptPathTransac string| defaultUtmFromFolder object| adobeDataLayer object| helper object| skuJson_1 object| skuJson_2 object| skuJson_3 object| skuJson boolean| hasMobileFirstExtension boolean| droz_account_status number| timeReturnChatTransferConfig string| droz_position string| droz_position_desktop string| droz_position_mobile string| droz_skin string| droz_token number| prechat_typing_delay number| prechat_open_delay string| nlpNotFoundVariable string| nlpPlaceholder string| feedbackNlpMessage string| feedbackNlp boolean| start_fullscreen boolean| is_hoverable boolean| header_btn_close boolean| header_btn_minimize boolean| header_btn_maximize boolean| has_dialogbox_desktop boolean| has_dialogbox_mobile string| dialogbox_text_desktop string| dialogbox_text_mobile boolean| layout_updated boolean| has_chat_boticon boolean| has_chat_usericon string| icon_minimized string| icon_minimized_mobile boolean| is_hoverable_mobile string| icon_minimized_hover string| icon_minimized_hover_mobile boolean| minimized_img_only boolean| minimized_img_only_mobile boolean| header_btns_inverted_color boolean| has_footer boolean| has_online_description boolean| expand_screensize boolean| droz_minimized_hide_text boolean| allows_extra_attachments string| feedbackNlpNegativeMessage object| botLanguages string| defaultBotLanguage object| RR object| tvt string| distributor string| codigoEmbed object| sku string| preco number| disponibilidade string| url string| urlNew function| StandoutJS function| catchProductData function| standoutMensageria function| hideZopim function| logZopim function| drozAddCssInHead function| buildDrozInputsParameters function| buildDrozFullscreenParameters function| drozBuildUrlIframe function| drozShowOpenButton function| drozHideOpenButton function| drozShowWindow function| drozCloseWindow function| drozMinimizeChat function| drozOnClickCloseButton function| drozOnClickCloseButtonFullscreen function| drozBrothersInit function| drozBrothersResetSizeOriginal function| drozBrothersTitleOpenOrClose function| drozBrothersResetStyle function| addZopimWidgetOnPage function| addSalesforceChatWidgetOnPage function| addMovideskChatWidgetOnPage function| addNeoassistChatWidgetOnPage function| activateZopimDeprecated function| activateSalesforceChat function| activateZopim function| activateMovidesk function| activateNeoassist function| callZopim function| verifyTimerEventListener boolean| customParamsFullscreen string| customer_key number| typing_delay number| open_delay string| button_model string| button_text string| droz_position_class boolean| animate_window boolean| droz_zendesk_chat string| origin_domain object| animation_prop boolean| watsontype boolean| watsonRedirectUrl boolean| watsonuser boolean| watsonAssistantUrl string| defaultBotLanguageParams object| botLanguagesParams string| prechat_url string| zopimStatus string| baseStyle object| drozScriptParams string| drozEnviromentFolder function| init_window_onpage boolean| zopim_integration function| $droz object| gaplugins function| getCookie function| incrementUserId function| retiraAcento function| commonsdesktop object| cd object| _hamburger object| _login object| _depMenu object| _catMenu object| _linkDireto object| _footerMenu object| _sacola object| _footerList object| _socialList object| _fechaMsgtop string| _bodyClass string| type object| exdate string| c_value function| cookieSmartbmc function| cookieMedium function| cookieUtmContent function| cookieUtmCampaign function| cookieZanpid object| s object| google_tag_manager object| google_tag_data function| meliuzCookie number| expirationTime function| _setCookieUtmSession string| urlSearch object| urlParams object| utm_content object| utm_medium object| utm_source object| utmi_cp object| utm_campaign number| $_productId string| $_productName string| $_productImage object| _trustvox string| rr_v boolean| rr_onload_called object| rr_placements object| rr_placement_place_holders function| rr_addLoadEvent function| rr_create_script function| r3_generic function| r3_home function| r3_error function| r3_personal function| r3_brand function| r3_item function| r3_category function| r3_cart function| r3_addtocart function| r3_purchased function| r3_search function| r3_wishlist function| r3_addtoregistry function| r3_common function| r3_placement function| r3 function| rr_flush_onload function| rr_flush function| rr_insert_placement object| PFTX object| notifyMeOptions object| _trustvox_shelf_rate function| _lc function| tooltip function| paste function| select_all_and_copy function| make_copy_button object| __bsd object| __blc object| lc object| base64 boolean| __bid function| TrackCall function| tb_init function| tb_show function| tb_showIframe function| tb_remove function| tb_position function| tb_parseQuery function| tb_getPageSize function| tb_detectMacXFF function| BindImpersonationMailValidate function| ImpersonationMailValidate function| BindImpersonationSearchClick function| BindImpersonationContentClick function| BindImpersonationConfirmClick function| BindImpersonationCloseClick function| BindImpersonationLogoutClick number| impersonationCount undefined| impersonationCounter function| RedirectTimer function| SendImpersonateUserToCheckout function| LoadOn function| VT__Run function| LoadContentInTag function| GetQueryString function| MakeOriginalCaseToAttrName function| otherPaymentMethod_OnSkuDataReceived object| Vtex string| skuSelectionChangedEventName string| skuDataReceivedEventName string| skuImageRelatedSpecSelectedEventName object| ListSkuData object| skuSelectionChanged object| skuDataReceived object| skuImageRelatedSpecSelected object| skuEventDispatcher function| FireSkuSelectionChanged function| FireSkuDataReceived function| FireSkuChangeImage function| force object| skuDataFetcherListener function| SkuDataFetcher_OnSkuSelectionChanged function| getSkuData function| showSkuName object| rtbhEvents function| onYouTubeIframeAPIReady function| postscribe object| google_tag_manager_external object| gaGlobal object| gaData function| pintrk function| UET function| UET_init function| UET_push object| DataLayer object| ___RMCMPW object| cti126194 number| 2f1acc6c3a606b082e5eef5e54414ffb object| core object| _trustvox_initializer object| _trustvox_sincero_attributes object| _trustvox_repro function| gtag object| _trustvox_app function| clarity object| Criteo object| criteo_q object| uetq object| regeneratorRuntime object| __$$GLOBAL_REWIRE_REGISTRY__ function| __rewire_reset_all__ object| RMJS object| rr_myrecs_p string| rr_remote_data object| rr_recs object| rr_dynamic function| rr_call_after_flush object| hjSiteSettings function| hj function| hjBootstrap object| hjLazyModules object| __rmcp2 function| setAccount function| add function| debug function| findCookieBid object| Btg360 number| qdtMarcas object| prechat_inputs object| dmcBtn string| productName string| criteo__visitorInfo string| criteo_email string| deviceType string| pageId object| buyButton string| href object| params object| search object| __sku string| customerId string| ga_session undefined| items undefined| commertialOffer undefined| price undefined| available undefined| pixMethod object| HLLibrary undefined| droz_ibm_watson_url undefined| droz_ibm_watson_token undefined| droz_ibm_watson_auth undefined| droz_ibm_watson_redirect_url undefined| droz_ibm_watson_assistant_url function| drozAddScriptInHead function| drozAddDivInBody function| drozInstallScript function| drozRemoveScript function| drozAddJqueryIfNecessary function| drozGetScriptParams function| drozGetEnviromentFolder string| prechat_base_url function| drozAddModalZoomImage function| drozAddModalExternalLink function| setVariableForToken string| prechat_customer_key function| installMainScript function| AviseMe object| aviseme string| _my_version object| GTMEPC string| globalClassName function| fInit object| script undefined| clarityuetq object| ueto_0bc6209e21 object| skuId string| vl_prodct object| _contents function| fbq function| _fbq object| _hjSettings function| impressaoIntBlog string| tkClient function| freteGa object| Webcollage string| hostname string| app_path string| urlAw object| languagesAw function| insertSealAw function| sealConditionAw function| xmlGetAw undefined| t undefined| a undefined| n function| FuncoesDeImpressao function| FuncoesDeClick function| FuncoesDeCabelo string| u string| TiktokAnalyticsObject object| ttq object| $_btnBuy string| skuSelecionado undefined| skuInfoView undefined| content_name_view undefined| objView function| ssConf object| skus object| skusOrdenados number| precoMaisBarato object| _btdData object| hjBootstrapCalled string| id object| SYNDI object| _vv undefined| adcPurch undefined| adcPurchItem undefined| adcShipping string| adcPixel string| adCoreSignature object| adcBase64 object| adcCookie function| adcParameter function| adcDevice function| adCoreUtilReferrer function| adcReferrer undefined| bigclid undefined| adcSubmit undefined| view undefined| adcViewPixel undefined| conversion undefined| purchase undefined| adcPurchPixel function| TiktokJelly object| _jelly_sdks object| percycleAds string| currentUrlPercycle object| ueto_d1a10f77a9 string| l2 object| _shelfItemSlide object| _shelfItem number| _qtdItens

43 Cookies

Domain/Path Name / Value
.promo-quemdisseberenice.com/ Name: __ssds
Value: 2
.promo-quemdisseberenice.com/ Name: __ssuzjsr2
Value: a9be0cd8e
.promo-quemdisseberenice.com/ Name: VtexRCSessionIdv7
Value: d023860f-d45b-4c89-8d8e-daf0afa11a9e
.promo-quemdisseberenice.com/ Name: VtexRCMacIdv7
Value: f90aed19-a827-4a5c-8b89-e83a45f20a4c
promo-quemdisseberenice.com/ Name: versionType
Value: m
.tiktok.com/ Name: _ttp
Value: 2gQATQHKooJfiI14rNdhXgf6C1V
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.promo-quemdisseberenice.com/ Name: _gid
Value: GA1.2.1983990534.1715619435
promo-quemdisseberenice.com/ Name: ogconversion
Value: [null]
.bing.com/ Name: MUID
Value: 22A32BE7B4D96AFF1A583F99B5B56BFF
.linksynergy.com/ Name: rmuid
Value: 28ea9edb-935a-4c6a-aae2-de9664ecc07d
www.clarity.ms/ Name: CLID
Value: e0af67856726431c88739358f2d05db4.20240513.20250513
.promo-quemdisseberenice.com/ Name: _gat
Value: 1
.promo-quemdisseberenice.com/ Name: _pin_unauth
Value: dWlkPU5qa3hPR0U1WkRndE5UUmtOeTAwTWpVMkxXSTJaREV0TW1SaFlUSmtOVFF5TVRJNA
.criteo.com/ Name: uid
Value: 0f968abe-9681-4a49-8c27-8a131f330692
.promo-quemdisseberenice.com/ Name: cto_bundle
Value: 4JSe4V85d3ZnU2JuRHJBRHoyQkRkN3k2aXJHdjdvdmdRV1lSbDFESFQ5NjFhRG03aVROSWRGbjlab3p3dU44a0QyJTJCQVRxemN0TExaczg1QmNEM2RYZGszWkNuWjNUOWk3YXNaWjc5VjhJSXJ0SE5JWktTS010alJSeSUyRjJ5Unk2JTJGY0tBTkh4akVoOWclMkJ0dW5NMjdzMXhoRlJPUDBoNk44bWtZc3ZkOGxDTTJvVWEyYyUzRA
.promo-quemdisseberenice.com/ Name: __bid
Value: 41ac31e8-709f-4ce5-9fd8-2ffcfc1d5d1b
promo-quemdisseberenice.com/ Name: _vv_source
Value: direct
promo-quemdisseberenice.com/ Name: _vv_deduplication
Value: false
.promo-quemdisseberenice.com/ Name: _tt_enable_cookie
Value: 1
.promo-quemdisseberenice.com/ Name: _ttp
Value: 3rDw2-liFxUnAM8Ojk6PzErCLQh
.promo-quemdisseberenice.com/ Name: _fbp
Value: fb.1.1715619435876.109357981
.bing.com/ Name: MSPTC
Value: cyzQYGT9kgM_HLH2V0tUvlr52DNrg1nxqoTDUMZ5fx8
.promo-quemdisseberenice.com/ Name: _hjSessionUser_700264
Value: eyJpZCI6IjhmMmQ1Mzc2LTIxNWUtNTI1YS1hYmNkLTc5NzE0ZDQxYjZlOCIsImNyZWF0ZWQiOjE3MTU2MTk0MzU5NTcsImV4aXN0aW5nIjpmYWxzZX0=
.promo-quemdisseberenice.com/ Name: _hjSession_700264
Value: eyJpZCI6IjNmODk5OGUxLWI2ZGYtNGUzNi1iNWEyLWE2NDA5YzYyMjJhNiIsImMiOjE3MTU2MTk0MzU5NTgsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.promo-quemdisseberenice.com/ Name: _ga_B0521B3853
Value: GS1.1.1715619435.1.0.1715619435.0.0.0
.promo-quemdisseberenice.com/ Name: _gcl_au
Value: 1.1.349169782.1715619435.1944058580.1715619436.1715619436
promo-quemdisseberenice.com/ Name: __rtbh.lid
Value: %7B%22eventType%22%3A%22lid%22%2C%22id%22%3A%22CXIFkcegldVpu1wXa09C%22%7D
.api-ads.percycle.com/ Name: uid
Value: c4e1a6ed-a335-46ce-8e4b-2ea77e515a37
.creativecdn.com/ Name: g
Value: uiEMDpb4lZ0576zqmXKq_1715619436529
.creativecdn.com/ Name: c
Value: uiEMDpb4lZ0576zqmXKq_MdhW45gp5T3Lc9HKO0hl_1715619436529
.creativecdn.com/ Name: ts
Value: 1715619436
.promo-quemdisseberenice.com/ Name: _uetsid
Value: da0389c0114911ef919c716a1fae3450
.promo-quemdisseberenice.com/ Name: _uetvid
Value: da03afc0114911efbdeded80c73eabf8
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 22A32BE7B4D96AFF1A583F99B5B56BFF
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 22A32BE7B4D96AFF1A583F99B5B56BFF
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
.promo-quemdisseberenice.com/ Name: _ga
Value: GA1.2.1635439330.1715619435
.promo-quemdisseberenice.com/ Name: _gat_UA-2774154-1
Value: 1
.promo-quemdisseberenice.com/ Name: _ga_G20C9N71BZ
Value: GS1.1.1715619435.1.0.1715619440.55.0.0

118 Console Messages

Source Level URL
Text
network error URL: https://promo-quemdisseberenice.com/arquivos/trustvox-selo.css?v=123
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://promo-quemdisseberenice.com/no-cache/profileSystem/getProfile
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/(Line 2721)
Message:
Origin trial controlled feature not enabled: 'join-ad-interest-group'.
other warning URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://promo-quemdisseberenice.com/api/catalog_system/pub/products/variations/49436
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/(Line 2736)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/(Line 2736)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/(Line 2739)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://promo-quemdisseberenice.com/api/checkout/pub/orderForm?refreshOutdatedData=true
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://promo-quemdisseberenice.com/api/vtexid/pub/authenticated/user
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/(Line 2765)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/(Line 2776)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/(Line 2776)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/(Line 2776)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/(Line 2776)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
security warning URL: about:blank
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
other warning URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/(Line 2863)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/(Line 2915)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://promo-quemdisseberenice.com/api/checkout/pub/orderForm?refreshOutdatedData=true
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/(Line 2947)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://connect.facebook.net/signals/config/269861466524501?v=2.9.156&r=stable&domain=promo-quemdisseberenice.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 97)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://promo-quemdisseberenice.com/arquivos/trustvox-selo.css?v=123
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://promo-quemdisseberenice.com/api/checkout/pub/orderForm?refreshOutdatedData=true
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://promo-quemdisseberenice.com/api/catalog_system/pub/products/search?fq=skuId:undefined
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://promo-quemdisseberenice.com/Site/Track.aspx?referrer=
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://seal.siteblindado.com/v1/promo-quemdisseberenice.com/info
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://seal.siteblindado.com/v1/promo-quemdisseberenice.com/info
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://promo-quemdisseberenice.com/api/checkout/pub/orderForm?refreshOutdatedData=true
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://promo-quemdisseberenice.com/no-cache/user/welcome?&h=1715619435903
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://promo-quemdisseberenice.com/api/sessions/files/client.js?_=1715619435903
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://promo-quemdisseberenice.com/no-cache/callcenter/disclaimer?&h=1715619435903
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/s3.sa-east-1.amazonaws.com/chatbot-droz/chatbot-droz-prod/attachment/9d8ec964788d7819cdac497969b23b0cf0ed73ce/icon-minimized-20200918113245043-313.p
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://promo-quemdisseberenice.com/api/checkout/pub/orderForm?refreshOutdatedData=true
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
security error URL: https://www.googletagmanager.com/gtm.js?id=GTM-PXJPWLP(Line 731)
Message:
Mixed Content: The page at 'https://promo-quemdisseberenice.com/quiz-maybe/premio/' was loaded over HTTPS, but requested an insecure script 'http://static.percycle.com/epocacosmeticos/g.js'. This request has been blocked; the content must be served over HTTPS.
network error URL: https://promo-quemdisseberenice.com/arquivos/trustvox-selo.css?v=123
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://seal.siteblindado.com/v1/promo-quemdisseberenice.com/info
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://promo-quemdisseberenice.com/api/checkout/pub/orderForm?refreshOutdatedData=true
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: s://s3.sa-east-1.amazonaws.com/chatbot-droz/chatbot-droz-prod/attachment/9d8ec964788d7819cdac497969b23b0cf0ed73ce/icon-minimized-20200918113245043-313.pn
Message:
Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME
other warning URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/s3.sa-east-1.amazonaws.com/chatbot-droz/chatbot-droz-prod/attachment/9d8ec964788d7819cdac497969b23b0cf0ed73ce/icon-minimized-20200918113245043-313.p
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://promo-quemdisseberenice.com/quiz-maybe/premio/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://promo-quemdisseberenice.com/api/checkout/pub/orderForm?refreshOutdatedData=true
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://promo-quemdisseberenice.com/api/checkout/pub/orderForm?refreshOutdatedData=true
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://promo-quemdisseberenice.com/api/checkout/pub/orderForm?refreshOutdatedData=true
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5454431.fls.doubleclick.net
activity-flow.vtex.com
af-origin.vtex.com
analytics.tiktok.com
api-ads.percycle.com
bat.bing.com
c.bing.com
c.btg360.com.br
c.clarity.ms
cdn.perfdrive.com
cdn.richrelevance.com
cdn.siteblindado.com
chat-app.meudroz.com
collect.vendavalida.com.br
connect.facebook.net
consent.linksynergy.com
content.syndigo.com
ct.pinterest.com
d.criteo.com
dynamic.criteo.com
epocacosmeticos.vteximg.com.br
event.syndigo.cloud
fonts.googleapis.com
fonts.gstatic.com
google.com
googleads.g.doubleclick.net
gum.criteo.com
i.btg360.com.br
io.vtex.com.br
media.richrelevance.com
promo-quemdisseberenice.com
rate.trustvox.com.br
recs.richrelevance.com
region1.analytics.google.com
region1.google-analytics.com
s.pinimg.com
s3-sa-east-1.amazonaws.com
s3.sa-east-1.amazonaws.com
scontent.webcollage.net
script.hotjar.com
seal.siteblindado.com
standout.com.br
static.criteo.net
static.hotjar.com
static.percycle.com
static.trustvox.com.br
stats.g.doubleclick.net
syndi.webcollage.net
tag.rmp.rakuten.com
tags.creativecdn.com
td.doubleclick.net
tracker.pensebig.com.br
trustvox.com.br
us.creativecdn.com
vtex.vtexassets.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.nl
www.googletagmanager.com
www.hlserve.com
s3.sa-east-1.amazonaws.com
static.percycle.com
104.126.37.162
108.138.7.28
13.32.27.21
13.32.27.72
130.211.29.114
142.250.184.194
142.250.184.198
142.250.185.98
142.250.186.68
142.250.186.99
142.250.74.206
151.101.0.84
151.101.1.91
151.101.129.91
151.101.130.49
151.101.64.84
157.240.252.13
16.12.0.84
169.55.209.190
172.217.18.14
172.67.70.13
177.153.231.53
18.229.209.188
18.66.102.51
185.184.10.30
188.114.97.3
2001:4860:4802:34::36
205.234.175.175
216.239.34.36
2600:9000:237d:f600:f:5081:d8c0:93a1
2600:9000:2490:1000:b:757a:54c0:93a1
2600:9000:2490:6c00:b:757a:54c0:93a1
2600:9000:2490:ac00:9:a515:6780:93a1
2606:4700:20::681a:b69
2606:4700:4400::6812:2b44
2606:4700::6812:1baf
2620:100:a00b::20
2620:1ec:46::45
2620:1ec:c11::237
2a00:1450:4001:803::2003
2a00:1450:4001:803::200e
2a00:1450:4001:80b::2002
2a00:1450:4001:81c::200a
2a00:1450:4001:829::2003
2a00:1450:4001:82b::2008
2a00:1450:400c:c00::9a
2a02:2638:3::24
2a02:2638:3::3
2a02:2638:3::c
2a02:2638:3::e
2a02:26f0:3500:888::1931
2a02:26f0:ab00::214:8e59
2a02:26f0:ab00::214:8e70
2a02:6ea0:c700::19
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a06:98c1:3121::3
3.234.179.32
3.95.83.9
34.102.147.248
34.98.67.3
52.95.165.80
68.219.88.97
086650f1f98acc74306206f2f32fe38f6101711b9ffbaa8664559ed92931418d
0882be2bb685d64ae46b56574b330fb1afe5dfef39f940d12ca776475248eaa8
08c131c726ad751575689b7a8f9c6e4b1368e9c140a189ffb791ae3b66c5f933
0a32efb04949de6ac3bbc515350c363587f3632f56d7f65ddf4a95899f490b13
0afe16b78ff1969bbd5a2fa0e70a610d223a699987f79a1d639f848277c4f6e1
0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44
111e7f709abfa6d975971ea4619c55a4d966c9632bf73b97e6cd17e82431e3a7
13898b3430ffed25d26e944d6bdcd5dc561430cad7d5b70fa154fbf10fdb6668
13cf82a2d5030c083ce6ffdfb29eddb35a31d982e8a54a95a2d9e2440d812041
15a707542349f19a6fb57826ae7c864586488ad393ac26e2d2ae74739509271a
17681f393257cb4b5468c1145c000e763852d1a6e7d97d3cd0128f3f767b8f01
1806237c0a8921c2a82387b39f689875d57ebf4ffc7830591d6871dfbfc9e6bf
18ed473eb7c0d41a81375280fe371d8f4d7efdfbc04bbe03b2a64fc634ae217f
1b05db9e626d0640fcc27eb3dfc650e4e092bae18bd27aff3beb85568756f54a
1b8b4e7893a40f6782b5e5e5de2cad9c0b490d68a796da1d7db2aef056a8deb0
1bdacc95db59bc5c6286f3bf6a088065977f56cd9b103a318476d955e33db484
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d673ed4519e23c6d501a080fd1c47ca91046667f07d2a1e0d8582fba65281b5
1e393ad944004b7412d76139dd4c998e98cd7e2eacdb8b4c879d7afefe703923
211b2d62a6e73bcf8c3e7c882bb44a822fe0c54458bf711058397ddb602dab94
21abdf9ad9ac8007b6350decadae6f4b1f59f471eb753f1ee347d458b04f17d7
21e39a0f3f251de96105d9e916292bd5bb0036755ea711e5974ac89258b51729
2498922a7f4ef7c4d5b86f7c7c7b61bd400326b5c156dd892b167c5c56c453d0
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
25c8e105aed1fd7c0e7869d4e5cdc896fc4f74a2e6a24428711da23557cb98d3
29b2023a8daea64d6f19cf354552e1197b55fa12d4a42b3216be93a6e9cff899
2b4b9629fd3b6420475f7537fa1e01d73f0e08f7d45f6a6687c28024c187f140
2b60968bc284a4ceda9275d30adacce5291aec401811f086bdd5e19388078c00
2c0a73ed38272349b567a6d8d8349099fd4b79190f0166fbeed8a23124a032fe
2cd2ec168323d5ec03c4ffdf6a4d8b83bcbc6b591232bdf2951f19172578bd6b
2d9b1768206a1bb847cf461f8f47dec144022f49ef5e4d32a6fd9693a037a6c6
2e9de09d2fc34136af669b078c428ca0244a1bcdcd17fbf7d165aa888f945f0a
3032b429f2f5ec2468b7e75ac78fe32d3ea2cc39018bbffdb5e05dc5284046f1
32d720cede6dadc60f848ff6670b767292e508c5ec392ef64ffd4fd46982e565
3320c00131ba3f97b68fb9372b7124fd8ee19260566d7c43c4930a13af1e1d3e
33755d599540c2a68497474f07326808aa1c3c129b048272e30bcc54374f76c2
36f31c1f33d0142aeb0c9991af345e4996eb53cb3ed1c8571e1dabcb05ea8adf
39080bbf7ee5d15488433098dfc06b97ddf6d533cc0be184492032a5f573ae66
3a72fd752c867cf1c4a100b830d7419426f637f9474edd650bf09b99ff8031e3
3ad1a8004ccc87deaa36d30fe241d985cf6111458f2128112db05a045c468a01
3d49358b16e5d156c6c25a9187ac30437e84cb9516bfd4cb99128ccbb7cd1ce8
3ed4e7cc355fb537415da321a14652d9b37ad58040ba1bd2ca29b23ec8ab4bda
4032c98561e17a8b4d52117cce03bc961d4f05d5ceb86163dfbe962e1c92aa32
40630e788377cb29255356e9aa0db2d1b8f1e8f8b82b57255645c0b05644728e
406cb6f4517e483d3c94c50f38c4c291d3057c955a696685e97727edb75c5573
420f40e04f3d03bfd914c4346211579075b970a9f3ec414a5c5519080d10b8c4
437989feebcf325430945e4224d167e7660faa3f4f09c7330807f1d49031c405
47bb1e860b10c1705406bb14f24fe00ea5422b7cf9c83cb99f373095cd7fc8c1
48155980a7148c48f567067ade847c18310545c2c0bf13fd215a6a8f1384ee98
489b322b84b5ae4de535d09f95d03379ac63dfac47797a2b897e285d9331e0ef
4a4dbc62fa335e411b94a532be091c58c0c0c4fa731339f11722577d3cf6443b
4a5ffabdd8f96cce941b0cdc7ea94fd2153f9d2386e9ee0cac211046bf8ecbba
4a8e570d68bb13a568a252c13b616b519eb273fcd2e9465b7044f9fc8a69f430
4c805e6e97b6a55de798c133f980b2672eb3d869b8b43cfda24c5978b7c3aca4
4d21ad4add89a439b784b232960ad1d6e5a80b0caa1e86278ffe9db2caeb88e3
4e164eaf995e6852a4cb7916b41098e84313d17f4f184605b7b8569627628804
4eb65885f9c62846cb2e441d559794ce03193883083598fef6dd7e2c44f68395
501c75d4239c3de510e78f241ac23e8dc1c0310c1e277bbb0928b30c5208d7e7
50eabe06389ff423e278bfa271f67314243a3d48d692a7d6f0ca227bb9e104c5
51620829280e2e70a5d6150fe901cf2c7fbcc74497310958f9d532ec289c41f3
51c18fb0e93cbbb62df0e861a904575c7fcb5d3bdcff7c4025fd5ac04e0042c1
51db7b392bd063f3109cb75e343b29cdcb891bf2beeabe4437969a5bd60f69ec
52dc22b382a72ffbcdef12abf7989ee5b495615291f994455543e366485139fe
53c97d5d8f47cfc8913bffc97e2d1d29163471a22f99049f3900592be142e464
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
558ca53e417b382ca4a74d6ed724325c665be536dd624bdb69773a17ecdc90a1
55b9fc812c9f6b89f00c9fc77fa4c7436fc71502de96793e062f363ad4d21789
58d0e1d69b34fe90f5612bb0ebbfc23205535b152136e02ac11f17027df7343a
59438fb23b7eaefa5c4c6e06e9da8380a8b98775addf6ccbd910fd1594a2b19a
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e
5e416132995e7744327f429f8852385ca1c7404cba78dd1ece7c8dd3901ca453
5e7b26a6b26ac59880286ea3a557b4f1a64f81091dca9573f3748c1d70d7c1c9
5e9a6f78de7e218c337dea8b60dd5386645c656a02e9fd18616d1fd68e708568
5f77539b742fdd04535c662a509559a01cfa41a229c62aa4f2ccc8c9f7b65dbe
5f8f22596378b5d23a6b81b40784be4ab5be224a6914f3733ba13a610992eb24
5f99c005dd202da6c4c0b7ca627edc0fa813529e25a84e0851e9d5647c08b15f
60f7a30c638763dc8d8e0e8ebd1008b4970e3f9d273b8a7cd745a8172d9d4c7f
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
63c02ad54dc396aa2e0bd9fecee4ea05461f1bc15ad6c752eb886458cf50bb91
63f91f5e1397e8e6052bef2914c1bc678dc94c6c901be9480f0b8229f53651ff
642f9a402653c32a5a25e89891fe52320483539e2e9e4f5b55a46cb9433afd39
65a6fc8d6e9a44a7369b8b98527462b853ec3678691b601dfa35f436720a773a
677d4f362b57d6089bfd673331c2840da6096c0246468fa19d07a7ca4adc2d6d
69952c1defd9897b5611e32c51331e4ab985e3d8b3fad54f0c0a149647c92ad9
6a22634f79988e2d27b3207f1b854001e840bc838901e419afcc287873f0cf4d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c9997ee06bb8311dd5477e3254dd168382c52a49b967661f4bbf9ad433514fd
6e182aa05ac5c63b1b4af578c441b688e61900898a593c80cc2a587a4c0ab3ce
6e66c8d10e33a27e6e38bf2f88e33038acad2622134ce15f00c748f0c2f2d3c0
6ee55ce73cc6f064f248d71356dfc718115c906839e9018eb9af78240a5f76db
709689000888d5c967058ac3d744197a4318e42762346e302da0f38f3a72ffa5
7217d053441b7176990371e4fcc5d2496bd5f7cfa75a9fd4e811dbe35616c282
72848d5a425ef1adb3ffed381ca76d429b75a9c0429dc47d6e9e330f802f0273
73c08bb0bea7efeeec695fec69c1239bf7388d308088e4a6e23838c4c9a91afd
73c5ed5cae04a969aa48084c9601a485ad01d2adddd14b53e0e1d11857b2be82
74b8bfea46d182a7b8825ee96236a209ffc2b87ba2308321a93a4fb2694d7269
76c20b6db9a18d0e9a11f16fa05f90666dc839c12771dabea5c8ff7e9b3ffa6d
76d9304962edf525b5a89151443b702461c6b7451bb3b84fe3ef0c3c9aa34b99
7882dc530c3e2fb67b7c6cafcad2a2cd57d161291303857053412dee934c4560
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
79bb9daacad4452d5b73011c68f6de54b945524e6d510285ec4cd7f92febdd49
7a015a9bf34c47268643dbf07ae3961daaff3157bd225a94caaa0589d1f6e553
7ade8760f5c15a16b7f5d2b3a495b9de4d05564096f1b1c80c2f485d46b49999
7b26f488918984eb6994ec65b7b50646a9d531ef371ea1cf19e099eb539cb048
7bed7288ddace927bca419777d5eb9483b1620ee6b87afbfae6c62e112d15ccb
7c54ee8d2c14ad1bc1c5ea49a194ac04e792bb01bdc1666b582c6e4277a05402
7e8c612f61f1ea2aff1c19c5f057df44bd840a57e290e331c164fc4c2b242c61
7edecc697ee082b2ad36a2affd9b78ce6c42e5f6eac25f7c0d760044a2ad329f
7fe9747710de09ff867a64597bc465dcce18909fa3d5e7ee8925a6f42243303c
810d32474ba7f5993625e0e225d2d693deb98ca0bd96687f6b845a2d668e0902
81cc7b233791c4d3075b5d154876b70b11c27296f5da08bb6d5b2919ec74643f
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
83207ca98c3800828aebe520736c5167791284c454812722169d01d6a729ee98
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83ff2a7b06166aef1eeda774db548c4bd895ed3fd6b0231d66979879d4d39ce0
84572da5b7d7d1cb8f75ae283f9af0ecf24a76ab691ef90e23fa0ede12cacc9c
8488d4da88057270872f1cf8bafc178b50ff9a72911fcda29c73ee3e966e6a7a
867686bfe96a6845ada76e805e98d9a6819df3f0ca58a2f0ba583d87ac15b16f
87eab8ffcd1c1675636ed79cbb05c422936943e8a0d203f4429e87b873939485
8916db21bf524bfb76ba78a33fb9a5638e5f10621a54ece2ef49839af11a72b8
89408df3bdee538e056f7f14b02a70197d73b0e7ee3d44bca8a5fe0855b1f86e
89a94ebeba29a6eaa70ef306c35089141dd69c16b509e08420c0c3898577a1be
8a1bd61243b393e02df0a00de1401f52201f8e39be590b7b46b40dea50076bd8
8ab9a6b82121345688f603431961d7db11ab9066b1e62726034ec86725171514
8af4f33059d204a6a9d35b76e5f59e3382d132f8e129098ffdcabc628dcde95a
8f054889c4fddfe9aa2ae95481fa32122d11c2418a5dabb0a4ceb11f6d25b490
8f71c6fd702841dd80a37e8762ad1c6d0dbfe8210f9bbeca88c2fb70f5f2a86d
94a23e7f96fbde62943e5fc93c59212f68a57d2587fe51f056d20ce802e8249c
95167664226c09c2a69097d4af4fb5e3e5c0f753d5f1a698845d5a4377211d76
96bc15f860c2155f5a9ecb304eb30c615a25269430cf6ca9b51f5e6b5df43846
98c6b5b72ccc31d05844ac700dec939533a17afbff7a3e51d3e1152d4e4d09ef
98e14bdb80a83e6a1e34da361394ab517974de696f5b765074b3a690252919b9
9909cacc4ffffc1bbbf3231bdac4b533f481fd5d13919ed11cf34910e2147f99
993d06a950182f02b33c197ceee893ff76a8ef41c0df53c5e223bb431a3a969f
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b6008acdc892596eb825b22e34bdd817564ed903fa413f5610287e500024f3a
9bc9127dccff4b93138095c03c90576659fdcb3b3208ee09d8b781f5807b6ca5
9c79822be1ce3cc3decf34b7932f552b39cc587e2c5b891e4fc1eb31a0cd6d8a
9d7fa38f8bd553288a80e000fcaf9635975a1f74e08020d2556f7921b833177c
9e13aca1f88f2192cadb233eb053036901b76bf8c3e9e056806f89a3df70e10a
9f5a2faa501c6bd19af3fd00be93bfffe128a88cdc89bce1185107cac7ef384c
9fb91ff0e8c179aea40dbe6842b36fd201654f5647c21dcec41fd18be535d506
a001fb7ffb3f8fe6c4102085452ef0d5214061a605f5eaa7c10988307eea21bf
a18ebd731b20d7404e2eed45ad15a0e9068ec7c4eb6d95da6727c086e366227d
a226eb7eede60e23df1ae85ec07046d9bafc4b563616e91b5759550ec0e9d2ec
a385ab3c0442344e34719c73222f63ffd5a784b2ed6ce0cdddac7be8abdea22d
a4464256c7b5ce8de298a2ad4278d31a097c3de17f580c416888d27bd044ad5f
a530bc5f4e6b06737261b8a4d29f8819d58b83b44f1d99ce0155157d5d02b969
a580fecb74da8a21116a789598a3d144a5a94a41f0394bbb2e33751c07a2b8cf
a7495d58f7dc65e47f5dd0a1c44d3dd7e7ad8637880954d0cb968a8449f6df03
a869fe8cddaf23f1ee50724c35748cefb30c697095b2cf4a231033cb8f43b4ab
aac13c04ae6bee5e8536f0359c216f60d5ae0b6cec116453c6bdbe5f4c9dfb58
ab91baeefb0bd7ba337280b2aed426319f7c4ebcf441db7eba9eb19b65666b9b
ac8a7a136b999c64141510a7c12520e926ad6eb92bbca0fa463bfd28a60329d5
ae1d59ddb29bed9e4400c841953b979211023752019f9de666f056f49dd3c71f
b0ca5f6fc10633e6e48e8c671f96158bf88f0b55cf1af8403d0d2a57bc2609db
b1097b726e87948e49917b94555c54d63f06f203cd507bc302bc85f03924bea4
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b214f3de84be1702ac85e79a5f49b092b711d89b34997ba11046ef9c8ea461a4
b4c87a4b9f8e124c7199d1ab3abb288e975092a6f536496b69dc65b3c2eab589
b62dbc10fce192f0806a0a31f10fba8a2c875030a080dbdec9638406ce809b89
b6c1833026dfdb9f7cf539dc00d8a78317c84b793e7686b69a1d9425e6e3e656
b6ed4db546de69c178a0adfff905ee2d2a33b9eb62ab0976e4d71eab9a402dc4
b6f3468a19d943ec9fb9aff4a1327fe8071461768623794fe3ff897c49815e75
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc351362281d37d8ed19acd66323afb821bf3a72c5db711d8709e32473618595
bd884404c1bb5915f953c7f3e922982d6b26448a78a8b3445b15c2641aeb1115
be06f65b0d196fcb058b74eb3f402324c5a093d756f19aa2faceffb2c7bf708d
c313eec4e95dde04ddcc53a36b3a6a2cc8920d7342347fbe9528c21c899bb178
c494bfba2677dc79490866f69a66adf9ba9435f79153dd12d3d4188d7e0d1664
c7323a80eb541350a4de095bb70dee036402b035f427b8d20d6d5ab9e307afe4
c7d619849b735a8df7f1c9dbe91e22116dca64cce4c2b896292c6286d69072d3
ca5c12fa2a2fdc26de649d2e849008083ee8671790948ba832c84d5a2cd5dbbc
cd56592299c1c670fb97ef28bcb50048508c01879ecb23b71364aecc0483e202
cd738ebe6342e73063d0af3b66bf945a7e3e1dd9f3c5976044941c3cf346dcdf
d17a8d92c8e4ca53073cd0a19542db9571693e2ba42b395f0abbe6a30bb29ccd
d2f6018fd92177216c51daee33a41a82af1b556c64653ff2a57a247d1039788f
d31b9a0d12f3d7745943404e597674300af2c98bf6d4dda0f34fc25f67b2bba2
d33c27df695e83eff233aa2586f666d4957ea94bed65fd2f3c62f75b4aaeb550
d4e929c91c53f1ae75502a8e9eaf1307d2d9e9792e84a4c73f140882138129ef
d4f69a3cfacaa577de1cc7bdc664fdb00d87eb708e58183c0a8362fec63b7882
d56ea6558bd02f4c4ff745f79892889161595eb9c7c1e53b686c470fb1ee03fb
d6e1eca389a34604bc7660a09d990d3941cc817b6cdbe2a7edefb157ed445a30
d90559f637847e17a2266d9683a5caa060e8ef23ee2fb42219c824065c2dee62
d993a79cfddad69a9286cff5f091c7aa38036f2d51bf69dd168a540dba749d04
dd635ee1177fbbe7726c35d75313262468318b59acaa4ce15a3779fe44785cd4
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df29e247d735d508465e0f050c06b55fccaf94d863965ed8194cdc979fc0e80b
df52d3d933fc937537ef869db4b354268940f17751780318f4e4cc74980453cd
dfd0b97efa726442bc23bf496482901d0c0d3a52b82dcce326990db0c4559a7c
e136bc820e6b104809f4b947de619974cb3bbb777e33b0a349bd2529b99c873e
e1cf3ee72579641265af314d39ff9de330852472987ccd15fdcc55c8eea45ccf
e371379d3152d61ee42b6a26be5b8aa51c0bbfff86e200b28dc1266ebc7aec17
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5e08a7eddc18ac40b56c2b46c23372ac36b950f021139500ea2312c1f31bcdf
e781dd5b9ca502edc933e1290054b72b9e4d3b592d481d78827363acb8ad1621
e7d55e2b66b9b53f333287501f4068a1ffdd7b562a554bca7b99e431cffda6a3
e944c7701d0304ddfc6c47eaf1b0edde37e6abd13b15c0c97b421ee3dc2cb362
e98e8c5a981aa8a0e8b847397442dfb434f978bbc895bea2dc9759a03cc8c1a0
e9bcd4196c5a7fea7308ff49a3dbd2979ca38f86bd4e8d7f2c7d1141211282b4
e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0
eece87273bbb4ecad0712636c15d935a65770d29f7a17f532de18d1cb81ad30a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f00494fa721dcc9d087913129292f53d7d3156b5a320cf620fef74b404b1e34d
f07378fad86ad1f83dcf1c8a428863fbe93f9352be3dc00297bb93fa716259ce
f2ad1d5cc9d20f044f560c9ba2964e9fda2366cfe4fa8cc76b622ef44054e593
f417f310514e1822d6eadbaf2adfa57c4c5c0761b31c76c8fa637f686f8e2433
f64c34c7206517e031701d5fa6ec49a7222145edd41bdf0694faa8c8da1bd118
f670c341f2a69604d471a70d5821bbb3174bba31a2a7021a31e32e1f7d11eef7
f8971208a18d9a2743bb30fdadafd5d2f85ffb8779da91f34242d959e41f1615
fd686be4e4ce2e6705fcbffd70b6302832aa32dd176f919a1072e9de5cdcc555
fe8c733145ffed84e3e2b484dbfb8c3c1912ed5892ff343f1f9e0e5f7648ba08
fea06c2e49a307a978b97e2059cb8deea0ec20e4993f065793fd86a822bc245a