urlscan.io logo urlscan.io
SecurityTrails logo

app.bigonline.top.enquetebbb.com.br Open in urlscan Pro
67.225.224.10  Public Scan

Go To Rescan Add Verdict Report
URL: https://app.bigonline.top.enquetebbb.com.br/
Submission: On January 02 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 77 IPs in 6 countries across 88 domains to perform 416 HTTP transactions. The main IP is 67.225.224.10, located in United States and belongs to LIQUIDWEB, US. The main domain is app.bigonline.top.enquetebbb.com.br.
TLS certificate: Issued by *.enquetebbb.com.br on May 22nd 2018. Valid for: a year.
This is the only time app.bigonline.top.enquetebbb.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 67.225.224.10 32244 (LIQUIDWEB)
12 2607:f8b0:400... 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
9 2607:f8b0:400... 15169 (GOOGLE)
109 18.238.55.125 16509 (AMAZON-02)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
20 2607:f8b0:400... 15169 (GOOGLE)
6 2607:f8b0:400... 15169 (GOOGLE)
5 2001:4860:480... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
15 2607:f8b0:400... 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2620:100:a001... 19750 (AS-CRITEO)
3 12 68.67.160.114 29990 (ASN-APPNEX)
2 34.120.63.153 396982 (GOOGLE-CL...)
2 2602:803:c002... 26667 (RUBICONPR...)
2 2a02:6b8::90 13238 (YANDEX)
2 34.203.80.35 14618 (AMAZON-AES)
1 2620:1ec:46::40 8075 (MICROSOFT...)
1 151.101.193.108 54113 (FASTLY)
16 2607:f8b0:400... 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
5 2607:f8b0:400... 15169 (GOOGLE)
1 3 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2a00:1450:401... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2 2620:116:800b... 14618 (AMAZON-AES)
2 2 23.73.245.216 16625 (AKAMAI-AS)
10 33 142.250.65.226 15169 (GOOGLE)
2 5 2606:4700::68... 13335 (CLOUDFLAR...)
2 3 38.68.201.140 174 (COGENT-174)
3 4 2600:1f18:4e9... 14618 (AMAZON-AES)
1 1 51.222.239.232 16276 (OVH)
3 3 199.38.167.130 54312 (ROCKETFUEL)
2 2 34.150.170.96 396982 (GOOGLE-CL...)
8 8 35.71.131.137 16509 (AMAZON-02)
4 4 185.167.164.49 198622 (ADFORM)
3 3 70.42.32.63 22075 (AS-OUTBRAIN)
2 2 5.161.92.137 213230 (HETZNER-C...)
2 2a03:2880:f01... 32934 (FACEBOOK)
2 2620:100:a001::4 19750 (AS-CRITEO)
2 5 2620:100:a001::c 19750 (AS-CRITEO)
3 74.119.119.139 19750 (AS-CRITEO)
18 23.47.168.66 16625 (AKAMAI-AS)
11 23.199.48.23 16625 (AKAMAI-AS)
2 23.40.179.50 20940 (AKAMAI-ASN1)
1 23.40.179.173 20940 (AKAMAI-ASN1)
4 4 2606:ae80:145... 25751 (VALUECLICK)
1 2 151.101.2.49 54113 (FASTLY)
2 2 35.227.252.103 15169 (GOOGLE)
4 13 52.223.22.214 16509 (AMAZON-02)
1 1 216.22.16.53 30633 (LEASEWEB-...)
1 1 3.223.214.250 14618 (AMAZON-AES)
2 2 82.145.213.8 39832 (NO-OPERA)
6 34.111.96.116 396982 (GOOGLE-CL...)
1 2600:1901:0:c... 15169 (GOOGLE)
6 2606:4700::68... ()
4 23.47.170.102 ()
1 151.101.129.108 ()
2 2620:1ec:21::14 ()
8 8 35.211.178.172 ()
1 1 13.225.214.101 ()
4 4 74.119.119.150 ()
1 1 23.66.229.147 ()
2 23.51.57.13 ()
1 1 2607:f350:3:2... ()
2 2 35.244.159.8 ()
7 7 69.194.240.13 ()
3 3 2620:112:f002... ()
3 3 54.156.229.21 ()
1 1 131.153.170.212 ()
2 2 35.207.24.140 ()
1 1 23.47.169.12 ()
4 5 3.225.218.10 ()
21 36 69.173.151.100 ()
1 8.28.7.81 ()
2 5 52.46.130.91 ()
1 38.91.45.7 ()
8 8 52.86.139.62 ()
1 1 2603:c020:400... ()
1 1 216.22.16.40 ()
1 1 198.148.27.131 ()
2 23 8.28.7.83 ()
2 2 173.231.178.116 ()
1 1 52.0.205.209 ()
2 2 54.198.173.106 ()
1 2 3.232.179.229 ()
1 1 69.90.254.78 ()
1 1 35.214.224.191 ()
2 4 34.111.113.62 ()
1 40.76.134.238 ()
1 162.248.18.34 ()
2 2 52.45.219.8 ()
1 3.223.16.170 ()
2 2 207.198.113.203 ()
1 67.220.228.200 ()
1 1 2600:9000:251... ()
1 1 2600:9000:23c... ()
1 108.139.47.105 ()
1 2 172.64.146.152 ()
1 23.40.179.35 ()
1 147.28.146.89 ()
1 3.91.137.4 ()
1 2 63.251.86.50 ()
1 1 192.132.33.69 ()
1 34.149.50.64 ()
1 1 35.244.154.8 ()
1 64.202.112.191 ()
1 44.218.225.237 ()
1 52.0.247.215 ()
1 3.141.222.153 ()
416 77
2    67.225.224.10 (United States)

ASN32244 (LIQUIDWEB, US)
PTR: host04.mezzor.com.br
app.bigonline.top.enquetebbb.com.br
12    2607:f8b0:4006:821::2002 (United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
4    2607:f8b0:4006:80e::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
9    2607:f8b0:4006:81f::2002 (United States)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
109    18.238.55.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-55-125.jfk52.r.cloudfront.net
cdn6.votarenquete.com.br
3    2606:4700::6812:d63b (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
2    2606:4700:20::ac43:4a15 (United States)

ASN13335 (CLOUDFLARENET, US)
tags.premiumads.com.br
20    2607:f8b0:4006:80b::2002 (United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
6    2607:f8b0:4006:816::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
5    2001:4860:4802:38::181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
2    2607:f8b0:4004:c06::9a (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
15    2607:f8b0:4006:80f::2004 (United States)

ASN15169 (GOOGLE, US)
www.google.com
4    2607:f8b0:4006:824::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2607:f8b0:4006:81d::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2607:f8b0:4006:81c::2001 (United States)

ASN15169 (GOOGLE, US)
1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com
1    2606:4700:10::ac43:206e (United States)

ASN13335 (CLOUDFLARENET, US)
id.navegg.com
2    2620:100:a001::18 (United States)

ASN19750 (AS-CRITEO, US)
bidder.criteo.com
12    68.67.160.114 (Jersey City, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
nym1-ib.adnxs.com
secure.adnxs.com
2    34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com
prebid.media.net
2    2602:803:c002:300::98 (United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
2    2a02:6b8::90 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
bs.yandex.ru
2    34.203.80.35 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-203-80-35.compute-1.amazonaws.com
tlx.3lift.com
1    2620:1ec:46::40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
adsdk.microsoft.com
1    151.101.193.108 (United States)

ASN54113 (FASTLY, US)
cdn.adnxs.com
16    2607:f8b0:4006:80d::2001 (United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
4    2607:f8b0:4006:809::2002 (United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
5    2607:f8b0:4006:816::2003 (United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
3    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.bing.com
2    2a00:1450:4013:c06::5e (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    2607:f8b0:4006:809::200e (United States)

ASN15169 (GOOGLE, US)
i1.ytimg.com
1    2607:f8b0:4006:8::9 (United States)

ASN15169 (GOOGLE, US)
rr4---sn-ab5l6nr6.googlevideo.com
2    2620:116:800b:21:c1e8:5385:5098:6bf0 (United States)

ASN14618 (AMAZON-AES, US)
cms.quantserve.com
2    23.73.245.216 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-73-245-216.deploy.static.akamaitechnologies.com
px.owneriq.net
33    142.250.65.226 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f2.1e100.net
cm.g.doubleclick.net
5    2606:4700::6812:19ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
3    38.68.201.140 (Ashburn, United States)

ASN174 (COGENT-174, US)
aep.mxptint.net
pmp.mxptint.net
4    2600:1f18:4e9:5a07:8d75:79f2:fdf1:69ff (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
1    51.222.239.232 (Canada)

ASN16276 (OVH, FR)
PTR: ip232.ip-51-222-239.net
onetag-sys.com
3    199.38.167.130 (United States)

ASN54312 (ROCKETFUEL, US)
a.rfihub.com
p.rfihub.com
2    34.150.170.96 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 96.170.150.34.bc.googleusercontent.com
um.simpli.fi
8    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
4    185.167.164.49 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
3    70.42.32.63 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
2    5.161.92.137 (United States)

ASN213230 (HETZNER-CLOUD2-AS, DE)
PTR: static.137.92.161.5.clients.your-server.de
sync-dmp.mobtrakk.com
2    2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
5    2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
3    74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)
mug.criteo.com
18    23.47.168.66 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-47-168-66.deploy.static.akamaitechnologies.com
contextual.media.net
11    23.199.48.23 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-199-48-23.deploy.static.akamaitechnologies.com
warp.media.net
lg3.media.net
hblg.media.net
cs.media.net
c21lg-d.media.net
2    23.40.179.50 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-40-179-50.deploy.static.akamaitechnologies.com
pxlclnmdecom-a.akamaihd.net
1    23.40.179.173 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-40-179-173.deploy.static.akamaitechnologies.com
qsearch-a.akamaihd.net
4    2606:ae80:1451:18::1690 (United States)

ASN25751 (VALUECLICK, US)
dclk-match.dotomi.com
pubmatic-match.dotomi.com
2    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
13    52.223.22.214 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
1    216.22.16.53 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ssbsync.smartadserver.com
1    3.223.214.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-223-214-250.compute-1.amazonaws.com
cc.adingo.jp
2    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
6    34.111.96.116 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 116.96.111.34.bc.googleusercontent.com
dts.clnmde.com
1    2600:1901:0:cba2:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
dts6.clnmde.com
6    2606:4700::6810:bf3 (None, )

ASN- ()
tag.navdmp.com
usr.navdmp.com
cdn.navdmp.com
sync2.navdmp.com
sync.navdmp.com
4    23.47.170.102 (None, )

ASN- ()
eus.rubiconproject.com
1    151.101.129.108 (None, )

ASN- ()
acdn.adnxs.com
2    2620:1ec:21::14 (None, )

ASN- ()
px.ads.linkedin.com
8    35.211.178.172 (None, )

ASN- ()
x.bidswitch.net
1    13.225.214.101 (None, )

ASN- ()
cm.smadex.com
4    74.119.119.150 (None, )

ASN- ()
dis.criteo.com
1    23.66.229.147 (None, )

ASN- ()
secure-assets.rubiconproject.com
2    23.51.57.13 (None, )

ASN- ()
ads.pubmatic.com
1    2607:f350:3:2569:0:10:0:d (None, )

ASN- ()
sync.go.sonobi.com
2    35.244.159.8 (None, )

ASN- ()
us-u.openx.net
7    69.194.240.13 (None, )

ASN- ()
sync.1rx.io
sync.targeting.unrulymedia.com
3    2620:112:f002:bbbb::21 (None, )

ASN- ()
ad.turn.com
3    54.156.229.21 (None, )

ASN- ()
pm.w55c.net
1    131.153.170.212 (None, )

ASN- ()
server.cpmstar.com
2    35.207.24.140 (None, )

ASN- ()
rtb.mfadsrvr.com
1    23.47.169.12 (None, )

ASN- ()
pixel.mathtag.com
5    3.225.218.10 (None, )

ASN- ()
cms.analytics.yahoo.com
ups.analytics.yahoo.com
36    69.173.151.100 (None, )

ASN- ()
token.rubiconproject.com
pixel.rubiconproject.com
1    8.28.7.81 (None, )

ASN- ()
image6.pubmatic.com
5    52.46.130.91 (None, )

ASN- ()
s.amazon-adsystem.com
1    38.91.45.7 (None, )

ASN- ()
match.deepintent.com
8    52.86.139.62 (None, )

ASN- ()
match.prod.bidr.io
1    2603:c020:400d:3000:7130:bb0b:d7e:bee2 (None, )

ASN- ()
sync.technoratimedia.com
1    216.22.16.40 (None, )

ASN- ()
rtb-csync.smartadserver.com
1    198.148.27.131 (None, )

ASN- ()
bh.contextweb.com
23    8.28.7.83 (None, )

ASN- ()
image2.pubmatic.com
simage2.pubmatic.com
2    173.231.178.116 (None, )

ASN- ()
cm.adgrx.com
1    52.0.205.209 (None, )

ASN- ()
rtb.adstanding.com
2    54.198.173.106 (None, )

ASN- ()
sync.srv.stackadapt.com
2    3.232.179.229 (None, )

ASN- ()
beacon.lynx.cognitivlabs.com
1    69.90.254.78 (None, )

ASN- ()
ums.acuityplatform.com
1    35.214.224.191 (None, )

ASN- ()
csync.loopme.me
4    34.111.113.62 (None, )

ASN- ()
pixel.tapad.com
1    40.76.134.238 (None, )

ASN- ()
us01.z.antigena.com
1    162.248.18.34 (None, )

ASN- ()
image4.pubmatic.com
2    52.45.219.8 (None, )

ASN- ()
sync.ipredictive.com
1    3.223.16.170 (None, )

ASN- ()
rtb.adentifi.com
2    207.198.113.203 (None, )

ASN- ()
pixel-sync.sitescout.com
1    67.220.228.200 (None, )

ASN- ()
aax-eu.amazon-adsystem.com
1    2600:9000:2512:8a00:1a:5235:f980:93a1 (None, )

ASN- ()
live.primis.tech
1    2600:9000:23cb:1400:1b:6b7d:2300:93a1 (None, )

ASN- ()
sync.intentiq.com
1    108.139.47.105 (None, )

ASN- ()
sync1.intentiq.com
2    172.64.146.152 (None, )

ASN- ()
capi.connatix.com
1    23.40.179.35 (None, )

ASN- ()
hb.yahoo.net
1    147.28.146.89 (None, )

ASN- ()
prebid.a-mo.net
1    3.91.137.4 (None, )

ASN- ()
match.sharethrough.com
2    63.251.86.50 (None, )

ASN- ()
ce.lijit.com
1    192.132.33.69 (None, )

ASN- ()
bttrack.com
1    34.149.50.64 (None, )

ASN- ()
s.seedtag.com
1    35.244.154.8 (None, )

ASN- ()
id.rlcdn.com
1    64.202.112.191 (None, )

ASN- ()
sync.outbrain.com
1    44.218.225.237 (None, )

ASN- ()
exchange.mediavine.com
1    52.0.247.215 (None, )

ASN- ()
cs.minutemedia-prebid.com
1    3.141.222.153 (None, )

ASN- ()
visitor.omnitagjs.com
Apex Domain
Subdomains		 Transfer
109 votarenquete.com.br
cdn6.votarenquete.com.br
2 MB
64 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269
googleads.g.doubleclick.net — Cisco Umbrella Rank: 68
stats.g.doubleclick.net — Cisco Umbrella Rank: 184
cm.g.doubleclick.net — Cisco Umbrella Rank: 338
339 KB
43 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 791
eus.rubiconproject.com
secure-assets.rubiconproject.com
token.rubiconproject.com
pixel.rubiconproject.com
58 KB
31 media.net
prebid.media.net — Cisco Umbrella Rank: 1682
contextual.media.net — Cisco Umbrella Rank: 1093
warp.media.net — Cisco Umbrella Rank: 3492
lg3.media.net — Cisco Umbrella Rank: 7860
hblg.media.net — Cisco Umbrella Rank: 2922
cs.media.net — Cisco Umbrella Rank: 1972
c21lg-d.media.net
175 KB
30 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 140
1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 185
391 KB
27 pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
image2.pubmatic.com
simage2.pubmatic.com
image4.pubmatic.com
34 KB
20 google.com
analytics.google.com — Cisco Umbrella Rank: 266
www.google.com — Cisco Umbrella Rank: 6
2 KB
15 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 991
eb2.3lift.com — Cisco Umbrella Rank: 731
7 KB
14 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 356
cdn.adnxs.com — Cisco Umbrella Rank: 2645
nym1-ib.adnxs.com — Cisco Umbrella Rank: 2598
acdn.adnxs.com
secure.adnxs.com
54 KB
14 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 878
gum.criteo.com — Cisco Umbrella Rank: 597
mug.criteo.com — Cisco Umbrella Rank: 1867
dis.criteo.com
12 KB
11 gstatic.com
fonts.gstatic.com
www.gstatic.com
csi.gstatic.com
164 KB
9 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 819
cms.analytics.yahoo.com
ups.analytics.yahoo.com
4 KB
8 bidr.io
match.prod.bidr.io
4 KB
8 bidswitch.net
x.bidswitch.net
5 KB
8 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 594
4 KB
7 clnmde.com
dts.clnmde.com — Cisco Umbrella Rank: 26911
dts6.clnmde.com — Cisco Umbrella Rank: 33353
1 KB
6 amazon-adsystem.com
s.amazon-adsystem.com
aax-eu.amazon-adsystem.com
4 KB
6 navdmp.com
tag.navdmp.com
usr.navdmp.com
cdn.navdmp.com
sync2.navdmp.com
sync.navdmp.com
6 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 101
21 KB
5 1rx.io
sync.1rx.io
3 KB
5 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 1559
s.tribalfusion.com — Cisco Umbrella Rank: 3590
3 KB
4 tapad.com
pixel.tapad.com
1 KB
4 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1007
us-u.openx.net
1 KB
4 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 5728
pubmatic-match.dotomi.com
2 KB
4 adform.net
c1.adform.net — Cisco Umbrella Rank: 1001
3 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 271
245 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 115
5 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
292 KB
3 w55c.net
pm.w55c.net
2 KB
3 turn.com
ad.turn.com
1 KB
3 akamaihd.net
pxlclnmdecom-a.akamaihd.net — Cisco Umbrella Rank: 25250
qsearch-a.akamaihd.net — Cisco Umbrella Rank: 3016
47 KB
3 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 994
2 KB
3 rfihub.com
a.rfihub.com — Cisco Umbrella Rank: 5072
p.rfihub.com
3 KB
3 mxptint.net
aep.mxptint.net — Cisco Umbrella Rank: 12257
pmp.mxptint.net
2 KB
3 bing.com
www.bing.com — Cisco Umbrella Rank: 78
19 KB
3 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 4237
onesignal.com — Cisco Umbrella Rank: 1212
73 KB
2 lijit.com
ce.lijit.com
1 KB
2 connatix.com
capi.connatix.com
524 B
2 intentiq.com
sync.intentiq.com
sync1.intentiq.com
2 KB
2 sitescout.com
pixel-sync.sitescout.com
938 B
2 ipredictive.com
sync.ipredictive.com
1 KB
2 cognitivlabs.com
beacon.lynx.cognitivlabs.com
835 B
2 stackadapt.com
sync.srv.stackadapt.com
2 KB
2 adgrx.com
cm.adgrx.com
1 KB
2 mfadsrvr.com
rtb.mfadsrvr.com
832 B
2 unrulymedia.com
sync.targeting.unrulymedia.com
1 KB
2 linkedin.com
px.ads.linkedin.com
987 B
2 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1758
1 KB
2 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1167
rtb-csync.smartadserver.com
939 B
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 894
60 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 240
88 KB
2 mobtrakk.com
sync-dmp.mobtrakk.com — Cisco Umbrella Rank: 4814
651 B
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1428
1 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 1396 Failed
799 B
2 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 3952
2 KB
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1348
955 B
2 yandex.ru
bs.yandex.ru — Cisco Umbrella Rank: 7983
691 B
2 premiumads.com.br
tags.premiumads.com.br — Cisco Umbrella Rank: 404064
146 KB
2 enquetebbb.com.br
app.bigonline.top.enquetebbb.com.br
16 KB
1 omnitagjs.com
visitor.omnitagjs.com
385 B
1 minutemedia-prebid.com
cs.minutemedia-prebid.com
326 B
1 mediavine.com
exchange.mediavine.com
186 B
1 outbrain.com
sync.outbrain.com
287 B
1 rlcdn.com
id.rlcdn.com
441 B
1 seedtag.com
s.seedtag.com
284 B
1 bttrack.com
bttrack.com
352 B
1 sharethrough.com
match.sharethrough.com
281 B
1 a-mo.net
prebid.a-mo.net
451 B
1 yahoo.net
hb.yahoo.net
650 B
1 primis.tech
live.primis.tech
557 B
1 adentifi.com
rtb.adentifi.com
35 B
1 antigena.com
us01.z.antigena.com
1 loopme.me
csync.loopme.me
225 B
1 acuityplatform.com
ums.acuityplatform.com
674 B
1 adstanding.com
rtb.adstanding.com
358 B
1 contextweb.com
bh.contextweb.com
1002 B
1 technoratimedia.com
sync.technoratimedia.com
4 KB
1 deepintent.com
match.deepintent.com
338 B
1 mathtag.com
pixel.mathtag.com
623 B
1 cpmstar.com
server.cpmstar.com
606 B
1 sonobi.com
sync.go.sonobi.com
721 B
1 smadex.com
cm.smadex.com
615 B
1 adingo.jp
cc.adingo.jp — Cisco Umbrella Rank: 11414
416 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1105
389 B
1 googlevideo.com
rr4---sn-ab5l6nr6.googlevideo.com — Cisco Umbrella Rank: 29796
3 MB
1 ytimg.com
i1.ytimg.com — Cisco Umbrella Rank: 2361
20 KB
1 microsoft.com
adsdk.microsoft.com — Cisco Umbrella Rank: 6774
38 KB
1 navegg.com
id.navegg.com — Cisco Umbrella Rank: 413337
303 B
416 88
Domain Requested by
109 cdn6.votarenquete.com.br app.bigonline.top.enquetebbb.com.br
cdn6.votarenquete.com.br
33 cm.g.doubleclick.net 10 redirects app.bigonline.top.enquetebbb.com.br
googleads.g.doubleclick.net
1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com
eb2.3lift.com
27 pixel.rubiconproject.com 15 redirects contextual.media.net
20 googleads.g.doubleclick.net pagead2.googlesyndication.com
www.googletagmanager.com
googleads.g.doubleclick.net
18 contextual.media.net 1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com
contextual.media.net
tags.premiumads.com.br
ads.pubmatic.com
16 tpc.googlesyndication.com googleads.g.doubleclick.net
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com
15 simage2.pubmatic.com 2 redirects ads.pubmatic.com
15 www.google.com app.bigonline.top.enquetebbb.com.br
googleads.g.doubleclick.net
tpc.googlesyndication.com
1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com
13 eb2.3lift.com 4 redirects tags.premiumads.com.br
eb2.3lift.com
ads.pubmatic.com
12 pagead2.googlesyndication.com app.bigonline.top.enquetebbb.com.br
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com
www.googletagservices.com
9 token.rubiconproject.com 6 redirects eus.rubiconproject.com
contextual.media.net
9 securepubads.g.doubleclick.net app.bigonline.top.enquetebbb.com.br
securepubads.g.doubleclick.net
tags.premiumads.com.br
www.googletagservices.com
1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com
8 image2.pubmatic.com ads.pubmatic.com
8 match.prod.bidr.io 8 redirects
8 x.bidswitch.net 8 redirects
8 match.adsrvr.org 8 redirects
8 ib.adnxs.com 2 redirects tags.premiumads.com.br
eb2.3lift.com
acdn.adnxs.com
contextual.media.net
6 dts.clnmde.com pxlclnmdecom-a.akamaihd.net
1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com
6 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
app.bigonline.top.enquetebbb.com.br
5 s.amazon-adsystem.com 2 redirects ads.pubmatic.com
5 sync.1rx.io 5 redirects
5 gum.criteo.com 2 redirects static.criteo.net
contextual.media.net
5 www.gstatic.com googleads.g.doubleclick.net
5 analytics.google.com www.googletagmanager.com
4 pixel.tapad.com 2 redirects ads.pubmatic.com
4 ups.analytics.yahoo.com 3 redirects
4 dis.criteo.com 4 redirects
4 eus.rubiconproject.com tags.premiumads.com.br
contextual.media.net
eus.rubiconproject.com
4 lg3.media.net 1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com
contextual.media.net
4 c1.adform.net 4 redirects
4 pr-bh.ybp.yahoo.com 3 redirects ads.pubmatic.com
4 www.googletagservices.com googleads.g.doubleclick.net
securepubads.g.doubleclick.net
1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com
4 fonts.gstatic.com fonts.googleapis.com
4 fonts.googleapis.com cdn6.votarenquete.com.br
googleads.g.doubleclick.net
4 www.googletagmanager.com app.bigonline.top.enquetebbb.com.br
www.googletagmanager.com
3 pm.w55c.net 3 redirects
3 ad.turn.com 3 redirects
3 hblg.media.net 1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com
3 mug.criteo.com
3 b1sync.zemanta.com 3 redirects
3 a.tribalfusion.com 2 redirects ads.pubmatic.com
3 nym1-ib.adnxs.com googleads.g.doubleclick.net
cdn.adnxs.com
3 www.bing.com 1 redirects googleads.g.doubleclick.net
2 ce.lijit.com 1 redirects contextual.media.net
2 capi.connatix.com 1 redirects
2 pixel-sync.sitescout.com 2 redirects
2 pmp.mxptint.net 1 redirects ads.pubmatic.com
2 pubmatic-match.dotomi.com 2 redirects
2 sync.ipredictive.com 2 redirects
2 beacon.lynx.cognitivlabs.com 1 redirects ads.pubmatic.com
2 sync.srv.stackadapt.com 2 redirects
2 cm.adgrx.com 2 redirects
2 rtb.mfadsrvr.com 2 redirects
2 sync.targeting.unrulymedia.com 2 redirects
2 us-u.openx.net 2 redirects
2 ads.pubmatic.com contextual.media.net
ads.pubmatic.com
2 p.rfihub.com 2 redirects
2 px.ads.linkedin.com eb2.3lift.com
2 tag.navdmp.com tags.premiumads.com.br
tag.navdmp.com
2 cs.media.net contextual.media.net
2 t.adx.opera.com 2 redirects
2 rtb.openx.net 2 redirects
2 dclk-match.dotomi.com 2 redirects
2 pxlclnmdecom-a.akamaihd.net contextual.media.net
pxlclnmdecom-a.akamaihd.net
2 static.criteo.net tags.premiumads.com.br
static.criteo.net
2 connect.facebook.net app.bigonline.top.enquetebbb.com.br
connect.facebook.net
2 sync-dmp.mobtrakk.com 2 redirects
2 um.simpli.fi 2 redirects
2 sync-tm.everesttech.net googleads.g.doubleclick.net
ads.pubmatic.com
2 s.tribalfusion.com
2 px.owneriq.net 2 redirects
2 cms.quantserve.com 1 redirects googleads.g.doubleclick.net
2 csi.gstatic.com www.gstatic.com
2 tlx.3lift.com tags.premiumads.com.br
2 bs.yandex.ru tags.premiumads.com.br
2 fastlane.rubiconproject.com tags.premiumads.com.br
2 prebid.media.net tags.premiumads.com.br
2 bidder.criteo.com tags.premiumads.com.br
2 1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 tags.premiumads.com.br app.bigonline.top.enquetebbb.com.br
tags.premiumads.com.br
2 cdn.onesignal.com app.bigonline.top.enquetebbb.com.br
cdn.onesignal.com
2 app.bigonline.top.enquetebbb.com.br app.bigonline.top.enquetebbb.com.br
1 visitor.omnitagjs.com contextual.media.net
1 cs.minutemedia-prebid.com contextual.media.net
1 exchange.mediavine.com contextual.media.net
1 sync.outbrain.com contextual.media.net
1 id.rlcdn.com 1 redirects
1 secure.adnxs.com 1 redirects
1 s.seedtag.com contextual.media.net
1 bttrack.com 1 redirects
1 match.sharethrough.com
1 prebid.a-mo.net
1 hb.yahoo.net
1 sync1.intentiq.com
1 sync.intentiq.com 1 redirects
1 live.primis.tech 1 redirects
1 aax-eu.amazon-adsystem.com
1 rtb.adentifi.com ads.pubmatic.com
1 image4.pubmatic.com ads.pubmatic.com
1 us01.z.antigena.com ads.pubmatic.com
1 csync.loopme.me 1 redirects
1 ums.acuityplatform.com 1 redirects
1 rtb.adstanding.com 1 redirects
1 bh.contextweb.com 1 redirects
1 rtb-csync.smartadserver.com 1 redirects
1 sync.technoratimedia.com 1 redirects
1 match.deepintent.com ads.pubmatic.com
1 image6.pubmatic.com ads.pubmatic.com
1 cms.analytics.yahoo.com 1 redirects
1 sync.navdmp.com
1 pixel.mathtag.com 1 redirects
1 sync2.navdmp.com
1 cdn.navdmp.com tag.navdmp.com
1 c21lg-d.media.net contextual.media.net
1 server.cpmstar.com 1 redirects
1 sync.go.sonobi.com 1 redirects
1 secure-assets.rubiconproject.com 1 redirects
1 cm.smadex.com 1 redirects
1 acdn.adnxs.com tags.premiumads.com.br
1 usr.navdmp.com tag.navdmp.com
1 dts6.clnmde.com 1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com
1 cc.adingo.jp 1 redirects
1 ssbsync.smartadserver.com 1 redirects
1 qsearch-a.akamaihd.net 1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com
1 warp.media.net 1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com
1 a.rfihub.com 1 redirects
1 onetag-sys.com 1 redirects
1 aep.mxptint.net 1 redirects
1 rr4---sn-ab5l6nr6.googlevideo.com googleads.g.doubleclick.net
1 i1.ytimg.com googleads.g.doubleclick.net
1 cdn.adnxs.com googleads.g.doubleclick.net
1 adsdk.microsoft.com googleads.g.doubleclick.net
1 id.navegg.com tags.premiumads.com.br
1 onesignal.com cdn.onesignal.com
416 135
Subject Issuer Validity Valid
*.enquetebbb.com.br
*.enquetebbb.com.br		 2018-05-22 -
2019-05-22		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.votarenquete.com.br
Amazon RSA 2048 M01		 2023-01-24 -
2024-02-23		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-03 -
2024-05-02		 a year crt.sh
premiumads.com.br
Cloudflare Inc ECC CA-3		 2023-04-07 -
2024-04-06		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
prebid.media.net
GTS CA 1D4		 2023-12-24 -
2024-03-23		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
bs.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2023-09-24 -
2024-03-24		 6 months crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
adsdk.microsoft.com
Microsoft Azure TLS Issuing CA 02		 2023-10-11 -
2024-04-08		 6 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 01		 2023-10-24 -
2024-04-21		 6 months crt.sh
*.c.docs.google.com
GTS CA 1C3		 2023-12-12 -
2024-02-20		 2 months crt.sh
quantserve.com
R3		 2023-12-27 -
2024-03-26		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-10-11 -
2024-01-09		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-15 -
2024-03-10		 3 months crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-05-16 -
2024-05-15		 a year crt.sh
dts.clnmde.com
GTS CA 1D4		 2023-12-28 -
2024-03-27		 3 months crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2023-11-03 -
2024-05-03		 6 months crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-11-26 -
2024-11-26		 a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2024-01-01 -
2024-12-21		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2023-12-01 -
2025-01-01		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
beacon.lynx.cognitivlabs.com
Amazon RSA 2048 M02		 2023-03-31 -
2024-04-28		 a year crt.sh
*.z.antigena.com
Sectigo ECC Domain Validation Secure Server CA		 2023-04-03 -
2024-04-02		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
adentifi.com
Amazon RSA 2048 M01		 2023-07-06 -
2024-08-03		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh

This page contains 49 frames:

Primary Page: https://app.bigonline.top.enquetebbb.com.br/
Frame ID: C8E0606B5D011FDF680F30A21CDAF4C4
Requests: 198 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Frame ID: 20580550C5BB90519668124C5C3B187D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6330018069195839&output=html&adk=1812271804&adf=3025194257&lmt=1704198887&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fapp.bigonline.top.enquetebbb.com.br%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704198887598&bpp=4&bdt=180&idt=360&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1382143617713&frm=20&pv=2&ga_vid=1513113727.1704198888&ga_sid=1704198888&ga_hid=826802263&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795922%2C95320884&oid=2&pvsid=1575176703098264&tmod=1392576887&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=375
Frame ID: 36A5FAB5F92DC18C121EB37B870F6F5B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6330018069195839&output=html&h=280&slotname=3146450979&adk=597137813&adf=3932325209&pi=t.ma~as.3146450979&w=1170&fwrn=4&fwrnh=100&lmt=1704198888&rafmt=1&format=1170x280&url=https%3A%2F%2Fapp.bigonline.top.enquetebbb.com.br%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704198888315&bpp=19&bdt=897&idt=19&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1382143617713&frm=20&pv=1&ga_vid=1513113727.1704198888&ga_sid=1704198888&ga_hid=826802263&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795922%2C95320884&oid=2&pvsid=1575176703098264&tmod=1392576887&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=26
Frame ID: 43B2620AB03594BD6B9968DB92A7E028
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6330018069195839&output=html&h=250&slotname=2120920013&adk=2552748265&adf=288130833&pi=t.ma~as.2120920013&w=300&lmt=1704198888&format=300x250&url=https%3A%2F%2Fapp.bigonline.top.enquetebbb.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704198888351&bpp=18&bdt=934&idt=18&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280&nras=1&correlator=1382143617713&frm=20&pv=1&ga_vid=1513113727.1704198888&ga_sid=1704198888&ga_hid=826802263&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1115&ady=1687&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795922%2C95320884&oid=2&pvsid=1575176703098264&tmod=1392576887&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=24
Frame ID: 45113CC592F8E8D23A14E849CC92BA69
Requests: 1 HTTP requests in this frame

Frame: https://1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2B7DB99608F4B1A0F89C398E5A68F5B4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6330018069195839&output=html&h=212&slotname=1184555942&adk=2187097866&adf=3548294649&pi=t.ma~as.1184555942&w=850&lmt=1704198888&rafmt=11&format=850x212&url=https%3A%2F%2Fapp.bigonline.top.enquetebbb.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704198888436&bpp=9&bdt=1018&idt=9&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280%2C300x250&nras=1&correlator=1382143617713&frm=20&pv=1&ga_vid=1513113727.1704198888&ga_sid=1704198888&ga_hid=826802263&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=3721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795922%2C95320884&oid=2&pvsid=1575176703098264&tmod=1392576887&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=13
Frame ID: F6B7B773E13305C3B8BB9EDEF603E87A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6330018069195839&output=html&h=250&slotname=2120920013&adk=2552748265&adf=685434138&pi=t.ma~as.2120920013&w=300&lmt=1704198888&format=300x250&url=https%3A%2F%2Fapp.bigonline.top.enquetebbb.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704198888483&bpp=6&bdt=1065&idt=6&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280%2C300x250%2C850x212&nras=1&correlator=1382143617713&frm=20&pv=1&ga_vid=1513113727.1704198888&ga_sid=1704198888&ga_hid=826802263&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1115&ady=3423&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795922%2C95320884&oid=2&pvsid=1575176703098264&tmod=1392576887&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=3&fsb=1&dtd=11
Frame ID: 5D194DB4BBDB61844A14265182C7630C
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6330018069195839&output=html&h=928&slotname=9391698467&adk=3839019563&adf=3537906732&pi=t.ma~as.9391698467&w=270&cr_col=1&cr_row=13&fwrn=2&lmt=1704198888&rafmt=9&format=270x928&url=https%3A%2F%2Fapp.bigonline.top.enquetebbb.com.br%2F&ea=0&crui=image_sidebyside&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704198888500&bpp=3&bdt=1083&idt=3&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280%2C300x250%2C850x212%2C300x250&nras=1&correlator=1382143617713&frm=20&pv=1&ga_vid=1513113727.1704198888&ga_sid=1704198888&ga_hid=826802263&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1115&ady=3779&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795922%2C95320884&oid=2&pvsid=1575176703098264&tmod=1392576887&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=4&fsb=1&dtd=7
Frame ID: E7053F3618AE455EC285E4BD08CDAB82
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6330018069195839&output=html&h=212&slotname=1184555942&adk=2187097866&adf=316346021&pi=t.ma~as.1184555942&w=850&lmt=1704198888&rafmt=11&format=850x212&url=https%3A%2F%2Fapp.bigonline.top.enquetebbb.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704198888463&bpp=9&bdt=1045&idt=10&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280%2C300x250%2C850x212%2C300x250%2C270x928&nras=1&correlator=1382143617713&frm=20&pv=1&ga_vid=1513113727.1704198888&ga_sid=1704198888&ga_hid=826802263&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4582&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795922%2C95320884&oid=2&pvsid=1575176703098264&tmod=1392576887&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1152&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=5&fsb=1&dtd=116
Frame ID: A6FBB4E9830CCD1483B4AB198D00531E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 15CB4391C99ACF52279F126B302EEB5C
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsviUc3Te3OExFVUnIUz3fCcueVMDhYFqPDKZAlnXNsJ3FinHmrjURRhYeiAVkcgGH4xYSQcIJAqS-99_jBBbs_uY9xBi5af2FlCwCOhRLbNIbEX-wH3rHGvfDCUoYdufTishOmdWxmuqPuCFJ4SSS-te-DjgTyi_vkAU9jZkI5OSbd2Yn7J-loVrGPGG_14fdEwluf10v7FRnBZLVXoEaA0uOuToKgUaeBWGGrootd8jFtJnXBvKhfyOYMVxJFM4yIPh5sUGxby9cf-9cTAa02wLqCTp5gL3zdaMTOIsF8yMBfOYU0ErFXerjBR-Qe-c6A7384aPnIiVrK8Qft2oQ-ADS7yPJsQfoOlBlbnccm9UyWcrkZLIw90m1Kq7o96Eu0uz3PnE_QrYwlFjQ&sai=AMfl-YRBUhc1_psUGwHJZutPqe847AEPWdwR7iP--LWvwWpv-a9J1vvQ5Sea6BC6oM9AOarsjxnZF_ornbGsJKvpEK7iK1Xj6wsCSo4S_iIpuhVh6OZRFJF6VnjUI-8Dj1Q&sig=Cg0ArKJSzKEQxYKnt1ctEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 6C94A28C90F55BF782F8F02AADB96FB1
Requests: 6 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/e21910fd923a6283b5d44b2382eabc86.js?tag=client_fast_engine_2019
Frame ID: DEF3DE10DD1772AA176836CBA4D40EB2
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: ABA7EBC2335F16EE980061058DAF9A00
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 978C1BFC2D45D392ACF4767A462F3789
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Frame ID: EA296581E58DC90018E59E2CEED83E24
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 621E54BE0570F3B0E21672030CF31708
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0B303A1F75454EFE75FBB3ECABA9AB14
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=app.bigonline.top.enquetebbb.com.br
Frame ID: FB8A0D4665168D53613330ABB0692146
Requests: 2 HTTP requests in this frame

Frame: https://1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E54A8016624785988F08F7672A7F2A53
Requests: 25 HTTP requests in this frame

Frame: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2908&&kkdd=n3%7C!%7C3*Ah9HWun&22=_o&G8=9bhU9fccf9p9Hbph9RR&)B4F=h&~-41=h&2BG=99Uh&Y-2L=tHOO&28B=cw_QmO9mO&242B=CU(38tNUgTiUI8vfeWsE40%3D%3D&2F8B=cU99HbH9p&-8WL=bRcEfh&-2=yt&2NZ~=-~~d~8)F1Y8lZdYL-Y&48B=cvnAOh5HR&Y48B=Q6pUOof&NYY4-=9&FFF=7X4d.YbUig2kRB_FlacKT_alw2bFLlT5.nGaw~o10YFR-N~vhJCRoE!6o0iLFsXp&Z-L=p&PX=9&s)B=U&1BY9=cw_AURHpi&1BYR=fOfURcpHR&TB1Y1=-BR%3DZsPPr8sFPdP%3D9hrl)LF4~%3DhzhbrBl~dT%3Dhzp9r-2B%3DZDrF1L%3Dh%2ChrBl~dP%3DRhrGPRFd-B%3DRhRUh9hRhHr8sFPdT%3DObUzcOrsFPdYV2%3DhrsFPdFR1dT%3Dhr-YB%3DRUUhc9ff9prF1Y%3Dhzhhh%2Chr84%3D9f6UQv1T4wV389GwyT_pWRr.TT%3DhrF884s1%3D99U%2C99UrF2%3D9rF8-s8B%3Dh%2ChrF4-d-B%3DRhRUh9h9R9rF1BG%3Dhzhhh%2ChrsFPdT%3D9zUcrGPRFdsFPdT%3Dhr-~~dXF%3Dbz9Hh9rsFPdP%3D9hr-PG%3D9Hzpbr)21Y%3DM9hrTT%3D9fOr-~~d~sP%3DhzOUrLF4~%3DhzhbrGPRFdsFPdV2%3Dhghr4-8d2%3DR9%2CH%2Ch%2Ch%2Ch%2Ch%2Ch%2ChrT~%3D9r4-8dB%3DHUcUrFVL%3Dh%2Chr1H4dT%3DRzHf%2CUbzU9r-B%3D9rs8B%3DRy1a3n~p(q!P3e4PFBr2GPRFdT%3DhzfOrTYB%3DOb9fHhRcUfRfUfbhROHRHpUHp9ch9hfRcUOROhUUffHbcRUUHU9OhHHRfbfcccRc9HRc9hcUhOhURfhHUcfOH9Uh9cfbHchphbc99cUrs8~%3DhrFVY%3Dhzhhh%2Chrl)BR4dT%3Dhzfcr--%3DIqr22%3D_orVTdBP%3D4Yrs8X%3DM9r2L%3DhrF2G%3DURrwy%3DHhbcrVTds2%3D9rZY-%3DRrVTdsP%3D4YrVTd22V-%3Dhr2Y%3DTs..1PlrT--d*Q!%3DIq%2CIqrT1-8-R%3D9fOrTBY%3D9bhU9fccf9rT1-8-9%3D9fOrVTdYY%3D99rB2%3DcrGPRFdT%3DRzhHrYY%3DbbhrGXdLE2%3Dhzcbr-~~dT8B%3DhzhUrG8-d-B%3DUbrF.d2ZY%3D9rsFPdF4-dT%3DfzHr-lT3%3DhrB2R%3D9rGd1-Z%3DRhRbcrP1-Y%3Dr2Gl)%3DhzfOrG8-dsFPdT%3DhzpOrGPRFd8d-B%3DRhRUh9h99crG8-dsFPdP%3DhrB-ZT%3DURhrLY%3DRRrGPRFd8dT%3Dhzh9rG8-dT%3Dbb9zORrGPRFdsFPdG8%3D9gM9OrsFPdYG8%3DhrGG%3Dhr2GPRFd-B%3DUbrF.G%3DURrPRFdT%3D9hhhrXFdT%3D9zh9%2Chr-~~d-B%3DRhRUh9hRhHrF1B4%3Dhzhhh%2Chr-8B%3DcU99HbH9prsFPdF4-dV2%3DhrVTd-F2%3DVTTrGXs%3DhzcbrBR4dP%3D9hr2GPR%3DhzfOrH42.%3Dfffzcprl)d~-N%3DhzhbrB~~d-YF)%3D-~~d~8)F1Y8lZdYL-YrBR4dT%3DhzffrF4-dT%3DUbzU9rsFPd-F4-dT%3DfzHrFVX4%3Dhzhhh%2ChrFVXB%3Dhzhhh%2Chr8-kL.%3Dhr8-8.%3DhrsFPdF42dT%3DhrT8B%3DhzhUrVTd4Y%3DJl~L41)LrsFPdF4-dFG%3Dhr2TB4%3DhzhUhr-B%3D9r8YD4Ld8B%3D9br-LPPLFdY1)d8B%3DRUUhc9ff9pr-s44PDdY1)d8B%3DrBLYL2YLBdY1)d8B%3DrG8LX1T8P8YD%3Dhzcbr4l-%3DHr12dYD4L%3D9r1BTPV%3DRUUhc9ff9prFL.d2ZY%3D9r1~4%3D9rl)T8B%3DhzhbhrT.PF%3DhzhUhr-s8B%3Dwqgogw5bKDN9QBIl54L8byDfDigrBY2%3DL1-Yd-2rB~~dLF4~%3D.1P-LrB~~%3D-~~d~8)F1Y8lZdYL-YrTB4214B%3DhrB1P)%3D-~~r-lT4%3DrE8B%3DqemM4sTMHO9fhUpccb9cbhH9rNY~P%3D9r-~~d148%3DG9r8T2%3D9rZ-W%3DRrY)-%3DbRcEfh%7CfbhEfhrT-T%3DhrT-4%3DhrY~E%3DRUR&ZYG=h&~~~=1Cwcw)fUU1XKhi!D7b0ohaZfN2qtPl_itW9I-Ea7OtX%3D&8X=bRc&8Zy.F=9&TBFyB=UOh&T8B=HUfhOp&~2.=bOpfR&DB-4F=9&T1L=iELIi1((1iriELIi11I1irULL&V1Y4FL=9&21Bl~18Z=YWkMNt2PMtMJoNIURMss.BZpnmNR8whIO(BHRDUyo235nJ3dVD3lW)%3D%3D&D4P4=9&8-8B=p&1BG=yZGL-YlF%20Al2s-&--~2FdGLF=p&4)8B=4hHOpUpffchYRhRUh9hR9RHU&--PB=%7B%22--84%22%3A%22ROhR%3A..2c%3AhhhR%3Ahhhh%3Ahhhh%3Ahhhh%3Ahhhh%3Ahhhh%22%2C%22--22%22%3A%22_o%22%2C%22---2%22%3A%22I7%22%2C%22--2YD%22%3A%22is..1Pl%22%7D&4LF.=9&NY~P-F2=9&sflct=8828251&ure=1
Frame ID: 3DABB0222706B026E71DFAD113F73675
Requests: 8 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUF4235B&prvid=99%2C77%2C20000%2C294%2C262%2C460%2C461%2C462%2C4%2C313%2C10000%2C459%2C229%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Frame ID: 24FC49EB4965AE42231E10911B58EE2A
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1058D59FE47BF1A17C52CE5CEB023988
Requests: 9 HTTP requests in this frame

Frame: https://pxlclnmdecom-a.akamaihd.net/javascripts/bfp_ssn.js?templateId=3
Frame ID: B748252347A36DBBAEF7F10C42AA1763
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUM45834&prvid=2012%2C2034%2C2033%2C2055%2C2031%2C2030%2C3020%2C251%2C175%2C450%2C2009%2C550%2C178%2C233%2C2028%2C3018%2C2027%2C3017%2C214%2C236%2C237%2C117%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C2022%2C3012%2C3010%2C141%2C262%2C461%2C222%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C10000%2C404%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: F79B8DE7EE9FE4B37163EC447E3CFFB0
Requests: 12 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: FC5DC790BEEC02E10ED018585696FA19
Requests: 19 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 19BDDC1D2D1624C3185A9B0AA34DA761
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 22D868589571FBC1FD2F8106A4EF5E7B
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=medianet
Frame ID: AB7D0BFF6500BF5D9350E54598C5DDE0
Requests: 20 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=8&vsid=3472004916634949000V10&type=rkt&refUrl=&vid=41988944493472004916634949000V10&axid_e=&ovsid=1600704161744483559
Frame ID: C7ACB936AF534D36D157F64507D61932
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472004916634949000V10%26type%3Dpba%26refUrl%3D%26vid%3D41988944493472004916634949000V10%26axid_e%3D%26ovsid%3DPM_UID
Frame ID: 2E279EE0B8E6E4AC6F2699C26B67D74D
Requests: 19 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=C0601E02-970D-4920-82C3-AA8D8C480787&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: CB1DD555E4E2A9A9587D30901516A74B
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: D8A089C8FB8D09175E7F4D7DBC8393B5
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEi3E7LKAYAABO0Y1-vSQ&gdpr=0&gdpr_consent=
Frame ID: 9F25990ADBEDCB25B90813E78E9DD543
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=9206689877130227959&gdpr=0&gdpr_consent=
Frame ID: 5FBD94A7EECA3FD69206BD1A097818CF
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: AA050465980FE59EEDF6F22A2274B068
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=5510a11c-a96b-11ee-acd8-c5cd5cccdf0b
Frame ID: 0DB6513D04898D60E8A23CBC0679E6E5
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=8jQhQvQzfU_pNnkXomI1E6I2LhfpNCsUoTFnDt-r
Frame ID: B5EE807173A0CE5B080BDE7FF6D1F123
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=618de491-0017-44ae-b586-d6dd76374709&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Frame ID: F622E992AB88DEC1202070DDF044BE44
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=HLiTh2iyUpl_l7NZChyoE2AJ-S0&gdpr=0&gdpr_consent=
Frame ID: 484F478A5CE7F2F729E7CDC0B4A83136
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:EZLUh37U1RkDYW5&gdpr=0&gdpr_consent=
Frame ID: EA0F8EE3D43123C00132DDD13C2AAE1E
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1600704161744483559
Frame ID: 5D9180AC806D1DE2D0374C1E99CD0B26
Requests: 1 HTTP requests in this frame

Frame: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=C0601E02-970D-4920-82C3-AA8D8C480787
Frame ID: B1C8AE0851A5EF7A44C56E5CBC1308BE
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 3DDBBFC10945C7E678E6439CF8CEECDB
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: B05C876F1F5787F7A880B754C6B26014
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU175dd950f095451fad05ca720b810bdc
Frame ID: D163116377097062939E5B02D39E984A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=871892442096
Frame ID: 5FAC1E59AE761DE5FBA33686D22F31E4
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 71E8444D07938C2BF903FCD7A75A94CC
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.php?cs=8&vsid=3472004916634949000V10&type=pba&refUrl=&vid=41988944493472004916634949000V10&axid_e=&ovsid=C0601E02-970D-4920-82C3-AA8D8C480787
Frame ID: B40914DB7711AF7FB02AE3B5A6555DC6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Enquete BBB - Votar BBB 23

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • tag\.navdmp\.com
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • sweet(?:-)?alert(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • swiper(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

416
Requests

78 %
HTTPS

34 %
IPv6

88
Domains

135
Subdomains

77
IPs

6
Countries

6906 kB
Transfer

11362 kB
Size

54
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 209
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=6b388cb9-bf4f-4aff-bc73-8db863722e27&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=dee33090-28e5-4467-9d42-46bebf0512da&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3D66a55798833b418da916b2c0250a20fc%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=6929499&trafficGroup=knaqe_3c&trafficSubGroup=knaqe_3c_p2f_zbovyr&aid=4104601534302765381&wp= HTTP 303
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=66a55798833b418da916b2c0250a20fc&SNR=1&GV=2&med=10
Request Chain 218
  • https://px.owneriq.net/ecmg?google_gid=CAESEKXVi9VGxZIxFpgaRw2Q94A&google_cver=1&google_push=AXcoOmSGG4cGHMmzpIFfudM4VvwN37dla9EIWRzm44zUFctEt2cm3IzZ646bwa8nX1SZcljtqQhUKafrCQx4ufZxwaTUOxRc-lVkz5FV HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fcm.g.doubleclick.net%2fpixel%3fgoogle_nid%3downeriq1%26google_sc%26google_push%3dAXcoOmSGG4cGHMmzpIFfudM4VvwN37dla9EIWRzm44zUFctEt2cm3IzZ646bwa8nX1SZcljtqQhUKafrCQx4ufZxwaTUOxRc-lVkz5FV%26google_cver%3d1%26google_gid%3dCAESEKXVi9VGxZIxFpgaRw2Q94A%26google_hm%3dUTc1NzQ4NTI4OTExMDczMjY1MTA%3d&uid=Q7574852891107326510&ref=%2Fecmg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AXcoOmSGG4cGHMmzpIFfudM4VvwN37dla9EIWRzm44zUFctEt2cm3IzZ646bwa8nX1SZcljtqQhUKafrCQx4ufZxwaTUOxRc-lVkz5FV&google_cver=1&google_gid=CAESEKXVi9VGxZIxFpgaRw2Q94A&google_hm=UTc1NzQ4NTI4OTExMDczMjY1MTA=
Request Chain 219
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEBOck4_6uoJiasStLLmX4ss&google_cver=1&google_push=AXcoOmT_DrFInWLRZtePlvgAgATzBNg8cRvbvBQlFbiTKtvHuwOhd37vlnUeGKWkM9z-1J5juaL63AQRYNomR-b0PT1vO64o3Mk-kxgY&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmT_DrFInWLRZtePlvgAgATzBNg8cRvbvBQlFbiTKtvHuwOhd37vlnUeGKWkM9z-1J5juaL63AQRYNomR-b0PT1vO64o3Mk-kxgY%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBOck4_6uoJiasStLLmX4ss&google_cver=1&google_push=AXcoOmT_DrFInWLRZtePlvgAgATzBNg8cRvbvBQlFbiTKtvHuwOhd37vlnUeGKWkM9z-1J5juaL63AQRYNomR-b0PT1vO64o3Mk-kxgY&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmT_DrFInWLRZtePlvgAgATzBNg8cRvbvBQlFbiTKtvHuwOhd37vlnUeGKWkM9z-1J5juaL63AQRYNomR-b0PT1vO64o3Mk-kxgY%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 220
  • https://aep.mxptint.net/sn.ashx?google_gid=CAESELwiVLoc1QAAN8IX5-zynSE&google_cver=1&google_push=AXcoOmQk33YiPTHpLaarOxte9CWr7bCeoI5qaLuv6UNCGXLsR4r_ZNt3A4wJRgvT0jzKlS_Vc_K4P9E3vQx2B6KR1pg_Kw9qRJdKq-w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmQk33YiPTHpLaarOxte9CWr7bCeoI5qaLuv6UNCGXLsR4r_ZNt3A4wJRgvT0jzKlS_Vc_K4P9E3vQx2B6KR1pg_Kw9qRJdKq-w&google_hm=UjM1Q0E1XzEwRUE4NjI3N18xNzZGOERCMw%3D%3D
Request Chain 221
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELhLpUyl0j5PI8mbb3E_lNE&google_cver=1&google_push=AXcoOmTGn7ST_IKyPBKGr3l-kQfs_7j_Gz6dCJPVkdh0uHPtzOcc3NBQREjsU8wH_Korcm0RCXTs4isooJR2IU5GBORctbBJ-ZgTD1c HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTGn7ST_IKyPBKGr3l-kQfs_7j_Gz6dCJPVkdh0uHPtzOcc3NBQREjsU8wH_Korcm0RCXTs4isooJR2IU5GBORctbBJ-ZgTD1c&google_hm=eS1HdUZJQjQ5RTJwSHlHY29WeDlWVjZ4ZDViUVZCTmlDbn5B
Request Chain 222
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEBHB4T8KqbZT4wX-bGkDpCA&google_cver=1&google_push=AXcoOmTLSjVn36179A3a4flnJ1135ixF_G6O6nsP9XV81KEnf6MPZEJ1PV6d7YxsXDnGkT63uOEro5vrFAOrTKUaIPNEzNa3ZKKDcO57 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTLSjVn36179A3a4flnJ1135ixF_G6O6nsP9XV81KEnf6MPZEJ1PV6d7YxsXDnGkT63uOEro5vrFAOrTKUaIPNEzNa3ZKKDcO57
Request Chain 223
  • https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEIHkI6JQ-HjRpw4IQYF3fN4&google_cver=1&google_push=AXcoOmSoeZKyPCd_cAXxGWCvkTivN9I7vBXd13WChJLo1Rw8l82Ov6_OjYWJMHiXAUmPrpJ7AH8uY-C09AsDbf4DL1Iz4dLZTM0B0SHZmw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmSoeZKyPCd_cAXxGWCvkTivN9I7vBXd13WChJLo1Rw8l82Ov6_OjYWJMHiXAUmPrpJ7AH8uY-C09AsDbf4DL1Iz4dLZTM0B0SHZmw&google_hm=MTYwMDcwNDE2MTc0NDQ4MzU1OQ==
Request Chain 230
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEBOck4_6uoJiasStLLmX4ss&google_cver=1&google_push=AXcoOmTSwff64YjAfmgxLLdQDNZRHK9Fgi9Z2juG4ihgnbHtCbShOEZO8cNzLlVFA1V31IXbN-dZhGte9lGKb_8RlUDLk2O4UvvbNw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTSwff64YjAfmgxLLdQDNZRHK9Fgi9Z2juG4ihgnbHtCbShOEZO8cNzLlVFA1V31IXbN-dZhGte9lGKb_8RlUDLk2O4UvvbNw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBOck4_6uoJiasStLLmX4ss&google_cver=1&google_push=AXcoOmTSwff64YjAfmgxLLdQDNZRHK9Fgi9Z2juG4ihgnbHtCbShOEZO8cNzLlVFA1V31IXbN-dZhGte9lGKb_8RlUDLk2O4UvvbNw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTSwff64YjAfmgxLLdQDNZRHK9Fgi9Z2juG4ihgnbHtCbShOEZO8cNzLlVFA1V31IXbN-dZhGte9lGKb_8RlUDLk2O4UvvbNw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 232
  • https://um.simpli.fi/gp_match?google_gid=CAESEJOka00S9TVOIqT63nD0wms&google_cver=1&google_push=AXcoOmTa8XCJpKOX1teAMzbiS73VrjyxAzs-nSPdg48hMo4PCShpEx57JiFNaPyHk_Muu_fRdVrwfTtvJzUMwI1CvGgphrwz1wg06Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=9D8A318B020A4D588B4CC29AC1211ACB&google_push=AXcoOmTa8XCJpKOX1teAMzbiS73VrjyxAzs-nSPdg48hMo4PCShpEx57JiFNaPyHk_Muu_fRdVrwfTtvJzUMwI1CvGgphrwz1wg06Q
Request Chain 233
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESELTFIJpaeZMmv45eNoREvLs&google_cver=1&google_push=AXcoOmTAtjlcvJoOhIhdB3LJkL_dbb3IptqRFCYv13M0qCsG3hU_-BYiBGM99IK5KdqgYoUR7gRDc09yXfrXn_AIeeVVxPzfEHggKg HTTP 302
  • https://match.adsrvr.org/track/cmb/google?google_gid=CAESELTFIJpaeZMmv45eNoREvLs&google_cver=1&google_push=AXcoOmTAtjlcvJoOhIhdB3LJkL_dbb3IptqRFCYv13M0qCsG3hU_-BYiBGM99IK5KdqgYoUR7gRDc09yXfrXn_AIeeVVxPzfEHggKg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=YWYzOGU1ZWYtOTYyZS00YzU0LWIzM2ItMjE4NjI4ZGQzNGEy&google_push&gdpr=0&gdpr_consent=&ttd_tdid=af38e5ef-962e-4c54-b33b-218628dd34a2
Request Chain 234
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEO5H0Yh6H2Trdn1KNIROWdU&google_cver=1&google_push=AXcoOmS_uRTTpHCmNapC6uvfjyskpkiIOP3Lj6_B5ZNkk1hjgj0u1bxFbDlyBiYebxMJ2QDFJhe1IVu01PZQfmh2aN663ubzmYrfNA HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEO5H0Yh6H2Trdn1KNIROWdU&google_cver=1&google_push=AXcoOmS_uRTTpHCmNapC6uvfjyskpkiIOP3Lj6_B5ZNkk1hjgj0u1bxFbDlyBiYebxMJ2QDFJhe1IVu01PZQfmh2aN663ubzmYrfNA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODQ0NzczNjg1NTM4MjU3NjgxNw&google_push=AXcoOmS_uRTTpHCmNapC6uvfjyskpkiIOP3Lj6_B5ZNkk1hjgj0u1bxFbDlyBiYebxMJ2QDFJhe1IVu01PZQfmh2aN663ubzmYrfNA
Request Chain 235
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEAtzjM_1t99q-iZaYQoec_w&google_cver=1&google_push=AXcoOmRzbrHb95KV3ZTTXhnnePidiK_yCf-5X1WX0jAvTmNK6FMI-HuhLKCdSv6NEr5d21_TXeT3_xHDs8TfBIHu-7czFv2TMkhx HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEAtzjM_1t99q-iZaYQoec_w&google_push=AXcoOmRzbrHb95KV3ZTTXhnnePidiK_yCf-5X1WX0jAvTmNK6FMI-HuhLKCdSv6NEr5d21_TXeT3_xHDs8TfBIHu-7czFv2TMkhx&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmRzbrHb95KV3ZTTXhnnePidiK_yCf-5X1WX0jAvTmNK6FMI-HuhLKCdSv6NEr5d21_TXeT3_xHDs8TfBIHu-7czFv2TMkhx&google_hm=U1B5NWREODZFc2hmWkh6dERTT3A=
Request Chain 236
  • https://sync-dmp.mobtrakk.com/match/google?google_gid=CAESEECyFzq4mlatiKDpMIN3ia0&google_cver=1&google_push=AXcoOmRPrtVi8aa_80qxeLESQ5y5s_hweuiCO8pXn-cGuKt-BAJlHIH7RAdFVZns_ZRbcX-4Ka3wWlOEygD3GnC3obFngnZx67L6fQ HTTP 302
  • https://sync-dmp.mobtrakk.com/match/google?google_gid=CAESEECyFzq4mlatiKDpMIN3ia0&google_cver=1&google_push=AXcoOmRPrtVi8aa_80qxeLESQ5y5s_hweuiCO8pXn-cGuKt-BAJlHIH7RAdFVZns_ZRbcX-4Ka3wWlOEygD3GnC3obFngnZx67L6fQ&chk=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=992917243&google_hm=NjJjZWVjYjJjMzhkMzkxZQ&google_push=AXcoOmRPrtVi8aa_80qxeLESQ5y5s_hweuiCO8pXn-cGuKt-BAJlHIH7RAdFVZns_ZRbcX-4Ka3wWlOEygD3GnC3obFngnZx67L6fQ
Request Chain 261
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=enquetebbb.com.br&sn=ChromeSyncframe&so=0&topUrl=app.bigonline.top.enquetebbb.com.br&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=l5NtmXwxTjlSTVpZNkcyRGhqRUdkTXhQV21pYW9ZV2d1YTFmL2dvNEUzTmdUWkxHYmxVMUxYNy82dUdrUFZYMEJYT2ZDa2xvcjlXbnJibFZRQUg0dFl3Sk80OHA4TFphdVBDU3dpMXpoN0VxQ09iRzZnUWhrS0ZMZDRlZ1F5V1BzUkNwaFRUQnIvMTBlaHBvdVRSRCtmMllubDV3dkplNzE3RVkvSWZYTnlxb3FKNGlDU2tXS0Z1Z201ZFdENHhXYWxXWUJxalBsT2M4Nk5WV0JIdVVFWDJ2ZWZVK2Q1NDNMY0doZWpRcENrVUMzZWQrMVVEZXVyZXFCc0lkb1dPSkZ3SnhGTlJETVhmSlkyR3hDUjA2UythU0ZTMUo2ZzFSWGZvWlNGQUVLL1ErU2haND18&cppv=2
Request Chain 281
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEBlM8tFia6hXyXFpjbYYXqQ&google_cver=1&google_push=AXcoOmQYur1xld8TILitzh317u375vqx4nZRLejongvX-U5Hjt1HVVSewb1ZQXMTMQ9d6W07cHRx6vYNoSVNgkygVC_L8Trw-nu8 HTTP 302
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=6ef36c252d7e11fa&is_secure=true&networkId=14000&version=1&google_gid=CAESEBlM8tFia6hXyXFpjbYYXqQ&google_cver=1&google_push=AXcoOmQYur1xld8TILitzh317u375vqx4nZRLejongvX-U5Hjt1HVVSewb1ZQXMTMQ9d6W07cHRx6vYNoSVNgkygVC_L8Trw-nu8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAFzWpyI2y83gM-dlgLAAAAAAA&expiration=1704285292&google_cver=1&is_secure=true&google_gid=CAESEBlM8tFia6hXyXFpjbYYXqQ&google_push=AXcoOmQYur1xld8TILitzh317u375vqx4nZRLejongvX-U5Hjt1HVVSewb1ZQXMTMQ9d6W07cHRx6vYNoSVNgkygVC_L8Trw-nu8
Request Chain 282
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEAzCPTEDzNeZNSAF5boAICI&google_cver=1&google_push=AXcoOmQLCZKgL4KSnjvafkMAUpwt7fHNpknaGsBCt9dsW3Mp2JwS1Yr9oMMdqQQu-mcx5HsEdZSQsv_ZHfIgReIqKVoXkfQ5IHxV HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEAzCPTEDzNeZNSAF5boAICI&google_push=AXcoOmQLCZKgL4KSnjvafkMAUpwt7fHNpknaGsBCt9dsW3Mp2JwS1Yr9oMMdqQQu-mcx5HsEdZSQsv_ZHfIgReIqKVoXkfQ5IHxV
Request Chain 283
  • https://rtb.openx.net/sync/dds?google_gid=CAESEP0LtI1ds0odX8SRSWjZXoA&google_cver=1&google_push=AXcoOmT3nPwBv1Jgqt-m7oJjuSylornUGLSYEohfobbcePbpXR28_82fwd1gErvPRQ9pPyYWmp3VLqjxUg9np5rZ07JqnYB5ncKI HTTP 302
  • https://rtb.openx.net/sync/dds?google_cver=1&google_gid=CAESEP0LtI1ds0odX8SRSWjZXoA&google_push=AXcoOmT3nPwBv1Jgqt-m7oJjuSylornUGLSYEohfobbcePbpXR28_82fwd1gErvPRQ9pPyYWmp3VLqjxUg9np5rZ07JqnYB5ncKI&ox_sc=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmT3nPwBv1Jgqt-m7oJjuSylornUGLSYEohfobbcePbpXR28_82fwd1gErvPRQ9pPyYWmp3VLqjxUg9np5rZ07JqnYB5ncKI&google_hm=IHzrK0kYwJ0fMeeDp6iD6A==
Request Chain 284
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEC0pHdztC5v4VNnlrq-Sdq0&google_cver=1&google_push=AXcoOmTyFYRFJHV1A2eeGR_OmTrefS79wElwKsjPlyiNbHn4G9WkCMqVz3xX-EUdxNx8d0XaGz1JQJOIx6hpOO4j5ATJAY2q_LzT HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=0&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmTyFYRFJHV1A2eeGR_OmTrefS79wElwKsjPlyiNbHn4G9WkCMqVz3xX-EUdxNx8d0XaGz1JQJOIx6hpOO4j5ATJAY2q_LzT&google_gid=CAESEC0pHdztC5v4VNnlrq-Sdq0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTI5Njk2NjA2MTIxMzE0OTA4MjMyNQ%3D%3D&google_push=AXcoOmTyFYRFJHV1A2eeGR_OmTrefS79wElwKsjPlyiNbHn4G9WkCMqVz3xX-EUdxNx8d0XaGz1JQJOIx6hpOO4j5ATJAY2q_LzT
Request Chain 285
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEBwtXY-ylvjCZ6InUXFljHE&google_cver=1&google_push=AXcoOmR-tgh8jv5fbbMUyKJPzObfujWVWSns-Oj3jjQtuNVqmTDe-jtbhpswesvdQj6ZWOw-3hS2LL9Fn1Lwcfe50pDfxYXXdRhp HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmR-tgh8jv5fbbMUyKJPzObfujWVWSns-Oj3jjQtuNVqmTDe-jtbhpswesvdQj6ZWOw-3hS2LL9Fn1Lwcfe50pDfxYXXdRhp&google_hm=NTM2NjQwNjQyMTA2ODAzNDc4NA%3D%3D
Request Chain 286
  • https://cc.adingo.jp/adx/push/?google_gid=CAESEOaU-x53hPUitGdhp392OXY&google_cver=1&google_push=AXcoOmR0I23iF9agPGH8SnylffJ24YcA-fgdZ7-CNADzzGxu8ZLxKg__6_c2Cynl30QtN3cCCQbcC67bSlHXrEI_XIAgbwosL-R- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AXcoOmR0I23iF9agPGH8SnylffJ24YcA-fgdZ7-CNADzzGxu8ZLxKg__6_c2Cynl30QtN3cCCQbcC67bSlHXrEI_XIAgbwosL-R-&google_hm=c7bc41f4280cbae7262dd5ad772c0d97
Request Chain 287
  • https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmS8OupPsCbtpJ-UfCDdDf52tH7Scf3UtZZ5QfhpNdx7bNAwakdRW1fDxyhvDSN-clcMPOQfDalUtDjNAhWDKKR90YgWLdTCRA&google_gid=CAESEMMWRIBJ_t5j0epILgAL33M&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEMMWRIBJ_t5j0epILgAL33M&google_hm=T1BVMTc1ZGQ5NTBmMDk1NDUxZmFkMDVjYTcyMGI4MTBiZGM&google_nid=opera_norway_as&google_push=AXcoOmS8OupPsCbtpJ-UfCDdDf52tH7Scf3UtZZ5QfhpNdx7bNAwakdRW1fDxyhvDSN-clcMPOQfDalUtDjNAhWDKKR90YgWLdTCRA
Request Chain 289
  • https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzQ3MjAwNDkxNjYzNDkyNjAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEAJ7jEURlczxT30ykPfx4kM&google_cver=1
Request Chain 311
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fapp.bigonline.top.enquetebbb.com.br%2F&domain=app.bigonline.top.enquetebbb.com.br&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=GHqbQXxkTmx3VC9CN3Vnd1hHU3NvSXVaWitlNi9IR2J2M3F1U0RlTk85eFgyNmQ0ZmNaUlV3TExENm93UHpYVzJoVFdoMkRMWjRRSEhWTUU0ZDg3TUtnTDg1cU9BeW4vVjJlcXJxeG5vaHA4bTNub0x6VzMraSt5cGYzTUE1MzN6ckxRMWhJS29ETUt6Wk1kOXBNY3FuQ21SS1pRa2lId25ySkYvMkRnYUQySXFhemFsOGgvdW4rUUFqV0ZEVS9QeEhIZkdOTkxRVDZQSjhNMk1STWZoZ3JmdGRZMTYzazloNHpTU0hpc1R0aGJiekd6Y0oxc25SRDBwamM0VFI5cWhodmdvNjBSeVM4MmlLTGU4OXBaVmNiYjBoNTNtTDV3QWdSemxrK1FYQU1xdkVreDR2aU4vLytkcmU1aWpIbklxUTNLUHw&cppv=2
Request Chain 317
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=af38e5ef-962e-4c54-b33b-218628dd34a2&dongle=0cfd&gdpr=0&gdpr_consent=
Request Chain 318
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTI5Njk2NjA2MTIxMzE0OTA4MjMyNQ%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 319
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEPqyhmrBbhLwd9hBBIDLODo&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 320
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTI5Njk2NjA2MTIxMzE0OTA4MjMyNQ%3D%3D
Request Chain 322
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/1296966061213149082325?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-enMA1yFE2oRZBC_atRr4_O.V97Hs_HPmwFzyfUuc5w--~A&dongle=0883
Request Chain 323
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=1296966061213149082325&gdpr=0&gdpr_consent=${GDPR_CONSENT} HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=triplelift&user_id=1296966061213149082325&gdpr=0&gdpr_consent=${GDPR_CONSENT} HTTP 302
  • https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=triplelift&bds_param=7af3ea63-67de-4d28-9d0b-84f04b46ba31 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=340&user_id=8cf98ac7-532f-42cc-9d0b-41b684dd12eb&expires=10&ssp=triplelift&bsw_param=7af3ea63-67de-4d28-9d0b-84f04b46ba31 HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=618de491-0017-44ae-b586-d6dd76374709&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 324
  • https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40%40CRITEO_USERID%40%40%26dongle%3D013b HTTP 302
  • https://eb2.3lift.com/xuid?mid=2711&xuid=f92ff2af-c4f3-4d29-8c69-788240200bd6&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 325
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=9206689877130227959&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 328
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=medianet
Request Chain 329
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3472004916634949000V10%26type%3Drkt%26refUrl%3D%26vid%3D41988944493472004916634949000V10%26axid_e%3D%26ovsid%3D%7Buserid%7D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3472004916634949000V10&type=rkt&refUrl=&vid=41988944493472004916634949000V10&axid_e=&ovsid=1600704161744483559
Request Chain 331
  • https://sync.go.sonobi.com/us?https://contextual.media.net/cksync.php?cs=8&vsid=3472004916634949000V10&type=son&refUrl=&vid=41988944493472004916634949000V10&axid_e=&ovsid=[UID] HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3472004916634949000V10&type=son&refUrl=&vid=41988944493472004916634949000V10&axid_e=&ovsid=0999f6f6-71e8-47bb-8d87-5de7d9f0535c
Request Chain 332
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3472004916634949000V10%26type%3Dopx%26refUrl%3D%26vid%3D41988944493472004916634949000V10%26axid_e%3D%26ovsid%3D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3472004916634949000V10%26type%3Dopx%26refUrl%3D%26vid%3D41988944493472004916634949000V10%26axid_e%3D%26ovsid%3D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3472004916634949000V10&type=opx&refUrl=&vid=41988944493472004916634949000V10&axid_e=&ovsid=444ff40e-fa15-02d1-1485-a2427f771eda
Request Chain 333
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472004916634949000V10%26type%3Dr1%26refUrl%3D%26vid%3D41988944493472004916634949000V10%26axid_e%3D%26ovsid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&zcc=1&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472004916634949000V10%26type%3Dr1%26refUrl%3D%26vid%3D41988944493472004916634949000V10%26axid_e%3D%26ovsid%3D%5BRX_UUID%5D&cb=1704198894551 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=3686212573 HTTP 302
  • https://sync.1rx.io/usersync/turn/4552696001463320161?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-13408c71-979d-4506-9ca8-9f7d48bced75-005?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472004916634949000V10%26type%3Dr1%26refUrl%3D%26vid%3D41988944493472004916634949000V10%26axid_e%3D%26ovsid%3DRX-13408c71-979d-4506-9ca8-9f7d48bced75-005 HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3472004916634949000V10&type=r1&refUrl=&vid=41988944493472004916634949000V10&axid_e=&ovsid=RX-13408c71-979d-4506-9ca8-9f7d48bced75-005
Request Chain 334
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472004916634949000V10%26type%3Ddxu%26refUrl%3D%26vid%3D41988944493472004916634949000V10%26axid_e%3D%26ovsid%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472004916634949000V10%26type%3Ddxu%26refUrl%3D%26vid%3D41988944493472004916634949000V10%26axid_e%3D%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3472004916634949000V10&type=dxu&refUrl=&vid=41988944493472004916634949000V10&axid_e=&ovsid=EZLUh37U1RkDYW5
Request Chain 335
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=f92ff2af-c4f3-4d29-8c69-788240200bd6&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 336
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://server.cpmstar.com/usersync.aspx?bsw_custom_parameter=618de491-0017-44ae-b586-d6dd76374709&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D440%26ssp%3Dmedianet%26user_id%3D%24UID HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=440&ssp=medianet&user_id=Q7HEbcmV3HYhtOdJJ05b0 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=618de491-0017-44ae-b586-d6dd76374709&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 337
  • https://b1sync.zemanta.com/usersync/medianet/?puid=${VSID}&cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__ HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=zem&ovsid=SPy5dD86EshfZHztDSOp
Request Chain 338
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3472004916634949000V10 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3472004916634949000V10 HTTP 302
  • https://contextual.media.net/cksync.php?type=mf&ovsid=b1773a14-06a8-468a-b46a-396139fa559a&cs=1
Request Chain 339
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=af38e5ef-962e-4c54-b33b-218628dd34a2
Request Chain 344
  • https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=85515214621 HTTP 302
  • https://sync2.navdmp.com/sync?prtid=2&id=85515214621&google_gid=CAESEBBcFkijltzDL10FSuDM09g&google_cver=1
Request Chain 345
  • https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D HTTP 302
  • https://sync.navdmp.com/sync?img=1&mdia=49e16594-02ee-4900-bff3-e5b9a3a264b7
Request Chain 346
  • https://cms.analytics.yahoo.com/cms?partner_id=NAVEG HTTP 302
  • https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG
Request Chain 352
  • https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=C0601E02-970D-4920-82C3-AA8D8C480787&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=C0601E02-970D-4920-82C3-AA8D8C480787&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 354
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFaTNFN0xLQVlBQUJPMFkxLXZTUQ&gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Csas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Csas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://sync.technoratimedia.com/services?uid=AAEi3E7LKAYAABO0Y1-vSQ&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpp%252Cpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAEi3E7LKAYAABO0Y1-vSQ&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=5366406421068034784&gdpr=0&gdpr_consent= HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AAEi3E7LKAYAABO0Y1-vSQ&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D5366406421068034784%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=5366406421068034784&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=4&ev=AAEi3E7LKAYAABO0Y1-vSQ&pid=558502&do=add&gdpr=0 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEi3E7LKAYAABO0Y1-vSQ&gdpr=0&gdpr_consent=
Request Chain 355
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=9206689877130227959&gdpr=0&gdpr_consent=
Request Chain 357
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=5510a11c-a96b-11ee-acd8-c5cd5cccdf0b
Request Chain 358
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=8jQhQvQzfU_pNnkXomI1E6I2LhfpNCsUoTFnDt-r
Request Chain 359
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://rtb.adstanding.com/ssp/bidswitch/cookie?bidswitch_ssp_id=pubmatic&bidswitch_custom_parameter=618de491-0017-44ae-b586-d6dd76374709 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=317&user_id=8a0735ab52839512c19c5aa6c9c7c525&expires=30&ssp=pubmatic&bsw_param=618de491-0017-44ae-b586-d6dd76374709 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=618de491-0017-44ae-b586-d6dd76374709&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 360
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=HLiTh2iyUpl_l7NZChyoE2AJ-S0&gdpr=0&gdpr_consent=
Request Chain 361
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:EZLUh37U1RkDYW5&gdpr=0&gdpr_consent=
Request Chain 362
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1600704161744483559
Request Chain 363
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=43f46dcd-38cc-4113-acb4-64ec0faec9ef&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID} HTTP 302
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=C0601E02-970D-4920-82C3-AA8D8C480787
Request Chain 365
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 366
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU175dd950f095451fad05ca720b810bdc
Request Chain 367
  • https://ums.acuityplatform.com/tum?umid=6 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=871892442096
Request Chain 368
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 370
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=wGAeApcNSSCCw6qNjEgHhw%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 371
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=C0601E02-970D-4920-82C3-AA8D8C480787 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=C0601E02-970D-4920-82C3-AA8D8C480787 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=d3df6546-ef2d-43dc-b804-20c211c5a134%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=af38e5ef-962e-4c54-b33b-218628dd34a2&ttd_puid=d3df6546-ef2d-43dc-b804-20c211c5a134%2C%2C
Request Chain 374
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzA2MDFFMDItOTcwRC00OTIwLTgyQzMtQUE4RDhDNDgwNzg3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 375
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAEMl33ySKEPRqrB3Vvj8DA&google_cver=1
Request Chain 376
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:9D8A318B020A4D588B4CC29AC1211ACB
Request Chain 377
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=af38e5ef-962e-4c54-b33b-218628dd34a2&gdpr=0&gdpr_consent=
Request Chain 379
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=C0601E02-970D-4920-82C3-AA8D8C480787&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-huxRaL9E2uXaUbS02EfcRO5jaDlPPnU-~A&gdpr=0
Request Chain 380
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=3b668e52-a230-4448-b403-896f63457504&gdpr=0&gdpr_consent=
Request Chain 381
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=C0601E02-970D-4920-82C3-AA8D8C480787&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=44c634b3d6a610ff&is_secure=true&networkId=17100&version=1&nuid=C0601E02-970D-4920-82C3-AA8D8C480787&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAFzWpyI2y9KQNKvVHvAAAAAAA&expiration=1704285294&nuid=C0601E02-970D-4920-82C3-AA8D8C480787&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 382
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R35CA5_10EA86277_176F8DB3&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
  • https://pmp.mxptint.net/sn.ashx?ak=1
Request Chain 384
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8011460515283861089&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 385
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=f785e243-effd-4840-b131-239d9e1a979e-659402ee-5553&gdpr=0&gdpr_consent=
Request Chain 386
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8447736855382576817
Request Chain 387
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=LQWC0MKO-1M-GO5E HTTP 302
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=LQWC0MKO-1M-GO5E
Request Chain 388
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFFXQzBNS08tMU0tR081RQ== HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMTJuohpAmyyGK9JPa6J8QA&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFXQzBNS08tMU0tR081RQ==&google_push=
Request Chain 390
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQWC0MKO-1M-GO5E
Request Chain 391
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=WAJNDFX9SWu-Q3EtjqZAvQ&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=WAJNDFX9SWu-Q3EtjqZAvQ
Request Chain 392
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OGZmNmRkNDc4OTQzOWM5N2U4ZGFiMjQ5ODM0YTRmYTNkNzFkYzJjYg
Request Chain 393
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/1b4GQTx4ypA1YAHqK0pwEMn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-z2WxDLlE2oImvcwwvcMxGpieW0AmWmoLtmrIdg--~A
Request Chain 394
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJwCXqxvtIxALyMob-EDdUg&google_cver=1
Request Chain 395
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=af38e5ef-962e-4c54-b33b-218628dd34a2&gdpr=0&gdpr_consent=&expires=30
Request Chain 396
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LQWC0MKO-1M-GO5E&ex=d-rubiconproject.com&status=ok
Request Chain 397
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp HTTP 303
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1 HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAJjgE7LKAYAABZ4CoiZHA&expires=30
Request Chain 398
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LQWC0MKO-1M-GO5E HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQWC0MKO-1M-GO5E HTTP 302
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQWC0MKO-1M-GO5E&ckls=true&ci=jZUYgnnJwV&nc=false&trid=117024541
Request Chain 399
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564 HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LQWC0MKO-1M-GO5E&pId=11&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LQWC0MKO-1M-GO5E&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
Request Chain 400
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LQWC0MKO-1M-GO5E&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LQWC0MKO-1M-GO5E&redir=true HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1KdmVDUGtwRTJ1SFlrSmRhVDk2ZTNab2JTWGNSU3phbX5B&ovsid=LQWC0MKO-1M-GO5E&dpid=58160
Request Chain 401
  • https://token.rubiconproject.com/token?pid=37556&a=1 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LQWC0MKO-1M-GO5E
Request Chain 402
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LQWC0MKO-1M-GO5E
Request Chain 403
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQWC0MKO-1M-GO5E
Request Chain 404
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LQWC0MKO-1M-GO5E HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LQWC0MKO-1M-GO5E&dnr=1
Request Chain 405
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LQWC0MKO-1M-GO5E
Request Chain 406
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=3b668e52-a230-4448-b403-896f63457504&expires=30
Request Chain 407
  • https://dis.criteo.com/dis/usersync.aspx?r=6&p=70&cp=Rubicon&cu=1&url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D6434%26nid%3D2149%26put%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=f92ff2af-c4f3-4d29-8c69-788240200bd6
Request Chain 408
  • https://bttrack.com/pixel/cookiesync?source=c91bfcce-bb43-46f7-b14e-567c0a4332b3 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=71772&nid=3664&put=adb608ad-90bf-4c4a-9a69-3f142606034d
Request Chain 409
  • https://pixel.rubiconproject.com/exchange/sync.php?p=seedtag HTTP 302
  • https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LQWC0MKO-1M-GO5E
Request Chain 410
  • https://c1.adform.net/serving/cookie/match?party=1164 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=8447736855382576817
Request Chain 411
  • https://sync.srv.stackadapt.com/sync?nid=14 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=HLiTh2iyUpl_l7NZChyoE2AJ-S0
Request Chain 412
  • https://ad.turn.com/r/cs?pid=6 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=8011460515283861089&expires=60&gdpr=&gdpr_consent=
Request Chain 413
  • https://secure.adnxs.com/getuidnb?https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4894%26nid%3D1986%26put%3D$UID%26expires%3D30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=9206689877130227959&expires=30
Request Chain 414
  • https://sync.1rx.io/usersync2/rubicon HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2959439599 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/af38e5ef-962e-4c54-b33b-218628dd34a2 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-13408c71-979d-4506-9ca8-9f7d48bced75-005?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D186028%26nid%3D4112%26put%3DRX-13408c71-979d-4506-9ca8-9f7d48bced75-005%26expires%3D30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-13408c71-979d-4506-9ca8-9f7d48bced75-005&expires=30
Request Chain 415
  • https://id.rlcdn.com/709414.gif HTTP 307
  • https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
Request Chain 416
  • https://pixel.rubiconproject.com/exchange/sync.php?p=outbrain HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=rubicon&uid=LQWC0MKO-1M-GO5E&obUid=&initiator=
Request Chain 417
  • https://pixel.rubiconproject.com/exchange/sync.php?p=17404 HTTP 302
  • https://exchange.mediavine.com/usersync/redirect?partner=rubicon&partnerId=LQWC0MKO-1M-GO5E
Request Chain 418
  • https://pixel.rubiconproject.com/exchange/sync.php?p=minute_media HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21479&id=LQWC0MKO-1M-GO5E
Request Chain 419
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adyoulike HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LQWC0MKO-1M-GO5E&name=RUBICON

416 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
app.bigonline.top.enquetebbb.com.br/ 		88 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.225.224.10 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host04.mezzor.com.br
Software
Apache /
Resource Hash
09650e7165d64938499c63260d5283cbad459ba397b12903ac92d6c50024270f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-length
11976
content-type
text/html; charset=UTF-8
date
Tue, 02 Jan 2024 12:34:47 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
Apache
vary
Accept-Encoding,User-Agent
x-content-type-options
nosniff
x-ua-compatible
IE=edge
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6330018069195839
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a237a7064de02f7d64ad4f4ac1d125165e78daf38020ef59ad5a709de88b6f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://app.bigonline.top.enquetebbb.com.br/
Origin
https://app.bigonline.top.enquetebbb.com.br
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 12:34:47 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51301
x-xss-protection
0
server
cafe
etag
4248364682256556228
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 02 Jan 2024 12:34:47 GMT
js
www.googletagmanager.com/gtag/ 		186 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-112625574-1
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
59f0d5bf476a8ad14331f54b39a23a0fa01f4c7da761378b81936da655558540
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 12:34:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68968
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 02 Jan 2024 12:34:47 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		90 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966406239f00931b32d3e676cdb6dca6f991faad0c6a33d679fcc9dee2f5d3e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 12:34:47 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29193
x-xss-protection
0
server
cafe
etag
481 / 19724 / m202312060101 / config-hash: 12947993814115561758
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 02 Jan 2024 12:34:47 GMT
bootstrap.min.css
cdn6.votarenquete.com.br/css/ 		119 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn6.votarenquete.com.br/css/bootstrap.min.css
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
d9a2b1472c2611f0f39e2965d7faee82d99717c347f5c7e52aa9c5f27e0174d6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 03:18:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P4
age
7636597
x-cache
Hit from cloudfront
content-length
20131
last-modified
Tue, 26 Feb 2019 14:58:52 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pc0wHWBTe7Ua%2FqXN7Fr6YqZ%2Fa8YFocxttPE5mE6QbswL2%2FlXsE5L3%2FGJBa2XzlESgqWc4AWQKEy7eubWL%2FHcfHVHUtD537wFkoJFKvwjB%2FybFl2%2FeLrveE4C79BAMpHqMsIavyQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
811ac172ba543944-IAD
x-amz-cf-id
1VAQ1Z92OHk7X5BJ8k-dRoPod542dOksOfPmESzNpMQs7oEfNQQdmw==
expires
Sat, 05 Oct 2024 03:18:11 GMT
font-awesome.min.css
cdn6.votarenquete.com.br/css/ 		27 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn6.votarenquete.com.br/css/font-awesome.min.css
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 03:38:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P4
age
4870564
x-cache
Hit from cloudfront
content-length
6243
last-modified
Tue, 26 Feb 2019 14:58:52 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dz1wVYSKgKo5FKXlk%2FM%2BbCs2%2Flcr7Kgk2abHp%2F0zcmMpAcHRF0YfKUhKjXutMHnaqd2TS1epyeBELhyCQvZvMDEE4Cj3ToFVm4pVhZ2gBNJlDZlpD422znpU8dVuZBSsX2F03vA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
82228b8cadf982ab-IAD
x-amz-cf-id
6Z-N2oZaWj7Xac6P-mlWgcX8FLccM4lkqVrNzIxjcp969eMuk-9nWQ==
expires
Wed, 06 Nov 2024 03:38:44 GMT
swiper.min.css
cdn6.votarenquete.com.br/vendors/swipper/ 		17 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn6.votarenquete.com.br/vendors/swipper/swiper.min.css
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
47b0e7129add982c0e394f0dfa8d9621e6c9e4126859b26e1ad25c18def0d812
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 03:18:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P4
age
7636597
x-cache
Hit from cloudfront
content-length
2868
last-modified
Tue, 26 Feb 2019 15:23:40 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DX0U%2FubiazrwFe102kZc7fCxSXTtrjfuMVFoJPKylcPsstqWpxold%2BRvnjb5Vf4amXBuTPdjd6LsfUvUFSY1Ctaf0HEUc5sGpfconC4r%2B7iHQjwPoO31tq0fMIuwdD6ykkgK8bw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
811ac172ea966fb0-IAD
x-amz-cf-id
NZLyH0cP_si5eUG5lCps3s4bLNhKnjUwtjCh6b195jj2lTmY5x7T-Q==
expires
Sat, 05 Oct 2024 03:18:11 GMT
linearicons.css
cdn6.votarenquete.com.br/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn6.votarenquete.com.br/css/linearicons.css
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
d0c2360a26fd57ed8e7537ec6a2cb580ddc4701192d80a772420f12014f6f178
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 03:38:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P4
age
4870564
x-cache
Hit from cloudfront
content-length
1623
last-modified
Tue, 26 Feb 2019 14:58:52 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nfJRv6dmZdcxLVwCxEGAsSfHYEyUezUtZt6th9otJWOgmPIhO93ZQMqsSQu%2BACt3Kh2oRj3iitPbJcJPpXNFipvEJwWjnh6a1k%2FEXfTJB8S54zNZF4PR%2FiOY4r91wTrU7kk3hPg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
82228b8c8f77f88d-IAD
x-amz-cf-id
hGxQ2icTwcRjHK_pPyP3eue9Toc0V1y_cdoC1zYuil71kdBYlBT77w==
expires
Wed, 06 Nov 2024 03:38:44 GMT
owl.carousel.min.css
cdn6.votarenquete.com.br/vendors/owl-carousel/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn6.votarenquete.com.br/vendors/owl-carousel/owl.carousel.min.css
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
c5987c529814bca758deb15c889113e35e87d0fc6fe4788202c326da2dc3559c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 00:36:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P4
age
5054311
x-cache
Hit from cloudfront
content-length
953
last-modified
Tue, 26 Feb 2019 15:23:40 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WAw2yYUAPvZ7jx971sVO7IqF0A7Tpt%2BPour5ech64LQxjRn8GZRTZ4QHbehSIGcVfYXhjUqbyqb1WWrR8953VJrA2K8QyPBRKLmDMRtOWueUM9QT81KybLTebhVeLp95FqVj4Kg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
821105881bef2d18-IAD
x-amz-cf-id
_Z2XBz6PGWgpFvm9HNd59U7HKQoUzcCCexTBcFic0ZQmjPAWryz40g==
expires
Mon, 04 Nov 2024 00:36:17 GMT
style.css
cdn6.votarenquete.com.br/css/ 		88 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn6.votarenquete.com.br/css/style.css
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
a31579de079ace0a7e4bec7f0c489c4a4ddc7e8afc2b9828bbb6896d455e6676
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 15:16:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P4
age
4828672
x-cache
Hit from cloudfront
content-length
13850
last-modified
Tue, 26 Feb 2019 14:58:52 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WneTfpnUQ5FFNX1gbq5gayKL5GjyfiYBh2qhYLLuYcsrHyAuGbQnmHW1%2F6MtjGZFp%2BSoNSWn3ih1FEChwBfRLWdN%2Bk4ltjZBpbOA7%2FABuA%2Fi%2F6WjHb7fOlX0%2Fwt%2Fr70dm%2BZzPg8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
82268a4bdf8020cc-IAD
x-amz-cf-id
EbBiKP1yCUCIUmVEp4PwthtsVREiQtT0xiC0tYxEjV-F2wuSN6mYHA==
expires
Wed, 06 Nov 2024 15:16:56 GMT
responsive.css
cdn6.votarenquete.com.br/css/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn6.votarenquete.com.br/css/responsive.css
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
fc6f580810c33b1b5df1510b9d222429adb6d1f2ac5bf810a4c6ed7ead3cf061
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 28 Oct 2023 18:05:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P4
age
5682540
x-cache
Hit from cloudfront
content-length
2701
last-modified
Tue, 26 Feb 2019 14:58:52 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eMQnw1fZvcNjwEAD6uzCzfHDxuWwNme%2BFqGcVKnFXYjVqdNyzqwnoEnfN0eDvs7hbmHpc5K6jf4TvX0C2AqvpAsRXlAwjSi29P6orWES3l3KAGsFQcaKNgC2YHvA9d3gMxmDl5E%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
81d51be76b143967-IAD
x-amz-cf-id
13oF6_VDE4Vu46pqZaLBp2VYmecYwroAqHSeIZOm9bBOPKTtVvPOeA==
expires
Sun, 27 Oct 2024 18:05:48 GMT
smart-app-banner.css
cdn6.votarenquete.com.br/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn6.votarenquete.com.br/css/smart-app-banner.css
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
c979be3ca2ea19a41e656e1372c36f4677da11ace44f40c27c2c48bfe5a33cca
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 03:18:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P4
age
7636597
x-cache
Hit from cloudfront
content-length
1297
last-modified
Tue, 26 Feb 2019 14:58:52 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fSNmwu%2FNYRpyOvldNND3pscAU8aeNZ0XfKan7XydvR%2BpuAZRW6fnZy1Wz%2B5vmOiAonCBOmvVvY78z%2BjzyFiglC5Zh3qoXm7QTBb91jS4yFre59cuaeH6NU7bel3i6WF3tpt02tc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
811ac172cd8a1ffd-IAD
x-amz-cf-id
XXQc0dmUVBLmARxKoOpFALr2RjnTtBR9fNvQcCaIOZBz9_k9luClqA==
expires
Sat, 05 Oct 2024 03:18:11 GMT
config.css
cdn6.votarenquete.com.br/css/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn6.votarenquete.com.br/css/config.css?v=5
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
d40285f61cf97c481d61f0ccbe1ae23b47ef63cca6822d90eb37f4922cd56f81
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 06:24:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P4
age
4255812
x-cache
Hit from cloudfront
content-length
2795
last-modified
Tue, 26 Feb 2019 14:58:52 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q%2FgHuMMOiX0D283K2pHKwtf3YgdZM4oQ43NjKaSz%2BY4e1C4bjz2HK7Naqd4YwfK9WHsfrrOsRgjjArYkX3bsaXv7vOIp9VfqoDhSnjtEgiL9B5xx9iYmS4xzLpdjVfECjTT%2BKyM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
825d2c222ad45a2e-IAD
x-amz-cf-id
NVZ9txHxtMg8qiBnx9JSSdVSeAZlF41xSc0Es9KJA-qJCcJJ_wrXaw==
expires
Wed, 13 Nov 2024 06:24:36 GMT
jquery-3.2.1.min.js
cdn6.votarenquete.com.br/js/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn6.votarenquete.com.br/js/jquery-3.2.1.min.js
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 15:16:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P4
age
4828672
x-cache
Hit from cloudfront
content-length
30138
last-modified
Tue, 26 Feb 2019 14:59:22 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D5lkonuIdMMa1JNHlLzjyqUMoMpRcRJDJpfQdy3NH3Yce1JgLDztIZ5X8e6dCAUMVifA4B38caC90xbwTDM3yBBc%2F2hKrjaConNUBJ00q7kmM0%2B4DhJsmNeN38Q5RmD6eWgYxXs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
82268a4c6869094d-IAD
x-amz-cf-id
pxEvGCbB6CZuEG8Kxv3zBWoGy6R6ddiqYNXwHj3VY15ZoEsxfzqAVg==
expires
Wed, 06 Nov 2024 15:16:56 GMT
new-logo4.png
cdn6.votarenquete.com.br/image/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image/new-logo4.png
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
fda9ef9d3fda898fc315283504eb0aeb8ada64df1bda7e2e11165f28f59c1fb6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 03:35:33 GMT
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK52-P4
age
4733367
x-cache
Hit from cloudfront
content-length
3613
last-modified
Wed, 27 Feb 2019 02:22:58 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HjNNtlrXFYY1D0CMr2pBXd5u7X1W%2BnIOPO3OOpkSgsxyk4wRO%2BW7roZDdnajmYCMZ6obMbwOrPzOhK%2FSObZU5WS8OmKVyXF67Ru3yT6AMBSFqicNMFoJ7IuLiR4ofZX5uelxmyE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
823301a2db3405fb-IAD
x-amz-cf-id
oJE9JEjPc7uUDxWoNKtsGzGMnflpbSGXMGo8a-QVaalRJ5QRhQa0Tw==
expires
Fri, 08 Dec 2023 17:45:21 GMT
new-logo2.png
cdn6.votarenquete.com.br/image/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image/new-logo2.png
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
e714c04bd8303c2cb34fb0e9004d63bb2b3def0e8d69995808b7043dcd5792ed
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 21:52:42 GMT
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK52-P4
age
4718526
x-cache
Hit from cloudfront
content-length
6370
last-modified
Wed, 27 Feb 2019 02:22:58 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ciV8lsGhNGwtGGXiy0fNKUAQ3MmbrrixlIwh6O%2BLvWqqqi1z3QfIDqXE9vxNFqXJg%2BUJbKFL3WW%2F7SvXEuOjG8W0U9%2BA%2FoZSB59hxIhgoVib%2FW0U2xRnBPwhZa94aS0x3Nkheco%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
82310b699de86ff7-IAD
x-amz-cf-id
IPMdWCZSsKRFqmODcHRDyQI-HiunZfW_O-s8Duwunc8_ng2xZb0-2Q==
expires
Fri, 08 Dec 2023 21:52:42 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=300&h=343&q=1&src=image/participantes/alicia-x-paiol-a-fazenda-15-P.jpg
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
66459edfc739be4f517ce02992bde40cdc3fa3e93a5496d36c12a128c4e76e1c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 03:35:02 GMT
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK52-P4
age
982786
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Fri, 22 Dec 2023 03:35:02 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GWXkmM8qZ2PxgZbk5IBuQPR4kfNTyCb0fWMHRkjizawlcLUxD7C4RiVGrbyfgWjxMOWHZOiNmZ7AI%2BLbbSf4P4vBOOSMOZw42tTo7TMx9PfRqbsh0URyfriw75t%2B%2FRyjHp%2FO9qM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
83954fff2d4a28a8-IAD
x-amz-cf-id
UMyqAQDQjamDaOWKPg1f2vhxP35nbMwKrEHsd0wpcoHci2uSRh9dJQ==
expires
Mon, 01 Jan 2024 03:35:02 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=300&h=343&q=1&src=image/participantes/andre-goncalves-a-fazenda-15-P.jpg
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
32b0d2b1ef56d48131221c07e77ee1f9b15708a7e5c4f2c610114d51bca8c42f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 11:18:56 GMT
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK52-P4
age
5879752
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Thu, 26 Oct 2023 11:18:56 GMT
server
cloudflare
cf-railgun
direct (waiting for pending WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HSKTeXpBFTv6Ap6l1x23hNwSMyFepRdI%2FhTmxIDFD3EzRrDXVXqeUI25IBtEMIyEw7y4d7Hw%2BDKgsDVZ8xlsvOHxWt10fn3IyccK5um1Jz24DjkrDek3fp2ieCokMi5u6enInLE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
81c24d2b5bae581e-IAD
x-amz-cf-id
5TfTudLYQSot8SKLH4UQj8bL7Y7r5QbJgcy98FafMNUztw01ymHMFQ==
expires
Sun, 05 Nov 2023 11:18:56 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=300&h=343&q=1&src=image/participantes/cariucha-a-fazenda-15-P.jpg
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
aaf10a29a6e9369fd99a81c3ff0bb8de76316a621a659bade750eb27a980d33e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 03:35:02 GMT
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK52-P4
age
982786
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Fri, 22 Dec 2023 03:35:02 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2BFQKXTWrjbiWtivzfUeqoFtG6LVpEV%2Bk2v04v9tmaYV1sW1qYPHV7oxxdprrEO6u7xMlmTySZMLh2UQkC%2Fy72r1ofUgmDJZxrDE%2FPX71knmE7MVPX86Vv73vigxPvChfx0F0rk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
83954ffeddfc1fe0-IAD
x-amz-cf-id
4Tfy9xpV7kKyWK3_GemHsDIGFMEqH1I-F8x73H3Mg3qnyl-Yf9YVkg==
expires
Mon, 01 Jan 2024 03:35:02 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=300&h=343&q=1&src=image/participantes/cezar-black-paiol-a-fazenda-15-P.jpg
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
2e1808ad68a7f5f4999f152886b4963a9e640f59392f73360af73860cc6a71bf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 03:35:02 GMT
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK52-P4
age
982786
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Fri, 22 Dec 2023 03:35:02 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i4xjnI3%2Frw4sHdiNRnpAaCX2cFn%2F9H%2BvgNR1Ib8Un%2FeaaTJHgJtJYOiJ9YLON9gTW7rn6P5IgURtO%2BmtHdwGlNJvlf8cc6C6HTlH5BY0Fprf6cmXhqLvVe0BZMbcYNsfBQvsxKI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
83954ffe691a3974-IAD
x-amz-cf-id
Wo4RrTZ35MgVQ6a6HvI14taJ_pGKHf207uNTIefDwLZLGhYzHueqVQ==
expires
Mon, 01 Jan 2024 03:35:02 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=300&h=343&q=1&src=image/participantes/darlan-cunha-a-fazenda-15-P.jpg
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
4f4149b0e07b9b44d0160db3863ddf0a1e998b7f7d581975d836436b4b4eca49
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 03:36:07 GMT
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK52-P4
age
982721
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Fri, 22 Dec 2023 03:36:07 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CUnL7x9oheYc0ooPgTqByF1y76TWxtMnDvZ6%2BXHgNIsbcsQP8YYjdFN5BzEOUJt%2BkFt39IJGaSs0cj%2BLBbAJs%2Fib%2BPrMler4oUVL0XT8xCtJPJBXIqfvzBvcPsaunykG2p4ZHR4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
839551978aa607cc-IAD
x-amz-cf-id
VMcjx38kHzeNQMvSOw_mCzKYNb8aFT-miQhbsueqHKGLp5OR4rgZrg==
expires
Mon, 01 Jan 2024 03:36:07 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=300&h=343&q=1&src=image/participantes/henrique-martins-a-fazenda-15-P.jpg
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
5f15ce32c4d4615fd46480fa919b2bdd7ccfeeb07ddfa43a2bd61c2b1b5483fa
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 03:35:02 GMT
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK52-P4
age
982786
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Fri, 22 Dec 2023 03:35:02 GMT
server
cloudflare
cf-railgun
direct (waiting for pending WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aMT5iCBh2P6clD7BbD3kYGwZzK8ISYAfVwF7NjtXZACGMBD7hoauKpKKtzxS1v%2F%2BeBC2ARHR5D3momwk6aKoaqGzFWnd%2BrHwhPKgCMq3DWPjnn%2BxNr05QL5AsKq3rpGPVRNMA0Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
83954ffdfe1a9c7c-IAD
x-amz-cf-id
tloUNg8Q-sO9wu3SQVmQDbPTSJ28Klm6cNuZVd9MqwQ0hRmlUDNDGQ==
expires
Mon, 01 Jan 2024 03:35:02 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=300&h=343&q=1&src=image/participantes/jaquelline-grohalski-a-fazenda-15-P.jpg
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
a70770556b3feb3c4a79ddfbb99768e58a262e5a2c744e922d65fc4612a04e61
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 11:18:56 GMT
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK52-P4
age
5879752
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Thu, 26 Oct 2023 11:18:56 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yJKpZX7%2FDsEjyRjRdH5atN%2FPFRSJ1shTaBj1kPGNC9J0KaL3t17cu5j%2FQ%2FF%2ByMLxyQMzFgQeDQZzID8iSJKVpPeMW7x%2BkRbg6%2BV85b7RvERf3vHCtFk3iO4aEWt2dM706umCjxE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
81c24d2b5f982d20-IAD
x-amz-cf-id
PLnOdbxA17rwH-9HWs7Yz6NOXZztuCmi7K-RitO2chaGrsobqyrOCA==
expires
Sun, 05 Nov 2023 11:18:56 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=300&h=343&q=1&src=image/participantes/jenny-miranda-a-fazenda-15-P.jpg
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
fe19a0337cbb7bd0b7a2bbc41cae76c2df3b9b1e8942589b6652bdbc3ff12db0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 03:35:02 GMT
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK52-P4
age
982786
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Fri, 22 Dec 2023 03:35:02 GMT
server
cloudflare
cf-railgun
direct (waiting for pending WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HAqTTzttxaUp4bBONUNjOLd3QUIlelsrIirbMRxl%2B1z3ik1tTaZuyrM8qMHnWAOVOUON7v0brdhTMDWfTf9IDpmBX3PIZLQ6Y5zyCK6iewZU2dWbOyyT3MYlscp%2BjkrUx0PvoYM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
83954ffe4c0a28a8-IAD
x-amz-cf-id
O4SLb7t1f1yv-aVsaLgljMrvxJOJ5Cy_ZVeVSOv1QrNGQGJtfkj7Ug==
expires
Mon, 01 Jan 2024 03:35:02 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=300&h=343&q=1&src=image/participantes/kally-fonseca-a-fazenda-15-P.jpg
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
9963f6e3cc68a9488f258ee3814be17f6e48d37176ee74cb864a554eaa0abecb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 19:53:24 GMT
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK52-P4
age
232884
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Sat, 30 Dec 2023 19:53:24 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AWq0KL61EVyHW%2ByFj5331TFBftdK0bw8v5mvaaLec86MjA%2Bdh023fx%2Fas05wjkkEXfy%2FU%2FvNBW6m9dlOhthb%2FWbN%2B1IskDMl8v0ooc2MlgtwsnknKPO79ipzW89OszPr0r0tMkI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
83dcd428cddb59c2-IAD
x-amz-cf-id
XDjpqqEPij9TOfqNo9eLUoI4HjTmDrmC5UcBuOmE0WYxqRz7jDJNeQ==
expires
Tue, 09 Jan 2024 19:53:24 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=300&h=343&q=1&src=image/participantes/kamila-simioni-a-fazenda-15-P.jpg
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
5abe8d796c549abaa421b31ab43cd327c756bab9695e8bbce0f31e56eaade7a8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 03:35:02 GMT
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK52-P4
age
982786
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Fri, 22 Dec 2023 03:35:02 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9CZ1yl8Iv%2F9GzrwLUbjKVdcMvyBYqPyihFsoY2qF4B642PZVQGCm1LpTmklmnOusHoQ5leOSuh1bhBazqPwthtG4zrRcS5lTn2iQqACJqUJVPPJW%2BiGjoBauIWN0Mp9rk1OPrho%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
83954ffe69d09c3c-IAD
x-amz-cf-id
Qa_LsWtwbcCioiIySch6EayUKI6OGv08JHk6tlMDI4JcMHXT7inmJA==
expires
Mon, 01 Jan 2024 03:35:02 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=300&h=343&q=1&src=image/participantes/lily-nobre-a-fazenda-15-P.jpg
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
003413439cb5fa037d219b2635432a0488e406bd27a20ffc71543973b22ca10c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 18:01:43 GMT
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK52-P4
age
239585
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Sat, 30 Dec 2023 18:01:43 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C3nUx4ai%2Fg3QG%2B%2FZQ9WllDMNazUh%2B%2FzNHvrmio6dgudfJPjLGepsRHkx2A%2BisfcSjWkzW1DCGFoAG1dCkrDGgdZTLzTsbb9SChq2h2QfGoikP5BtM0nRLBngvT2l0RII1%2B34hlE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
83dc30905a6a062f-IAD
x-amz-cf-id
pVXGywkWyUOs6QXlggclJ_wbBIwf3rNMDhLiroxU8b0ag0YJn_yU2w==
expires
Tue, 09 Jan 2024 18:01:43 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=300&h=343&q=1&src=image/participantes/lucas-souza-a-fazenda-15-P.jpg
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
a3cf2d367d36c4f207c93ef1207dd71b196fbffb8f50b78b47bae495ee266ba7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 03:35:02 GMT
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK52-P4
age
982786
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Fri, 22 Dec 2023 03:35:02 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hOYLo1wvpZ04j9EH8qzfEPpp3BwXTGEkWmcFXPQzxIxs31BdGivaVRNQCnJgI%2Bk3KsKXhknQ9yKxF3AAdR%2FYu1Phl6RDVBWyxld6aRjAPGjwTVoBCdKNQaP8IG06vC8dx%2FKL0ec%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
83954ffe6949084e-IAD
x-amz-cf-id
uU2Glt3QofliLmibO9Ae-9Nm9WIEN_8ZyNBAjso4W1Z6iDvYSI5_hA==
expires
Mon, 01 Jan 2024 03:35:02 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=300&h=343&q=1&src=image/participantes/marcia-fu-a-fazenda-15-P.jpg
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
8df2c7fec3541500a38d4273e9ea7495225fe2ab86431503df5d866f351f4ca4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 00:35:27 GMT
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK52-P4
age
2203161
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Fri, 08 Dec 2023 00:35:27 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h9ZfUxOczeqJ625ZvXvuW5CMP1IyESiiqayxXSM%2BpmiC%2FeBgo2ajZqop6KltZmHzvd0vnQmbZpltxNDEhYxeFKU6gRPRaicw4SQw7jIs%2Blf82NlMAc%2BPKEl2su37FqODc%2F4o%2FL4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
8320edb22f1a5a1b-IAD
x-amz-cf-id
yZdgwaNqLy7Z_Qn-yH57Ef_vBo7GR_ZEwvwJhT9S2Kikomd0Z9A7wQ==
expires
Mon, 18 Dec 2023 00:35:27 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=300&h=343&q=1&src=image/participantes/nadja-pessoa-paiol-a-fazenda-15-P.jpg
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
7713dffabca932ae870e1aad59653270cdfd64f186851dcc0e89774b76ee6ce7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 16:55:07 GMT
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK52-P4
age
1625981
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Thu, 14 Dec 2023 16:55:07 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=48afq3b%2BuldV682qyTBi%2BNukMS8SrPb5hVXdV6F1aCH%2Bbz%2BSFtegLY6ptqZlQcGG9qjSSXlr76pmmj3t2aIuA83K5%2F2rhLNJicIbH41IyUshW2twD5U5EBIiHW0Hcvn9OygM9kw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
8357f9025b4a0612-IAD
x-amz-cf-id
GIvWgxvSWXg2hr3RQCT3BYqbPOwWWqRD7RD7vrnhdh-rs22dFeLqBw==
expires
Sun, 24 Dec 2023 16:55:07 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=300&h=343&q=1&src=image/participantes/nathalia-valente-a-fazenda-15-P.jpg
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
847b69fb54fbe7de0bf6efb3af9d1f458d8632ca866588c4d93e640e115efec2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 03:36:07 GMT
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK52-P4
age
982721
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Fri, 22 Dec 2023 03:36:07 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4nnKzEzblEj%2Faiy4O37p1aGeWouFMsTEJ%2BjS9h7oIjps3UGY1fIZ%2Fh8KzT8wHEBnsFsBideOwQi%2BwBmpMA8BW8xaR6mtpbAjubk7DdHFjtz5sOXVR%2Fu73ltqyrSvnLj%2BKdJpQMY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
839551982ddf57f7-IAD
x-amz-cf-id
PsaBO8W4_ny-z8EVfMpGWfMop21t9Jp65Y0aLGrSYiKMvoLNRwDyIA==
expires
Mon, 01 Jan 2024 03:36:07 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=300&h=343&q=1&src=image/participantes/rachel-sheherazade-a-fazenda-15-P.jpg
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
b4a6f10015f3f06e90821d3cb9d527a67c51341f52b029cfb034a00d27d2aa32
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 03:35:02 GMT
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK52-P4
age
982786
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Fri, 22 Dec 2023 03:35:02 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oHmOfTTIV8uIMqEsrjatBtFFwlxjXUBBUK%2FaMwazQOlEZSvVAd%2BYtjyBamj1O8iySDflI0ZAfyFMiL1eCHB6VGkUe5qZTipfVOiDcPMXJ0OCUM3JR1mlfoSfeLzhbVq%2FJ1wMBuk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
83954ffe7c6a57ae-IAD
x-amz-cf-id
uKyl0m87ALKR7agI7abRP4fBUJbUmWDxnf3FqFMq_lTSH9hZZKYvrg==
expires
Mon, 01 Jan 2024 03:35:02 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=300&h=343&q=1&src=image/participantes/radames-martins-a-fazenda-15-P.jpg
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
ed721a3c888082587ba404d93a3b7ef77547c78b1e87b8410bbd8d9576fc1505
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 03:35:02 GMT
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK52-P4
age
982786
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Fri, 22 Dec 2023 03:35:02 GMT
server
cloudflare
cf-railgun
direct (waiting for pending WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jM85DeUFmJ0lRbrG8PulPdHORL%2Bg%2FLE%2FCb4%2BybwZF2Yt%2BUl%2BaYfRJPXzyxtcwhYkOewBd3QdUgd6JbtyOWZ6O8v3G3zLKvJ3qqsBJ7577ZjLUWoaCFzeinPYTzAn3mWHRm9netM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
83954ffe7fd80947-IAD
x-amz-cf-id
WMgFlfH-6OiW10st10B9rgvKls_oPooo25tIyYyX7A4JYnxquNSXAQ==
expires
Mon, 01 Jan 2024 03:35:02 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=300&h=343&q=1&src=image/participantes/sander-mecca-a-fazenda-15-P.jpg
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
42df22c7b1ffc073e52506eeaa1c4e96a1d2530a90dc6aec4737c24a4cfd6498
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 03:35:02 GMT
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK52-P4
age
982786
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Fri, 22 Dec 2023 03:35:02 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U3OM4J%2FYW4eJLtfDRlCYsM%2Biifplm0eFKfAXVyIIsrzoDvUgRBNmA2MUZCawsMXIsNp4t%2FEPmHxMC78rvCCtqDk9jm4OYHTGM%2BW7p48dWpjxxSj%2BJEP0MrOUzIsGGT2V%2By%2Bv8NQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
83954ffe899b5985-IAD
x-amz-cf-id
mcu59NnNvb161c-CMzMe_r3TMOve86MijkqwJ3P0oDzUgc7HM9_-Nw==
expires
Mon, 01 Jan 2024 03:35:02 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=300&h=343&q=1&src=image/participantes/shayan-paiol-a-fazenda-15-P.jpg
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
01f0ead0b5f2aba10c679daeed7f18e6070d8cfaa8255423c9da22a893285e1d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 06:03:32 GMT
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK52-P4
age
973876
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Fri, 22 Dec 2023 06:03:32 GMT
server
cloudflare
cf-railgun
direct (waiting for pending WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KGbMf0zStVNpSxwXE%2F7N1IS0sw1C1zPILJAddiN9XiBMIEOIldocHOewXFOosL4AM4x4vbzst3yjVWfDlUOXaJhCnVcZHlQWPcYGimG%2Fg01YddZmKeCsYSRrucvCsT1LYHm7eeU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
83962988dec628a2-IAD
x-amz-cf-id
DfXxbkYAe5oQ2cNqk0WoUKUQ78hJeiMYyKBN0R2a1CxzPPaMX6HyeA==
expires
Mon, 01 Jan 2024 06:03:32 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=300&h=343&q=1&src=image/participantes/tonzao-chagas-a-fazenda-15-P.jpg
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
ff1f876993a9e941440a6173852028b3432f19be1df5a2ebdbd7d6131a8b1604
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 26 Oct 2023 11:18:57 GMT
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK52-P4
age
5879751
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Thu, 26 Oct 2023 11:18:57 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jehDrgUyMJ5f9GKMKLoLz5uuy3kHDmH5WWFWBJ0ztODpP%2Fekh7isfcBcdghzU92y0iVJ0nDFe1q5HhS0j%2FwTL31ioiueWuW7cs2cMuMbzN8V3gYDOSXlq%2BYsS8AugGaB8m69drg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
81c24d2e391481c4-IAD
x-amz-cf-id
HsS1woTkFr4--UMyf5fNuylZgl2u6iooFtOMUPez8U5xv2CQauT81A==
expires
Sun, 05 Nov 2023 11:18:57 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=300&h=343&q=1&src=image/participantes/wl-guimaraes-a-fazenda-15-P.jpg
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
9c379e4510fbb454d5eefc35758f83750f1824e9cffb24e14fe813d8afbffd9d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 03:21:01 GMT
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK52-P4
age
4007627
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Fri, 17 Nov 2023 03:21:01 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HeQerXrBwKVsEusDPtjBKsyNthl0Daxhg1pCrK8srtUBWZdkaLifeoYvvHARjwzZxjjsYt3V0kkWMwXXkBSGvDT3XSMZxEdxfBi5RcY%2FEhare0ND9BAJy8fhQnU4WiPOcXdHruI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
8274d75aeee98230-IAD
x-amz-cf-id
w3yqwicKj2oDqzoW2U9w9bBJnief2f787Ik65qjlt1KE5E6i5sB9fQ==
expires
Mon, 27 Nov 2023 03:21:01 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=300&h=343&q=1&src=image/participantes/yuri-meirelles-a-fazenda-15-P.jpg
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
62373de6691128ad6c9e5f24fb08d0b8f479fd129412823d1d4d2bfff1e2302b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 16:55:07 GMT
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK52-P4
age
1625981
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Thu, 14 Dec 2023 16:55:07 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qqqrMG0imS2wyvGIsD2Yg5eJPcCPj2MNQuZDjiFd8mY%2F9YFRsrnOFB6bghrLYDu35XaqfJOPsUymR4i%2F8RiivGHaXXuZ1KxdO0m%2BK2FfEqObmPpNNdivbO7wNF62U34r2RmC1sA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
8357f901de5c82e0-IAD
x-amz-cf-id
YbrW6bMLpuSI3j57nqoWaK0_X7FwkPzIEOQKkoDgRmp7im4EV7o8LA==
expires
Sun, 24 Dec 2023 16:55:07 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=355&h=220&q=1&src=image/enquetes/quem-foi-seu-favorito-bbb23.jpg
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
9cdb163d229f2eb24fc0db41c72a849104b89d480512570030afbeef56fc2f09
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 03:59:14 GMT
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK52-P4
age
1154134
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Wed, 20 Dec 2023 03:59:14 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ARvXcRCLXUeuCMRlRNiDBXhBaJfyvhkJ3N1O77L0nYqaw7Wg64wWm9jzpwEkZPXXfI1Q0eFHP88MoOA%2BUxNj6STx4NiQV0B6k2sB98pGkPg9SySHMnE6ZHyV5ITnoaM4gLjpTEo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
8384f8b12a623b5c-IAD
x-amz-cf-id
aIjmHmiQcakFA6fPJe9jn_wXd2Ea_oufpd-3vaZyCQh2e65aY8aSgw==
expires
Sat, 30 Dec 2023 03:59:14 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=355&h=220&q=1&src=image/enquetes/ex-realities-quem-voce-gostaria-de-ver-no-bbb-24.jpg
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
f4beba437d39a47ef09fcffdc403a170792ffe77b3bd716a0538999895d17ba5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 21 Dec 2023 15:16:04 GMT
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK52-P4
age
1027124
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Thu, 21 Dec 2023 15:16:04 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ds%2Brzep1Q%2FNxHP37mSyElsbCWsXL3ZtOvq0mcJ0F0u1DKH6p02JXgHZa3B1SKLkqlLibDCmBC5PKUwrTa3rv2RZTrkLFwHk5FWh3RP4FaXq%2BlssrVjYEf2GUqYcGbR3V2Fjdc%2FQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
8391158a7abe3ad6-IAD
x-amz-cf-id
nTzJ_Gy77MiwOXkwmt2ugKXretIq48xlfTdM5F-gbyEPL9DDWV26ig==
expires
Sun, 31 Dec 2023 15:16:04 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=400&h=600&q=1&src=image/participantes/aline-wirley-bbb23.jpg
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
7bc7f37f61c6e04925175ad3bae04e63dc87643550c96bced48b217cde40a99e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 13:44:28 GMT
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK52-P4
age
255020
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Sat, 30 Dec 2023 13:44:28 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3s7WPKEwIAgfg%2FFsveQP8cjo3%2BOhYKkKHpYXb5siLX0VDFLVfbpHVsx0nBrR63u3u3kcrEDp%2BvUUfQs9uOXDvWN6u907oeVl38OnUFI65iZCyb3B2ThD%2BZxBQ522aWT3lpwEavs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
83dab7bcb9b80a89-IAD
x-amz-cf-id
x4L9TuS5eju4VyIM-h-p2Af3b6N3bp4ON0XV8aEVOUOQTB_GLfDaJQ==
expires
Tue, 09 Jan 2024 13:44:28 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=400&h=600&q=1&src=image/participantes/amanda-bbb23.jpg
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
8ff4a30392a3966fe5af95652920fef78fbceaa1f6a8c9f474c28af36de5cc08
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 03:31:37 GMT
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK52-P4
age
7635791
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Fri, 06 Oct 2023 03:31:37 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DoW6su938hTMiwBkEsW7kK7kNwL1OIMX0XcbInFcCVKDwSCOrzKFMGl7iaCSzqjWuPWCUS151bWiX1MdXJjdfv5bzYMJR7XdMsCchlQIThn%2B5eO%2F1gYNKQ%2BWvn2FoDBXSqn7UAY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
811ad51ec9bd585a-IAD
x-amz-cf-id
NtNOtydPF4gFdmYc3nrHuvJYUuflZ1w5kioe4ky_TQOszx07xjdrXw==
expires
Mon, 16 Oct 2023 03:31:37 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=400&h=600&q=1&src=image/participantes/bruna-griphao-bbb23.jpg
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
db5f08f71cb73a6d0b162b0e1e87d59d269e83b2ef414c2b1688ad7831340469
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 18:01:43 GMT
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK52-P4
age
239585
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Sat, 30 Dec 2023 18:01:43 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CEa8qVRQrq0D7nkkDr3t%2FAvwY6UIkUietmbLJq13iOgyb%2BGWGw1ebYxq8Ry%2Bbb7njRshc5vPEbkCyzzv4ePDJOdj42wx3vIYhh5rEPg24P%2BUmRbAdo8HSOHhkIOYl9fA6sAM5oQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
83dc309098a820a6-IAD
x-amz-cf-id
Yt8hXavy81qKh-QrpTM_0vhGmOLv-SJjA-YySZ5rx9XPcHlfy1Htpg==
expires
Tue, 09 Jan 2024 18:01:43 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=400&h=600&q=1&src=image/participantes/bruno-bbb23.jpg
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
3f0286b191e52b5e7af22af3a3056958fa411c8a7861ec57eb4d5c96d39314d6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 03:31:37 GMT
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK52-P4
age
7635791
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Fri, 06 Oct 2023 03:31:37 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bTiPCkNYb5m8DD6XpBLWTLJ%2BMmm6ReXHxZG%2Bkd2u5juW1Gz%2BkkNMBQgCf8%2BQpmQsQJCT8ofFu0T4vpiiWUqYRyKpJto0qSGBLZEC6X78tAxjFe2g1%2FlJfOCYdFCfk%2BtAVMBDsf4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
811ad51ecbef81dc-IAD
x-amz-cf-id
zv5bHiOwoDely6t8wK_D6VMKYAS-6SK-haDZQ9kw-3-Q1Tt0VwHKFQ==
expires
Mon, 16 Oct 2023 03:31:37 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=400&h=600&q=1&src=image/participantes/antonio-cara-de-sapato-jr-bbb23.jpg
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
24e9ed9eab09216ff15ca9714caf4c6334d318b0997bcac6e72c5029d1d93f43
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 31 Dec 2023 02:30:10 GMT
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK52-P4
age
209078
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Sun, 31 Dec 2023 02:30:10 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XWmGciRPNmpgV%2Fh0zl9vfMGLuT8HEM727xeP5cGVrA6iLQpeYyFO7HgS7LHMVZ8QKkJWxdhEkldP8ffdQcqhty59dml18mZs%2FD1%2F5k2%2Bb8413pQ5PdB6ee4kEr%2B3PgCxX3bImko%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
83df195cce9a3b11-IAD
x-amz-cf-id
VWIseGAuvaiiu8xnjncvuOUzsTJ93Wyn6FBAee0OR6hJ_uHnxFHbaw==
expires
Wed, 10 Jan 2024 02:30:10 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=400&h=600&q=1&src=image/participantes/cezar-bbb23.jpg
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
fcb980cc482294d0f1928229f4fc4a4856efa5bee2c87fdd339bc2c59a81e71f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 06:16:37 GMT
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK52-P4
age
368291
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Fri, 29 Dec 2023 06:16:37 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b05s1vFS1NO1TD%2Fh6p6eKLMJpMQe5Afw3IsSNuTdIBzTVobdO8jMffCivR2bg4Q5c4haIpiqx9U2GPtRFm4L9e%2BDKrmkUXqXwiuaxXgUd%2FiSvnhbgxOw2vw73fW3aeURPjXgDWw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
83cfea514da0571c-IAD
x-amz-cf-id
1-aNxYeqHGrSROvZ06c4WEf4_N_dt11jR19ts3okHahc3AnxD1NQPg==
expires
Mon, 08 Jan 2024 06:16:37 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=400&h=600&q=1&src=image/participantes/cristian-bbb23.jpg
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
f23c245ea5a38f63022aa074a4ccfe104df9a690d376460dc2562d63dde4b820
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 06:16:37 GMT
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK52-P4
age
368291
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Fri, 29 Dec 2023 06:16:37 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0uboML9%2BRFvFC5veDbejVVruuWVtJuq0oeSb6QFCIDLw6PikbuKB8vWv7nfUOBbvuI951zZE%2FvmnpKm2oQI%2FdKaNqsQF9he3RB34pyBbEfkP5nlb10My5hbML1kIXcDiez231Rk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
83cfea51c9712419-IAD
x-amz-cf-id
9tfstT9ZZ3MiUFXGXWZL9lIVknJ64_mmkVY0pBxrbQcjlDbAghdf1A==
expires
Mon, 08 Jan 2024 06:16:37 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=400&h=600&q=1&src=image/participantes/domitilab-barros-bbb23.jpg
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
b4557d023216781e0a1d45405ca1017817151a258e852f439f870ad6a9a8ac17
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 17:13:45 GMT
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK52-P4
age
4562463
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Fri, 10 Nov 2023 17:13:45 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LP1J407wmqJ0XlhcTY7kVKwOPtUl7Dt2Wexx47j4d31ObCnjKOinBNa85cmsrEBGMeJrj%2FnJ61Twnra672QCvRvxriyA4KS3tT0uhrq71TXvsqqWqkrOZE2ALLkpsg6y5QV7vNs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
823fed892a882d13-IAD
x-amz-cf-id
h5x41gyGZj4-m1kB85l2cltF1kts7fJWlwA3-xFFPYT9OJ69vZk3EA==
expires
Mon, 20 Nov 2023 17:13:45 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=400&h=600&q=1&src=image/participantes/fred-bbb23.jpg
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
94971ea51716e2fb012fa588c909d8c8794be579262c28dd668a1dc326e5768d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 03:31:37 GMT
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK52-P4
age
7635791
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Fri, 06 Oct 2023 03:31:37 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p4kCBLXPtX5ni1vflzfPz21fExBT8oc84ujw8K4cXAHbeRecB0w9Sam3s7i%2BpyK%2F12Jh%2BWfrFVAoRj4LJCMArv6HS9Jys0zhgz3vmAD6H5JFxP31D%2Fyyjv%2BEtdFTnNwGxrOQuX0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
811ad5206d8781dc-IAD
x-amz-cf-id
RhNdV8OO9Fde50uku2toeNMn2m3WBqtrIx-6rrUyOL18lTeUoD8_yw==
expires
Mon, 16 Oct 2023 03:31:37 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=400&h=600&q=1&src=image/participantes/fred-nicacio-bbb23.jpg
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
2f256611f838d74f92a96fe6469e05ff8dd9151e38a12d784cdcc7511f3938e0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 03:31:37 GMT
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK52-P4
age
7635791
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Fri, 06 Oct 2023 03:31:37 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=04NqhNTWbGdNNmzhW86To3XghmdmtvvYiu9xa2J5O0pWuFerIwaUmUkYOuKu%2BwLXXF4%2F3X6qKruz5%2Bat%2BwSPmfGie4bu9hloPOp6oeyi%2BfpeZooUum08pFQh1aMFHu84saZSZoc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
811ad51f5ab5073d-IAD
x-amz-cf-id
MLuwUsZMvilmK1mNAkwzlx4l1zXIOFQPRkA32VT0kXcDpyOU6klE1Q==
expires
Mon, 16 Oct 2023 03:31:37 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=400&h=600&q=1&src=image/participantes/gabriel-casa-de-vidro-bbb23.jpg
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
64493b7677f4b236fbcbed15196c5ad541766733376b49b2d737a08869a07704
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 19:44:47 GMT
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK52-P4
age
2566201
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Sun, 03 Dec 2023 19:44:47 GMT
server
cloudflare
cf-railgun
direct (waiting for pending WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zXGXimGfQPoqLKKLBqF74MNVtgSLk5nMwI0wibFU90Nh8rnw3yHtyMLNNityeVo3avNlF815IZ%2FzvDloh3hj2PZTRfhrSFrpyEmf2IGYk3TnsoEr0StYDfus%2BrfXYtvUaIsFC4U%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
82fe4e660ae52f24-IAD
x-amz-cf-id
j48PIL5igYTJ1kBx7ehRxYXeikMlY8OlEqi_hF_RT7P_-67k1WDuzw==
expires
Wed, 13 Dec 2023 19:44:47 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=400&h=600&q=1&src=image/participantes/gtabriel-santana-bbb23.jpg
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
34419ecac23d0389a78f87d82543d68177399ad204ea5f0fdf677ee51cd1ef1a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 13:44:29 GMT
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK52-P4
age
255019
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Sat, 30 Dec 2023 13:44:29 GMT
server
cloudflare
cf-railgun
direct (waiting for pending WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EFnA7uUY8u29ZfbgpWqmZhN2f%2BELd6UW%2B3VLmR4vV0AlJju8liTrlEfXhEBTuTLCKM5is7%2BjfwPQi%2FacEQTc8%2F5%2BRW3EKjEZEb2tkewbIZmOW3DC2JiyeNztYNaPcL4sMhBqcUA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
83dab7bcbe9282b6-IAD
x-amz-cf-id
dPINtLMjXJYtbY2cGpfcIpAJKDoN-n7_zz95MjbYSqOd7hj2IqXsMA==
expires
Tue, 09 Jan 2024 13:44:29 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=400&h=600&q=1&src=image/participantes/giovanna-casa-de-vidro-bbb23.jpg
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
86acc3626551a828f13f30863d1bf5a88038ba81eecf5425d8f5e30e24702005
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 23:28:12 GMT
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK52-P4
age
5317596
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Wed, 01 Nov 2023 23:28:12 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V0tpFJxUEx59z5i4cvin39%2FCdEq9OEyjAkmdQYJ03VJuo0lguq4yCCiK9awFfCcRleRwNOqkeNxDGlRoTAW%2BMKhMkYwQiylZD2Y2aFrcfPOQQLvCKxKZXi9qRKZDVQSKWnTuUbg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
81f7e9ad9f0429b2-IAD
x-amz-cf-id
imRJ07y9pd_RGxo5vv-2UI9oLJNFJuIvnyfNBR3265o_xA68wicytA==
expires
Sat, 11 Nov 2023 23:28:12 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=400&h=600&q=1&src=image/participantes/gustavo-bbb23.jpg
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
2f1e52f6d470035f5c81553858e7581636a3079bd9e85a6107737af4badec51a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 08:54:41 GMT
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK52-P4
age
963607
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Fri, 22 Dec 2023 08:54:41 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jh3dw7xTlpfYhXMWJKv6btV7gT0tjQjlq%2BB5P1%2BCJnDC0dP8ThBCK2XmGkxJPOmU7dYQFsdTm9Zr2o4ni2ku7BS4PHmP%2BIR5qbt3ss%2FJdShU%2B4YpyKsyKv5pl0cf334l3yuC7Zc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
8397243afe0b3b7a-IAD
x-amz-cf-id
S2Wp-DCHsAMtqQ_uVfdPqUslQz3rmE8AogmPg8n0nTAwwG5lnDUdsA==
expires
Mon, 01 Jan 2024 08:54:41 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=400&h=600&q=1&src=image/participantes/key-alves-bbb23.jpg
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
4601a643331e142e3a4952eb54b66cf953f1dfad9b13574c5b5d47a069d949b3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 20 Dec 2023 06:58:11 GMT
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK52-P4
age
1143397
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Wed, 20 Dec 2023 06:58:11 GMT
server
cloudflare
cf-railgun
direct (waiting for pending WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R6cs465w%2FMhWjwBHBRDyCDF5rCxDY7rfpnd%2F19OWt4z4RJnI1Wkg4XO4%2FfmhWWiEr5bqCtkzRdIMBz%2FYGUgn2ZcV%2ByG42N%2FK2LjEUdL%2BCC0wCcllrkZBrYDX4re2YI%2B1yGQqQ44%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
8385fed58fb19c2a-IAD
x-amz-cf-id
5tQk_h28e2Y0VpjZD0iXnQficDAMKpwbENBmybCAtui3mhWX-ZxcTA==
expires
Sat, 30 Dec 2023 06:58:11 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=400&h=600&q=1&src=image/participantes/larissa-bbb23.jpg
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
9a03568e65e089a8d0141da6371d935d35b6ea13a8c5af029d9e4e32c6233f3f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 08:54:41 GMT
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK52-P4
age
963607
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Fri, 22 Dec 2023 08:54:41 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qvd7mae8gDdh30kz6nDPhijdrYVsyc2BYVjMafSDYH6lvR%2B2qkXXUihHnEILCOSXmTasebbsMn0QrAARN%2B1uC%2BLAVcUxc17DZSKHKXj2buQsk1VWRhcfCGoGl7XhOB9O4GASwkw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
8397243a8b082421-IAD
x-amz-cf-id
PX91Ygg8i352wUxZGIKnOcFcKkkQYNF5D7Y9oiys1ebGG-y1C5qMDA==
expires
Mon, 01 Jan 2024 08:54:41 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=400&h=600&q=1&src=image/participantes/manoel-casa-de-vidro-bbb23.jpg
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
763621a0d305c29ece369ed561eaf469c8b517172996290c6afe2c29838ffae3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 03:31:53 GMT
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK52-P4
age
1674175
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Thu, 14 Dec 2023 03:31:53 GMT
server
cloudflare
cf-railgun
direct (waiting for pending WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GCG7mAzacd9YzTVqQh362ubGUnlzTgHKmcQZRTQSznSCBU9caRNzh6heUACJI%2Fpld5MbPzV7Ytfr8%2BY5xTxtpS6rziPBwVQP3qkhn5Eptq2Hm1iJmtp%2FvSHmKLM8AqsTRn2vEWg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
83536060ce796fbc-IAD
x-amz-cf-id
tZSy-lfBiJJzI3C8sPssWmBKSclu-QnFN-XkrAH0nE3KUjtOwN-zkg==
expires
Sun, 24 Dec 2023 03:31:53 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=400&h=600&q=1&src=image/participantes/marilia-bbb23.jpg
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
dce806794f0ab48ebc35bfec3556e08e2835d052e96a759b4b7b8140da78b7ae
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 06:16:37 GMT
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK52-P4
age
368291
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Fri, 29 Dec 2023 06:16:37 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ihNdKcd2cOvauMi0wVAxYrSGgE7WIqlGeiEmvnrlDmiI0AKwwes8TgyhCKdLpKupBHoWPq5uZCQ8BzTaOq4EetKOqxCMC%2BW1SzNAMTn35Yu7Kz%2FWNH%2FGExrm6NTpwsFTO2NYeTQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
83cfea51bbe79c5b-IAD
x-amz-cf-id
DSHqGjkuOKqHD1rUGLUvfABosBPdZBBJu9gArDPI56gktQ7c5d_mqg==
expires
Mon, 08 Jan 2024 06:16:37 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=400&h=600&q=1&src=image/participantes/marvvila-bbb23.jpg
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
de4451c6eb4c78b702515388d134d0ba0ad41aa18e3388f1a592b87cd9cb4f46
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 05:47:41 GMT
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK52-P4
age
2530027
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Mon, 04 Dec 2023 05:47:41 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NJPMkU88%2Fc63n1JasQXzbmUDJC%2F%2BMtF8ZZGra2q0NRGj4yq6WJn85sFYtuBSDbQuZtxAKQHduTlgrAnkbnAbb7gcRlwIi2jRmFflUZVbZOJj8Bdv6Y5ziqdid45ozt1tqFH7%2BlA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
8301c191d90a5872-IAD
x-amz-cf-id
0IKAZMCZoaSYxxlwPgsSt7hvO_83yXVtFARnCiemkayzpu_5l-9mCA==
expires
Thu, 14 Dec 2023 05:47:41 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=400&h=600&q=1&src=image/participantes/mc-guime-bbb23.jpg
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
beecff1ab9cca2203c9e18df18f3146c174efdcc8ecebe6a5995a9a3039e973e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 00:19:48 GMT
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK52-P4
age
5055300
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Sun, 05 Nov 2023 00:19:48 GMT
server
cloudflare
cf-railgun
direct (waiting for pending WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PB8SH22vD0wPBt8XjBOShtucHk70unP83bak%2FHPLaXVwZQaBq4KbKcqzFSbppmK09pZiREDJTYT494wKZcVuhzQ300TB79hfWZGIGzSLQmFazm8d9pYl%2Bhs85cYluWrwKj%2Bj75k%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
8210ed64ace8819f-IAD
x-amz-cf-id
XpCIpCO9ZLFjxNrZ0H9gEZotbY4YGsP8vhrQbPIJV4ivu_kY0jum3Q==
expires
Wed, 15 Nov 2023 00:19:48 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=400&h=600&q=1&src=image/participantes/paula-casa-de-vidro-bbb23.jpg
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
347c1aa4c3fc3dfe7f611d1f237b919e6e500e0c5e582920d380d8d5b5787e4e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 09:56:04 GMT
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK52-P4
age
2601524
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Sun, 03 Dec 2023 09:56:04 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k%2FThiwEWlgWtcrOwnwXSYb6%2F81E5g3qZzMNSRfjpC%2FWJZrYOI0oJSCm7VR4uq9QS%2BDzKko7SbHANbu%2BkfYN%2BXz2Z0XEIcUbOsEb2scX8EKcU0rVwflQoGeC76OEFcqQYT2MQdB8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
82faf00889642060-IAD
x-amz-cf-id
zM-IXd_NqSn35app13b3I_5Hxjf1qSQb8c9fi_1K4e3Th9efZWioPA==
expires
Wed, 13 Dec 2023 09:56:04 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=400&h=600&q=1&src=image/participantes/ricardo-bbb23.jpg
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
3de9f5231882b16bddccb492d140b88a3b7b2fd80d36c3f9d382b821779515c2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 06:16:37 GMT
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK52-P4
age
368291
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Fri, 29 Dec 2023 06:16:37 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vQFVYtwAm3BdtsEZeQd4R0IhFZ3fl9DFB%2BeA4Qa%2BHYhvsNN55WRJYc2YIxgUms19mHd%2BoIw0PR5MwPKBYfKCwsXlGLD7d1Z1c5%2BAkBKfEkhy%2FGpRtheRyj3ANk30HkxI61mj2F4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
83cfea51b9512d26-IAD
x-amz-cf-id
wRDE6GN3mhKWNuXjo9z1NGMdi79KxflGmIZXDe9yV1tyQFaKBDPumA==
expires
Mon, 08 Jan 2024 06:16:37 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=400&h=600&q=1&src=image/participantes/sarah-aline-bbb23.jpg
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
59ba03a159f5d0adaf5cc34aa67bd34884b8fab72a1e351b296fb2308f77de58
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 13:44:29 GMT
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK52-P4
age
255019
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Sat, 30 Dec 2023 13:44:29 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sSvS4XMzkz%2FxPObLyghHngXsEkkGO49nJPbfolxvVBtSovs28gGc2A64L56nrqm4Fa6RojxTx%2FkSzV7mcJYDlclImUQ7c8t0gHtmNZs2lEx%2FtTvPO6kWLM7I%2FtMQaQsidBPkKlA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
83dab7bc9e222417-IAD
x-amz-cf-id
DpNpIsxOrQhK6ASGVxnkj890eBa_ucvIEuEVQMkBY8UDPIzak6BepA==
expires
Tue, 09 Jan 2024 13:44:29 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=400&h=600&q=1&src=image/participantes/tina-bbb23.jpg
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
9dd5584140f2ec5ed5c5f39b20ba0800c742c6a60b621c97d972b4239fc6b1fa
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 10:33:46 GMT
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK52-P4
age
4759262
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Wed, 08 Nov 2023 10:33:46 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RtuzqxXszgED408NsIf4TPlsEM0%2FZts8m2%2B%2B2Oavtua%2B6J41GCutXxJN5k8Aq4sFshSVAV%2Bh2DGookdeDHkiEqkWpI1Rjgf0PzVp6AlRGwqWYCjC%2FsM2L3FOYLby%2BpjuuD8Zfqc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
822d28e0cf64818b-IAD
x-amz-cf-id
gcoRxs-N58bRKpgXxK_ro9Myoo5xlChxlaHHA6Nk-InfeXkwqAVAeg==
expires
Sat, 18 Nov 2023 10:33:46 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		334 KB
335 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=355&h=240&q=1&src=image/novidades/afazenda15-confira-os-famosos-cotados-para-o-camarote-do-bbb-.jpg
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
8947dad051b2d1e94e13b891490a267a7921292ec30e3c718dc7fe6359df5155
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 06:16:37 GMT
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK52-P4
age
368291
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Fri, 29 Dec 2023 06:16:37 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q16RbOmZR4nT64lljvGqTeLK7LiqATWLXqDVlsaN7I7a1BZpxWEfkBhgmBeAz6wYGf%2BL1nEDSITRG24iXEyiq0Uh7MNkt1IKajZXlnAYFLiNtk6SXs62KSyX9wiDVz0htaA%2B7Y8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
83cfea51d9ec20c4-IAD
x-amz-cf-id
QmE71Ne9Mu_8F_pHTaKHCGIy13O5LmIQZUceQipHELh2cjxLS8SJrg==
expires
Mon, 08 Jan 2024 06:16:37 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		334 KB
335 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=355&h=240&q=1&src=image/novidades/enquetebbb-bbb24-ja-comecou-saiba-todos-os-spoilers-do-programa.jpg
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
d596ca97514cd5cf329cf62a215ee08a23e52bdcbf7880be0b2d453c9c28e4fc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 03:31:53 GMT
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK52-P4
age
1674175
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Thu, 14 Dec 2023 03:31:53 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m5yZKuota2TfFXZQBE%2Bio%2Fm60cv4ZwkpqD6br6AFo%2BAzYcfHGWRzOsiq%2BdyRDSxwWKd4me3uEaO1MWEppGEmNBK368E2A8A9T9G2U89xnJnJPIPzswtHVsL2FhTfWBFfohYdoAA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
835360608d9456b6-IAD
x-amz-cf-id
BuHg0P5VGxToGhYp-0bAtU5wlKJ1S_EW2gRyvmv0gBRyes8i91nugQ==
expires
Sun, 24 Dec 2023 03:31:53 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=355&h=240&q=1&src=image/novidades/enquete-bbb-reencontro-de-milhoes-domitila-barros-tadeu-schmidt-e-sarah-aline-posam-juntos-no-the-town-bbb23.jpg
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
cb1ca001c0178df972a6c5c5235a80208cf54d572682e042bae85456b5bef5cc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 13:44:28 GMT
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK52-P4
age
255020
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Sat, 30 Dec 2023 13:44:28 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pbYW%2BcWNPGP8AEYp1St9YuvPuXkOzhU%2BRCT3W%2Fc2gYDJ7E3KDPaGBmcj2UJ0ZMIxWNs45dfo%2BYjIZdr9Ut%2BPSp%2BxsgCmDcHw7nHekjPwySDNkEBZhuknL7u%2BtAkai5AM2zMZdqo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
83dab7bc98d39c6a-IAD
x-amz-cf-id
bI7JOUT4Gnv-JxN2gHKRHUyDJV6mTKdoG0F57rOI9Lmg4QNk7nJv_w==
expires
Tue, 09 Jan 2024 13:44:28 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=355&h=240&q=1&src=image/novidades/enquete-bbb-domitila-barros-rouba-a-cena-com-tranca-ate-o-chao-de-170-cm-bbb23.jpg
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
12b9cd65f98d1ffaf02a4df14d27d10be674d9f5888cc2b4a89466ec0b45ac6e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 06:16:37 GMT
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK52-P4
age
368291
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Fri, 29 Dec 2023 06:16:37 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g%2BExWmvmU6fglirO5UtjQgA%2Bef4ik0UjX5Nf7y6pesVlPeS8Diy0a6%2FQNzAygpaW1WQM%2BA40gVv78GVCOlGAt1Be6swFD9duavtqStXk%2BUQYX1Cf2QVNIWa0mZEp%2B2JTZe3Ii0M%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
83cfea521f930aa1-IAD
x-amz-cf-id
XF0vq7MO-VFBmvPBHZSQtFBETNMAGctSjQ27fWwBO2oty4obaWaa7g==
expires
Mon, 08 Jan 2024 06:16:37 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=355&h=240&q=1&src=image/novidades/enquete-bbb-bbb-para-sempre-ex-participantes-do-reality-se-reencontram-no-the-town-bbb23.jpg
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
182083c2af568f88138fac088315f89acc4b94866b0c423ce78c04e21e14f857
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 19:44:48 GMT
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK52-P4
age
2566200
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Sun, 03 Dec 2023 19:44:48 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tdeG3HW20ulKDipqDXlcsIwlJT4%2BYHy4wtRJX%2Bf7kixQXIPnQmrPPFpLdUlM%2BuAmQvfgBhaZwFJjuiDi0YjACPaXIIAY22xZzqhy%2FBY%2B5%2BUfLxfI4rJriUHkbrkCaZQffZLz7%2Fc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
82fe4e6e78049c24-IAD
x-amz-cf-id
aKKgAWXhlfXhP2bfGwghO74RZlkbG9156VH9clzZZVlPATTxqXuhYg==
expires
Wed, 13 Dec 2023 19:44:48 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=355&h=240&q=1&src=image/novidades/enquete-bbb-novas-dinamicas-na-votacao-do-big-brother-brasil-no-gshow-bbb23.jpg
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
890d5eaa10e9bd7b67de7279581e2fe6a2b1c57c37d7baf47b9ed9a73c111f88
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 06:16:37 GMT
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK52-P4
age
368291
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Fri, 29 Dec 2023 06:16:37 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FTByZuQUCVxtj0gSYuWww4tPvGiWZ0%2FXvkixszVCRtHaMAT0GJu8IJXEc9XXqpJhZwuZ0V4d6qIb%2Ftzyi9vg7UCmmmgDpV5c9QLGaiffnru9V2dreyvRoBVToMuD%2BnGsd7T%2BGRs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
83cfea51fee9058f-IAD
x-amz-cf-id
vSVJwsQZvvhfA8YM3ai2eYnlkRz2Cs09a4nJq3tmLH_CAj8D6fo9Gw==
expires
Mon, 08 Jan 2024 06:16:37 GMT
new-logo4.png
app.bigonline.top.enquetebbb.com.br/image/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.bigonline.top.enquetebbb.com.br/image/new-logo4.png
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.225.224.10 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host04.mezzor.com.br
Software
Apache /
Resource Hash
fda9ef9d3fda898fc315283504eb0aeb8ada64df1bda7e2e11165f28f59c1fb6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 12:34:47 GMT
x-content-type-options
nosniff
last-modified
Wed, 27 Feb 2019 02:22:58 GMT
server
Apache
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
3613
expires
Thu, 01 Feb 2024 12:34:47 GMT
bootstrap.min.js
cdn6.votarenquete.com.br/js/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn6.votarenquete.com.br/js/bootstrap.min.js
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
807e84e1168b4e2f461467a2d2b255f8947e8dadaa269e66bf561a7c0ff90bde
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 15:16:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P4
age
4828672
x-cache
Hit from cloudfront
content-length
9922
last-modified
Tue, 26 Feb 2019 14:59:22 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eIrq580YcApz%2BysWW6PDxA32iew2P3ghVhF%2B%2FGiljO9h4N7Gr%2F5yXajtr%2FFsO%2B1iXz64POVDH%2BL%2B7Z84MmnrgMF%2FWDNDyWoLXOAwZFzZQsbJTJOHMxH8a%2B5zR2b6FZHs0y2ghLI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
82268a4beba382c6-IAD
x-amz-cf-id
z0-xpabnxz3jiFUfkWsSOIU1GidrRRdTTlF4DHCAmQPfygtWRRo7Cg==
expires
Wed, 06 Nov 2024 15:16:56 GMT
sweetalert.min.js
cdn6.votarenquete.com.br/js/ 		40 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn6.votarenquete.com.br/js/sweetalert.min.js
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
15211e0be73438987ed05236dc4ce90962f7c46452427364446576505e66697b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 15 Oct 2023 11:07:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P4
age
6830849
x-cache
Hit from cloudfront
content-length
11868
last-modified
Tue, 26 Feb 2019 14:59:22 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i5MYW7DtVBiT8Md7p2Qq9108cBPk3W3rSwrwEmXyuy%2BNaiGgSn3y0MRE5B92%2Bg1pUAd%2FSRP1Av9xFLbivwgFEbwqVEMNLjx%2B0TbbOyLsnDy6MYKqYmJzXsJw0rrn%2BmE75OTABMs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
816799074950083c-IAD
x-amz-cf-id
nl15ddPvsj0ESNDGRScROqOir7nAsDOvgLLfOCrs3Zo6Yqiladh5ww==
expires
Mon, 14 Oct 2024 11:07:19 GMT
swiper.min.js
cdn6.votarenquete.com.br/vendors/swipper/ 		94 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn6.votarenquete.com.br/vendors/swipper/swiper.min.js
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
4a10219bee747aadeeda78f166d787adf32583f361f88d44b472f6f3da798083
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 15:16:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P4
age
4828672
x-cache
Hit from cloudfront
content-length
23609
last-modified
Tue, 26 Feb 2019 15:23:40 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1iK9X0D5eD5XyG1hnX6mOexpUiogaeR756gvb5bEg85IAggfGylHdirx69soGRkxzAs123sBvGjB%2FWaSfwBrsnvjDR1PUKqvq1wRp3HMmD14nRHVSJBLcqBHET61RUPx5tDfpS4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
82268a4c0bb65722-IAD
x-amz-cf-id
SdPirusG-wVLFsdReHAN55ItpUx04JHoHhYqELyUIQLMEzyGhN_wdw==
expires
Wed, 06 Nov 2024 15:16:56 GMT
nav.js
cdn6.votarenquete.com.br/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn6.votarenquete.com.br/js/nav.js
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
732675cfccf977f7fab5b4cc351efb9fbc17a868da78114b484f80b0d53fc281
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 15:16:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P4
age
4828672
x-cache
Hit from cloudfront
content-length
1160
last-modified
Tue, 26 Feb 2019 14:59:22 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ntdLjegJygmPiZ1VVkj1fbCy9h1ZrC%2F%2FlUhUWXqwHnC01nLYyhb%2BV7Z4h8w9EGQDpD2MYXOVpjd6XYWkZ37BEpFujIaixBZqvEcPI5c0SZhd2t%2FSYJi%2Br0OQ6s6ZhqgmTPUBJgI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
82268a4bfff17fb5-IAD
x-amz-cf-id
AfS4wm5G5vvy43vtwnYVh6FDuqpbZ8AouhDCdKpAN6qiJGgYEXx4xg==
expires
Wed, 06 Nov 2024 15:16:56 GMT
owl.carousel.min.js
cdn6.votarenquete.com.br/vendors/owl-carousel/ 		42 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn6.votarenquete.com.br/vendors/owl-carousel/owl.carousel.min.js
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
63c97e11ea143afafc4aa123fe04f28c16fc0aa86dac0e8653d3f8c81fb8d5c1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 03:18:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P4
age
7636597
x-cache
Hit from cloudfront
content-length
10975
last-modified
Tue, 26 Feb 2019 15:23:40 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BABVv1Qdcc9Xb56l134pmGffVp8ttrkJJZQSN%2FzW12gurYuC6ppheDLp%2FxhTEj8etuNjurrjB2sHXC0HVxnpFbpM6DXfeytLC4IEJ1bjeu%2BrhpiogkE4IaYdGAkX8RDe3g5Q7aI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
811ac173ee575a10-IAD
x-amz-cf-id
hUJmQHi9O25EULyeTIcHBwFVMYak808uyjjBoQyDTs6ZcbikYYbMTg==
expires
Sat, 05 Oct 2024 03:18:11 GMT
plugins.js
cdn6.votarenquete.com.br/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn6.votarenquete.com.br/js/plugins.js
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
46a0243b7af18e28661c127f50884b9ee8c27181051f62bd70d8b3fe67e207d2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 03:18:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P4
age
7636597
x-cache
Hit from cloudfront
content-length
989
last-modified
Tue, 26 Feb 2019 14:59:22 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qiZgGSvxWH6RmiWX3lS88hROm443MnUf0ytXZx%2B3kzzzxs%2FfJdUNgmEaKEgQRDalQwgvYMdb%2BjfL0yTJvEN8mlnM6ziNa3Y5%2BVYeJ3R2geJT%2BuqsnbkSorLKw73mars81uOIhGk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
811ac173dd0a20b1-IAD
x-amz-cf-id
otX5COXCZHTn8JEBT4X41LoKeZ2GpVvEJS-V43cYlpCTZFzF2oem7g==
expires
Sat, 05 Oct 2024 03:18:11 GMT
custom.js
cdn6.votarenquete.com.br/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn6.votarenquete.com.br/js/custom.js
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
b77e8da8c14b84a8c0b2a906b58c45f821bb7f25b5708a13b55758790cc8df35
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 07 Nov 2023 22:34:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P4
age
4802422
x-cache
Hit from cloudfront
content-length
1474
last-modified
Thu, 10 Oct 2019 19:41:55 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w2ZshOsi2IFNsiHsGd7GM0TmS1RqYVwfFcVkgZSwGkMUpsbHVllEzcn7FAX5emWl%2BH3qqLG5%2F3iPRdA3r%2FkUk6sLHTh11nxgAYwF3q6zopHP34%2FtwwqDgJbsliajCnD9NjW7mnI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
82290b2dfc047fb2-IAD
x-amz-cf-id
uwFrjEUjuBqpVwTFEmh3rKlOQ6L7T09l7fSGy4rQLAjTtedki8kBzg==
expires
Wed, 06 Nov 2024 22:34:26 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 12:34:47 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
2489
etag
W/"a87c48d211877c49b878679b2e3cdab8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
83f309c70a6d4bd5-BUF
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Fri, 05 Jan 2024 12:34:47 GMT
smart-app-banner.js
cdn6.votarenquete.com.br/js/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn6.votarenquete.com.br/js/smart-app-banner.js
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
b250ef39399eb55f93d850fe15561b82c2c296c7046e9d6690d7d2f95789caea
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 21:45:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P4
age
6706159
x-cache
Hit from cloudfront
content-length
6722
last-modified
Tue, 27 Sep 2022 17:46:51 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bhtHmzNS2PKVEsizN5T0duSyK3587cF5VgisCelxrmxk4mkh2UTApWg1xv1hr2plJLoReM0fWPeU%2BYOCTRcSj0ntwfRIrmdQADA9elsF2vUzs93FzTUcXAwEcqywIluFWG1lJVQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
81737d39cfc93940-IAD
x-amz-cf-id
fAxe8XDP6GPnpTv08Pw4fpE-KfMspchIuezOMB6vQoNG2c_n1YTxIg==
expires
Tue, 15 Oct 2024 21:45:29 GMT
49fd207b-10c8-4894-9b57-08d90e6f6fd7
tags.premiumads.com.br/dfp/ 		84 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.premiumads.com.br/dfp/49fd207b-10c8-4894-9b57-08d90e6f6fd7
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
e4f6d84d12af33e3f831102084bad06cf46d8d3d05d471cc00ecc7ef8594833d
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 12:34:47 GMT
strict-transport-security
max-age=2592000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
63530
x-powered-by
ASP.NET
request-context
appId=cid-v1:7814785e-b65d-4def-8f8d-ccf729ea4107
cf-bgj
minify
last-modified
Mon, 01 Jan 2024 18:55:57 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3D3Ggz4b09%2B5JSTiPBnKZhjHfIuIFAxrTqadzt5Wo2FZHFTPbcs0lYXcwS6T02Yv%2FARQwGRAtQTsbCmAqho4%2BjQM2yh3O1a1xsF8rYKNuAHLitV2Ijy1%2B5qvw2HDLNgUvi6QVMQQhXtvyP%2FWpw5fvWPQP%2FE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=3600
cf-ray
83f309c71bc14bd2-BUF
lazyload.min.js
cdn6.votarenquete.com.br/js/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn6.votarenquete.com.br/js/lazyload.min.js
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
1e3bbf2a6d9503811213baca9f5e309618ca968136199ca532a0a5167c0b0f1c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 03:18:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P4
age
7636597
x-cache
Hit from cloudfront
content-length
2145
last-modified
Wed, 09 Oct 2019 00:06:52 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S4hvjCnNcFAj%2B7TQ%2F%2FtU1QVH1FTh5KoxyhbbrPm%2FEjOAV%2BTM00B5KLEaX1sczzqaO9eMKlP3uruAdlpAZU4BaYwDcf8Jd6x3s0WjdCFrhWEXwo3AFmjV2Idt2Rl11N2QJZp1UNQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
811ac173090a0802-IAD
x-amz-cf-id
5SFGsHPa2mTyAbkAWDJWK_DP3GQFxBJ5bjLg0g_DpR1eCmKojcKSQQ==
expires
Sat, 05 Oct 2024 03:18:11 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 		399 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6330018069195839
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
74e902da7510e538e4949ad6e725dcf9e987381e9b2b565b9249c659e85f9d0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 12:34:47 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137920
x-xss-protection
0
server
cafe
etag
10942279955400410868
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 02 Jan 2024 12:34:47 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame 2058 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6330018069195839
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://app.bigonline.top.enquetebbb.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
50029
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4130
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 01 Jan 2024 22:40:58 GMT
etag
5585625838579639069
expires
Mon, 15 Jan 2024 22:40:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/ 		238 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-RQSNYVQKT8&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-112625574-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3aedbdf902d674833e0b165aa379a3ff8d2100f1576ce2c4e4badc93723a11ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 12:34:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
84218
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 02 Jan 2024 12:34:47 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-112625574-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 02 Jan 2024 11:51:49 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
2578
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 02 Jan 2024 13:51:49 GMT
js
www.googletagmanager.com/gtag/ 		194 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-787761210&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-112625574-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bd74d38d22665a19ec2e9525c7d953251dd7a64946a14ae3e0a25d8a71c880b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 12:34:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72435
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 02 Jan 2024 12:34:47 GMT
js
www.googletagmanager.com/gtag/ 		194 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-10985823641&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-112625574-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8d57f50455c15b852891afe3e3d88e594836d10fb6bf734af5480e331e1fda10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 12:34:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72460
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 02 Jan 2024 12:34:47 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/ 		431 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 18:24:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
65426
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138180
x-xss-protection
0
server
cafe
etag
6854214708762155125
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 31 Dec 2024 18:24:21 GMT
collect
analytics.google.com/g/ 		0
268 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-RQSNYVQKT8&_ono=1&gtm=45je3bt0v9135313823&_p=1704198887443&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=1513113727.1704198888&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1704198887&sct=1&seg=0&dl=https%3A%2F%2Fapp.bigonline.top.enquetebbb.com.br%2F&dt=Enquete%20BBB%20-%20Votar%20BBB%2023&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=992
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RQSNYVQKT8&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:47 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://app.bigonline.top.enquetebbb.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
268 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&_ono=1&tid=G-RQSNYVQKT8&cid=1513113727.1704198888&gtm=45je3bt0v9135313823&aip=1&dma=0&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RQSNYVQKT8&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:47 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://app.bigonline.top.enquetebbb.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=826802263&t=pageview&_s=1&dl=https%3A%2F%2Fapp.bigonline.top.enquetebbb.com.br%2F&ul=en-us&de=UTF-8&dt=Enquete%20BBB%20-%20Votar%20BBB%2023&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1420598024&gjid=700355992&cid=1513113727.1704198888&tid=UA-112625574-1&_gid=1831643438.1704198888&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma=0&jsscut=1&z=736058935
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://app.bigonline.top.enquetebbb.com.br/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://app.bigonline.top.enquetebbb.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=826802263&t=event&_s=2&dl=https%3A%2F%2Fapp.bigonline.top.enquetebbb.com.br%2F&ul=en-us&de=UTF-8&dt=Enquete%20BBB%20-%20Votar%20BBB%2023&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=URL&ea=app.bigonline.top.enquetebbb.com.br&_u=YADAAUABAAAAACAAI~&jid=&gjid=&cid=1513113727.1704198888&tid=UA-112625574-1&_gid=1831643438.1704198888&gtm=457e3bt0&gcd=11l1l1l1l1&dma=0&jsscut=1&z=160636585
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Jan 2024 22:10:21 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
51866
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=826802263&t=event&_s=3&dl=https%3A%2F%2Fapp.bigonline.top.enquetebbb.com.br%2F&ul=en-us&de=UTF-8&dt=Enquete%20BBB%20-%20Votar%20BBB%2023&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=protocolo&ea=https&_u=YADAAUABAAAAACAAI~&jid=&gjid=&cid=1513113727.1704198888&tid=UA-112625574-1&_gid=1831643438.1704198888&gtm=457e3bt0&gcd=11l1l1l1l1&dma=0&jsscut=1&z=1745833002
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Jan 2024 22:10:21 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
51866
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=826802263&t=event&_s=4&dl=https%3A%2F%2Fapp.bigonline.top.enquetebbb.com.br%2F&ul=en-us&de=UTF-8&dt=Enquete%20BBB%20-%20Votar%20BBB%2023&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=regiao&ea=local-novo&_u=YADAAUABAAAAACAAI~&jid=&gjid=&cid=1513113727.1704198888&tid=UA-112625574-1&_gid=1831643438.1704198888&gtm=457e3bt0&gcd=11l1l1l1l1&dma=0&jsscut=1&z=1239444537
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Jan 2024 22:10:21 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
51866
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=826802263&t=event&_s=5&dl=https%3A%2F%2Fapp.bigonline.top.enquetebbb.com.br%2F&ul=en-us&de=UTF-8&dt=Enquete%20BBB%20-%20Votar%20BBB%2023&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=servidor&ea=67.225.224.10&_u=YADAAUABAAAAACAAI~&jid=&gjid=&cid=1513113727.1704198888&tid=UA-112625574-1&_gid=1831643438.1704198888&gtm=457e3bt0&gcd=11l1l1l1l1&dma=0&jsscut=1&z=1870091268
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Jan 2024 22:10:21 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
51866
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/787761210/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/787761210/?random=1704198887845&cv=11&fst=1704198887845&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fapp.bigonline.top.enquetebbb.com.br%2F&hn=www.googleadservices.com&frm=0&tiba=Enquete%20BBB%20-%20Votar%20BBB%2023&auid=521350832.1704198888&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-787761210&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
091f904c37ce1d020c72330376797bc475f6f50969fa49efafdc474df3328d66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:47 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1253
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/787761210/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/787761210/?random=1704198887855&cv=11&fst=1704198887855&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fapp.bigonline.top.enquetebbb.com.br%2F&hn=www.googleadservices.com&frm=0&tiba=Enquete%20BBB%20-%20Votar%20BBB%2023&auid=521350832.1704198888&uamb=0&uaw=0&data=event%3Dapp.bigonline.top.enquetebbb.com.br%3Bevent_category%3DURL&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-787761210&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0e655d3e35382faf2c38e5e62debebb2b3081dc22d19dfccd6df871e4c93776a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:47 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1264
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/787761210/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/787761210/?random=1704198887861&cv=11&fst=1704198887861&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fapp.bigonline.top.enquetebbb.com.br%2F&hn=www.googleadservices.com&frm=0&tiba=Enquete%20BBB%20-%20Votar%20BBB%2023&auid=521350832.1704198888&uamb=0&uaw=0&data=event%3Dhttps%3Bevent_category%3Dprotocolo&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-787761210&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eeadff4c682623d1cd12f60d7d620011353d20db4ad1970a9f8dbd16885ea2b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:47 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1264
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/787761210/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/787761210/?random=1704198887868&cv=11&fst=1704198887868&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fapp.bigonline.top.enquetebbb.com.br%2F&hn=www.googleadservices.com&frm=0&tiba=Enquete%20BBB%20-%20Votar%20BBB%2023&auid=521350832.1704198888&uamb=0&uaw=0&data=event%3Dlocal-novo%3Bevent_category%3Dregiao&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-787761210&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e38543f876939c7f65bdb621d90f583f7aec2630b4f8ec29384c4e304b13810b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:47 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1270
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/787761210/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/787761210/?random=1704198887873&cv=11&fst=1704198887873&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fapp.bigonline.top.enquetebbb.com.br%2F&hn=www.googleadservices.com&frm=0&tiba=Enquete%20BBB%20-%20Votar%20BBB%2023&auid=521350832.1704198888&uamb=0&uaw=0&data=event%3D67.225.224.10%3Bevent_category%3Dservidor&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-787761210&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
84db822bb001b2f43a9cd40db01c803168cad26b89be3c740bc8dec1cafcc063
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:47 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1273
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/10985823641/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10985823641/?random=1704198887890&cv=11&fst=1704198887890&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fapp.bigonline.top.enquetebbb.com.br%2F&hn=www.googleadservices.com&frm=0&tiba=Enquete%20BBB%20-%20Votar%20BBB%2023&auid=521350832.1704198888&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10985823641&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3d405e4cee91060ee3933df68f542563c72f28da14e30b666d8b87f8dfe78949
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:47 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1270
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/10985823641/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10985823641/?random=1704198887904&cv=11&fst=1704198887904&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fapp.bigonline.top.enquetebbb.com.br%2F&hn=www.googleadservices.com&frm=0&tiba=Enquete%20BBB%20-%20Votar%20BBB%2023&auid=521350832.1704198888&uamb=0&uaw=0&data=event%3Dapp.bigonline.top.enquetebbb.com.br%3Bevent_category%3DURL&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10985823641&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5c2279c3f32586cb1a79d9a7b25ac4e04e0559ae77705bac72b4dfa1db29de21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:47 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/10985823641/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10985823641/?random=1704198887909&cv=11&fst=1704198887909&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fapp.bigonline.top.enquetebbb.com.br%2F&hn=www.googleadservices.com&frm=0&tiba=Enquete%20BBB%20-%20Votar%20BBB%2023&auid=521350832.1704198888&uamb=0&uaw=0&data=event%3Dhttps%3Bevent_category%3Dprotocolo&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10985823641&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b28bb4f6c1233693a4e891fafff6bda6a26fc0b75440238774babcdcf068146f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:47 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1284
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/10985823641/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10985823641/?random=1704198887913&cv=11&fst=1704198887913&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fapp.bigonline.top.enquetebbb.com.br%2F&hn=www.googleadservices.com&frm=0&tiba=Enquete%20BBB%20-%20Votar%20BBB%2023&auid=521350832.1704198888&uamb=0&uaw=0&data=event%3Dlocal-novo%3Bevent_category%3Dregiao&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10985823641&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ed1f1280767284ad2052156ac8da97e432a076a69dbea400af6ed0077cb26978
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:47 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1286
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/10985823641/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10985823641/?random=1704198887916&cv=11&fst=1704198887916&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fapp.bigonline.top.enquetebbb.com.br%2F&hn=www.googleadservices.com&frm=0&tiba=Enquete%20BBB%20-%20Votar%20BBB%2023&auid=521350832.1704198888&uamb=0&uaw=0&data=event%3D67.225.224.10%3Bevent_category%3Dservidor&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10985823641&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6168c03ffe3f1dc89480d5182c3afd390a66315137a9acd5b233483e0b4fc94b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:47 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1296
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		2 B
149 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-112625574-1&cid=1513113727.1704198888&jid=1420598024&gjid=700355992&_gid=1831643438.1704198888&_u=YADAAUAAAAAAACAAI~&z=127081973
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://app.bigonline.top.enquetebbb.com.br/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 02 Jan 2024 12:34:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://app.bigonline.top.enquetebbb.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 36A5 		246 KB
60 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6330018069195839&output=html&adk=1812271804&adf=3025194257&lmt=1704198887&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fapp.bigonline.top.enquetebbb.com.br%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704198887598&bpp=4&bdt=180&idt=360&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1382143617713&frm=20&pv=2&ga_vid=1513113727.1704198888&ga_sid=1704198888&ga_hid=826802263&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795922%2C95320884&oid=2&pvsid=1575176703098264&tmod=1392576887&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=375
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b0d021c949fbec9adc0ac9b984ec89334613a28f1b92c9409f71a4a2bb1fe07f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://app.bigonline.top.enquetebbb.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
61373
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 12:34:48 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.google.com/pagead/1p-user-list/787761210/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/787761210/?random=1704198887855&cv=11&fst=1704196800000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fapp.bigonline.top.enquetebbb.com.br%2F&frm=0&tiba=Enquete%20BBB%20-%20Votar%20BBB%2023&data=event%3Dapp.bigonline.top.enquetebbb.com.br%3Bevent_category%3DURL&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_XBkP7RZ2pMhkU2dK95T--WWccQQaEw&random=893291414&rmt_tld=0&ipr=y
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:48 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/787761210/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/787761210/?random=1704198887845&cv=11&fst=1704196800000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fapp.bigonline.top.enquetebbb.com.br%2F&frm=0&tiba=Enquete%20BBB%20-%20Votar%20BBB%2023&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_ZegDC8CkdGBTq9aN6xGds0hIjogRSw&random=1077690160&rmt_tld=0&ipr=y
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:48 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/787761210/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/787761210/?random=1704198887861&cv=11&fst=1704196800000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fapp.bigonline.top.enquetebbb.com.br%2F&frm=0&tiba=Enquete%20BBB%20-%20Votar%20BBB%2023&data=event%3Dhttps%3Bevent_category%3Dprotocolo&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_N1PPlGTLYMFnVaTyJSAr_IkHSxbgwA&random=850729041&rmt_tld=0&ipr=y
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:48 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/787761210/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/787761210/?random=1704198887868&cv=11&fst=1704196800000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fapp.bigonline.top.enquetebbb.com.br%2F&frm=0&tiba=Enquete%20BBB%20-%20Votar%20BBB%2023&data=event%3Dlocal-novo%3Bevent_category%3Dregiao&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_ERADYo5Ma381iaG1A4ri2YfvG6TMjw&random=2059152844&rmt_tld=0&ipr=y
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:48 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/787761210/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/787761210/?random=1704198887873&cv=11&fst=1704196800000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fapp.bigonline.top.enquetebbb.com.br%2F&frm=0&tiba=Enquete%20BBB%20-%20Votar%20BBB%2023&data=event%3D67.225.224.10%3Bevent_category%3Dservidor&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_Zlvh5RGM09dO7vuM3CftNgp4g9hLkw&random=674707998&rmt_tld=0&ipr=y
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:48 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/10985823641/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/10985823641/?random=1704198887890&cv=11&fst=1704196800000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fapp.bigonline.top.enquetebbb.com.br%2F&frm=0&tiba=Enquete%20BBB%20-%20Votar%20BBB%2023&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_rDAEdgbmhoBBANWoWip0mtTgtCoI6x6HiTBWXF4yxB9H1Kbr&random=3807554657&rmt_tld=0&ipr=y
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:48 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/10985823641/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/10985823641/?random=1704198887904&cv=11&fst=1704196800000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fapp.bigonline.top.enquetebbb.com.br%2F&frm=0&tiba=Enquete%20BBB%20-%20Votar%20BBB%2023&data=event%3Dapp.bigonline.top.enquetebbb.com.br%3Bevent_category%3DURL&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_ROlEAvY8llcQMm-hechpo0nl4MiaMhFqQBXaxEAH3qCHerrq&random=3080067278&rmt_tld=0&ipr=y
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:48 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/10985823641/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/10985823641/?random=1704198887909&cv=11&fst=1704196800000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fapp.bigonline.top.enquetebbb.com.br%2F&frm=0&tiba=Enquete%20BBB%20-%20Votar%20BBB%2023&data=event%3Dhttps%3Bevent_category%3Dprotocolo&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_2tyrNaPwcjpMYxvqtUWzDUnSDFvoh-guF6FDVPrREFR5l_Ep&random=4066529761&rmt_tld=0&ipr=y
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:48 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/10985823641/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/10985823641/?random=1704198887913&cv=11&fst=1704196800000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fapp.bigonline.top.enquetebbb.com.br%2F&frm=0&tiba=Enquete%20BBB%20-%20Votar%20BBB%2023&data=event%3Dlocal-novo%3Bevent_category%3Dregiao&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_BPZtmQUXWSv99nmmwzUsuB-9xJkqXFP2n3LYzEddcXenZL2Q&random=1598712030&rmt_tld=0&ipr=y
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:48 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/10985823641/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/10985823641/?random=1704198887916&cv=11&fst=1704196800000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fapp.bigonline.top.enquetebbb.com.br%2F&frm=0&tiba=Enquete%20BBB%20-%20Votar%20BBB%2023&data=event%3D67.225.224.10%3Bevent_category%3Dservidor&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_HehQz5HoMNqAprZbIPrTMWDT-flRtChyqwTKN1u0rRqBByWV&random=1094345380&rmt_tld=0&ipr=y
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:48 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-112625574-1&cid=1513113727.1704198888&jid=1420598024&_u=YADAAUAAAAAAACAAI~&z=2090202020
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ 		17 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:300,400,500,600,700|Roboto:300,400,500,700
Requested by
Host: cdn6.votarenquete.com.br
URL: https://cdn6.votarenquete.com.br/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ae64813d3c5cf8a1ae3304ab6fcc80b28a728296984e4289c64aa6d630e06bf5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn6.votarenquete.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 02 Jan 2024 12:34:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 12:26:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Jan 2024 12:34:48 GMT
css
fonts.googleapis.com/ 		22 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,700
Requested by
Host: cdn6.votarenquete.com.br
URL: https://cdn6.votarenquete.com.br/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
69a8bbf88282d2cf6e4f975cf238fd71adec2a5c98195bfb7a9a86d888b80b79
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn6.votarenquete.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 02 Jan 2024 12:34:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 10:34:53 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Jan 2024 12:34:48 GMT
home-4-shape.png
cdn6.votarenquete.com.br/image/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image/home-4-shape.png
Requested by
Host: cdn6.votarenquete.com.br
URL: https://cdn6.votarenquete.com.br/css/config.css?v=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
a358b26ef00f7e937fd9baf7269222496202ce0eb3f48614b40de678b3182c7b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn6.votarenquete.com.br/css/config.css?v=5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 03:17:14 GMT
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK52-P4
age
7636654
x-cache
Hit from cloudfront
content-length
6051
last-modified
Wed, 27 Feb 2019 02:22:58 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DQH9%2BmZGn7rXDbOivwEhZj7IzppflG41nlQnGdDutC0t6krDswL2N8NRTIaBpA56JQ3liuLQ88F0ybiCEddJJdxAoxQVCH2qIqzdDRwqn%2FRl7Q%2FFoBXtJvzCE%2FLqljyMq0xfqnc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
811ac00cbe202042-IAD
x-amz-cf-id
nKMPkg07JsLSzj-uFUsKP4x7O-sbwL_bzLiBZb6hHLgLfe7ONnCycw==
expires
Sun, 05 Nov 2023 03:17:14 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,400,500,600,700|Roboto:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://app.bigonline.top.enquetebbb.com.br
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 19:41:38 GMT
x-content-type-options
nosniff
age
579190
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Dec 2024 19:41:38 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,400,500,600,700|Roboto:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://app.bigonline.top.enquetebbb.com.br
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 02:33:35 GMT
x-content-type-options
nosniff
age
554473
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 26 Dec 2024 02:33:35 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,400,500,600,700|Roboto:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://app.bigonline.top.enquetebbb.com.br
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 08:15:11 GMT
x-content-type-options
nosniff
age
533977
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 26 Dec 2024 08:15:11 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 43B2 		730 B
383 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6330018069195839&output=html&h=280&slotname=3146450979&adk=597137813&adf=3932325209&pi=t.ma~as.3146450979&w=1170&fwrn=4&fwrnh=100&lmt=1704198888&rafmt=1&format=1170x280&url=https%3A%2F%2Fapp.bigonline.top.enquetebbb.com.br%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704198888315&bpp=19&bdt=897&idt=19&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1382143617713&frm=20&pv=1&ga_vid=1513113727.1704198888&ga_sid=1704198888&ga_hid=826802263&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=278&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795922%2C95320884&oid=2&pvsid=1575176703098264&tmod=1392576887&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=26
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d8eebfd90e3568dbb47b08fb67619f05bc6306eff7fd2e65e9920b34891cafe5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://app.bigonline.top.enquetebbb.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
362
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 12:34:48 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,400,500,600,700|Roboto:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://app.bigonline.top.enquetebbb.com.br
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 17:06:49 GMT
x-content-type-options
nosniff
age
588479
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Dec 2024 17:06:49 GMT
fontawesome-webfont.woff2
cdn6.votarenquete.com.br/fonts/ 		65 KB
66 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn6.votarenquete.com.br/fonts/fontawesome-webfont.woff2?v=4.5.0
Requested by
Host: cdn6.votarenquete.com.br
URL: https://cdn6.votarenquete.com.br/css/font-awesome.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://cdn6.votarenquete.com.br/css/font-awesome.min.css
Origin
https://app.bigonline.top.enquetebbb.com.br
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 09:26:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via
1.1 81f6e2ac3fa39dd60cef7bf9b26cb306.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P4
age
6232119
x-cache
Hit from cloudfront
last-modified
Tue, 26 Feb 2019 14:59:12 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lquRyBBXsrWLa30wt6iGvtYXFcNX2ANFiPoDPklku%2FeTedCpthxxgIX7b58M08P51uPELF7ePGzhIAAtXr18NYDYYzqLnK4gqParkYowUkWzFdTZMiTqmojRfKku95UsMD1o378%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=2592000
cf-ray
81a0b272196b07f9-IAD
x-amz-cf-id
moSjVkcEpOh0GvXozpdgADVvxBRjkXKKqPtDUCV_qFq0JDdMzvHKcg==
expires
Tue, 21 Nov 2023 09:26:09 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 4511 		730 B
385 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6330018069195839&output=html&h=250&slotname=2120920013&adk=2552748265&adf=288130833&pi=t.ma~as.2120920013&w=300&lmt=1704198888&format=300x250&url=https%3A%2F%2Fapp.bigonline.top.enquetebbb.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704198888351&bpp=18&bdt=934&idt=18&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280&nras=1&correlator=1382143617713&frm=20&pv=1&ga_vid=1513113727.1704198888&ga_sid=1704198888&ga_hid=826802263&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1115&ady=1687&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795922%2C95320884&oid=2&pvsid=1575176703098264&tmod=1392576887&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=24
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1293b5fad35816536947c4cd7a6487642b4646783a0c8aa2ac6acb1522e769f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://app.bigonline.top.enquetebbb.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
364
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 12:34:48 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		46 KB
17 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1575176703098264&correlator=1704768299793796&eid=31079957%2C31080078%2C31080122&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&iu_parts=21757894217%2Cvotarenquete&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C970x90%7C468x60%7C320x50%7C728x90&fluid=height&ifi=4&didk=342360424&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1704198888410&lmt=1704198888&adxs=1130&adys=1976&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fapp.bigonline.top.enquetebbb.com.br%2F&vis=1&psz=300x0&msz=300x0&fws=4&ohw=1600&ga_vid=1513113727.1704198888&ga_sid=1704198888&ga_hid=826802263&ga_fc=true&dlt=1704198887418&idt=334&adks=1592039126&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
721e552350ba1a85ec105f996266ced8140214913fcf3ab625de8987e911714b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 12:34:48 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17450
x-xss-protection
0
google-lineitem-id
5187012887
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138289594003
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://app.bigonline.top.enquetebbb.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2B7D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://app.bigonline.top.enquetebbb.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 12:34:48 GMT
expires
Wed, 01 Jan 2025 12:34:48 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame F6B7 		730 B
385 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6330018069195839&output=html&h=212&slotname=1184555942&adk=2187097866&adf=3548294649&pi=t.ma~as.1184555942&w=850&lmt=1704198888&rafmt=11&format=850x212&url=https%3A%2F%2Fapp.bigonline.top.enquetebbb.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704198888436&bpp=9&bdt=1018&idt=9&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280%2C300x250&nras=1&correlator=1382143617713&frm=20&pv=1&ga_vid=1513113727.1704198888&ga_sid=1704198888&ga_hid=826802263&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=3721&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795922%2C95320884&oid=2&pvsid=1575176703098264&tmod=1392576887&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=13
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
beed418c15d8ba53d4614855c0726610bffcb08c121dd3f1e94748e538255902
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://app.bigonline.top.enquetebbb.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
364
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 12:34:48 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 5D19 		48 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6330018069195839&output=html&h=250&slotname=2120920013&adk=2552748265&adf=685434138&pi=t.ma~as.2120920013&w=300&lmt=1704198888&format=300x250&url=https%3A%2F%2Fapp.bigonline.top.enquetebbb.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704198888483&bpp=6&bdt=1065&idt=6&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280%2C300x250%2C850x212&nras=1&correlator=1382143617713&frm=20&pv=1&ga_vid=1513113727.1704198888&ga_sid=1704198888&ga_hid=826802263&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1115&ady=3423&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795922%2C95320884&oid=2&pvsid=1575176703098264&tmod=1392576887&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=3&fsb=1&dtd=11
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ce88d5f642b64bdbe3a09a2e13737547a729486da6ef009399f67c1cb4236504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://app.bigonline.top.enquetebbb.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
19817
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 12:34:48 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame E705 		730 B
385 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6330018069195839&output=html&h=928&slotname=9391698467&adk=3839019563&adf=3537906732&pi=t.ma~as.9391698467&w=270&cr_col=1&cr_row=13&fwrn=2&lmt=1704198888&rafmt=9&format=270x928&url=https%3A%2F%2Fapp.bigonline.top.enquetebbb.com.br%2F&ea=0&crui=image_sidebyside&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704198888500&bpp=3&bdt=1083&idt=3&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280%2C300x250%2C850x212%2C300x250&nras=1&correlator=1382143617713&frm=20&pv=1&ga_vid=1513113727.1704198888&ga_sid=1704198888&ga_hid=826802263&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1115&ady=3779&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795922%2C95320884&oid=2&pvsid=1575176703098264&tmod=1392576887&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=4&fsb=1&dtd=7
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fe72a7069b1925cfeca98dbd05d4a65798214f22bd79c83ab42f1551140cf1f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://app.bigonline.top.enquetebbb.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
364
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 12:34:48 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
image_resize.php
cdn6.votarenquete.com.br/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=400&h=600&q=1&src=image/participantes/aline-wirley-bbb23.jpg
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
7bc7f37f61c6e04925175ad3bae04e63dc87643550c96bced48b217cde40a99e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 13:44:28 GMT
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK52-P4
age
255020
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Sat, 30 Dec 2023 13:44:28 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3s7WPKEwIAgfg%2FFsveQP8cjo3%2BOhYKkKHpYXb5siLX0VDFLVfbpHVsx0nBrR63u3u3kcrEDp%2BvUUfQs9uOXDvWN6u907oeVl38OnUFI65iZCyb3B2ThD%2BZxBQ522aWT3lpwEavs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
83dab7bcb9b80a89-IAD
x-amz-cf-id
80hftPbM5vB-6FPngRj8RhP-zKYcqpstUmQToO-Gg9DLt44G2VdCKA==
expires
Tue, 09 Jan 2024 13:44:28 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=400&h=600&q=1&src=image/participantes/amanda-bbb23.jpg
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
8ff4a30392a3966fe5af95652920fef78fbceaa1f6a8c9f474c28af36de5cc08
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 03:31:37 GMT
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK52-P4
age
7635791
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Fri, 06 Oct 2023 03:31:37 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DoW6su938hTMiwBkEsW7kK7kNwL1OIMX0XcbInFcCVKDwSCOrzKFMGl7iaCSzqjWuPWCUS151bWiX1MdXJjdfv5bzYMJR7XdMsCchlQIThn%2B5eO%2F1gYNKQ%2BWvn2FoDBXSqn7UAY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
811ad51ec9bd585a-IAD
x-amz-cf-id
BEUfg4dELqK9mVYDXp6w9I5VT0WjiNF5crK8end-4ft4QK9wDSZLpQ==
expires
Mon, 16 Oct 2023 03:31:37 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=400&h=600&q=1&src=image/participantes/bruna-griphao-bbb23.jpg
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
db5f08f71cb73a6d0b162b0e1e87d59d269e83b2ef414c2b1688ad7831340469
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 18:01:43 GMT
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK52-P4
age
239585
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Sat, 30 Dec 2023 18:01:43 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CEa8qVRQrq0D7nkkDr3t%2FAvwY6UIkUietmbLJq13iOgyb%2BGWGw1ebYxq8Ry%2Bbb7njRshc5vPEbkCyzzv4ePDJOdj42wx3vIYhh5rEPg24P%2BUmRbAdo8HSOHhkIOYl9fA6sAM5oQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
83dc309098a820a6-IAD
x-amz-cf-id
yDaE8YO01_Rk2ETOp9_YGbtWtV-vLpNzb6XwQTTCKk2bmIRRBfG8cw==
expires
Tue, 09 Jan 2024 18:01:43 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=400&h=600&q=1&src=image/participantes/bruno-bbb23.jpg
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
3f0286b191e52b5e7af22af3a3056958fa411c8a7861ec57eb4d5c96d39314d6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 03:31:37 GMT
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK52-P4
age
7635791
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Fri, 06 Oct 2023 03:31:37 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bTiPCkNYb5m8DD6XpBLWTLJ%2BMmm6ReXHxZG%2Bkd2u5juW1Gz%2BkkNMBQgCf8%2BQpmQsQJCT8ofFu0T4vpiiWUqYRyKpJto0qSGBLZEC6X78tAxjFe2g1%2FlJfOCYdFCfk%2BtAVMBDsf4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
811ad51ecbef81dc-IAD
x-amz-cf-id
qnfJqJTJnY21f2pMSiVOGFiqd2waF8_x1AgKl5VES9UVNM9qH7WD7w==
expires
Mon, 16 Oct 2023 03:31:37 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=400&h=600&q=1&src=image/participantes/antonio-cara-de-sapato-jr-bbb23.jpg
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
24e9ed9eab09216ff15ca9714caf4c6334d318b0997bcac6e72c5029d1d93f43
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 31 Dec 2023 02:30:10 GMT
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK52-P4
age
209078
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Sun, 31 Dec 2023 02:30:10 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XWmGciRPNmpgV%2Fh0zl9vfMGLuT8HEM727xeP5cGVrA6iLQpeYyFO7HgS7LHMVZ8QKkJWxdhEkldP8ffdQcqhty59dml18mZs%2FD1%2F5k2%2Bb8413pQ5PdB6ee4kEr%2B3PgCxX3bImko%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
83df195cce9a3b11-IAD
x-amz-cf-id
JPRXC4HC9Oxc7sKeEEbh2PlOEZSZ9f3Kt3U_1wuttHq5y_84dAzZTg==
expires
Wed, 10 Jan 2024 02:30:10 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=400&h=600&q=1&src=image/participantes/tina-bbb23.jpg
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
9dd5584140f2ec5ed5c5f39b20ba0800c742c6a60b621c97d972b4239fc6b1fa
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 08 Nov 2023 10:33:46 GMT
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK52-P4
age
4759262
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Wed, 08 Nov 2023 10:33:46 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RtuzqxXszgED408NsIf4TPlsEM0%2FZts8m2%2B%2B2Oavtua%2B6J41GCutXxJN5k8Aq4sFshSVAV%2Bh2DGookdeDHkiEqkWpI1Rjgf0PzVp6AlRGwqWYCjC%2FsM2L3FOYLby%2BpjuuD8Zfqc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
822d28e0cf64818b-IAD
x-amz-cf-id
iAwHYNDEYx7VvOkhslbHRM5psO0Jw5lmN3Zv4JDuIgcxp3_TjUp8Ow==
expires
Sat, 18 Nov 2023 10:33:46 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=400&h=600&q=1&src=image/participantes/sarah-aline-bbb23.jpg
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
59ba03a159f5d0adaf5cc34aa67bd34884b8fab72a1e351b296fb2308f77de58
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 13:44:29 GMT
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK52-P4
age
255019
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Sat, 30 Dec 2023 13:44:29 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sSvS4XMzkz%2FxPObLyghHngXsEkkGO49nJPbfolxvVBtSovs28gGc2A64L56nrqm4Fa6RojxTx%2FkSzV7mcJYDlclImUQ7c8t0gHtmNZs2lEx%2FtTvPO6kWLM7I%2FtMQaQsidBPkKlA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
83dab7bc9e222417-IAD
x-amz-cf-id
UTBPAidxyTSxBi1mak_R3wG6wloH6DUL062D4rqMs0XPn0jFh2jCtg==
expires
Tue, 09 Jan 2024 13:44:29 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=400&h=600&q=1&src=image/participantes/ricardo-bbb23.jpg
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
3de9f5231882b16bddccb492d140b88a3b7b2fd80d36c3f9d382b821779515c2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 06:16:37 GMT
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK52-P4
age
368291
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Fri, 29 Dec 2023 06:16:37 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vQFVYtwAm3BdtsEZeQd4R0IhFZ3fl9DFB%2BeA4Qa%2BHYhvsNN55WRJYc2YIxgUms19mHd%2BoIw0PR5MwPKBYfKCwsXlGLD7d1Z1c5%2BAkBKfEkhy%2FGpRtheRyj3ANk30HkxI61mj2F4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
83cfea51b9512d26-IAD
x-amz-cf-id
mcPnUPuTPoc8i9wbmX_Vw3TEO381NhdKnAlpN_4vrG3WhwvpNlb6ww==
expires
Mon, 08 Jan 2024 06:16:37 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=400&h=600&q=1&src=image/participantes/paula-casa-de-vidro-bbb23.jpg
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
347c1aa4c3fc3dfe7f611d1f237b919e6e500e0c5e582920d380d8d5b5787e4e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 09:56:04 GMT
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK52-P4
age
2601524
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Sun, 03 Dec 2023 09:56:04 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k%2FThiwEWlgWtcrOwnwXSYb6%2F81E5g3qZzMNSRfjpC%2FWJZrYOI0oJSCm7VR4uq9QS%2BDzKko7SbHANbu%2BkfYN%2BXz2Z0XEIcUbOsEb2scX8EKcU0rVwflQoGeC76OEFcqQYT2MQdB8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
82faf00889642060-IAD
x-amz-cf-id
Yt6Ek7gVZzEW25bgVkKgkbiuKWoAOWpzaHJBqax2innwSMVfoEHsvw==
expires
Wed, 13 Dec 2023 09:56:04 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=400&h=600&q=1&src=image/participantes/mc-guime-bbb23.jpg
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
beecff1ab9cca2203c9e18df18f3146c174efdcc8ecebe6a5995a9a3039e973e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 05 Nov 2023 00:19:48 GMT
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK52-P4
age
5055300
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Sun, 05 Nov 2023 00:19:48 GMT
server
cloudflare
cf-railgun
direct (waiting for pending WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PB8SH22vD0wPBt8XjBOShtucHk70unP83bak%2FHPLaXVwZQaBq4KbKcqzFSbppmK09pZiREDJTYT494wKZcVuhzQ300TB79hfWZGIGzSLQmFazm8d9pYl%2Bhs85cYluWrwKj%2Bj75k%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
8210ed64ace8819f-IAD
x-amz-cf-id
44jWV70uNI839diKcGzxL5PX1WEyExd5i5v5OMG39wmqlEMa_cLovQ==
expires
Wed, 15 Nov 2023 00:19:48 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame A6FB 		730 B
384 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6330018069195839&output=html&h=212&slotname=1184555942&adk=2187097866&adf=316346021&pi=t.ma~as.1184555942&w=850&lmt=1704198888&rafmt=11&format=850x212&url=https%3A%2F%2Fapp.bigonline.top.enquetebbb.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704198888463&bpp=9&bdt=1045&idt=10&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280%2C300x250%2C850x212%2C300x250%2C270x928&nras=1&correlator=1382143617713&frm=20&pv=1&ga_vid=1513113727.1704198888&ga_sid=1704198888&ga_hid=826802263&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=215&ady=4582&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795922%2C95320884&oid=2&pvsid=1575176703098264&tmod=1392576887&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=1152&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=5&fsb=1&dtd=116
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b5186a7465255e973dc0cc06762cfc741d0a75d12a9f570fa04a147289cfd5e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://app.bigonline.top.enquetebbb.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
363
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 12:34:48 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		284 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 12:34:48 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
2605
etag
W/"e3be409ac3c100e2a5d3f264ec260551"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
83f309ce0db24bd5-BUF
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Fri, 05 Jan 2024 12:34:48 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		90 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/dfp/49fd207b-10c8-4894-9b57-08d90e6f6fd7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
93dbf285b7283b07c10f9deea83270dab1b12efe52d3d155dd921e5780dda3f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 12:34:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29199
x-xss-protection
0
server
cafe
etag
857 / 19724 / m202312060101 / config-hash: 12947993814115561758
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 02 Jan 2024 12:34:48 GMT
pbjs-min.js
tags.premiumads.com.br/scripts/ 		394 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/dfp/49fd207b-10c8-4894-9b57-08d90e6f6fd7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
cf2e9bbdef32f1bd4e75dd8e1ecf2e7fa61697babb54f4d7e502445608b0d399
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 12:34:48 GMT
strict-transport-security
max-age=2592000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
417788
x-powered-by
ASP.NET
request-context
appId=cid-v1:7814785e-b65d-4def-8f8d-ccf729ea4107
last-modified
Thu, 30 Nov 2023 13:32:58 GMT
server
cloudflare
etag
W/"1da2391bb43c69d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fxxml%2BUb2%2BnjlN%2FZwZXwtqwQpBZYR0TlLf6%2BKhN%2BIrIzE%2BVW2Xm5hXmSiPXN3tdae6meuh30%2F6I9Yblj6LkudOnmjqYGaCbgsACBA6UhWghUM5vJ9lALhuBhWMDABkDgnabrY6BDIB5GTYG%2FrCKnnvDByys%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
public, max-age=31536000
cf-ray
83f309ce19514bd2-BUF
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
25a5de68d390f7c0ee9384f03a6f087c66bc3b6eb37c37f7351735770183017f

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 		160 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7b07bffbf21142fa51120eb03293d0d27d8e76099c8f55bb23d951ceca89bc31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 12:34:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56000
x-xss-protection
0
server
cafe
etag
5801105394885294221
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 02 Jan 2024 12:34:48 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=300&h=343&src=image/participantes/alicia-x-paiol-a-fazenda-15-P.jpg
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
e15550e747885311c9effdb1722fbfae193d29eba419ec65122678c4add2f3ea
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 19:58:59 GMT
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK52-P4
age
318949
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Fri, 29 Dec 2023 19:58:59 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GqVEerEYAmtgtbVncUfQPBgKHNQPfIaZKM6DCxSrz4kBlh4KCI1KlYRSjdz3s%2BBmjOEZhufwxZh9b5fGYh%2BCeRpVdY4dMqWIHnYnqPydLg8FVrJ8bJWvargKoxUN29CGVOK%2BD%2Fw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
83d49ef66a0657a2-IAD
x-amz-cf-id
ZP6zuObff7C4Lu1Uwr_D4Wdd0uY1bVVCl67nEFK1uOXX9oEioGll4Q==
expires
Mon, 08 Jan 2024 19:58:59 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=300&h=343&src=image/participantes/andre-goncalves-a-fazenda-15-P.jpg
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
40572fd0ffc5ae5e4b0c0a7d8d048532e7c149cc9511b78503965e795bed1f25
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 03:17:57 GMT
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK52-P4
age
2539011
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Mon, 04 Dec 2023 03:17:57 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pbGH5gDGiagJMpY0FjKz2bLEIbMG6TSIZFG1rhtm7adLbOD68eyN14bjlQp14IrQexiTPvBzsnVDCJ5h%2B7WahfpnktJU1yyar%2FZ73iwGSuBVO9EIDWNIC0IhEEK8CFvKcWsjkJg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
8300e637edf10778-IAD
x-amz-cf-id
se8wqDNnCF1aiGnxlusTHhviZhgMXZoQRDOm7TvW7f1zqbC1_RwjQQ==
expires
Thu, 14 Dec 2023 03:17:57 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=300&h=343&src=image/participantes/cariucha-a-fazenda-15-P.jpg
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
6d9778bc3f894f02e1907f4e2c4caae7f442521ccb76376958ea06ca7d3472af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 18:55:52 GMT
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK52-P4
age
1186736
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Tue, 19 Dec 2023 18:55:52 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KPe4V4R3uLKYh5SPT%2FC78VjcIvaCODvnks1AmvGrr7tVwHtT%2FD%2F%2BJdvRmeCWY9uyITk8zdf0oL%2FOUPNWcPWBtJ361HA%2FgQiBlz43R%2BCcA11gpbpa5RJQbCveggwKNc00rErokbM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
8381dcc2db2f07c5-IAD
x-amz-cf-id
ls62JT-2tvqF64ASD1_sc-zbVGrLzOfkaf9XLnnKeUfROqVTMvoD7Q==
expires
Fri, 29 Dec 2023 18:55:52 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=300&h=343&src=image/participantes/cezar-black-paiol-a-fazenda-15-P.jpg
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
d1384ae51e633ed5d189f6ef2383a0d23540c897cd21566cb70155ae8fb1e478
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 03:17:17 GMT
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK52-P4
age
7636651
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Fri, 06 Oct 2023 03:17:17 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XquNOBPtXb0AlnDRYa1R%2FA4wTaT4Gxa3rqU0AgImneA3exs0I8d2%2FXjFS3%2BpmTxnizinqu1%2BTYkdMBEkJzsmL0VUPVDOhzjYunguuzRKzQOtLZLWZ%2BGJGDJyOx1%2F%2F4f3BRA1tnA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
811ac0218e113975-IAD
x-amz-cf-id
2WVQezeStr7U6z2lkY5QtDxmZUAvHNqAoRt6tshKyHG7onRHkyU_dg==
expires
Mon, 16 Oct 2023 03:17:17 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=300&h=343&src=image/participantes/darlan-cunha-a-fazenda-15-P.jpg
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
3c31f594d2c133ec20aef3e2def5e3ab3f136c84d536972fe074040a3873933b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 19:58:59 GMT
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK52-P4
age
318949
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Fri, 29 Dec 2023 19:58:59 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MGKwUZaohLBXlSKnPYxNNFDzVqF%2Bn5O65pcfSIWYEF4tVV3ysYWM3NNdzzYyeaSpjVNIkKc%2FEk2vifmK9sv09UZuDuJS56VNsKlW8ITE0mL94vwCS4uBfOK%2BdCCHNy%2B9uIbqoaM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
83d49ef61c883b12-IAD
x-amz-cf-id
NGuDyZ95HeFN36gBeXAvA8Lkf9ubsS1FE10V4VTb38uySyDcDQLGAw==
expires
Mon, 08 Jan 2024 19:58:59 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=300&h=343&src=image/participantes/henrique-martins-a-fazenda-15-P.jpg
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
a5c2728e77ced2a8d93431b63c328adfd0900eb8364c82552870de9da43a2233
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 19:58:59 GMT
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK52-P4
age
318949
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Fri, 29 Dec 2023 19:58:59 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q7o5vQexrUEYuy%2BF1ODzegcGSqXfUW60cLvKXj8%2FcxL6aV4l7g030CZBcNQxPDELQkSO7l2VGvmhF131QiWdSxMEeO%2FQ1nOVB80Cw%2B6J0VBpuWP8DDxl1eWqr653g7lNo45IHHc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
83d49ef63cab1fd6-IAD
x-amz-cf-id
0ivlgKALmv_eHRDTB9Y2nWnjEzIt1xEcgxWtgY4PE2GijEJ2QY2-_g==
expires
Mon, 08 Jan 2024 19:58:59 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=300&h=343&src=image/participantes/jaquelline-grohalski-a-fazenda-15-P.jpg
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
d514665695568bb918c9c1265aa93e2542c9d3090ac1480dfee8468d2a2f8e68
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 03:17:57 GMT
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK52-P4
age
2539011
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Mon, 04 Dec 2023 03:17:57 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GgimkHCkOLu0LQeT7rAgi9p5GMBpkBVYjN5EyLv5tYGpYS%2FBLz%2Bnw9%2FxrXNw1mwCyHVvegYAdYXeVq5peJ%2FCdRvX7N%2Bid2TMqC9pzWVAKl3C0Rsk1ZWAteskdD8zsSxEDyZFYGc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
8300e6380d6f3908-IAD
x-amz-cf-id
-26P1ZwuploZbehej3iLiOc9txTVbZi6xwx20E0c0e_M8dAKItAk8A==
expires
Thu, 14 Dec 2023 03:17:57 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=300&h=343&src=image/participantes/jenny-miranda-a-fazenda-15-P.jpg
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
ec35218519989e415ada36f932815d10628420e6d7c0bf2ac06d0e29ff980cab
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 19:58:59 GMT
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK52-P4
age
318949
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Fri, 29 Dec 2023 19:58:59 GMT
server
cloudflare
cf-railgun
direct (waiting for pending WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YlMMnqyB6MG%2FNv%2FvAKU%2BlZWy4oF%2BnYmjenf2tqZmM4prrnZPRMcxfLomnljj4eC1ykEcA%2BYumqgL0fuhi91IXX9%2BFA%2BK%2F6sj6aCP3OyjpFqdUG%2B85UYXu1PV0rc1COc5qnFMFFQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
83d49ef65c2472ed-IAD
x-amz-cf-id
tRj7dQGRnI7tae5Uy9X_wvodZjqVbaVtkE7qrj8flbx4hyka_qvpbg==
expires
Mon, 08 Jan 2024 19:58:59 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=300&h=343&src=image/participantes/kally-fonseca-a-fazenda-15-P.jpg
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
601b37db618f94ca70bd1d16390d3fea996fe6c956bee4a2a93d817dfc255cbb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 18:01:45 GMT
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK52-P4
age
239583
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Sat, 30 Dec 2023 18:01:45 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qVsV7ezucTczJGMha4TwvXbeDlCuPsOuBPdnMcEERfHLEM1T4jFuV17KmlsVTEBbP6l7FpF6nfKcp4mr%2BKzwwD6Wjf%2Bdpn42S4ei68CsgiaEhbk0dq2SvyboYGg8tiA8lCWhPO4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
83dc309d8da5062f-IAD
x-amz-cf-id
plDxqE5gEej9YqSDgrgKKUTQkrame5nnj-GW-7HVButIFTJI7OFYMQ==
expires
Tue, 09 Jan 2024 18:01:45 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=300&h=343&src=image/participantes/kamila-simioni-a-fazenda-15-P.jpg
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
d2b62eac63a8beed205970c42627ef3fda865187eb074a15a22f9591bbc94b6c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 03:38:17 GMT
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK52-P4
age
2019391
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Sun, 10 Dec 2023 03:38:17 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rLup%2FFx2RQXcQZj%2B%2BKlQbf3sxwjDC0ibAKhau9vsSkLxW8ejoHLrX%2FOneDWaN%2F%2BoTe1wI99aArVOCksQLBiu3%2FZSON9VnHhzN84RcnX2%2Bne6tYAtbJb8xIzp1DtqWNNjdsrXRjA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
833274425df29c34-IAD
x-amz-cf-id
SwebU4Hn0DohRwbIjQtq3ZKOH336ruTPheKXbNXDT_jf6AfFLXKLeg==
expires
Wed, 20 Dec 2023 03:38:17 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=300&h=343&src=image/participantes/lily-nobre-a-fazenda-15-P.jpg
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
a36c24ae7ba241bba601ac4e528f763966998f5b13e533f3288e5ef1272cdb43
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 03:31:32 GMT
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK52-P4
age
1674196
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Thu, 14 Dec 2023 03:31:32 GMT
server
cloudflare
cf-railgun
direct (waiting for pending WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LDAfK41MQjeUH5J2xhL8nu1QYFKiRLOPvCwKl4fP8gzBWxPcYGc15a9nnN7gfBqszBpYwtO%2BxmqFYLKyXhz2YvAKl4zLBpXayfcRafmQ5InSxlf6qNqQQpA0TE576RTUmNrqeTo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
83535fdf8a5c07d9-IAD
x-amz-cf-id
BiVt9DJDVPTHQQKvAMi-sTFiC3pAG5jum7GuLkfl41z92szNCmtFCw==
expires
Sun, 24 Dec 2023 03:31:32 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=300&h=343&src=image/participantes/lucas-souza-a-fazenda-15-P.jpg
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
087ac2cab95b209141be74e4b3a5adb057c721d2f2e77a4bbf0ad60a57d3ebb3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 10:42:28 GMT
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK52-P4
age
697940
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Mon, 25 Dec 2023 10:42:28 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uvGkB0gxpi1iwO%2BaxGfieEdSpV6hXxnnOnapIG1eOiseA2SeBERWGfECNu1O4B1PVa18VRDniKeEzS%2BCJJCvtjXyLXvkrSFlUq3YaWcXEaGayghCHXpJt%2FkBLtgIOIG5MIK6Jyg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
83b07a3c8b402432-IAD
x-amz-cf-id
IGq9Jz5LXDXuYiI8HK51RRaeT4KZOPOL7Z9N60jpZQ7Q8GRjqnLEAw==
expires
Thu, 04 Jan 2024 10:42:28 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=300&h=343&src=image/participantes/marcia-fu-a-fazenda-15-P.jpg
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
9254ffe1310ecb839ed25a69e4cc751bd8e1ab74a964b4c91d67cf3964eae29b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 00:21:50 GMT
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK52-P4
age
4623178
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Fri, 10 Nov 2023 00:21:50 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hHqGWIGQqi%2FF%2Fi2q41LplIzMJ1RPzKOkR7D5A5eCyswpmB1zsqXYKp7OmOcLCwc5qPjrEZMhr01GSGteK2alcmvO8kqTGexlJMSKSvuGeeIIZa0w5z5FG1hwXd7peikfgwSYBog%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
823a233cea0907b5-IAD
x-amz-cf-id
s5oD5H-hpJLtdCq83g0k9bHmjXbFEqMmJ_q6LNo-geh4guShF-qKqg==
expires
Mon, 20 Nov 2023 00:21:50 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=300&h=343&src=image/participantes/nadja-pessoa-paiol-a-fazenda-15-P.jpg
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
576868c925dedc43d47345bd0b908e1668e1c041a612cdbeecaf0d88d7a9c439
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 11:32:37 GMT
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK52-P4
age
435731
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Thu, 28 Dec 2023 11:32:37 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9AAK2nH1qzl6sFdKkD21LZOVmAedhejqFz8O5y%2FMZyVBuEDQV%2FgYyMzBqMPa1cWm3Exb2YLOTLRE5JICRBipICklN1WvMKtClVdUo4qKXRZUHDLguZpwiA1JzCWNHhOikA4JFn0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
83c97bd66d372f1e-IAD
x-amz-cf-id
LTD2STcoGRQEuq632F_3ExmBh-fUeFIlvqZlblslrrLLvkJ9_l85mA==
expires
Sun, 07 Jan 2024 11:32:37 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=300&h=343&src=image/participantes/nathalia-valente-a-fazenda-15-P.jpg
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
0c2bdea3699a8538b5e8cfa72687e278626ac46810f37efd8ee2ad9094fd7beb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 06:53:07 GMT
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK52-P4
age
1230101
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Tue, 19 Dec 2023 06:53:07 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HUVcj%2B8abDEJGeDHMX8GMUvl%2FuNKgAvff1ietS6or9mqDB0yvkxFlZWzuF2%2BD6KPJdXwkxXKrCHLsDNEzr4e7IetNVd%2Fx5lQKCWU8f4uDfHUvzDlNRAyF6AI7RPwfiElja9AX7c%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
837dba06a8413b95-IAD
x-amz-cf-id
GRmKX-oqKQHElIv8zpxdk6XBcmK9FfaOxY9zKMeCSFc53jN4m6BXyw==
expires
Fri, 29 Dec 2023 06:53:07 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=300&h=343&src=image/participantes/rachel-sheherazade-a-fazenda-15-P.jpg
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
25fdb817b24a548c69cd32f1420fb6a4e20a0aaf760b88c9a3179023a7432396
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 13:44:36 GMT
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK52-P4
age
255012
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Sat, 30 Dec 2023 13:44:36 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZRfYgtU05b28p34YM2MD2kb2iXcldNxRYe58suHQGuC7ns2XMR8%2Bk22xDtnsi7E8Yz0HCzEBaF6Et6u1w%2B80iA4j0XNAykyAGmMUFTPsjXNpJcCpDZ4aoKZIeACqAytEGD6eZ%2Bw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
83dab7eb39863920-IAD
x-amz-cf-id
tjnXPiHpDoBHY7u1-XYB3RNb6GizF-3vkIsYpbzEwEHcKLT9S92gdg==
expires
Tue, 09 Jan 2024 13:44:36 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=300&h=343&src=image/participantes/radames-martins-a-fazenda-15-P.jpg
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
078fb63c950a96d87ef24f2e116dea03aca44344d7fd55a34d649086564c684a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 21:13:34 GMT
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK52-P4
age
660074
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Mon, 25 Dec 2023 21:13:34 GMT
server
cloudflare
cf-railgun
direct (waiting for pending WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zHzVyutmuFzRuxSW2Gutx3hl4Fn3F7uPm66EQRwek6oHsKFAkIA8zj8mLTpg5UXGJ3UM1cF4nt10zs7Nq4wLDPwi7WvI46BDiI3NylKJYkP6FIMItI4kOhVci540qTpllv1aBno%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
83b416b8ceed8005-IAD
x-amz-cf-id
c0Acp99mg1bjxlHtpU6QZ8Xhnu1s48_roPYODB4QKzm-5IhdqhpQug==
expires
Thu, 04 Jan 2024 21:13:34 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=300&h=343&src=image/participantes/sander-mecca-a-fazenda-15-P.jpg
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
c6dbee1e15950de3f157c5074a3696c09914c4b31a7db5d5b8be692a17171046
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 01:31:52 GMT
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK52-P4
age
1249376
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Tue, 19 Dec 2023 01:31:52 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XqVh4ZEmLWgotcV2ilW3vwhmjeZtQZ1cyFsajONkbXOYVe9D4yUlSf0JOm0Scxq4u25Kt%2BHKrSby4IXT9x2cckwGM4qGeDOeATT00ostlTmYVow2scQZy2TqWp78y0AtoBEJaTg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
837be375b8232051-IAD
x-amz-cf-id
vSn9_XdIj9w1N4Os_mKZk4F7nSXGNr3_tmrQaStWN0KhRxw5L0mC3g==
expires
Fri, 29 Dec 2023 01:31:52 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=300&h=343&src=image/participantes/shayan-paiol-a-fazenda-15-P.jpg
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
c05e5b8993e3f1de70c94fb5864edd970728bc72422dd29878287881e1bf529d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 11:32:37 GMT
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK52-P4
age
435731
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Thu, 28 Dec 2023 11:32:37 GMT
server
cloudflare
cf-railgun
direct (waiting for pending WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TNUp0HSdAkeF2EADELmcUg7PVfu82MlG0gUeb%2Fiy9PaoMTinGqEcWQg8Ur863B9js1xzk6vEbmdEW7S1yXC1p4nKgs3K1eOWryZEFDEvgmwKsBGuyGDEY%2BA8qklwP%2Bs97qeiuKo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
83c97bd7fbc82f18-IAD
x-amz-cf-id
HNoYQh8NsCiYFYaNNKuWereFXL4xgNJpRvSB8QbIcDEiLhyOVWWW9A==
expires
Sun, 07 Jan 2024 11:32:37 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=300&h=343&src=image/participantes/tonzao-chagas-a-fazenda-15-P.jpg
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
2fda69f83698c870c477234b9495b934eae216985e3bf1568bcd689a7374d8f3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 03:17:39 GMT
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK52-P4
age
7636629
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Fri, 06 Oct 2023 03:17:39 GMT
server
cloudflare
cf-railgun
direct (starting new WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LRTuxnp0QYJ4%2BbIQhZaXG25V%2Fl%2FIMaSyo3hzH%2BScDekwcN0hFaxOC6NrF0E5GgNjcwbipQKMN2nGwonGaDXjSBE6QATVjobIO7cJM%2BNEku%2BusLinxRKr1SCFkf%2B4v7zIAx1zVX4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
811ac0a9c9042d0c-IAD
x-amz-cf-id
plUvj7stysYxofU_xwC-MvxhF5Mbc3RoeZtoYzBVL5SK2prHNHLnZg==
expires
Mon, 16 Oct 2023 03:17:39 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=300&h=343&src=image/participantes/wl-guimaraes-a-fazenda-15-P.jpg
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
e19c6f2ae2b4e3b5caf5a583f94d4eb9e95505c75be11fc528639c6e108f607d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 03:17:57 GMT
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK52-P4
age
2539011
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Mon, 04 Dec 2023 03:17:57 GMT
server
cloudflare
cf-railgun
direct (waiting for pending WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5CT2JpG3G0fB6tc3Bytm8LI0zmi3j2Vu8kBIWOJt02ss%2FiZbg1jmZOPsizFBtwGPenq0Z5eKW7wnlt1LWmvW%2FuO2pdtWv7WPv6CMwFkDIjvS%2BgjEz5tSDSDmKUI%2FTLnom%2BImuFs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
8300e6381a63829f-IAD
x-amz-cf-id
6dTeUP-2aOnyfAYgbSN9MuV_jqs0gkGiJYX-dIBP9mPxbB7QL37-gQ==
expires
Thu, 14 Dec 2023 03:17:57 GMT
image_resize.php
cdn6.votarenquete.com.br/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn6.votarenquete.com.br/image_resize.php?w=300&h=343&src=image/participantes/yuri-meirelles-a-fazenda-15-P.jpg
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-125.jfk52.r.cloudfront.net
Software
cloudflare /
Resource Hash
bdfb63a8bc54a1f786116dd76df21fed408dff0ab65577958009741f9762680d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 03:39:19 GMT
via
1.1 e4063174e49a72dbf23ed047ff7d7c56.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK52-P4
age
982529
x-cache
Hit from cloudfront
x-ua-compatible
IE=edge
last-modified
Fri, 22 Dec 2023 03:39:19 GMT
server
cloudflare
cf-railgun
direct (waiting for pending WAN connection)
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z5jgUrvFg0L9wcFgXyP%2BfOtT08QKwbHNHXCWE%2Fq1XQGBrWvqUgeRHTst6%2BhZ%2Br0Qe1hZcFPx%2B%2BhqNmFLGzzTnmFvE2gNUNVKLIPQ2fgnbcNn%2BSAIyiHbjuUna5q%2FsKDOJ2mGW6E%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=864000, must-revalidate
accept-ranges
none
cf-ray
83955648e9bd9c16-IAD
x-amz-cf-id
rGnQ9tvWCsohHjn4XUG2T1D0FadYJIn8yNQH1W5C5hKRBFAk9Vp8bQ==
expires
Mon, 01 Jan 2024 03:39:19 GMT
web
onesignal.com/api/v1/sync/189f3c55-1eac-49d0-ae7e-39bc97956f60/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/189f3c55-1eac-49d0-ae7e-39bc97956f60/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0cabf13da10ee8f91fe37f5c6b797154b1fce56930c0f1c54ae937e532bedfcc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 12:34:48 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
EXPIRED
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
2a5e52a7-c621-4037-a533-d6c1d897e24a
x-runtime
0.033118
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"0cabf13da10ee8f91fe37f5c6b797154"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
83f309cece334bd5-BUF
access-control-allow-headers
SDK-Version
expires
Tue, 02 Jan 2024 13:34:48 GMT
/
id.navegg.com/uid/ 		16 B
303 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.navegg.com/uid/
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:206e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
558ffc306fcfed53467bbf376f405a03f22c4b47a02c4a446d05a769852585dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://app.bigonline.top.enquetebbb.com.br/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 02 Jan 2024 12:34:49 GMT
x-content-type-options
nosniff
referrer-policy
same-origin
cf-cache-status
DYNAMIC
server
cloudflare
cross-origin-opener-policy
same-origin
vary
Accept
allow
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
x-frame-options
DENY
cf-ray
83f309cfa9204bcf-BUF
access-control-allow-headers
*
content-length
16
access-control-allow-method
GET
cdb
bidder.criteo.com/ 		0
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.5&cb=19344569832&lsavail=1
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://app.bigonline.top.enquetebbb.com.br/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://app.bigonline.top.enquetebbb.com.br
date
Tue, 02 Jan 2024 12:34:48 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
prebid
ib.adnxs.com/ut/v3/ 		138 B
714 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.114 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
c15c644e95e73e6b1c0c0667b63a050757787b98b045ce2fff32a478d2dc8668
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://app.bigonline.top.enquetebbb.com.br/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:49 GMT
an-x-request-uuid
3a9f7722-95bd-4fd9-a753-785f21f15465
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://app.bigonline.top.enquetebbb.com.br
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
96.9.249.45; 96.9.249.45; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
138
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
prebid.media.net/rtb/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUM45834
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
d8ed801e6587da5e413812342f568fcf71bcc51a3d4259cdfcc5f0243e60edaa

Request headers

Referer
https://app.bigonline.top.enquetebbb.com.br/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:48 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://app.bigonline.top.enquetebbb.com.br
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
20
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 02 Jan 2024 12:34:48 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		459 B
1013 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15410&site_id=96324&zone_id=2050442&size_id=2&alt_size_ids=55&rp_schain=1.0,1!premiumads.com.br,c5f23a3b-3ee9-44b5-8574-4c24c1580399,1,,,&rf=https%3A%2F%2Fapp.bigonline.top.enquetebbb.com.br%2F&kw=bbb23%2Cbbb23%2Cbig23%2Cbbb2023%2Cbbb2023%2Cgshowbbb%2Cbbb23votar%2Cenquetebbb23%2Cenquetebbb23big2023%2Cbig23%2Cbbb2023%2Cbbb22%2Cbbb22%2Cbig22%2Cbbb2022%2Cbbb2022%2Cgshowbbb%2Cbbb22votar%2Cenquetebbb22%2Cenquetebbb22big2022%2Cbig22%2Cbbb2022%2Cbbb21%2Cbbb21%2Cbig21%2Cbbb2021%2Cbbb2021%2Cbig2021%2Cbig21%2Cbbb2021%2Cbbb%2Cenquete%2Cbbb18%2Cbigbrotherbrasil%2Ccasavigiada%2Cvotarbbb%2Cvoto%2Cvotar%2Cenquetebbb%2Cbbb18%2Cbig18%2Cbbb2018%2Cbbb2018%2Cbig2018%2Cvotarbbb%2Cenquetebbb%2Cenquetebb%2Cpared%C3%A3o%2Cvote%2Cbig18%2Cbbb2018%2Cfazenda%2Cafazenda%2Cafazenda15%2Cro%C3%A7a%2Crecord%2Cr7%2Cvotarfazenda%2Cvota%C3%A7%C3%A3obbb%2Cenquetebbb%2Cparcialbbb%2C&tg_i.domain=app.bigonline.top.enquetebbb.com.br&tg_i.page=https%3A%2F%2Fapp.bigonline.top.enquetebbb.com.br%2F&tg_i.pbadslot=%2F75894840%2C21757894217%2FENQUETE_BBB_HEADERSTICKY%23P_ENQUETE_BBB_HEADERSTICKY_0&tk_flint=pbjs_lite_v7.54.5&x_source.tid=fe7d47c0-44be-449f-967e-5b6c20fdba39&l_pb_bid_id=855cb2977f3b5b&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=fe7d47c0-44be-449f-967e-5b6c20fdba39&rp_hard_floor=0.0618&rp_maxbids=1&p_gpid=%2F75894840%2C21757894217%2FENQUETE_BBB_HEADERSTICKY%23P_ENQUETE_BBB_HEADERSTICKY_0&slots=1&rand=0.03743311776602809
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:300::98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
c39e3f1752a220942b9d0ccb6d316902a403977aa43b421a283e9b362fcd9015

Request headers

Referer
https://app.bigonline.top.enquetebbb.com.br/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:49 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://app.bigonline.top.enquetebbb.com.br
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
459
expires
Wed, 17 Sep 1975 21:32:10 GMT
3946375
bs.yandex.ru/prebid/ 		0
454 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bs.yandex.ru/prebid/3946375?imp-id=1&target-ref=app.bigonline.top.enquetebbb.com.br&ssp-id=10500
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://app.bigonline.top.enquetebbb.com.br/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:49 GMT
last-modified
Tue, 02 Jan 2024 12:34:49 GMT
x-yandex-req-id
1704198889215926-138606760183503809900270-production-app-host-sas-pcode-91
uniformat
true
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://app.bigonline.top.enquetebbb.com.br
content-type
application/json; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
uniformat-product-type
None
expires
Tue, 02 Jan 2024 12:34:49 GMT
auction
tlx.3lift.com/header/ 		19 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.54.5&referrer=https%3A%2F%2Fapp.bigonline.top.enquetebbb.com.br%2F&tmax=2500
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.203.80.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-80-35.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://app.bigonline.top.enquetebbb.com.br/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:48 GMT
accept-ch
sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width
x-auction-status
29
content-type
application/json; charset=utf-8
access-control-allow-origin
https://app.bigonline.top.enquetebbb.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
collect
analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-RQSNYVQKT8&_ono=1&gtm=45je3bt0v9135313823&_p=1704198887443&gcd=11l1l1l1l1&dma=0&cid=1513113727.1704198888&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&sid=1704198887&sct=1&seg=0&dl=https%3A%2F%2Fapp.bigonline.top.enquetebbb.com.br%2F&dt=Enquete%20BBB%20-%20Votar%20BBB%2023&_s=2&tfd=2067
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RQSNYVQKT8&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://app.bigonline.top.enquetebbb.com.br/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:48 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://app.bigonline.top.enquetebbb.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sdk.js
adsdk.microsoft.com/native-to-display/ Frame 5D19 		94 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6330018069195839&output=html&h=250&slotname=2120920013&adk=2552748265&adf=685434138&pi=t.ma~as.2120920013&w=300&lmt=1704198888&format=300x250&url=https%3A%2F%2Fapp.bigonline.top.enquetebbb.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704198888483&bpp=6&bdt=1065&idt=6&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280%2C300x250%2C850x212&nras=1&correlator=1382143617713&frm=20&pv=1&ga_vid=1513113727.1704198888&ga_sid=1704198888&ga_hid=826802263&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1115&ady=3423&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795922%2C95320884&oid=2&pvsid=1575176703098264&tmod=1392576887&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=3&fsb=1&dtd=11
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3921a1b162dfde77a136eb59baeab096961820fe6a881d0e66a5b125792dd334

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 02 Jan 2024 12:34:49 GMT
content-encoding
br
last-modified
Tue, 12 Dec 2023 23:02:54 GMT
vary
Accept-Encoding
x-azure-ref
20240102T123449Z-zrudqtpk490qv53madbzemm1hw00000008dg0000000050sa
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
f08b67f0-501e-0056-7a55-37f381000000
cache-control
private, max-age=3600
x-cache
TCP_HIT
x-ms-version
2009-09-19
trk.js
cdn.adnxs.com/v/s/240/ Frame 5D19 		80 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/240/trk.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6330018069195839&output=html&h=250&slotname=2120920013&adk=2552748265&adf=685434138&pi=t.ma~as.2120920013&w=300&lmt=1704198888&format=300x250&url=https%3A%2F%2Fapp.bigonline.top.enquetebbb.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704198888483&bpp=6&bdt=1065&idt=6&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280%2C300x250%2C850x212&nras=1&correlator=1382143617713&frm=20&pv=1&ga_vid=1513113727.1704198888&ga_sid=1704198888&ga_hid=826802263&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1115&ady=3423&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795922%2C95320884&oid=2&pvsid=1575176703098264&tmod=1392576887&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=3&fsb=1&dtd=11
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Expires
Thu, 14 Nov 2024 14:07:00 GMT
Date
Tue, 02 Jan 2024 12:34:48 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
4141668
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
27680
X-Served-By
cache-lga21956-LGA, cache-yyz4552-YYZ
Last-Modified
Wed, 15 Nov 2023 14:06:46 GMT
Server
AkamaiNetStorage
X-Timer
S1704198889.964662,VS0,VE0
ETag
"ccac3ab7f323b8743d099010fcce15a4:1700057206.383562"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
34, 1525319
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 5D19 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6330018069195839&output=html&h=250&slotname=2120920013&adk=2552748265&adf=685434138&pi=t.ma~as.2120920013&w=300&lmt=1704198888&format=300x250&url=https%3A%2F%2Fapp.bigonline.top.enquetebbb.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704198888483&bpp=6&bdt=1065&idt=6&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280%2C300x250%2C850x212&nras=1&correlator=1382143617713&frm=20&pv=1&ga_vid=1513113727.1704198888&ga_sid=1704198888&ga_hid=826802263&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1115&ady=3423&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795922%2C95320884&oid=2&pvsid=1575176703098264&tmod=1392576887&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=3&fsb=1&dtd=11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 13:20:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
83682
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 15 Jan 2024 13:20:07 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 5D19 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6330018069195839&output=html&h=250&slotname=2120920013&adk=2552748265&adf=685434138&pi=t.ma~as.2120920013&w=300&lmt=1704198888&format=300x250&url=https%3A%2F%2Fapp.bigonline.top.enquetebbb.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704198888483&bpp=6&bdt=1065&idt=6&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280%2C300x250%2C850x212&nras=1&correlator=1382143617713&frm=20&pv=1&ga_vid=1513113727.1704198888&ga_sid=1704198888&ga_hid=826802263&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1115&ady=3423&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795922%2C95320884&oid=2&pvsid=1575176703098264&tmod=1392576887&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=3&fsb=1&dtd=11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 13:20:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
83683
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 15 Jan 2024 13:20:05 GMT
l
www.google.com/ads/measurement/ Frame 5D19 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTM5XARRo-9zMIDYVUGgoEfGHdomlEvxzeVhw44g7PCX9G71JTDCChSM3sgCgJ9TeQSpXVXkRsRwN08Z3tRkqeNCmx-XQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6330018069195839&output=html&h=250&slotname=2120920013&adk=2552748265&adf=685434138&pi=t.ma~as.2120920013&w=300&lmt=1704198888&format=300x250&url=https%3A%2F%2Fapp.bigonline.top.enquetebbb.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704198888483&bpp=6&bdt=1065&idt=6&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280%2C300x250%2C850x212&nras=1&correlator=1382143617713&frm=20&pv=1&ga_vid=1513113727.1704198888&ga_sid=1704198888&ga_hid=826802263&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1115&ady=3423&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795922%2C95320884&oid=2&pvsid=1575176703098264&tmod=1392576887&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=3&fsb=1&dtd=11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5D19 		194 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6330018069195839&output=html&h=250&slotname=2120920013&adk=2552748265&adf=685434138&pi=t.ma~as.2120920013&w=300&lmt=1704198888&format=300x250&url=https%3A%2F%2Fapp.bigonline.top.enquetebbb.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704198888483&bpp=6&bdt=1065&idt=6&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280%2C300x250%2C850x212&nras=1&correlator=1382143617713&frm=20&pv=1&ga_vid=1513113727.1704198888&ga_sid=1704198888&ga_hid=826802263&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1115&ady=3423&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795922%2C95320884&oid=2&pvsid=1575176703098264&tmod=1392576887&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=3&fsb=1&dtd=11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
976b1d446e9f000ebc33704968e386bdf9a1c80afa733825c1fb92006d1736ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 12:34:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62516
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 02 Jan 2024 12:34:49 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame 15CB 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://app.bigonline.top.enquetebbb.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
83676
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4130
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 01 Jan 2024 13:20:12 GMT
etag
5585625838579639069
expires
Mon, 15 Jan 2024 13:20:12 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 6C94 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsviUc3Te3OExFVUnIUz3fCcueVMDhYFqPDKZAlnXNsJ3FinHmrjURRhYeiAVkcgGH4xYSQcIJAqS-99_jBBbs_uY9xBi5af2FlCwCOhRLbNIbEX-wH3rHGvfDCUoYdufTishOmdWxmuqPuCFJ4SSS-te-DjgTyi_vkAU9jZkI5OSbd2Yn7J-loVrGPGG_14fdEwluf10v7FRnBZLVXoEaA0uOuToKgUaeBWGGrootd8jFtJnXBvKhfyOYMVxJFM4yIPh5sUGxby9cf-9cTAa02wLqCTp5gL3zdaMTOIsF8yMBfOYU0ErFXerjBR-Qe-c6A7384aPnIiVrK8Qft2oQ-ADS7yPJsQfoOlBlbnccm9UyWcrkZLIw90m1Kq7o96Eu0uz3PnE_QrYwlFjQ&sai=AMfl-YRBUhc1_psUGwHJZutPqe847AEPWdwR7iP--LWvwWpv-a9J1vvQ5Sea6BC6oM9AOarsjxnZF_ornbGsJKvpEK7iK1Xj6wsCSo4S_iIpuhVh6OZRFJF6VnjUI-8Dj1Q&sig=Cg0ArKJSzKEQxYKnt1ctEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 12:34:49 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 6C94 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 13:20:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
83681
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 15 Jan 2024 13:20:07 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6C94 		194 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
976b1d446e9f000ebc33704968e386bdf9a1c80afa733825c1fb92006d1736ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 12:34:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62516
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 02 Jan 2024 12:34:49 GMT
9943038872064304095
tpc.googlesyndication.com/simgad/ Frame 6C94 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9943038872064304095
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a21411487148e31e36c76e37a0b5da80e03d0f175d9180f6de7aa089622e3c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons
true
date
Tue, 02 Jan 2024 12:34:49 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23786
x-xss-protection
0
last-modified
Mon, 30 Sep 2019 23:27:33 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 01 Jan 2025 12:34:49 GMT
truncated
/ Frame 6C94 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b2305848886c4142114686cb0bfbe23da48f99d0bc0ec95baadff633bef2236e

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
collect
analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-RQSNYVQKT8&_ono=1&gtm=45je3bt0v9135313823&_p=1704198887443&gcd=11l1l1l1l1&dma=0&cid=1513113727.1704198888&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=kAAI&sid=1704198887&sct=1&seg=0&dl=https%3A%2F%2Fapp.bigonline.top.enquetebbb.com.br%2F&dt=Enquete%20BBB%20-%20Votar%20BBB%2023&_s=3&tfd=2208
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RQSNYVQKT8&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:38::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://app.bigonline.top.enquetebbb.com.br/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:49 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://app.bigonline.top.enquetebbb.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css2
fonts.googleapis.com/ Frame 15CB 		4 KB
767 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 02 Jan 2024 12:34:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 12:31:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Jan 2024 12:34:49 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 15CB 		205 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 05:13:33 GMT
x-content-type-options
nosniff
age
26476
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 01 Jan 2025 05:13:33 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 15CB 		604 B
920 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 23:38:04 GMT
x-content-type-options
nosniff
age
219405
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sun, 29 Dec 2024 23:38:04 GMT
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 15CB 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41b43f64c3e5d7f9eca80634429adb1b8e0a1c5e1fe67ad71ec651a991ebfe68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 01:54:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
38409
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6766
x-xss-protection
0
server
cafe
etag
14924840246271906451
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 16 Jan 2024 01:54:40 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 15CB 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 20:20:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
58487
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9210
x-xss-protection
0
server
cafe
etag
13914886398874665762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 15 Jan 2024 20:20:02 GMT
e21910fd923a6283b5d44b2382eabc86.js
www.gstatic.com/mysidia/ Frame DEF3 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/e21910fd923a6283b5d44b2382eabc86.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27d5ba2175dc395614adb2c69fe9f4bff9abddef3a7c6e3e30a68587f428a37b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 16:11:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
418980
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4064
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 27 Mar 2024 16:11:49 GMT
aaaa0c68f83bc91a42091e4a37f3fa3d.js
www.gstatic.com/mysidia/ Frame DEF3 		174 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/aaaa0c68f83bc91a42091e4a37f3fa3d.js?tag=gpa/dynamic_fig_web_banner_v2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2631b82949f1c3cc9755701e6261c8ff97c9982c3db6ff98b7c69b31d3fbeed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 06:21:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
540785
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64899
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 26 Mar 2024 06:21:44 GMT
css
fonts.googleapis.com/ Frame DEF3 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
98ea92621a1e03efc11987fba7aff5dae88cd39ffa85960a627b7c8c7b002e8e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 02 Jan 2024 12:34:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 12:07:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Jan 2024 12:34:49 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame DEF3 		2 KB
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 13:20:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
83682
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 15 Jan 2024 13:20:07 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame DEF3 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 13:20:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
83682
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9269
x-xss-protection
0
server
cafe
etag
11706523405290302210
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 15 Jan 2024 13:20:07 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame DEF3 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 13:20:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
83682
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 15 Jan 2024 13:20:07 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame DEF3 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 13:20:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
83684
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 15 Jan 2024 13:20:05 GMT
l
www.google.com/ads/measurement/ Frame DEF3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSs3-KDIXQ71m8h7lXpoc6E5xCDskuI09RtuDGmkTH4-qPQ3BbjYsCj0v9Gspc1eSQ6ppb_12UnUKCKSAV53oy_ox7lnA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DEF3 		194 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
976b1d446e9f000ebc33704968e386bdf9a1c80afa733825c1fb92006d1736ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 12:34:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62516
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 02 Jan 2024 12:34:49 GMT
f9d9b65dbd646119ce96bad0f484d579.js
www.gstatic.com/mysidia/ Frame DEF3 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 17:57:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
499037
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15460
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 26 Mar 2024 17:57:32 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 6C94 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstZ15bq0bDrh32sCpOHnONDdzbuZx5Qhwr5YtxfmliPd2JtLxfpKbwdPGRDn79pVQAqHEctRdOM2tU6CSnotKUr6lAMEurqwx4bXQIXZV50U4JOVuqpOvHpHGIYH0fdxqw1kl6Udbi75R6AGOkXdLrKekIUVE1xbWgDdOKxC6B6okKE82cosTlh4IL2_gJOnmpVxsGBbv5WaFWRm_0yeITVgBTJksdIQ1kRaoDnBoLyWciz_Boxbf5LEXv7-tJi279d8hGknQX41TEq8EohBGtGaCLF9Lj9b-SI3Sgq1Ba7OOWklwcD5Yl7HqAXWfa3MXWL-bZ0pcViJ-OTX6JayZjOSUphyyteE9J0aUtH4mTQMCbTykFvxePTlFazEYoGgs-Jy2S5dFkJluHdL0IA&sai=AMfl-YSncZ0vnwwCUeKzGPwof4e-HL--N-ZcZtHMmpWWA81_fgjEO1xhmUeeHMOrbxqHlp_EPe21uUpCIjanz6vPBDE_LYbsGqKJ5vQuUNnEwZ2ellsRa_ZmrRvwG5y2Yrk&sig=Cg0ArKJSzPmZ90oDQORgEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 12:34:49 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 02 Jan 2024 12:34:49 GMT
c.gif
www.bing.com/aes/ Frame 5D19
Redirect Chain
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=6b388cb9-bf4f-4aff-bc73-8db863722e27&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=dee33090-28e5-4467...
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=66a55798833b418da916b2c0250a20fc&SNR=1&GV=2&med=10
0
241 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=66a55798833b418da916b2c0250a20fc&SNR=1&GV=2&med=10
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6330018069195839&output=html&h=250&slotname=2120920013&adk=2552748265&adf=685434138&pi=t.ma~as.2120920013&w=300&lmt=1704198888&format=300x250&url=https%3A%2F%2Fapp.bigonline.top.enquetebbb.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704198888483&bpp=6&bdt=1065&idt=6&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280%2C300x250%2C850x212&nras=1&correlator=1382143617713&frm=20&pv=1&ga_vid=1513113727.1704198888&ga_sid=1704198888&ga_hid=826802263&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1115&ady=3423&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795922%2C95320884&oid=2&pvsid=1575176703098264&tmod=1392576887&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=3&fsb=1&dtd=11
Protocol
H2
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:48 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: DE38F2D50C344D49AA57E5306A4ADD1E Ref B: NYCEDGE1409 Ref C: 2024-01-02T12:34:49Z
vary
Origin
x-cache
CONFIG_NOCACHE
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control
private,no-store
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
date
Tue, 02 Jan 2024 12:34:48 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: E69F25EB1DE64E2391EC1AAA2E7CBA93 Ref B: NYCEDGE1409 Ref C: 2024-01-02T12:34:49Z
vary
Origin
x-cache
CONFIG_NOCACHE
content-type
text/html; charset=utf-8
location
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=66a55798833b418da916b2c0250a20fc&SNR=1&GV=2&med=10
cache-control
no-cache, no-store, must-revalidate
content-length
154
expires
0
th
www.bing.com/ Frame 5D19 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=OADD2.7146998010137_1RB5Y5SIYK0529H98Y&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=300&h=157&qlt=90
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6330018069195839&output=html&h=250&slotname=2120920013&adk=2552748265&adf=685434138&pi=t.ma~as.2120920013&w=300&lmt=1704198888&format=300x250&url=https%3A%2F%2Fapp.bigonline.top.enquetebbb.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704198888483&bpp=6&bdt=1065&idt=6&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280%2C300x250%2C850x212&nras=1&correlator=1382143617713&frm=20&pv=1&ga_vid=1513113727.1704198888&ga_sid=1704198888&ga_hid=826802263&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1115&ady=3423&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795922%2C95320884&oid=2&pvsid=1575176703098264&tmod=1392576887&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=3&fsb=1&dtd=11
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
242ef1ffde7693000de5d0b4778c2797aefff3a2253c5bd5724dc84e54cf3de4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 12:34:48 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 9E295DD874AE498497A50617E68A17C4 Ref B: NYCEDGE1409 Ref C: 2024-01-02T12:34:49Z
access-control-allow-methods
GET, POST, OPTIONS
x-cache
TCP_HIT
access-control-allow-origin
*
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
cache-control
public, max-age=2592000
timing-allow-origin
*
access-control-allow-headers
*
content-length
18352
csi
csi.gstatic.com/ Frame DEF3 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lqwc0mqx&c=5778494361435&slotId=2889247180717.5&qqid=CIHc6MrbvoMDFZgqaAgdHUYFhQ&sei=44752538%2C44807614%2C44807615%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=ssc&ulv=1&ua_e=1
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/aaaa0c68f83bc91a42091e4a37f3fa3d.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4013:c06::5e Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:49 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
hq1.jpg
i1.ytimg.com/vi/hPuvjr9trTg/ Frame DEF3 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.ytimg.com/vi/hPuvjr9trTg/hq1.jpg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ec435ae17cbe202d302b02444eef33f7650b521bd1db7ef5928377de1e8c9a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 11:31:51 GMT
x-content-type-options
nosniff
age
3778
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19955
x-xss-protection
0
server
sffe
etag
"1695794807"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 02 Jan 2024 13:31:51 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame ABA7 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
69488
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 01 Jan 2024 17:16:41 GMT
etag
48472445140208031
expires
Tue, 02 Jan 2024 17:16:41 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rd_log
nym1-ib.adnxs.com/ Frame 5D19 		0
529 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fapp.bigonline.top.enquetebbb.com.br&e=wqT_3QKDBOgDAgAAAwDWAAUBCOiF0KwGEMWCj-WSq577OBgAKjYJLZT4l1M4kT8RnkL0mDzJkD8ZAAAAIIXr8T8hng0SACkRJNAxAAAA4FG4rj8w2_imAzi1AUC1XkjjA1C6iYq2AVi_sT1gAGifpFR4kugCgAEBigEDVVNEkgUG8N6YAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCK2h0dHBzOi8vYXBwLmJpZ29ubGluZS50b3AuZW5xdWV0ZWJiYi5jb20uYnKAAwCIAwGQAwCYAwmgAwGqAwDAA9gEyAMA2APz08IB4AMA6AMA-AMDgAQAkgQEL3VhcJgEAKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAFlqnbjp_VsJ4JwAUAyQUAAAAAAADwP9IFCQkAAAAAAQ5w2AUB4AUB8AWPvSP6BQQIABAAkAYAmAYAuAYAwQYBITQAAPA_0AbCjQTaBhYKEAkSGQF0EAAYAOAGAfIGAggAgAcBiAcAoAcByAeS6ALSBw0JESgBJgjaBwYBXqgYAOAHAOoHAggA8AeNhYcDiggCEACVCAAAgD-YCAHACPAG0ggGCAAQABgA&s=47edcd5358d9f4d8f4755cefd7501ba5f05edb11&bdref=https%3A%2F%2Fapp.bigonline.top.enquetebbb.com.br%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fapp.bigonline.top.enquetebbb.com.br%2F,https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-6330018069195839%26output%3Dhtml%26h%3D250%26slotname%3D2120920013%26adk%3D2552748265%26adf%3D685434138%26pi%3Dt.ma~as.2120920013%26w%3D300%26lmt%3D1704198888%26format%3D300x250%26url%3Dhttps%253A%252F%252Fapp.bigonline.top.enquetebbb.com.br%252F%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1704198888483%26bpp%3D6%26bdt%3D1065%26idt%3D6%26shv%3Dr20231207%26mjsv%3Dm202312070101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C1170x280%252C300x250%252C850x212%26nras%3D1%26correlator%3D1382143617713%26frm%3D20%26pv%3D1%26ga_vid%3D1513113727.1704198888%26ga_sid%3D1704198888%26ga_hid%3D826802263%26ga_fc%3D1%26u_tz%3D-600%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1115%26ady%3D3423%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44795922%252C95320884%26oid%3D2%26pvsid%3D1575176703098264%26tmod%3D1392576887%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CleEbr%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D7%26uci%3Da!7%26btvi%3D3%26fsb%3D1%26dtd%3D11&
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6330018069195839&output=html&h=250&slotname=2120920013&adk=2552748265&adf=685434138&pi=t.ma~as.2120920013&w=300&lmt=1704198888&format=300x250&url=https%3A%2F%2Fapp.bigonline.top.enquetebbb.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704198888483&bpp=6&bdt=1065&idt=6&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280%2C300x250%2C850x212&nras=1&correlator=1382143617713&frm=20&pv=1&ga_vid=1513113727.1704198888&ga_sid=1704198888&ga_hid=826802263&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1115&ady=3423&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795922%2C95320884&oid=2&pvsid=1575176703098264&tmod=1392576887&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=3&fsb=1&dtd=11
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.114 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:49 GMT
an-x-request-uuid
6c934521-5169-4be6-8d1d-f7e6327de476
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
96.9.249.45; 96.9.249.45; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
videoplayback
rr4---sn-ab5l6nr6.googlevideo.com/ Frame DEF3 		3 MB
3 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://rr4---sn-ab5l6nr6.googlevideo.com/videoplayback?expire=1704227688&ei=6AKUZZbWGfuLkucP3NypoA8&ip=2602:ffc8:2:104::6&id=84fbaf8ebf6dad38&itag=18&source=youtube&requiressl=yes&xpc=Eghovf3BOnoBAQ==&mh=aI&mm=31&mn=sn-ab5l6nr6&ms=au&mv=u&mvi=4&pl=48&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=65.433&lmt=1695794779553904&mt=1704198171&cpn=h_gYG2kGJ14cx-d0&txp=4438434&sparams=expire,ei,ip,id,itag,source,requiressl,xpc,susc,acao,ctier,mime,vprv,dur,lmt&sig=AJfQdSswRQIgJ5PtCcBWUAmsqp9m_SkqJKLoJRPJHDDYqRlPX-Vx9EACIQDzIL_8ErHNWz1ECfYMEHtdmdpGrvmu6I51nFs2M-z27g==&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AAO5W4owRgIhAKymYbjMra2VeAtC07LVRdCpWdc4QXYRuOrTWVHETSTOAiEAlbnfuIX6QR_Kd_RGE5sHxW6GTS9TnvWuOMaCa-_EbCA=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:8::9 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
93d4bddeb674e69bbc1b49fe44bab60d195b4a11c19da58156ea025090789e19
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Range
bytes=0-

Response headers

Date
Tue, 02 Jan 2024 12:34:49 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 27 Sep 2023 06:06:19 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Content-Range
bytes 0-2918556/2918557
Cache-Control
private, max-age=28499
Cross-Origin-Resource-Policy
cross-origin
Connection
close
Accept-Ranges
bytes
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
2918557
Expires
Tue, 02 Jan 2024 12:34:49 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		389 B
172 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1575176703098264&correlator=1704768299793796&eid=31079957%2C31080078%2C31080122&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&iu_parts=75894840%3A21757894217%2CENQUETE_BBB_HEADERSTICKY&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C728x90&ifi=11&didk=3492932515&sfv=1-0-40&fsbs=1&sc=1&cookie=ID%3Db1ae3e7c33ee6f2a%3AT%3D1704198888%3ART%3D1704198888%3AS%3DALNI_MZ4Zx-_vf2ab8gc3VJPxZltxHUOug&gpic=UID%3D00000a05d90615a5%3AT%3D1704198888%3ART%3D1704198888%3AS%3DALNI_MZ-swE3fPB8RSowax9wgz9k-Fvaow&abxe=1&dt=1704198889374&lmt=1704198889&adxs=315&adys=1245&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fapp.bigonline.top.enquetebbb.com.br%2F&vis=1&psz=1000x-1&msz=1000x-1&fws=516&ohw=1600&ga_vid=1513113727.1704198888&ga_sid=1704198888&ga_hid=826802263&ga_fc=true&dlt=1704198887418&idt=334&prev_scp=data_type%3Danchor%26pp_sticky%3Dbottom%26pp_loop%3D00%26pp_pb%3D0.30&cust_params=url%3Denquetebbb.com.br%26categoria%3Dhome&adks=2440819915&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
17188ee3f162f6cd4b674ca31c0d0ad1cec633dd72cb896f91daa2220fc8e829
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 12:34:49 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
142
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://app.bigonline.top.enquetebbb.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
dpixel
cms.quantserve.com/ Frame ABA7 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEHcWn5_wzW4c9YEhnjQV20k&google_cver=1&google_push=AXcoOmTQO6WKRTU-ECtMHt3C8izLZqA_ex_92d-Uv3m2uWfllE9kDbM0DNRDPrYFGq6KmJIsD-KlS9MXFE73DRMCEW3RVk-FLGNaqypy
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:c1e8:5385:5098:6bf0 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:49 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame ABA7
Redirect Chain
  • https://px.owneriq.net/ecmg?google_gid=CAESEKXVi9VGxZIxFpgaRw2Q94A&google_cver=1&google_push=AXcoOmSGG4cGHMmzpIFfudM4VvwN37dla9EIWRzm44zUFctEt2cm3IzZ646bwa8nX1SZcljtqQhUKafrCQx4ufZxwaTUOxRc-lVkz5FV
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fcm.g.doubleclick.net%2fpixel%3fgoogle_nid%3downeriq1%26google_sc%26google_push%3dAXcoOmSGG4cGHMmzpIFfudM4VvwN37dla9EIWRzm44zUFctEt2cm3IzZ646bwa8nX1SZc...
  • https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AXcoOmSGG4cGHMmzpIFfudM4VvwN37dla9EIWRzm44zUFctEt2cm3IzZ646bwa8nX1SZcljtqQhUKafrCQx4ufZxwaTUOxRc-lVkz5FV&google_cver=1&g...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AXcoOmSGG4cGHMmzpIFfudM4VvwN37dla9EIWRzm44zUFctEt2cm3IzZ646bwa8nX1SZcljtqQhUKafrCQx4ufZxwaTUOxRc-lVkz5FV&google_cver=1&google_gid=CAESEKXVi9VGxZIxFpgaRw2Q94A&google_hm=UTc1NzQ4NTI4OTExMDczMjY1MTA=
Protocol
H3
Server
142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 02 Jan 2024 12:34:49 GMT
Server
Apache/2.4.6 (CentOS)
X-Powered-By
PHP/7.3.33
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AXcoOmSGG4cGHMmzpIFfudM4VvwN37dla9EIWRzm44zUFctEt2cm3IzZ646bwa8nX1SZcljtqQhUKafrCQx4ufZxwaTUOxRc-lVkz5FV&google_cver=1&google_gid=CAESEKXVi9VGxZIxFpgaRw2Q94A&google_hm=UTc1NzQ4NTI4OTExMDczMjY1MTA=
Content-Type
text/html
Cache-Control
max-age=50950
Connection
keep-alive
Content-Length
154
i.match
s.tribalfusion.com/z/ Frame ABA7
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEBOck4_6uoJiasStLLmX4ss&google_cver=1&google_push=AXcoOmT_DrFInWLRZtePlvgAgATzBNg8cRvbvBQlFbiTKtvHuwOhd37vlnUeGKWkM9z-1J5juaL63AQRYNomR-b0PT1vO64o3Mk-k...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBOck4_6uoJiasStLLmX4ss&google_cver=1&google_push=AXcoOmT_DrFInWLRZtePlvgAgATzBNg8cRvbvBQlFbiTKtvHuwOhd37vlnUeGKWkM9z-1J5juaL63AQRYNomR-b0PT1vO64o3Mk...
43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBOck4_6uoJiasStLLmX4ss&google_cver=1&google_push=AXcoOmT_DrFInWLRZtePlvgAgATzBNg8cRvbvBQlFbiTKtvHuwOhd37vlnUeGKWkM9z-1J5juaL63AQRYNomR-b0PT1vO64o3Mk-kxgY&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmT_DrFInWLRZtePlvgAgATzBNg8cRvbvBQlFbiTKtvHuwOhd37vlnUeGKWkM9z-1J5juaL63AQRYNomR-b0PT1vO64o3Mk-kxgY%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol
H2
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:49 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
83f309d55d394bc1-BUF
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:49 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
65
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBOck4_6uoJiasStLLmX4ss&google_cver=1&google_push=AXcoOmT_DrFInWLRZtePlvgAgATzBNg8cRvbvBQlFbiTKtvHuwOhd37vlnUeGKWkM9z-1J5juaL63AQRYNomR-b0PT1vO64o3Mk-kxgY&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmT_DrFInWLRZtePlvgAgATzBNg8cRvbvBQlFbiTKtvHuwOhd37vlnUeGKWkM9z-1J5juaL63AQRYNomR-b0PT1vO64o3Mk-kxgY%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
83f309d32c524bc1-BUF
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame ABA7
Redirect Chain
  • https://aep.mxptint.net/sn.ashx?google_gid=CAESELwiVLoc1QAAN8IX5-zynSE&google_cver=1&google_push=AXcoOmQk33YiPTHpLaarOxte9CWr7bCeoI5qaLuv6UNCGXLsR4r_ZNt3A4wJRgvT0jzKlS_Vc_K4P9E3vQx2B6KR1pg_Kw9qRJdKq-w
  • https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmQk33YiPTHpLaarOxte9CWr7bCeoI5qaLuv6UNCGXLsR4r_ZNt3A4wJRgvT0jzKlS_Vc_K4P9E3vQx2B6KR1pg_Kw9qRJdKq-w&google_hm=UjM1Q0E1XzEwR...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmQk33YiPTHpLaarOxte9CWr7bCeoI5qaLuv6UNCGXLsR4r_ZNt3A4wJRgvT0jzKlS_Vc_K4P9E3vQx2B6KR1pg_Kw9qRJdKq-w&google_hm=UjM1Q0E1XzEwRUE4NjI3N18xNzZGOERCMw%3D%3D
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Server
142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmQk33YiPTHpLaarOxte9CWr7bCeoI5qaLuv6UNCGXLsR4r_ZNt3A4wJRgvT0jzKlS_Vc_K4P9E3vQx2B6KR1pg_Kw9qRJdKq-w&google_hm=UjM1Q0E1XzEwRUE4NjI3N18xNzZGOERCMw%3D%3D
Date
Tue, 02 Jan 2024 12:34:49 GMT
Cache-Control
private
Strict-Transport-Security
max-age=-387203689; includeSubDomains
P3P
CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE", CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE"
Content-Length
349
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame ABA7
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELhLpUyl0j5PI8mbb3E_lNE&google_cver=1&google_push=AXcoOmTGn7ST_IKyPBKGr3l-kQfs_7j_Gz6dCJPVkdh0uHPtzOcc3NBQREjsU8wH_Korcm0RCXTs4isooJR2IU5GBORctbB...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTGn7ST_IKyPBKGr3l-kQfs_7j_Gz6dCJPVkdh0uHPtzOcc3NBQREjsU8wH_Korcm0RCXTs4isooJR2IU5GBORctbBJ-ZgTD1c&google_hm=eS1HdUZJQjQ5RTJwSHl...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTGn7ST_IKyPBKGr3l-kQfs_7j_Gz6dCJPVkdh0uHPtzOcc3NBQREjsU8wH_Korcm0RCXTs4isooJR2IU5GBORctbBJ-ZgTD1c&google_hm=eS1HdUZJQjQ5RTJwSHlHY29WeDlWVjZ4ZDViUVZCTmlDbn5B
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Server
142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 02 Jan 2024 12:34:49 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTGn7ST_IKyPBKGr3l-kQfs_7j_Gz6dCJPVkdh0uHPtzOcc3NBQREjsU8wH_Korcm0RCXTs4isooJR2IU5GBORctbBJ-ZgTD1c&google_hm=eS1HdUZJQjQ5RTJwSHlHY29WeDlWVjZ4ZDViUVZCTmlDbn5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame ABA7
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEBHB4T8KqbZT4wX-bGkDpCA&google_cver=1&google_push=AXcoOmTLSjVn36179A3a4flnJ1135ixF_G6O6nsP9XV81KEnf6MPZEJ1PV6d7YxsXDnGkT63uOEro5vrFAOr...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTLSjVn36179A3a4flnJ1135ixF_G6O6nsP9XV81KEnf6MPZEJ1PV6d7YxsXDnGkT63uOEro5vrFAOrTKUaIPNEzNa3ZKKDcO57
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTLSjVn36179A3a4flnJ1135ixF_G6O6nsP9XV81KEnf6MPZEJ1PV6d7YxsXDnGkT63uOEro5vrFAOrTKUaIPNEzNa3ZKKDcO57
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Server
142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTLSjVn36179A3a4flnJ1135ixF_G6O6nsP9XV81KEnf6MPZEJ1PV6d7YxsXDnGkT63uOEro5vrFAOrTKUaIPNEzNa3ZKKDcO57
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
pixel
cm.g.doubleclick.net/ Frame ABA7
Redirect Chain
  • https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEIHkI6JQ-HjRpw4IQYF3fN4&google_cver=1&google_push=AXcoOmSoeZKyPCd_cAXxGWCvkTivN9I7vBXd13WChJLo1Rw8l82Ov6_OjYWJMHiXAUmPrpJ7AH8uY-C09AsDbf4DL1Iz4dL...
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmSoeZKyPCd_cAXxGWCvkTivN9I7vBXd13WChJLo1Rw8l82Ov6_OjYWJMHiXAUmPrpJ7AH8uY-C09AsDbf4DL1Iz4dLZTM0B0SHZmw&google_hm=MTYwM...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmSoeZKyPCd_cAXxGWCvkTivN9I7vBXd13WChJLo1Rw8l82Ov6_OjYWJMHiXAUmPrpJ7AH8uY-C09AsDbf4DL1Iz4dLZTM0B0SHZmw&google_hm=MTYwMDcwNDE2MTc0NDQ4MzU1OQ==
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Server
142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmSoeZKyPCd_cAXxGWCvkTivN9I7vBXd13WChJLo1Rw8l82Ov6_OjYWJMHiXAUmPrpJ7AH8uY-C09AsDbf4DL1Iz4dLZTM0B0SHZmw&google_hm=MTYwMDcwNDE2MTc0NDQ4MzU1OQ==
Date
Tue, 02 Jan 2024 12:34:49 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
attr
cm.g.doubleclick.net/pixel/ Frame ABA7 		0
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K2tVZW8KI9hKYrjdFXoDZcAnmFr_SjUQMDWfscoHDn3IFADHErt6OJv3hLx49KpU4d4oOOiA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 12:34:49 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 978C 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6330018069195839&output=html&h=250&slotname=2120920013&adk=2552748265&adf=685434138&pi=t.ma~as.2120920013&w=300&lmt=1704198888&format=300x250&url=https%3A%2F%2Fapp.bigonline.top.enquetebbb.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704198888483&bpp=6&bdt=1065&idt=6&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280%2C300x250%2C850x212&nras=1&correlator=1382143617713&frm=20&pv=1&ga_vid=1513113727.1704198888&ga_sid=1704198888&ga_hid=826802263&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1115&ady=3423&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795922%2C95320884&oid=2&pvsid=1575176703098264&tmod=1392576887&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=3&fsb=1&dtd=11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
69488
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 01 Jan 2024 17:16:41 GMT
etag
48472445140208031
expires
Tue, 02 Jan 2024 17:16:41 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 5D19 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ab1f4efb036796f88657f041c0165a3d2e6625efe93d0ceb7185e32aeb1c3158

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
vevent
nym1-ib.adnxs.com/ Frame 5D19 		0
553 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fapp.bigonline.top.enquetebbb.com.br&e=wqT_3QLBB-jBAwAAAwDWAAUBCOiF0KwGEMWCj-WSq577OBgAKjYJLZT4l1M4kT8RnkL0mDzJkD8ZAAAAIIXr8T8hng0SACkRJNAxAAAA4FG4rj8w2_imAzi1AUC1XkjjA1C6iYq2AVi_sT1gAGifpFR4kugCgAEBigEDVVNEkgUG8HGYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCK2h0dHBzOi8vYXBwLmJpZ29ubGluZS50b3AuZW5xdWV0ZWJiYi5jb20uYnKAAwCIAwGQAwCYAwmgAwGqA7oDCtACaHQJQRx3d3cuYmluZwEt8HkvYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9ZGVlMzMwOTAtMjhlNS00NDY3LTlkNDItNDZiZWJmMDUxMmRhJmJpZElkPTE1MDAwJmJpZGRlcklkPTQmY21FeHBJZD1MVjImb0FkVR1cIHB1Ymxpc2hlcgE4IDYyNjQ1MzMwJgEOAGSOcQC4cnR5cGU9bnVybCZ0YWdJZD02OTI5NDk5JnRyYWZmaWNHcm91cD1rbmFxZV8zYyYNFghTdWI2GQB8X3AyZl96Ym92eXImYWlkPSR7QVVDVElPTl9JRH0md3AdEbhQUklDRX0SBTEyMDg1GhM0MTA0NjAxNTM0MzAyNzY1MzgxIgkzODE4NDY3MTQqBCFt8IE6OFUyVmhjbU5vUVdRak56RTNORE16T1RFek9EY3dNRFlqTWpNeU16VTBNamswTnpZMk9UVXhOdz09wAPYBMgDANgD89PCAeADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAERZFYiAUBmAUAoAWWqduOn9WwngnABQDJBQAFARTwP9IFCQkFC3wAAADYBQHgBQHwBY-9I_oFBAgAEACQBgCYBgC4BgDBBgEhNAAA8D_QBsKNBNoGFgoQCRIZAXAQABgA4AYB8gYCCACABwGIBwCgBwHIB5LoAtIHDRVlASYI2gcGAV60GADgBwDqBwIIAPAHjYWHA4oIAhAAlQgAAIA_mAgBwAjwBtIICQj___8_EAIYAA..&s=1dfe11b66a5f9dfae2a72d82c68a4126197371ca&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=157&sid=1847658671751871254&vd=ct~0|rr~0&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=6929499&sw=1600&sh=1200&pw=300&ph=322&ww=300&wh=250&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.114 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:49 GMT
an-x-request-uuid
73f19645-b6d4-466a-8174-1a3f52068e81
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
96.9.249.45; 96.9.249.45; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 5D19 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C6oRj6AKUZaubIJ-soPMP4o-O-ATS4Nfgbo-ktpOTCsCNtwEQASAAYMnujovApIwQggEXY2EtcHViLTYzMzAwMTgwNjkxOTU4MznIAQmoAwHIAwKqBO0BT9BqTpZ4ihvgPiA0WjGayfC3VrdL4OS6bNCYNZ48eVsc3iWrDkhBJNAgHhLjZT7cvYOA5Uege_F8TBPzSDhjHTd6q1-Jw3l5g7iuyK3gE3Qm1SzJnrfdBx91rniJhWev_rfVibi9w1EMbicKOS_4XpNKIaVyA8zfQ6Yos348X821KnRwJkutRGTd6bTa_6b9S3CCsy2wgXz9c3WoCJwDxNzv2k7mHtRsFIYxngX46v4TB0ibX9mgngD8nH174nBzP4-S1es_pY3QTyNK7ffbRz3M4sgYzWHQ_ATZ7_i-pZNKIliHr4gCA1km_5PRgAbA0p-GyLix-PEBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WOaRgsvbvoMDgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTYzMzAwMTgwNjkxOTU4MzkYAA&sigh=oDjWdHxP33w&uach_m=%5BUACH%5D&cid=CAQSPAAvHhf_2QnE_Wti5kVxjZsLpV91bh5VkLxZGE5lQXVxJBiZ3dwBQowkGFx6szYRCYfOUlWpHLvkVSPRhxgB&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6330018069195839&output=html&h=250&slotname=2120920013&adk=2552748265&adf=685434138&pi=t.ma~as.2120920013&w=300&lmt=1704198888&format=300x250&url=https%3A%2F%2Fapp.bigonline.top.enquetebbb.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704198888483&bpp=6&bdt=1065&idt=6&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280%2C300x250%2C850x212&nras=1&correlator=1382143617713&frm=20&pv=1&ga_vid=1513113727.1704198888&ga_sid=1704198888&ga_hid=826802263&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1115&ady=3423&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795922%2C95320884&oid=2&pvsid=1575176703098264&tmod=1392576887&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=3&fsb=1&dtd=11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6330018069195839&output=html&h=250&slotname=2120920013&adk=2552748265&adf=685434138&pi=t.ma~as.2120920013&w=300&lmt=1704198888&format=300x250&url=https%3A%2F%2Fapp.bigonline.top.enquetebbb.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704198888483&bpp=6&bdt=1065&idt=6&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280%2C300x250%2C850x212&nras=1&correlator=1382143617713&frm=20&pv=1&ga_vid=1513113727.1704198888&ga_sid=1704198888&ga_hid=826802263&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1115&ady=3423&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795922%2C95320884&oid=2&pvsid=1575176703098264&tmod=1392576887&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=3&fsb=1&dtd=11
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 02 Jan 2024 12:34:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
it
nym1-ib.adnxs.com/ Frame 5D19 		0
530 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nym1-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fapp.bigonline.top.enquetebbb.com.br&e=wqT_3QLBB-jBAwAAAwDWAAUBCOiF0KwGEMWCj-WSq577OBgAKjYJLZT4l1M4kT8RnkL0mDzJkD8ZAAAAIIXr8T8hng0SACkRJNAxAAAA4FG4rj8w2_imAzi1AUC1XkjjA1C6iYq2AVi_sT1gAGifpFR4kugCgAEBigEDVVNEkgUG8HGYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC8AbgAqKoMeoCK2h0dHBzOi8vYXBwLmJpZ29ubGluZS50b3AuZW5xdWV0ZWJiYi5jb20uYnKAAwCIAwGQAwCYAwmgAwGqA7oDCtACaHQJQRx3d3cuYmluZwEt8HkvYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9ZGVlMzMwOTAtMjhlNS00NDY3LTlkNDItNDZiZWJmMDUxMmRhJmJpZElkPTE1MDAwJmJpZGRlcklkPTQmY21FeHBJZD1MVjImb0FkVR1cIHB1Ymxpc2hlcgE4IDYyNjQ1MzMwJgEOAGSOcQC4cnR5cGU9bnVybCZ0YWdJZD02OTI5NDk5JnRyYWZmaWNHcm91cD1rbmFxZV8zYyYNFghTdWI2GQB8X3AyZl96Ym92eXImYWlkPSR7QVVDVElPTl9JRH0md3AdEbhQUklDRX0SBTEyMDg1GhM0MTA0NjAxNTM0MzAyNzY1MzgxIgkzODE4NDY3MTQqBCFt8IE6OFUyVmhjbU5vUVdRak56RTNORE16T1RFek9EY3dNRFlqTWpNeU16VTBNamswTnpZMk9UVXhOdz09wAPYBMgDANgD89PCAeADAOgDAPgDA4AEAJIEBC91YXCYBACoBACyBAwIABAAGAAgADAAOAC4BADABADIBADaBAIIAeAEAfAERZFYiAUBmAUAoAWWqduOn9WwngnABQDJBQAFARTwP9IFCQkFC3wAAADYBQHgBQHwBY-9I_oFBAgAEACQBgCYBgC4BgDBBgEhNAAA8D_QBsKNBNoGFgoQCRIZAXAQABgA4AYB8gYCCACABwGIBwCgBwHIB5LoAtIHDRVlASYI2gcGAV60GADgBwDqBwIIAPAHjYWHA4oIAhAAlQgAAIA_mAgBwAjwBtIICQj___8_EAIYAA..&s=1dfe11b66a5f9dfae2a72d82c68a4126197371ca&pp=ZZQC6AAIDasIaBYfAAOH4gQC3CGBZkjSiyBPfw&ppt=1&pubclick=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCiK86AKUZaubIJ-soPMP4o-O-ATS4Nfgbo-ktpOTCsCNtwEQASAAYMnujovApIwQggEXY2EtcHViLTYzMzAwMTgwNjkxOTU4MznIAQmoAwHIAwKqBPABT9BqTpZ4ihvgPiA0WjGayfC3VrdL4OS6bNCYNZ48eVsc3iWrDkhBJNAgHhLjZT7cvYOA5Uege_F8TBPzSDhjHTd6q1-Jw3l5g7iuyK3gE3Qm1SzJnrfdBx91rniJhWev_rfVibi9w1EMbicKOS_4XpNKIaVyA8zfQ6Yos348X821KnRwJkutRGTd6bTa_6b9S3CCsy2wgXz9c3WoCJwDxNzv2k7mHtRsFIYxngX46v4TB0ibX9mgngD8nH174nBzP4-S1es_pc_SbrGISQ2208e4V1ZBSdfU3w5d5tamfDHMe9w7L6IuG5mnHf5Fknt1gAbA0p-GyLix-PEBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WOaRgsvbvoMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0uPb8WQ_z0XiaXCh-X1xYrtpxUZQ%26client%3Dca-pub-6330018069195839%26adurl%3D&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6330018069195839&output=html&h=250&slotname=2120920013&adk=2552748265&adf=685434138&pi=t.ma~as.2120920013&w=300&lmt=1704198888&format=300x250&url=https%3A%2F%2Fapp.bigonline.top.enquetebbb.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704198888483&bpp=6&bdt=1065&idt=6&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280%2C300x250%2C850x212&nras=1&correlator=1382143617713&frm=20&pv=1&ga_vid=1513113727.1704198888&ga_sid=1704198888&ga_hid=826802263&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1115&ady=3423&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795922%2C95320884&oid=2&pvsid=1575176703098264&tmod=1392576887&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=3&fsb=1&dtd=11
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.114 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:49 GMT
an-x-request-uuid
4ddc363a-da6f-4dff-b479-9b5879996ef0
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
96.9.249.45; 96.9.249.45; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame 978C
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEBOck4_6uoJiasStLLmX4ss&google_cver=1&google_push=AXcoOmTSwff64YjAfmgxLLdQDNZRHK9Fgi9Z2juG4ihgnbHtCbShOEZO8cNzLlVFA1V31IXbN-dZhGte9lGKb_8RlUDLk2O4UvvbN...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBOck4_6uoJiasStLLmX4ss&google_cver=1&google_push=AXcoOmTSwff64YjAfmgxLLdQDNZRHK9Fgi9Z2juG4ihgnbHtCbShOEZO8cNzLlVFA1V31IXbN-dZhGte9lGKb_8RlUDLk2O4Uvv...
43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBOck4_6uoJiasStLLmX4ss&google_cver=1&google_push=AXcoOmTSwff64YjAfmgxLLdQDNZRHK9Fgi9Z2juG4ihgnbHtCbShOEZO8cNzLlVFA1V31IXbN-dZhGte9lGKb_8RlUDLk2O4UvvbNw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTSwff64YjAfmgxLLdQDNZRHK9Fgi9Z2juG4ihgnbHtCbShOEZO8cNzLlVFA1V31IXbN-dZhGte9lGKb_8RlUDLk2O4UvvbNw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol
H2
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:50 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
83f309d55d3a4bc1-BUF
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:49 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
91
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBOck4_6uoJiasStLLmX4ss&google_cver=1&google_push=AXcoOmTSwff64YjAfmgxLLdQDNZRHK9Fgi9Z2juG4ihgnbHtCbShOEZO8cNzLlVFA1V31IXbN-dZhGte9lGKb_8RlUDLk2O4UvvbNw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTSwff64YjAfmgxLLdQDNZRHK9Fgi9Z2juG4ihgnbHtCbShOEZO8cNzLlVFA1V31IXbN-dZhGte9lGKb_8RlUDLk2O4UvvbNw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
83f309d33c5c4bc1-BUF
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
5w3jqr4k
sync-tm.everesttech.net/upi/pid/ Frame 978C 		0
0
pixel
cm.g.doubleclick.net/ Frame 978C
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEJOka00S9TVOIqT63nD0wms&google_cver=1&google_push=AXcoOmTa8XCJpKOX1teAMzbiS73VrjyxAzs-nSPdg48hMo4PCShpEx57JiFNaPyHk_Muu_fRdVrwfTtvJzUMwI1CvGgphrwz1wg06Q
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=9D8A318B020A4D588B4CC29AC1211ACB&google_push=AXcoOmTa8XCJpKOX1teAMzbiS73VrjyxAzs-nSPdg48hMo4PCShpEx57JiFNaPyHk_Muu_fRdVrwfTtvJzUMwI1...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=9D8A318B020A4D588B4CC29AC1211ACB&google_push=AXcoOmTa8XCJpKOX1teAMzbiS73VrjyxAzs-nSPdg48hMo4PCShpEx57JiFNaPyHk_Muu_fRdVrwfTtvJzUMwI1CvGgphrwz1wg06Q
Protocol
H3
Server
142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 02 Jan 2024 12:34:49 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=9D8A318B020A4D588B4CC29AC1211ACB&google_push=AXcoOmTa8XCJpKOX1teAMzbiS73VrjyxAzs-nSPdg48hMo4PCShpEx57JiFNaPyHk_Muu_fRdVrwfTtvJzUMwI1CvGgphrwz1wg06Q
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 01 Jan 2024 12:34:49 GMT
pixel
cm.g.doubleclick.net/ Frame 978C
Redirect Chain
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESELTFIJpaeZMmv45eNoREvLs&google_cver=1&google_push=AXcoOmTAtjlcvJoOhIhdB3LJkL_dbb3IptqRFCYv13M0qCsG3hU_-BYiBGM99IK5KdqgYoUR7gRDc09yXfrXn_AIee...
  • https://match.adsrvr.org/track/cmb/google?google_gid=CAESELTFIJpaeZMmv45eNoREvLs&google_cver=1&google_push=AXcoOmTAtjlcvJoOhIhdB3LJkL_dbb3IptqRFCYv13M0qCsG3hU_-BYiBGM99IK5KdqgYoUR7gRDc09yXfrXn_AIee...
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=YWYzOGU1ZWYtOTYyZS00YzU0LWIzM2ItMjE4NjI4ZGQzNGEy&google_push&gdpr=0&gdpr_consent=&ttd_tdid=af38e5ef-962e-4c54-b33b-218628dd34a2
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=YWYzOGU1ZWYtOTYyZS00YzU0LWIzM2ItMjE4NjI4ZGQzNGEy&google_push&gdpr=0&gdpr_consent=&ttd_tdid=af38e5ef-962e-4c54-b33b-218628dd34a2
Protocol
H3
Server
142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=YWYzOGU1ZWYtOTYyZS00YzU0LWIzM2ItMjE4NjI4ZGQzNGEy&google_push&gdpr=0&gdpr_consent=&ttd_tdid=af38e5ef-962e-4c54-b33b-218628dd34a2
date
Tue, 02 Jan 2024 12:34:49 GMT
server
Kestrel
content-length
423
pixel
cm.g.doubleclick.net/ Frame 978C
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEO5H0Yh6H2Trdn1KNIROWdU&google_cver=1&google_push=AXcoOmS_uRTTpHCmNapC6uvfjyskpkiIOP3Lj6_B5ZNkk1hjgj0u1bxFbDlyBiYebxMJ2QDFJhe1IVu0...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEO5H0Yh6H2Trdn1KNIROWdU&google_cver=1&google_push=AXcoOmS_uRTTpHCmNapC6uvfjyskpkiIOP3Lj6_B5ZNkk1hjgj0u1bxFbDlyBiYebxMJ2QDFJhe...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODQ0NzczNjg1NTM4MjU3NjgxNw&google_push=AXcoOmS_uRTTpHCmNapC6uvfjyskpkiIOP3Lj6_B5ZNkk1hjgj0u1bxFbDlyBiYebxMJ2QDFJhe1IV...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODQ0NzczNjg1NTM4MjU3NjgxNw&google_push=AXcoOmS_uRTTpHCmNapC6uvfjyskpkiIOP3Lj6_B5ZNkk1hjgj0u1bxFbDlyBiYebxMJ2QDFJhe1IVu01PZQfmh2aN663ubzmYrfNA
Protocol
H3
Server
142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODQ0NzczNjg1NTM4MjU3NjgxNw&google_push=AXcoOmS_uRTTpHCmNapC6uvfjyskpkiIOP3Lj6_B5ZNkk1hjgj0u1bxFbDlyBiYebxMJ2QDFJhe1IVu01PZQfmh2aN663ubzmYrfNA
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 978C
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEAtzjM_1t99q-iZaYQoec_w&google_cver=1&google_push=AXcoOmRzbrHb95KV3ZTTXhnnePidiK_yCf-5X1WX0jAvTmNK6FMI-HuhLKCdSv6NEr5d21_TXeT3_xHDs8TfB...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEAtzjM_1t99q-iZaYQoec_w&google_push=AXcoOmRzbrHb95KV3ZTTXhnnePidiK_yCf-5X1WX0jAvTmNK6FMI-HuhLKCdSv6NEr5d21_TXeT3_xHDs8TfB...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmRzbrHb95KV3ZTTXhnnePidiK_yCf-5X1WX0jAvTmNK6FMI-HuhLKCdSv6NEr5d21_TXeT3_xHDs8TfBIHu-7czFv2TMkhx&google_hm=U1B5NWREODZFc2hmWkh6...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmRzbrHb95KV3ZTTXhnnePidiK_yCf-5X1WX0jAvTmNK6FMI-HuhLKCdSv6NEr5d21_TXeT3_xHDs8TfBIHu-7czFv2TMkhx&google_hm=U1B5NWREODZFc2hmWkh6dERTT3A=
Protocol
H3
Server
142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 12:34:49 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmRzbrHb95KV3ZTTXhnnePidiK_yCf-5X1WX0jAvTmNK6FMI-HuhLKCdSv6NEr5d21_TXeT3_xHDs8TfBIHu-7czFv2TMkhx&google_hm=U1B5NWREODZFc2hmWkh6dERTT3A=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
236
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 978C
Redirect Chain
  • https://sync-dmp.mobtrakk.com/match/google?google_gid=CAESEECyFzq4mlatiKDpMIN3ia0&google_cver=1&google_push=AXcoOmRPrtVi8aa_80qxeLESQ5y5s_hweuiCO8pXn-cGuKt-BAJlHIH7RAdFVZns_ZRbcX-4Ka3wWlOEygD3GnC3o...
  • https://sync-dmp.mobtrakk.com/match/google?google_gid=CAESEECyFzq4mlatiKDpMIN3ia0&google_cver=1&google_push=AXcoOmRPrtVi8aa_80qxeLESQ5y5s_hweuiCO8pXn-cGuKt-BAJlHIH7RAdFVZns_ZRbcX-4Ka3wWlOEygD3GnC3o...
  • https://cm.g.doubleclick.net/pixel?google_nid=992917243&google_hm=NjJjZWVjYjJjMzhkMzkxZQ&google_push=AXcoOmRPrtVi8aa_80qxeLESQ5y5s_hweuiCO8pXn-cGuKt-BAJlHIH7RAdFVZns_ZRbcX-4Ka3wWlOEygD3GnC3obFngnZx...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=992917243&google_hm=NjJjZWVjYjJjMzhkMzkxZQ&google_push=AXcoOmRPrtVi8aa_80qxeLESQ5y5s_hweuiCO8pXn-cGuKt-BAJlHIH7RAdFVZns_ZRbcX-4Ka3wWlOEygD3GnC3obFngnZx67L6fQ
Protocol
H3
Server
142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=992917243&google_hm=NjJjZWVjYjJjMzhkMzkxZQ&google_push=AXcoOmRPrtVi8aa_80qxeLESQ5y5s_hweuiCO8pXn-cGuKt-BAJlHIH7RAdFVZns_ZRbcX-4Ka3wWlOEygD3GnC3obFngnZx67L6fQ
date
Tue, 02 Jan 2024 12:34:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
nginx
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 978C 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J5j2GCfkIkh06dvTcpThUExDZ3OryBEl6fkZsUhhPo4871c_PlauKYUYnZ73DZlty8pS5LHg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6330018069195839&output=html&h=250&slotname=2120920013&adk=2552748265&adf=685434138&pi=t.ma~as.2120920013&w=300&lmt=1704198888&format=300x250&url=https%3A%2F%2Fapp.bigonline.top.enquetebbb.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704198888483&bpp=6&bdt=1065&idt=6&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280%2C300x250%2C850x212&nras=1&correlator=1382143617713&frm=20&pv=1&ga_vid=1513113727.1704198888&ga_sid=1704198888&ga_hid=826802263&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1115&ady=3423&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44795922%2C95320884&oid=2&pvsid=1575176703098264&tmod=1392576887&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=3&fsb=1&dtd=11
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 12:34:49 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
pagead2.googlesyndication.com/bg/ Frame EA29 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 14:05:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
599389
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19632
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 25 Dec 2024 14:05:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fa827aa7379bdd5c150347a04903391f240c1610b9c9d539819b6a2d4c2829bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 12:34:49 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12309
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 12:34:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 02 Jan 2024 12:34:49 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 621E 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://app.bigonline.top.enquetebbb.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
37378
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 02:11:51 GMT
expires
Wed, 01 Jan 2025 02:11:51 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 0B30 		829 B
560 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5fe44ad4c9b756a66e695ed3748ff3c22804135cf7518012a03a8490ca59d66a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-uDRVa5EtxfMUaIazWTM_HA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.bigonline.top.enquetebbb.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-uDRVa5EtxfMUaIazWTM_HA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 12:34:49 GMT
expires
Tue, 02 Jan 2024 12:34:49 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 621E 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 06:25:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
22145
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 01 Jan 2025 06:25:44 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 0B30 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=1575176703098264&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 621E 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?oQWt2A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 12:34:49 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=1575176703098264&bg=!8fKl8r3NAAY3kmNgF5I7ADQBe5WfOKEkeFv1HE-h8peh1FSx9SzT_tMVVqQe0XVY18fAbsnD090Detrr9ukjhiT0pI_fAgAAAEFSAAAAA2gBBwoAYxY6ipZILOsnE6Iymb5qrO5RWX_mWHw9Vj8b8njwsvEPRkbS-k507APJxS4Zpp-xQl0Yl9f5x0mVrgQtQH0KUgE0yJ9h3Qb1Pfmjj1a4sd-t6m850PcNTtvTCkmQi3SR1BNoa5kC9CpIMrdVFhtLGbNbFDM8usA8iIgqUAPQlyEk9Yqd3qW-2IidfBsbCBC6vUvS8fN7idVi5HRc3gCbllFVv5t1xKrg9ojdRYfk9G8gr33Vf6PTbQSC9Sc6m6S-XHnUiC7VQSBSQf5Q-EOtqckeZEdaJuEqUkCzQY2dMTPDd_y3OiIQS1sY-LI7i8RNUd2_OFESjeZLM7ktwPOIf_AF3Y64b1VRwunodBnnEuuT-EWNMkriZRsU4rDpm6U7Aa5vioJKC-d3TaVOalnlLlVu9I-DOw5Uwcc9YBKo1931neg_D7wMgXNjw1H4_h0598yzNGY5Bu6CfDOJeO8iQfVfMjTQsY1gUcEA-eqsMRxUG-IX6zpPUgPKnnjSAHwWWFt3bW7HqQQiaB4B_vekKOkfMAc8mNX4guFtY75EcJ8xmr5GtxM8v3aJjgV36VAe5u9mtY-K_Y2m858qtmDSYBOQJxsyPTGfr9u2F47itXQOLARcHnM2mgneq3_8LA888DhX-FJXT7fqIKBi6VyXhkA6YjaFrFkRrDaNw7FeK67ecvAW6-H9JT3aw6Pq8vcnhak7Cx0vdWjQEhs_IsgHB7Ba9pfi5bCfAyort0bmIplTZjRgnZQGR3WhcjoKLCF8bDexUzqR1z0K0WlrSAbWbYMtDddJH93hTks5t-JUMLTr25foq3wt042DM2waPGmcX7AVC4PMVIkXBqDjNWyBHeTsS7hrKZ62w1veNYRd6H9rwPqmlkKtHsVwi_Unpew08xFA_8S7OVX7cAg-dE1X2X4oWzaSGsFu1gqmb9wOIxhu9ePlM_bOeSm9e3QyjLyEXiuijleOK9trape6-D6786KuVHbIi5vN5_ENO7--1ugRZ1fInvwar-GyHjoCafcLmzszpcMVIHzzOcHaqvspoJs5fQh5PEr1sIVTNCD9SYb-ggFJ2m3Lrau__Bm2XLslEPVKXDPEjrO72fEkeCWMCvJ2t9Hd1wvD4YEzApVWm7yyMtKDecHB6B5Ztg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
csi
csi.gstatic.com/ Frame DEF3 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lqwc0mr8&c=5778494361435&slotId=2889247180717.5&qqid=CIHc6MrbvoMDFZgqaAgdHUYFhQ&umsem=0&ple=1&ape=1&met.4=vil.lqwc0mxs~vfl.lqwc0n1p
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/aaaa0c68f83bc91a42091e4a37f3fa3d.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4013:c06::5e Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:50 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sdk.js
connect.facebook.net/pt_BR/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/pt_BR/sdk.js
Requested by
Host: app.bigonline.top.enquetebbb.com.br
URL: https://app.bigonline.top.enquetebbb.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
46a3ce1eeea0cd80006f409482d8baf6246e28cec4c616bfe81dcccd04fd1204
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 02 Jan 2024 12:34:50 GMT
content-md5
aJhyikow9GaRKf+yiD2+Dw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
reporting-endpoints
x-fb-debug
LBfyvitQUOdP4c3ctZrol3Yx0Y2kZ3rGB+MRU30R0mLyjY3dr3bHe0aDNW6fN05NdKXssLnyF9s/mEyRXm5zdA==
x-fb-content-md5
cfa922503a81e7099377020f6d6c6e7f
cross-origin-opener-policy
same-origin-allow-popups
etag
"22d508106dd58fe12710783a475a40c2"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Tue, 02 Jan 2024 12:37:37 GMT
cdb
bidder.criteo.com/ 		0
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.5&cb=74620262976&lsavail=1
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://app.bigonline.top.enquetebbb.com.br/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://app.bigonline.top.enquetebbb.com.br
date
Tue, 02 Jan 2024 12:34:50 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
fastlane.json
fastlane.rubiconproject.com/a/api/ 		459 B
516 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15410&site_id=96324&zone_id=2050442&size_id=2&alt_size_ids=55&rp_schain=1.0,1!premiumads.com.br,c5f23a3b-3ee9-44b5-8574-4c24c1580399,1,,,&rf=https%3A%2F%2Fapp.bigonline.top.enquetebbb.com.br%2F&kw=bbb23%2Cbbb23%2Cbig23%2Cbbb2023%2Cbbb2023%2Cgshowbbb%2Cbbb23votar%2Cenquetebbb23%2Cenquetebbb23big2023%2Cbig23%2Cbbb2023%2Cbbb22%2Cbbb22%2Cbig22%2Cbbb2022%2Cbbb2022%2Cgshowbbb%2Cbbb22votar%2Cenquetebbb22%2Cenquetebbb22big2022%2Cbig22%2Cbbb2022%2Cbbb21%2Cbbb21%2Cbig21%2Cbbb2021%2Cbbb2021%2Cbig2021%2Cbig21%2Cbbb2021%2Cbbb%2Cenquete%2Cbbb18%2Cbigbrotherbrasil%2Ccasavigiada%2Cvotarbbb%2Cvoto%2Cvotar%2Cenquetebbb%2Cbbb18%2Cbig18%2Cbbb2018%2Cbbb2018%2Cbig2018%2Cvotarbbb%2Cenquetebbb%2Cenquetebb%2Cpared%C3%A3o%2Cvote%2Cbig18%2Cbbb2018%2Cfazenda%2Cafazenda%2Cafazenda15%2Cro%C3%A7a%2Crecord%2Cr7%2Cvotarfazenda%2Cvota%C3%A7%C3%A3obbb%2Cenquetebbb%2Cparcialbbb%2C&tg_i.domain=app.bigonline.top.enquetebbb.com.br&tg_i.page=https%3A%2F%2Fapp.bigonline.top.enquetebbb.com.br%2F&tg_i.pbadslot=%2F75894840%2C21757894217%2FENQUETE_BBB_HEADERSTICKY%23P_ENQUETE_BBB_HEADERSTICKY_0&tk_flint=pbjs_lite_v7.54.5&x_source.tid=39aacbae-5706-4ff1-9fc3-5c9d044c766b&l_pb_bid_id=16463c567a5e88f&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=39aacbae-5706-4ff1-9fc3-5c9d044c766b&rp_hard_floor=0.0618&rp_maxbids=1&p_gpid=%2F75894840%2C21757894217%2FENQUETE_BBB_HEADERSTICKY%23P_ENQUETE_BBB_HEADERSTICKY_0&slots=1&rand=0.7242820170732676
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:300::98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
f430d73220fdc94f0ea382e4b09340deacd61738f85786df3eaea69a2ac6237a

Request headers

Referer
https://app.bigonline.top.enquetebbb.com.br/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:50 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://app.bigonline.top.enquetebbb.com.br
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
459
expires
Wed, 17 Sep 1975 21:32:10 GMT
auction
tlx.3lift.com/header/ 		19 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.54.5&referrer=https%3A%2F%2Fapp.bigonline.top.enquetebbb.com.br%2F&tmax=2500
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.203.80.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-80-35.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://app.bigonline.top.enquetebbb.com.br/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:50 GMT
accept-ch
sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile
x-auction-status
29
content-type
application/json; charset=utf-8
access-control-allow-origin
https://app.bigonline.top.enquetebbb.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
prebid.media.net/rtb/ 		1 KB
782 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUM45834
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
d42cf300087dde82d619952ccbe596a0ec3f6845057d7b75299aa58ea8ea94ff

Request headers

Referer
https://app.bigonline.top.enquetebbb.com.br/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:50 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://app.bigonline.top.enquetebbb.com.br
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
35
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 02 Jan 2024 12:34:50 GMT
prebid
ib.adnxs.com/ut/v3/ 		145 B
974 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.114 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
ff539acbae62f5e970cf513e9024b9f180117afc74ae5bada176b53d42e4315f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://app.bigonline.top.enquetebbb.com.br/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:51 GMT
an-x-request-uuid
0028395b-cecb-48e8-b854-ff4c4ec07020
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://app.bigonline.top.enquetebbb.com.br
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
96.9.249.45; 96.9.249.45; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
145
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
3946375
bs.yandex.ru/prebid/ 		0
237 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bs.yandex.ru/prebid/3946375?imp-id=1&target-ref=app.bigonline.top.enquetebbb.com.br&ssp-id=10500
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://app.bigonline.top.enquetebbb.com.br/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:50 GMT
last-modified
Tue, 02 Jan 2024 12:34:50 GMT
x-yandex-req-id
1704198890860799-1440640490499810537200430-production-app-host-vla-pcode-482
uniformat
true
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://app.bigonline.top.enquetebbb.com.br
content-type
application/json; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
uniformat-product-type
None
expires
Tue, 02 Jan 2024 12:34:50 GMT
collect
analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-RQSNYVQKT8&_ono=1&gtm=45je3bt0v9135313823&_p=1704198887443&gcd=11l1l1l1l1&dma=0&cid=1513113727.1704198888&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EEII&sid=1704198887&sct=1&seg=0&dl=https%3A%2F%2Fapp.bigonline.top.enquetebbb.com.br%2F&dt=Enquete%20BBB%20-%20Votar%20BBB%2023&_s=4&tfd=3975
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RQSNYVQKT8&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:38::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://app.bigonline.top.enquetebbb.com.br/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:50 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://app.bigonline.top.enquetebbb.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sdk.js
connect.facebook.net/pt_BR/ 		297 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/pt_BR/sdk.js?hash=ee5464f1c408ca8a4aa007cd45dad915
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d877bd244ace8fdc2194396052b01e2b0fed74321dace85bf206d6d546d6d6b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://app.bigonline.top.enquetebbb.com.br/
Origin
https://app.bigonline.top.enquetebbb.com.br
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 02 Jan 2024 12:34:50 GMT
content-md5
YqX/XsZQL0rVVSvxmlpoTQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
86910
reporting-endpoints
x-fb-debug
jruTJMnKXg+Snndbmu21Ty3pDlqQC9A2/ubJj7oWUxpn81RrvlqI+nfpP90oHEwyH/07l1Io5LdPKOMtwFiIxg==
x-fb-content-md5
027c903c2703c11628139ddda41f4929
cross-origin-opener-policy
same-origin-allow-popups
etag
"b473b10d0d8ac44f6815aebdab4d06b5"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Wed, 01 Jan 2025 12:17:38 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		49 KB
21 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1575176703098264&correlator=2493206335648843&eid=31079957%2C31080078%2C31080122&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&iu_parts=75894840%3A21757894217%2CENQUETE_BBB_HEADERSTICKY&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C728x90&ifi=12&didk=3492932515&sfv=1-0-40&fsbs=1&rcs=1&eri=1&sc=1&cookie=ID%3Db1ae3e7c33ee6f2a%3AT%3D1704198888%3ART%3D1704198888%3AS%3DALNI_MZ4Zx-_vf2ab8gc3VJPxZltxHUOug&gpic=UID%3D00000a05d90615a5%3AT%3D1704198888%3ART%3D1704198888%3AS%3DALNI_MZ-swE3fPB8RSowax9wgz9k-Fvaow&abxe=1&dt=1704198891099&lmt=1704198891&adxs=315&adys=1245&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fapp.bigonline.top.enquetebbb.com.br%2F&vis=1&psz=0x-1&msz=1000x-1&fws=644&ohw=1600&ga_vid=1513113727.1704198888&ga_sid=1704198888&ga_hid=826802263&ga_fc=true&dlt=1704198887418&idt=334&prev_scp=data_type%3Danchor%26pp_sticky%3Dbottom%26pp_refresh%3Dtrue%26pp_loop%3D01&cust_params=url%3Denquetebbb.com.br%26categoria%3Dhome&adks=2440819915&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28031808ac5c5297b997786aa8431f314169909959994298ec0015569c79b4cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 12:34:51 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20998
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://app.bigonline.top.enquetebbb.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.136.js
static.criteo.net/js/ld/ 		94 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.136.js
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 12:34:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 07 Nov 2023 09:08:30 GMT
server
nginx
etag
W/"6549fe8e-17704"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 03 Jan 2024 12:34:51 GMT
syncframe
gum.criteo.com/ Frame FB8A 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=app.bigonline.top.enquetebbb.com.br
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
c9a726fb5e408c905af5fa916e23740a283b9ab6f8adfa955a0b3b40e7c6cdf9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://app.bigonline.top.enquetebbb.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 12:34:50 GMT
server
Kestrel
server-processing-duration-in-ticks
352852
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
publishertag.prebid.136.js
static.criteo.net/js/ld/ 		94 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.136.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 12:34:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 07 Nov 2023 09:08:30 GMT
server
nginx
etag
W/"6549fe8e-17704"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 03 Jan 2024 12:34:51 GMT
sid
mug.criteo.com/ Frame FB8A
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=enquetebbb.com.br&sn=ChromeSyncframe&so=0&topUrl=app.bigonline.top.enquetebbb.com.br&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=l5NtmXwxTjlSTVpZNkcyRGhqRUdkTXhQV21pYW9ZV2d1YTFmL2dvNEUzTmdUWkxHYmxVMUxYNy82dUdrUFZYMEJYT2ZDa2xvcjlXbnJibFZRQUg0dFl3Sk80OHA4TFphdVBDU3dpMXpoN0VxQ09iRzZnUWhrS0ZMZDRlZ1...
452 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=l5NtmXwxTjlSTVpZNkcyRGhqRUdkTXhQV21pYW9ZV2d1YTFmL2dvNEUzTmdUWkxHYmxVMUxYNy82dUdrUFZYMEJYT2ZDa2xvcjlXbnJibFZRQUg0dFl3Sk80OHA4TFphdVBDU3dpMXpoN0VxQ09iRzZnUWhrS0ZMZDRlZ1F5V1BzUkNwaFRUQnIvMTBlaHBvdVRSRCtmMllubDV3dkplNzE3RVkvSWZYTnlxb3FKNGlDU2tXS0Z1Z201ZFdENHhXYWxXWUJxalBsT2M4Nk5WV0JIdVVFWDJ2ZWZVK2Q1NDNMY0doZWpRcENrVUMzZWQrMVVEZXVyZXFCc0lkb1dPSkZ3SnhGTlJETVhmSlkyR3hDUjA2UythU0ZTMUo2ZzFSWGZvWlNGQUVLL1ErU2haND18&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e713f164dab50349afdb77e0d94494e7899c5ab012974e95aa4f1608ce485ba3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:50 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1938800
expires
0

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:50 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=l5NtmXwxTjlSTVpZNkcyRGhqRUdkTXhQV21pYW9ZV2d1YTFmL2dvNEUzTmdUWkxHYmxVMUxYNy82dUdrUFZYMEJYT2ZDa2xvcjlXbnJibFZRQUg0dFl3Sk80OHA4TFphdVBDU3dpMXpoN0VxQ09iRzZnUWhrS0ZMZDRlZ1F5V1BzUkNwaFRUQnIvMTBlaHBvdVRSRCtmMllubDV3dkplNzE3RVkvSWZYTnlxb3FKNGlDU2tXS0Z1Z201ZFdENHhXYWxXWUJxalBsT2M4Nk5WV0JIdVVFWDJ2ZWZVK2Q1NDNMY0doZWpRcENrVUMzZWQrMVVEZXVyZXFCc0lkb1dPSkZ3SnhGTlJETVhmSlkyR3hDUjA2UythU0ZTMUo2ZzFSWGZvWlNGQUVLL1ErU2haND18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
488582
content-length
0
expires
0
container.html
1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E54A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://app.bigonline.top.enquetebbb.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 12:34:48 GMT
expires
Wed, 01 Jan 2025 12:34:48 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-RQSNYVQKT8&_ono=1&gtm=45je3bt0v9135313823&_p=1704198887443&gcd=11l1l1l1l1&dma=0&cid=1513113727.1704198888&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=kAAI&sid=1704198887&sct=1&seg=0&dl=https%3A%2F%2Fapp.bigonline.top.enquetebbb.com.br%2F&dt=Enquete%20BBB%20-%20Votar%20BBB%2023&_s=5&tfd=4805
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RQSNYVQKT8&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:38::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://app.bigonline.top.enquetebbb.com.br/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:51 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://app.bigonline.top.enquetebbb.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
nmedianet.js
contextual.media.net/ Frame E54A 		102 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/nmedianet.js?cid=8CUTX61X6&ydspr=1
Requested by
Host: 1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com
URL: https://1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.168.66 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-168-66.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
dd8a170f5013195015b51c6d3cedf48702d5fdab82cdfc8449ec791e7f4fa99c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-mnt-h
21-tp9r
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Tue, 02 Jan 2024 12:34:51 GMT
server
Apache
etag
"6af336150ec51d28744ed112efd9d1bc"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
x-mnt-w
22-5h9m
timing-allow-origin
*
content-length
39220
expires
Tue, 02 Jan 2024 12:39:51 GMT
release-20231121-135-adperformance.js
warp.media.net/rtb/resources/ Frame E54A 		72 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warp.media.net/rtb/resources/release-20231121-135-adperformance.js
Requested by
Host: 1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com
URL: https://1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.199.48.23 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-199-48-23.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
1616c8cd083e6b17f6a75ab0695bd4a4573b31ae8398ffb43758288028f6a773
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
date
Tue, 02 Jan 2024 12:34:51 GMT
x-guploader-uploadid
ABPtcPrHbBlvEvxV9JZPdIuPUtSPCyDx2B_gprnpiJvmF4oXtmicvDd_rZM-PbNyxluXDNTlTynqrlmceQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
25147
server
UploadServer
etag
"841dabce0b477a93d9cf7379b9eb1368"
vary
Accept-Encoding
x-goog-hash
md5=hB2rzgtHepPZz3N5uesTaA==, crc32c=iBXD1A==
content-type
application/javascript
x-goog-generation
1700562102250666
cache-control
max-age=3600
x-goog-stored-content-length
73447
expires
Tue, 02 Jan 2024 13:34:51 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame E54A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: 1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com
URL: https://1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 13:20:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
83684
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 15 Jan 2024 13:20:07 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame E54A 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com
URL: https://1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 13:20:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
83686
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 15 Jan 2024 13:20:05 GMT
l
www.google.com/ads/measurement/ Frame E54A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTorx9BlGfKXq2igdQEsIC6KGCxoUqburoJyGZ08qF7t5vm3ZIniAYNG6vMApx4go64cG-UcgR9wBGVpIp6p_S46MEI7Q
Requested by
Host: 1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com
URL: https://1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame E54A 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com
URL: https://1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 16:50:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
416675
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 27 Dec 2024 16:50:16 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E54A 		194 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com
URL: https://1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
976b1d446e9f000ebc33704968e386bdf9a1c80afa733825c1fb92006d1736ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 12:34:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62516
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 02 Jan 2024 12:34:51 GMT
browserfp.min.js
pxlclnmdecom-a.akamaihd.net/javascripts/ Frame E54A 		131 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CUTX61X6&noCookies=true
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CUTX61X6&ydspr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.40.179.50 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-40-179-50.deploy.static.akamaitechnologies.com
Software
/ Express
Resource Hash
9f930bdaa248eb6bcc523cbb2d62ec297427dc658c0ce121e9b18ee8f0ddcd70

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 12:34:51 GMT
Content-Encoding
gzip
x-powered-by
Express
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=300
Access-Control-Max-Age
1800
Connection
keep-alive, Transfer-Encoding
Transfer-Encoding
chunked
Expires
Tue, 02 Jan 2024 12:39:51 GMT
SAFEFRAME.html
contextual.media.net/sr/2722522032/ Frame 3DAB 		73 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2908&&kkdd=n3%7C!%7C3*Ah9HWun&22=_o&G8=9bhU9fccf9p9Hbph9RR&)B4F=h&~-41=h&2BG=99Uh&Y-2L=tHOO&28B=cw_QmO9mO&242B=CU(38tNUgTiUI8vfeWsE40%3D%3D&2F8B=cU99HbH9p&-8WL=bRcEfh&-2=yt&2NZ~=-~~d~8)F1Y8lZdYL-Y&48B=cvnAOh5HR&Y48B=Q6pUOof&NYY4-=9&FFF=7X4d.YbUig2kRB_FlacKT_alw2bFLlT5.nGaw~o10YFR-N~vhJCRoE!6o0iLFsXp&Z-L=p&PX=9&s)B=U&1BY9=cw_AURHpi&1BYR=fOfURcpHR&TB1Y1=-BR%3DZsPPr8sFPdP%3D9hrl)LF4~%3DhzhbrBl~dT%3Dhzp9r-2B%3DZDrF1L%3Dh%2ChrBl~dP%3DRhrGPRFd-B%3DRhRUh9hRhHr8sFPdT%3DObUzcOrsFPdYV2%3DhrsFPdFR1dT%3Dhr-YB%3DRUUhc9ff9prF1Y%3Dhzhhh%2Chr84%3D9f6UQv1T4wV389GwyT_pWRr.TT%3DhrF884s1%3D99U%2C99UrF2%3D9rF8-s8B%3Dh%2ChrF4-d-B%3DRhRUh9h9R9rF1BG%3Dhzhhh%2ChrsFPdT%3D9zUcrGPRFdsFPdT%3Dhr-~~dXF%3Dbz9Hh9rsFPdP%3D9hr-PG%3D9Hzpbr)21Y%3DM9hrTT%3D9fOr-~~d~sP%3DhzOUrLF4~%3DhzhbrGPRFdsFPdV2%3Dhghr4-8d2%3DR9%2CH%2Ch%2Ch%2Ch%2Ch%2Ch%2ChrT~%3D9r4-8dB%3DHUcUrFVL%3Dh%2Chr1H4dT%3DRzHf%2CUbzU9r-B%3D9rs8B%3DRy1a3n~p(q!P3e4PFBr2GPRFdT%3DhzfOrTYB%3DOb9fHhRcUfRfUfbhROHRHpUHp9ch9hfRcUOROhUUffHbcRUUHU9OhHHRfbfcccRc9HRc9hcUhOhURfhHUcfOH9Uh9cfbHchphbc99cUrs8~%3DhrFVY%3Dhzhhh%2Chrl)BR4dT%3Dhzfcr--%3DIqr22%3D_orVTdBP%3D4Yrs8X%3DM9r2L%3DhrF2G%3DURrwy%3DHhbcrVTds2%3D9rZY-%3DRrVTdsP%3D4YrVTd22V-%3Dhr2Y%3DTs..1PlrT--d*Q!%3DIq%2CIqrT1-8-R%3D9fOrTBY%3D9bhU9fccf9rT1-8-9%3D9fOrVTdYY%3D99rB2%3DcrGPRFdT%3DRzhHrYY%3DbbhrGXdLE2%3Dhzcbr-~~dT8B%3DhzhUrG8-d-B%3DUbrF.d2ZY%3D9rsFPdF4-dT%3DfzHr-lT3%3DhrB2R%3D9rGd1-Z%3DRhRbcrP1-Y%3Dr2Gl)%3DhzfOrG8-dsFPdT%3DhzpOrGPRFd8d-B%3DRhRUh9h99crG8-dsFPdP%3DhrB-ZT%3DURhrLY%3DRRrGPRFd8dT%3Dhzh9rG8-dT%3Dbb9zORrGPRFdsFPdG8%3D9gM9OrsFPdYG8%3DhrGG%3Dhr2GPRFd-B%3DUbrF.G%3DURrPRFdT%3D9hhhrXFdT%3D9zh9%2Chr-~~d-B%3DRhRUh9hRhHrF1B4%3Dhzhhh%2Chr-8B%3DcU99HbH9prsFPdF4-dV2%3DhrVTd-F2%3DVTTrGXs%3DhzcbrBR4dP%3D9hr2GPR%3DhzfOrH42.%3Dfffzcprl)d~-N%3DhzhbrB~~d-YF)%3D-~~d~8)F1Y8lZdYL-YrBR4dT%3DhzffrF4-dT%3DUbzU9rsFPd-F4-dT%3DfzHrFVX4%3Dhzhhh%2ChrFVXB%3Dhzhhh%2Chr8-kL.%3Dhr8-8.%3DhrsFPdF42dT%3DhrT8B%3DhzhUrVTd4Y%3DJl~L41)LrsFPdF4-dFG%3Dhr2TB4%3DhzhUhr-B%3D9r8YD4Ld8B%3D9br-LPPLFdY1)d8B%3DRUUhc9ff9pr-s44PDdY1)d8B%3DrBLYL2YLBdY1)d8B%3DrG8LX1T8P8YD%3Dhzcbr4l-%3DHr12dYD4L%3D9r1BTPV%3DRUUhc9ff9prFL.d2ZY%3D9r1~4%3D9rl)T8B%3DhzhbhrT.PF%3DhzhUhr-s8B%3Dwqgogw5bKDN9QBIl54L8byDfDigrBY2%3DL1-Yd-2rB~~dLF4~%3D.1P-LrB~~%3D-~~d~8)F1Y8lZdYL-YrTB4214B%3DhrB1P)%3D-~~r-lT4%3DrE8B%3DqemM4sTMHO9fhUpccb9cbhH9rNY~P%3D9r-~~d148%3DG9r8T2%3D9rZ-W%3DRrY)-%3DbRcEfh%7CfbhEfhrT-T%3DhrT-4%3DhrY~E%3DRUR&ZYG=h&~~~=1Cwcw)fUU1XKhi!D7b0ohaZfN2qtPl_itW9I-Ea7OtX%3D&8X=bRc&8Zy.F=9&TBFyB=UOh&T8B=HUfhOp&~2.=bOpfR&DB-4F=9&T1L=iELIi1((1iriELIi11I1irULL&V1Y4FL=9&21Bl~18Z=YWkMNt2PMtMJoNIURMss.BZpnmNR8whIO(BHRDUyo235nJ3dVD3lW)%3D%3D&D4P4=9&8-8B=p&1BG=yZGL-YlF%20Al2s-&--~2FdGLF=p&4)8B=4hHOpUpffchYRhRUh9hR9RHU&--PB=%7B%22--84%22%3A%22ROhR%3A..2c%3AhhhR%3Ahhhh%3Ahhhh%3Ahhhh%3Ahhhh%3Ahhhh%22%2C%22--22%22%3A%22_o%22%2C%22---2%22%3A%22I7%22%2C%22--2YD%22%3A%22is..1Pl%22%7D&4LF.=9&NY~P-F2=9&sflct=8828251&ure=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CUTX61X6&ydspr=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.168.66 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-168-66.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
956f488ad5f9e03ec3bff2b1e2b429e3e4b6b238ef8a98aae4b954336a991d91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
30829
content-type
text/html
date
Tue, 02 Jan 2024 12:34:52 GMT
expires
Tue, 02 Jan 2024 12:34:52 GMT
pragma
no-cache
strict-transport-security
max-age=31536000
timing-allow-origin
*
vary
Accept-Encoding
x-sc-h
22-lvdg
bping.php
lg3.media.net/ Frame E54A 		35 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?vgd_len=2674&&vgd_cdv=1140&vgd_cage=11&vgd_tsce=L366&vgd_mcf=76592&gdpr=0&mspa=0&prid=8PRVCXX19&cid=8CUTX61X6&crid=841137315&vi=1704198891513750122&ugd=4&lf=6&cc=US&sc=IL&lper=100&wsip=170785131&r=1704198891821&rrr=Ywp_ft74BEcR2dUroG8ZbUGoCc7reobVfOvGCmSaQtr2shmP0HM2SxWJSQBeruw5&requrl=https%3A%2F%2Fapp.bigonline.top.enquetebbb.com.br%2F&vgde_bdata=QOfvzxjj~8xLjMjvu9~myJLEYv9.9h~OmYMGv9.Xu~QNOvz5~L1Jv9%2C9~OmYMjvf9~ejfLMQOvf9fH9u9f9A~8xLjMGvFhH.WF~xLjM7UNv9~xLjMLf1MGv9~Q7OvfHH9WuiiuX~L17v9.999%2C9~8Evui6H_01GE%3DUd8ue%3DVGPXlf~kGGv9~L88Ex1vuuH%2CuuH~LNvu~L8Qx8Ov9%2C9~LEQMQOvf9fH9u9ufu~L1Oev9.999%2C9~xLjMGvu.HW~ejfLMxLjMGv9~QYYMBLvh.uA9u~xLjMjvu9~QjevuA.Xh~yN17vou9~GGvuiF~QYYMYxjv9.FH~JLEYv9.9h~ejfLMxLjMUNv949~EQ8MNvfu%2CA%2C9%2C9%2C9%2C9%2C9%2C9~GYvu~EQ8MOvAHWH~LUJv9%2C9~1AEMGvf.Ai%2CHh.Hu~QOvu~x8OvfV1ZdaYX%20KpjdrEjLO~NejfLMGv9.iF~G7OvFhuiA9fWHifiHih9fFAfAXHAXuW9u9ifWHFfF9HHiiAhWfHHAHuF9AAfihiWWWfWuAfWu9WH9F9Hfi9AHWiFAuH9uWihAW9X9hWuuWH~x8Yv9~LU7v9.999%2C9~myOfEMGv9.iW~QQvIK~NNvPb~UGMOjvE7~x8Bvou~NJv9~LNevHf~%3DVvA9hW~UGMxNvu~z7Qvf~UGMxjvE7~UGMNNUQv9~N7vGxkk1jm~GQQMC_pvIK%2CIK~G1Q8QfvuiF~GO7vuh9HuiWWiu~G1Q8QuvuiF~UGM77vuu~ONvW~ejfLMGvf.9A~77vhh9~eBMJ-Nv9.Wh~QYYMG8Ov9.9H~e8QMQOvHh~LkMNz7vu~xLjMLEQMGvi.A~QmGdv9~ONfvu~eM1Qzvf9fhW~j1Q7v~Nemyv9.iF~e8QMxLjMGv9.XF~ejfLM8MQOvf9fH9u9uuW~e8QMxLjMjv9~OQzGvHf9~J7vff~ejfLM8MGv9.9u~e8QMGvhhu.Ff~ejfLMxLjMe8vu4ouF~xLjM7e8v9~eev9~NejfLMQOvHh~LkevHf~jfLMGvu999~BLMGvu.9u%2C9~QYYMQOvf9fH9u9f9A~L1OEv9.999%2C9~Q8OvWHuuAhAuX~xLjMLEQMUNv9~UGMQLNvUGG~eBxv9.Wh~OfEMjvu9~Nejfv9.iF~AENkviii.WX~myMYQwv9.9h~OYYMQ7LyvQYYMY8yL178mzM7JQ7~OfEMGv9.ii~LEQMGvHh.Hu~xLjMQLEQMGvi.A~LUBEv9.999%2C9~LUBOv9.999%2C9~8QDJkv9~8Q8kv9~xLjMLENMGv9~G8Ov9.9H~UGME7vqmYJE1yJ~xLjMLEQMLev9~NGOEv9.9H9~QOvu~875EJM8Ovuh~QJjjJLM71yM8OvfHH9WuiiuX~QxEEj5M71yM8Ov~OJ7JN7JOM71yM8Ov~e8JB1G8j875v9.Wh~EmQvA~1NM75EJvu~1OGjUvfHH9WuiiuX~LJkMNz7vu~1YEvu~myG8Ov9.9h9~GkjLv9.9H9~Qx8Ov%3DK4b4%3D%2Fh25wu_OIm%2FEJ8hV5i5R4~O7NvJ1Q7MQN~OYYMJLEYvk1jQJ~OYYvQYYMY8yL178mzM7JQ7~GOEN1EOv9~O1jyvQYY~QmGEv~-8OvKrtoExGoAFui9HXWWhuWh9Au~w7Yjvu~QYYM1E8veu~8GNvu~zQlvf~7yQvhfW-i9%7Cih9-i9~GQGv9~GQEv9~7Y-vfHf&ssld=%7B%22QQ8E%22%3A%22fF9f%3AkkNW%3A999f%3A9999%3A9999%3A9999%3A9999%3A9999%22%2C%22QQNN%22%3A%22Pb%22%2C%22QQQN%22%3A%22I3%22%2C%22QQN75%22%3A%22Rxkk1jm%22%7D&vgd_bid=349065&vgd_ydspr=1&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=20278&vgd_rakh=1704198891133494180&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CUF4235B&vgd_hb_audit_2=969428532&vgd_pgid=p0365459980t202401021234&vgd_pgids=1&vgd_uspa=0&vgda_l1btm=%5B%22SPAMPXL%22%2C%22PRLG%22%2C%22URLDC%22%5D&hvsid=00001704198891815016112663493870&gdpr=0&mspa=0&vgd_l2type=scs_newfl&vgd_end=2
Requested by
Host: 1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com
URL: https://1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.199.48.23 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-199-48-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Tue, 02 Jan 2024 12:34:51 GMT
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Tue, 02 Jan 2024 12:34:51 GMT
checksync.php
contextual.media.net/ Frame 24FC 		27 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUF4235B&prvid=99%2C77%2C20000%2C294%2C262%2C460%2C461%2C462%2C4%2C313%2C10000%2C459%2C229%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Requested by
Host: 1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com
URL: https://1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.168.66 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-168-66.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b70e33fdd2cc9cb3d9baf246b79f5bede81fa22b7242ac0930c21bae97263da4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
9651
content-type
text/html; charset=UTF-8
date
Tue, 02 Jan 2024 12:34:51 GMT
expires
Thu, 04 Jan 2024 12:34:51 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
clog
hblg.media.net/ Frame E54A 		35 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/clog?pixel_len_bucket=6158&logid=awlog&lper=1&itypeid=17&itype=ADX&cc=US&cid=8CUF4235B&reqid=YhLdXi0jLZSAsAcWY6VSbA&vid=YhLdXi0jLZSAsAcWY6VSbA&dn=app.bigonline.top.enquetebbb.com.br&rawDn=app.bigonline.top.enquetebbb.com.br&requrl_dn=app.bigonline.top.enquetebbb.com.br&pid=8PR113JGC&ugd=4&fleet=appnexus&requrl=https%3A%2F%2Fapp.bigonline.top.enquetebbb.com.br&cliIPV6=2602%3Affc8%3A0002%3A0000%3A0000%3A0000%3A0000%3A0000&cliIPType=v6&coppa_enf=true&lmt_status=N&lmt_applied=N&lmt_enf=true&dnt_enf=false&geo_source=2&sc=NY&ct=Buffalo&zip=14202&pubid=pub-ADX-116310109131-pub-rep&tgtval=pub-ADX-116310109131-pub-rep&csip=rtb-appnexus-7fcc865bf5-gvp2v.SC&dtc=east_sc&zone=d&sd=1&ptype=23&tmax=300&xtmax=300&gdpr=0&gpp_present=false&app=0&sat=1&device_id=4&asn=20278&sckfl=1&suid=CAESECV7Zyh1TdNoVpei7Iy9yBE&sckfl2=0&smbrid=adx-2&usp_status=0&usp_enf=1&mspa_enforced=true&gqid=AD8Fdm4kbOng6vr3Vw5nGyr6bFLqfhDt2ESkuLiLgVgjPKMiUZOMo1gQfbHfeCZ8Age4YObG&pexid=ADX-pub-3619045887187031&geoll=true&is_ortb=false&commit_id=8fc9a08a&ocurr=USD&omul=1.0&currsrc=API&currsrc_date=2023-12-29+00%3A00%3A00&schain_cmpl=1&schain_nodes_count=2&dummy_vsid=false&amptype=1&second_call=false&supply_cc=US&ipcc=US&is_msnnative_src=false&proxy=envoy&header_lang=false&rtttime=54&req_tid_present=false&pvid=460&prvAccId=841137315&prvApiId=8CUTX61X6&adj0=0.0&adj1=0.0&adj2=0.0&pst=0&crid=969428532&prspt=headerBid&prvReqId=529420085795_2043961307_9694285324601&size=728x90&chnl=smm_migration_test&bdp=0.070&bid_uuid=b16ab72d9241d32e9dfd4e1c840b5973&cbdp=0.04&og_cbdp=0.070&ogbdp=0.07&pv_adtype=0&res_mtype=0&mnet_ckfl=0&ckfl=0&be=0&advUrl=https%3A%2F%2Frelated.investorfocus.net&dfpBd=0.04&dsrc=-2&dp=0&dbf=1&epc=841137315&s=1&snm=SUCCESS&pcrid=8CUTX61X6-841137315-1-23&tpbTkn=false&exid=218&bidflr=0.040&pbidflr=0.040&opbidflr=0.040&spbf=0&viewability=87&sbdrid=196&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Ctpi%3D1%7Cfl_rl%3D1%7Cdbr%3D1%7Csfl%3Dfalse%7Cbfl%3D-100%7Ctpi%3D1&mnrf=0&ortbseat=BID_API&brsrclk=0&bidrestime=1704198891351&fpuReq=1&bfs=103&acsn=1&ybnca_erpm=0.07&dmm_erpm=false&dmm_ogerpm=false&bcrid=1700080807684000728009000059500&strg=smm_migration_test&vls=0&scrid=1700080807684000728009000059500&mang=1&pvdTmax=242&fpusp=false&ae=false&epcexp=false&moau=true&ucrid_ver=2&omid=0&mnet_static_share=0.0&dt=O&mx_svc_mode=http&incentive_type=0&aogbdp=0.0&spIvt=3&spSource=0&spTo=3&spIsReq=3&spFst=0&spCst=0&mx_sdr=false&mx_sbp=-10.0&mx_sua_cvg=1111111&mx_tid_sent=false&mx_epbc=8CUTX61X6&mx_SPRIG=2&mx_bsBucket=0&mx_ssProfile=0&mx_sua_os_n=Windows+NT&mx_lr=0&mx_TAS=1&mx_ep_sent%3C%3E=badv&mx_g_one_uid_sent=None&mx_uid_sent=0&mx_sua_os_v=10.0&mx_bsBucketRa=0&mx_sid=8CUF4235B&mx_SC=0&mx_lr_seg_deal=0&mx_aqcpl_crid=0&mx_nsz=2&mx_GCID=0&mx_maq_call=false&mx_aurt=0&mx_sua_model=x64&mx_bsBucketKtwRl=0&mx_tgs=728x90%7C970x90&mx_bsProfileRa=0&mx_IAB2=2&mx_bss_algos%3C%3E=0&mx_aurl_hc=0&mx_aabpc=0&mx_PC=1&mx_UCC=5&mx_isLossNtf=false&mx_bsWhitelistBucket=0&mx_bsProfileKtwRl=0&mx_bsProfile=0&mx_ssBucket=0&mx_TAF=3&mx_bsWhitelistAlgo=0&mx_gpid_sent=false&mx_commit_id=b29c8b4d64&mx_exp_tokens%3C%3E=IPBLOCK_DM%3AGCS%23%23ctx_canonical_exp%3Atrue%23%23launchexp%3Atoken1%23%23NedCkflWithData%3ALesBlk%23%23BF_store%3AGCS%23%23bsNed%3AvalidBid%23%23prll_req%3Atrue%23%23NedCkfl%3ADEFAULT%23%23BssTgtMig%3ADEFAULT&mx_isNed=1&acid=86932eb44ac7adf9ef948cf90f07bf40&rtime=32.0&wsip=mowx-lite-78f788cb9b-48q6z&ltime=38.0&act=headerBid&abs=0%7C0%7Cxtmax%3D300%7Cbrr%3D0&adtypes=0&adblk=2440819915&impId=1&reftime=15000&reftype=0&psrc=fail&mowxReqId=86932eb44ac7adf9ef948cf90f07bf40_1&policy_enf=2&pub_blk_enf=1&req_size=970x90%7C728x90&renderer=0&ifst=0&iframingState=0&ifdp=0&slotVisibility=2&adpos=3&media=0&native_asset=0&req_mtype%3C%3E=0&ctr=-1.0&rfc=1&skadidfl=0&feedback_id=YhLdXi0jLZSAsAcWY6VSbA_1&supplyTagId=2440819915&mnrfc=1&viewability_vendor=EXCHANGE&vcmplrt=-1.0&imp_tid_present=false&debug_ts=2024-01-02+12%3A34%3A51&__expireat=1704199491603&mview=1&lo_pvid=%5B460%5D&lo_dp=0&lo_bdp=0.070&lo_cbdp=0.04&actltime=39&rme=adm&bdata=sd2%3Dnull~iurl_l%3D10~ogerpm%3D0.07~dom_b%3D0.51~scd%3Dny~rae%3D0%2C0~dom_l%3D20~vl2r_sd%3D2024010203~iurl_b%3D674.86~url_tkc%3D0~url_r2a_b%3D0~std%3D2440819915~rat%3D0.000%2C0~ip%3D19J4TPabpCkji1vCIbU5z2~fbb%3D0~riipua%3D114%2C114~rc%3D1~risuid%3D0%2C0~rps_sd%3D2024010121~radv%3D0.000%2C0~url_b%3D1.48~vl2r_url_b%3D0~smm_wr%3D7.1301~url_l%3D10~slv%3D13.57~gcat%3D-10~bb%3D196~smm_mul%3D0.64~erpm%3D0.07~vl2r_url_kc%3D0E0~psi_c%3D21%2C3%2C0%2C0%2C0%2C0%2C0%2C0~bm%3D1~psi_d%3D3484~rke%3D0%2C0~a3p_b%3D2.39%2C47.41~sd%3D1~uid%3D2IaGjOm5qAWljDplrd~cvl2r_b%3D0.96~btd%3D6719302849294970263235435180109284626044993782443416033297988828132810840604290348963140189738050781184~uim%3D0~rkt%3D0.000%2C0~ogd2p_b%3D0.98~ss%3DNA~cc%3DUS~kb_dl%3Dpt~uiw%3D-1~ce%3D0~rcv%3D42~CI%3D3078~kb_uc%3D1~nts%3D2~kb_ul%3Dpt~kb_ccks%3D0~ct%3Dbuffalo~bss_KTW%3DNA%2CNA~basis2%3D196~bdt%3D1704198891~basis1%3D196~kb_tt%3D11~dc%3D8~vl2r_b%3D2.03~tt%3D770~vw_exc%3D0.87~smm_bid%3D0.04~vis_sd%3D47~rf_cnt%3D1~url_rps_b%3D9.3~sobj%3D0~dc2%3D1~v_asn%3D20278~last%3D~cvog%3D0.96~vis_url_b%3D0.56~vl2r_i_sd%3D2024010118~vis_url_l%3D0~dsnb%3D420~et%3D22~vl2r_i_b%3D0.01~vis_b%3D771.62~vl2r_url_vi%3D1E-16~url_tvi%3D0~vv%3D0~cvl2r_sd%3D47~rfv%3D42~l2r_b%3D1000~wr_b%3D1.01%2C0~smm_sd%3D2024010203~radp%3D0.000%2C0~sid%3D841137315~url_rps_kc%3D0~kb_src%3Dkbb~vwu%3D0.87~d2p_l%3D10~cvl2%3D0.96~3pcf%3D999.85~og_msh%3D0.07~dmm_strg%3Dsmm_migration_test~d2p_b%3D0.99~rps_b%3D47.41~url_srps_b%3D9.3~rkwp%3D0.000%2C0~rkwd%3D0.000%2C0~isRef%3D0~isif%3D0~url_rpc_b%3D0~bid%3D0.04~kb_pt%3DHomepage~url_rps_rv%3D0~cbdp%3D0.040%7Esd%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D2440819915%7Esupply_tag_id%3D%7Edetected_tag_id%3D%7Eviewability%3D0.87%7Epos%3D3%7Eac_type%3D1%7Eadblk%3D2440819915%7Eref_cnt%3D1%7Eamp%3D1%7Eogbid%3D0.070%7Ebflr%3D0.040%7Esuid%3DCAESECV7Zyh1TdNoVpei7Iy9yBE%7Edtc%3Deast_sc%7Edmm_erpm%3Dfalse%7Edmm%3Dsmm_migration_test%7Ebdpcapd%3D0%7Edalg%3Dsmm%7Esobp%3D%7Exid%3DADX-pub-3619045887187031%7Ehtml%3D1%7Esmm_api%3Dv1~ibc%3D1~nsz%3D2~tgs%3D728x90%7C970x90~bsb%3D0~bsp%3D0~tmx%3D242&utime=487&sf=0&cpr=0.5846753002613216
Requested by
Host: 1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com
URL: https://1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.199.48.23 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-199-48-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:51 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Tue, 02 Jan 2024 12:34:51 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 1058 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com
URL: https://1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
69490
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 01 Jan 2024 17:16:41 GMT
etag
48472445140208031
expires
Tue, 02 Jan 2024 17:16:41 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame E54A 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2e611fd7baa19a3ecad5f87083a7a3c47d8dc6052854d34c9e56a8b1d56f3528

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
adview
securepubads.g.doubleclick.net/pagead/ Frame E54A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cscx66wKUZd3EDNmtjvQPks2NyAe-laSvbPfa0tOsDMCNtwEQASAAYMnujovApIwQggEXY2EtcHViLTM2MTkwNDU4ODcxODcwMzHIAQngAgCoAwHIAwKqBJ4CT9AmCsAhUf7fIU15hxe7d3igzXrihjDu8TLkeVj0_dwm9bGr2Zi98d_gtt6TFIdCrIUnrnE_7IIqG-NMSrZOxyOwt7rKKwFhYuA9JVsY9-G6eLkHr5rAvDeIaK-zTkCGvgAlld5gMSc1Jqf8_sRPgNV9lrlzg_4hbxajN59ylQKzZgGjQkiz02pDhm1jdsy-typnf9HoMFvkt45PJGkwYwgu8TywLRbGY47KJRiq70X_qgYjN0Y_8Kea-F3O2yuPcAmZgMUOttpJwWTmeiUhCfFAcgX3NiolplZZOfnWT8Yv93FjVLFIAKASd0x7A1vuzSLF8-J0eDwy8EC8x8T4XS4HCHrUy7_7LNhx6-U131TJUdes01ybVEP5XKv-0OAEAYAGh_Gvk6v4mKM5oAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WOuzoczbvoMD8ggbYWR4LXN1YnN5bi03MDgxODY4MTg4NjM2MTk3gAoD-gsCCAGADAHiDRMIve2hzNu-gwMV2ZaDCB2SZgN50BUBgBcBshccChoSFHB1Yi0zNjE5MDQ1ODg3MTg3MDMxGKDDHA&sigh=H9v_SL6P8Ls&uach_m=%5BUACH%5D&cid=CAQSPAAvHhf_SdySMp77eweDbDWMuNgPIG1ui7gEApe2Z6YppJUoXIo9mtnRHhozO7P8UMfPhoRY2h_9V5r4vBgB&cbvp=2&vis=1
Requested by
Host: 1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com
URL: https://1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
log
hblg.media.net/ Frame E54A 		35 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?logid=kfke&evtid=plutol1&__q=AYYEIwKELwQCAAABAAAAAgAAAABAAAEABgAAQIABAAgAMNAASjUyOTQyMDA4NTc5NV8yMDQzOTYxMzA3Xzk2OTQyODUzMjQ2MDFAODY5MzJlYjQ0YWM3YWRmOWVmOTQ4Y2Y5MGYwN2JmNDCYB-xRuB6F67E_Vmh0dHBzOi8vYXBwLmJpZ29ubGluZS50b3AuZW5xdWV0ZWJiYi5jb20uYnIEVVMA6AFNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIwLjAuNjA5OS4xMjkgU2FmYXJpLzUzNy4zNkZhcHAuYmlnb25saW5lLnRvcC5lbnF1ZXRlYmJiLmNvbS5ichI4Q1VGNDIzNUIIDDcyOHg5MAgwLjA0DmVhc3Rfc2MGQURYCAhudXJsAAAAAAAAwFVArp3bopljAjIAAAAAAADwv0BydGItYXBwbmV4dXMtN2ZjYzg2NWJmNS1ndnAydi5TQz4xNzAwMDgwODA3Njg0MDAwNzI4MDA5MDAwMDU5NTAwAhA4ZmM5YTA4YQJkAg&cbvp=2
Requested by
Host: 1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com
URL: https://1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.199.48.23 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-199-48-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:51 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Tue, 02 Jan 2024 12:34:51 GMT
log
qsearch-a.akamaihd.net/ Frame E54A 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&acid=86932eb44ac7adf9ef948cf90f07bf40&bdp=0.0700&bidfp=0.0400&cc=US&cid=8CUF4235B&crid=969428532&ct=Buffalo&dc=east_sc&dn=app.bigonline.top.enquetebbb.com.br&iwb=1&ogcbdp=0.0700&other_bids=0.07&other_prv=460&pbshr=100.0000&requrl=app.bigonline.top.enquetebbb.com.br&sat=1&sc=NY&sc_pvid=460&send_erpm=false&server=6&size=728x90&strg=smm_migration_test&totalTime=1206600&ugd=4&ver=9.6.4&cliIP=0&time_stamp=2024-01-02%2012%3A34%3A51&seat=BID_API&itype=adx&req_id=YhLdXi0jLZSAsAcWY6VSbA&br_id=265&o_id=101&ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F120.0.6099.129%20Safari%2F537.36&br_ver=120.0.6099.129&o_ver=NT%2010.0&second_bid=0.0&second_bidder=%2A&ogerpm=0.07&ogerpm_used=false&rawbid=0.07&totalTimeBucket=1&sub_bidder=196&ogerpm_wd_bkt=0-1&visibility=2&viewability=0.87&pvid_seat=460_BID_API&ckfl=0&mnckfl=0&sd=1&bdp_wider_bucket=1&adblk=2440819915&advurl=related.investorfocus.net%2F&bdr_typ=1&clisp=rtb-appnexus-7fcc865bf5-gvp2v.SC&dmm_m22=0.0700&adtyp=0&gpid_sent=false&pst=EMS&bcrid=1700080807684000728009000059500&zone=d&rc=1&sfm_key=mowx_null&content_context=-1&video_mindur=-1&video_maxdur=-1&vskip=-1&ctr=-1.0&vcmplrt=-1.0&vplcmtt=-1&itype_id=17&wsip=mowx-lite-78f788cb9b-48q6z&djvm=9.5.8&cbvp=2
Requested by
Host: 1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com
URL: https://1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.40.179.173 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-40-179-173.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 12:34:52 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Tue, 02 Jan 2024 12:34:52 GMT
pixel
cm.g.doubleclick.net/ Frame 1058
Redirect Chain
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEBlM8tFia6hXyXFpjbYYXqQ&google_cver=1&google_push=AXcoOmQYur1xld8TILitzh317u375vqx4nZRLejongvX-U5Hjt1HVVS...
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=6ef36c252d7e11fa&is_secure=true&networkId=14000&version=1&google_gid=CAESEBlM8tFia6hXyXFpjbYYXqQ&google_cver=1&google_push=AXcoOmQYur1x...
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAFzWpyI2y83gM-dlgLAAAAAAA&expiration=1704285292&google_cver=1&is_secure=true&google_gid=CAESEBlM8tFia6hXyXFpjbYYX...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAFzWpyI2y83gM-dlgLAAAAAAA&expiration=1704285292&google_cver=1&is_secure=true&google_gid=CAESEBlM8tFia6hXyXFpjbYYXqQ&google_push=AXcoOmQYur1xld8TILitzh317u375vqx4nZRLejongvX-U5Hjt1HVVSewb1ZQXMTMQ9d6W07cHRx6vYNoSVNgkygVC_L8Trw-nu8
Protocol
H3
Server
142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:52 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAFzWpyI2y83gM-dlgLAAAAAAA&expiration=1704285292&google_cver=1&is_secure=true&google_gid=CAESEBlM8tFia6hXyXFpjbYYXqQ&google_push=AXcoOmQYur1xld8TILitzh317u375vqx4nZRLejongvX-U5Hjt1HVVSewb1ZQXMTMQ9d6W07cHRx6vYNoSVNgkygVC_L8Trw-nu8
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 1058
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEAzCPTEDzNeZNSAF5boAICI&google_push=AXcoOmQLCZKgL4KSnjvafkMAUpwt7fHNpknaGsBCt9dsW3Mp2JwS1Yr9oM...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEAzCPTEDzNeZNSAF5boAICI&google_push=AXcoOmQLCZKgL4KSnjvafkMAUpwt7fHNpknaGsBCt9dsW3Mp2JwS1Yr9oMMdqQQu-mcx5HsEdZSQsv_ZHfIgReIqKVoXkfQ5IHxV
Requested by
Host: 1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com
URL: https://1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-yyz4562-YYZ
pragma
no-cache
date
Tue, 02 Jan 2024 12:34:51 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1704198892.914690,VS0,VE21
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEAzCPTEDzNeZNSAF5boAICI&google_push=AXcoOmQLCZKgL4KSnjvafkMAUpwt7fHNpknaGsBCt9dsW3Mp2JwS1Yr9oMMdqQQu-mcx5HsEdZSQsv_ZHfIgReIqKVoXkfQ5IHxV
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 1058
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEP0LtI1ds0odX8SRSWjZXoA&google_cver=1&google_push=AXcoOmT3nPwBv1Jgqt-m7oJjuSylornUGLSYEohfobbcePbpXR28_82fwd1gErvPRQ9pPyYWmp3VLqjxUg9np5rZ07JqnYB5ncKI
  • https://rtb.openx.net/sync/dds?google_cver=1&google_gid=CAESEP0LtI1ds0odX8SRSWjZXoA&google_push=AXcoOmT3nPwBv1Jgqt-m7oJjuSylornUGLSYEohfobbcePbpXR28_82fwd1gErvPRQ9pPyYWmp3VLqjxUg9np5rZ07JqnYB5ncKI&...
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmT3nPwBv1Jgqt-m7oJjuSylornUGLSYEohfobbcePbpXR28_82fwd1gErvPRQ9pPyYWmp3VLqjxUg9np5rZ07JqnYB5ncKI&google_hm=IHzrK0kYwJ0fMeeDp6iD6A==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmT3nPwBv1Jgqt-m7oJjuSylornUGLSYEohfobbcePbpXR28_82fwd1gErvPRQ9pPyYWmp3VLqjxUg9np5rZ07JqnYB5ncKI&google_hm=IHzrK0kYwJ0fMeeDp6iD6A==
Requested by
Host: 1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com
URL: https://1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:52 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmT3nPwBv1Jgqt-m7oJjuSylornUGLSYEohfobbcePbpXR28_82fwd1gErvPRQ9pPyYWmp3VLqjxUg9np5rZ07JqnYB5ncKI&google_hm=IHzrK0kYwJ0fMeeDp6iD6A==
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
229
pixel
cm.g.doubleclick.net/ Frame 1058
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEC0pHdztC5v4VNnlrq-Sdq0&google_cver=1&google_push=AXcoOmTyFYRFJHV1A2eeGR_OmTrefS79wElwKsjPlyiNbHn4G9WkCMqVz3xX-EUdxNx8d0XaGz1JQJOIx6hpOO4j5ATJAY2q_LzT
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=0&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmTyFYRFJHV1A2eeGR_OmTrefS79wElwKsjPlyiNbHn4G9WkCMqVz3xX-EUdxNx8d0XaGz1JQJOIx6hpOO4j5ATJAY2q_Lz...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTI5Njk2NjA2MTIxMzE0OTA4MjMyNQ%3D%3D&google_push=AXcoOmTyFYRFJHV1A2eeGR_OmTrefS79wElwKsjPlyiNbHn4G9WkCMqV...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTI5Njk2NjA2MTIxMzE0OTA4MjMyNQ%3D%3D&google_push=AXcoOmTyFYRFJHV1A2eeGR_OmTrefS79wElwKsjPlyiNbHn4G9WkCMqVz3xX-EUdxNx8d0XaGz1JQJOIx6hpOO4j5ATJAY2q_LzT
Requested by
Host: 1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com
URL: https://1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTI5Njk2NjA2MTIxMzE0OTA4MjMyNQ%3D%3D&google_push=AXcoOmTyFYRFJHV1A2eeGR_OmTrefS79wElwKsjPlyiNbHn4G9WkCMqVz3xX-EUdxNx8d0XaGz1JQJOIx6hpOO4j5ATJAY2q_LzT
date
Tue, 02 Jan 2024 12:34:52 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame 1058
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEBwtXY-ylvjCZ6InUXFljHE&google_cver=1&google_push=AXcoOmR-tgh8jv5fbbMUyKJPzObfujWVWSns-Oj3jjQtuNVqmTDe-jtbhpswesvdQj6ZWOw-3hS2LL...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmR-tgh8jv5fbbMUyKJPzObfujWVWSns-Oj3jjQtuNVqmTDe-jtbhpswesvdQj6ZWOw-3hS2LL9Fn1Lwcfe50pDfxYXXdRhp&google_hm=NTM2NjQwNj...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmR-tgh8jv5fbbMUyKJPzObfujWVWSns-Oj3jjQtuNVqmTDe-jtbhpswesvdQj6ZWOw-3hS2LL9Fn1Lwcfe50pDfxYXXdRhp&google_hm=NTM2NjQwNjQyMTA2ODAzNDc4NA%3D%3D
Requested by
Host: 1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com
URL: https://1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmR-tgh8jv5fbbMUyKJPzObfujWVWSns-Oj3jjQtuNVqmTDe-jtbhpswesvdQj6ZWOw-3hS2LL9Fn1Lwcfe50pDfxYXXdRhp&google_hm=NTM2NjQwNjQyMTA2ODAzNDc4NA%3D%3D
date
Tue, 02 Jan 2024 12:34:51 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame 1058
Redirect Chain
  • https://cc.adingo.jp/adx/push/?google_gid=CAESEOaU-x53hPUitGdhp392OXY&google_cver=1&google_push=AXcoOmR0I23iF9agPGH8SnylffJ24YcA-fgdZ7-CNADzzGxu8ZLxKg__6_c2Cynl30QtN3cCCQbcC67bSlHXrEI_XIAgbwosL-R-
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AXcoOmR0I23iF9agPGH8SnylffJ24YcA-fgdZ7-CNADzzGxu8ZLxKg__6_c2Cynl30QtN3cCCQbcC67bSlHXrEI_XIAgbwosL-R-&google_hm=c7bc41f4280cbae7262...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AXcoOmR0I23iF9agPGH8SnylffJ24YcA-fgdZ7-CNADzzGxu8ZLxKg__6_c2Cynl30QtN3cCCQbcC67bSlHXrEI_XIAgbwosL-R-&google_hm=c7bc41f4280cbae7262dd5ad772c0d97
Requested by
Host: 1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com
URL: https://1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AXcoOmR0I23iF9agPGH8SnylffJ24YcA-fgdZ7-CNADzzGxu8ZLxKg__6_c2Cynl30QtN3cCCQbcC67bSlHXrEI_XIAgbwosL-R-&google_hm=c7bc41f4280cbae7262dd5ad772c0d97
date
Tue, 02 Jan 2024 12:34:52 GMT
content-type
text/html; charset=UTF-8
server
nginx
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
pixel
cm.g.doubleclick.net/ Frame 1058
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmS8OupPsCbtpJ-UfCDdDf52tH7Scf3UtZZ5QfhpNdx7bNAwakdRW1fDxyhvDSN-clcMPOQfDalUtDjNAhWDKKR90YgWLdTCRA&google_gid=CAESEMMWRIBJ_t5...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEMMWRIBJ_t5j0epILgAL33M&google_hm=T1BVMTc1ZGQ5NTBmMDk1NDUxZmFkMDVjYTcyMGI4MTBiZGM&google_nid=opera_norway_as&google_push=AXcoOmS8OupP...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEMMWRIBJ_t5j0epILgAL33M&google_hm=T1BVMTc1ZGQ5NTBmMDk1NDUxZmFkMDVjYTcyMGI4MTBiZGM&google_nid=opera_norway_as&google_push=AXcoOmS8OupPsCbtpJ-UfCDdDf52tH7Scf3UtZZ5QfhpNdx7bNAwakdRW1fDxyhvDSN-clcMPOQfDalUtDjNAhWDKKR90YgWLdTCRA
Protocol
H3
Server
142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:52 GMT
server
nginx
access-control-allow-methods
POST, GET
content-type
text/html; charset=utf-8
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEMMWRIBJ_t5j0epILgAL33M&google_hm=T1BVMTc1ZGQ5NTBmMDk1NDUxZmFkMDVjYTcyMGI4MTBiZGM&google_nid=opera_norway_as&google_push=AXcoOmS8OupPsCbtpJ-UfCDdDf52tH7Scf3UtZZ5QfhpNdx7bNAwakdRW1fDxyhvDSN-clcMPOQfDalUtDjNAhWDKKR90YgWLdTCRA
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
326
expires
Mon, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 1058 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KHWMna9h5KGJzg0hJDIhNqv20b-8KVylUcWLYp8oORE0xP3iBoQ1ynkZJW-QQeSk_9PyULEA
Requested by
Host: 1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com
URL: https://1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 12:34:51 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
cksync
cs.media.net/ Frame 24FC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzQ3MjAwNDkxNjYzNDkyNjAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEAJ7jEURlczxT30ykPfx4kM&google_cver=1
57 B
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEAJ7jEURlczxT30ykPfx4kM&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUF4235B&prvid=99%2C77%2C20000%2C294%2C262%2C460%2C461%2C462%2C4%2C313%2C10000%2C459%2C229%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.199.48.23 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-199-48-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:52 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
57
x-mnet-hl2
E
expires
Tue, 02 Jan 2024 12:34:52 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEAJ7jEURlczxT30ykPfx4kM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bfp_ssn.js
pxlclnmdecom-a.akamaihd.net/javascripts/ Frame B748 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pxlclnmdecom-a.akamaihd.net/javascripts/bfp_ssn.js?templateId=3
Requested by
Host: pxlclnmdecom-a.akamaihd.net
URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CUTX61X6&noCookies=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.40.179.50 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-40-179-50.deploy.static.akamaitechnologies.com
Software
/ Express
Resource Hash
7ec5561af74114c3b4b8e0a3e4e2d6f0718e60449f99d4266d8c026bfba8ddcc

Request headers

Referer
https://1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Access-Control-Max-Age
1800
Cache-Control
max-age=300
Connection
keep-alive
Content-Encoding
gzip
Content-Length
3751
Content-Type
text/html; charset=utf-8
Date
Tue, 02 Jan 2024 12:34:52 GMT
Expires
Tue, 02 Jan 2024 12:39:52 GMT
Vary
Accept-Encoding
x-powered-by
Express
ptmdP
dts.clnmde.com/ Frame E54A 		7 B
120 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://dts.clnmde.com/ptmdP
Requested by
Host: pxlclnmdecom-a.akamaihd.net
URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CUTX61X6&noCookies=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.96.116 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
116.96.111.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Request headers

Referer
https://1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 02 Jan 2024 12:34:52 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-powered-by
Express
etag
W/"7-Jgyp3YpFd/wAt71YECmAdg"
access-control-max-age
1800
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
content-length
7
alt-svc
clear
ptmdP
dts.clnmde.com/ Frame E54A 		7 B
63 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://dts.clnmde.com/ptmdP
Requested by
Host: pxlclnmdecom-a.akamaihd.net
URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CUTX61X6&noCookies=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.96.116 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
116.96.111.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Request headers

Referer
https://1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 02 Jan 2024 12:34:52 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-powered-by
Express
etag
W/"7-Jgyp3YpFd/wAt71YECmAdg"
access-control-max-age
1800
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
content-length
7
alt-svc
clear
ptmdDual
dts6.clnmde.com/ Frame E54A 		70 B
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dts6.clnmde.com/ptmdDual?t=%7B%22gh%22%3A%22170419889197131396635828%22%2C%22za%22%3A1%2C%22gcd%22%3A1704198891996%2C%22al%22%3A3%2C%22bcnd%22%3A1%7D
Requested by
Host: 1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com
URL: https://1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:cba2:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/ Express
Resource Hash
c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 12:34:52 GMT
via
1.1 google
x-powered-by
Express
access-control-max-age
1800
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
alt-svc
clear
ptmd
dts.clnmde.com/ Frame E54A 		70 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dts.clnmde.com/ptmd?t=170419889197131396635828_N4IgtgniBcDasEYA0AGJB2ATADlUgnCgLpFIgDuAjjLKeBAE410DGDYADjSAuigCwJ82bPgQBWBAGZ04lAkyYA+mACGASwB2ShCDqqANgBcaxMgGcA9jGQgWLABYBrbtkHT0UiXrId1AExM4EBQfEAYAUwAzAFUGY24w8wYWOITghyMjDnMAUikAQVzMADFiktUODgA6ACN1AHNLTQMtCOqjSxqIzUoAVwijCNqR6pZLMDqGcrCAN3MlAKDYTT6DAzoHecXA7hR9+T5BYVEEbAl5ADYEBUvLqX58KWw+MJY+8yMd5ZBsAGEYgAVAAa11BbwYs24wAAOr93DIvOI4dBYSAjBAOBEUXC2Ds4Ug4bN1PiYHDeAIhCIxJIZHIFJgCXCtgsAjiQgcKcdqWcLghrrd7o9nnw4QBfMVhTSqGj8TD4R6XLCXfhIaT8FAvFBSfBIcRSfZubAGujS8wweVkdSqMCmOjW83QXAgT6qIwfGhSJCqqReh5IKTiAOXAPoAO4HVIeV0ABeMugtg4DRgIChZAaDhTXKpp3w6Gk0nwd0D2BwIDI8xTl2qKGq4iw5ZAhhgXpAURYMAAtLZBuos0cc2JG-Z-CmYgBlRufZPQNAulzQHgDk5iJR3UT8dDnfhSa6NiLqLiLovVfDVTCPar8cSN2YRJiLjgMSyjsgRPrx2x9PsJt+zAw0KA0pgBEKb1P4-j3jsjb+G68agOBkEMNBi78JcoQViSAT9pSK4SB49KKCAEpIEBNqgYuqgsNhZCwUY8FNtRo6LtglxPJgwz8PwVHoKo-hRPg0QKtgLACSgUQoOgtRRBqt5YcxS64TytKyPIRESnQHCVnAdDmAYnw4dyuZ7mQBhRDYZC1OkGpkO8nwob8AIgmClxyQ52Z4SphGYI2DQdgmy7Upg8i6iAlAUbYUQ-lIYpAA
Requested by
Host: 1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com
URL: https://1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.96.116 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
116.96.111.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 12:34:52 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-powered-by
Express
access-control-max-age
1800
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
alt-svc
clear
cenw.js
dts.clnmde.com/ Frame B748 		36 B
347 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dts.clnmde.com/cenw.js
Requested by
Host: pxlclnmdecom-a.akamaihd.net
URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/bfp_ssn.js?templateId=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.96.116 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
116.96.111.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
1b4070317b191a46d4232177035a80b8b98ca75b92f36cb554ddc32e8ce809d3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pxlclnmdecom-a.akamaihd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 12:34:52 GMT
via
1.1 google
etag
W/"24-5rZPpbG1i6QH/tk9+OkMow"
x-powered-by
Express
access-control-max-age
1800
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
content-length
36
alt-svc
clear
a7fb4cf5-a0cb-432f-92c5-c948ca594e1c.jpg
contextual.media.net/kimg/new/140x110/2/223/132/37/ Frame 3DAB 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/kimg/new/140x110/2/223/132/37/a7fb4cf5-a0cb-432f-92c5-c948ca594e1c.jpg?v=9
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2908&&kkdd=n3%7C!%7C3*Ah9HWun&22=_o&G8=9bhU9fccf9p9Hbph9RR&)B4F=h&~-41=h&2BG=99Uh&Y-2L=tHOO&28B=cw_QmO9mO&242B=CU(38tNUgTiUI8vfeWsE40%3D%3D&2F8B=cU99HbH9p&-8WL=bRcEfh&-2=yt&2NZ~=-~~d~8)F1Y8lZdYL-Y&48B=cvnAOh5HR&Y48B=Q6pUOof&NYY4-=9&FFF=7X4d.YbUig2kRB_FlacKT_alw2bFLlT5.nGaw~o10YFR-N~vhJCRoE!6o0iLFsXp&Z-L=p&PX=9&s)B=U&1BY9=cw_AURHpi&1BYR=fOfURcpHR&TB1Y1=-BR%3DZsPPr8sFPdP%3D9hrl)LF4~%3DhzhbrBl~dT%3Dhzp9r-2B%3DZDrF1L%3Dh%2ChrBl~dP%3DRhrGPRFd-B%3DRhRUh9hRhHr8sFPdT%3DObUzcOrsFPdYV2%3DhrsFPdFR1dT%3Dhr-YB%3DRUUhc9ff9prF1Y%3Dhzhhh%2Chr84%3D9f6UQv1T4wV389GwyT_pWRr.TT%3DhrF884s1%3D99U%2C99UrF2%3D9rF8-s8B%3Dh%2ChrF4-d-B%3DRhRUh9h9R9rF1BG%3Dhzhhh%2ChrsFPdT%3D9zUcrGPRFdsFPdT%3Dhr-~~dXF%3Dbz9Hh9rsFPdP%3D9hr-PG%3D9Hzpbr)21Y%3DM9hrTT%3D9fOr-~~d~sP%3DhzOUrLF4~%3DhzhbrGPRFdsFPdV2%3Dhghr4-8d2%3DR9%2CH%2Ch%2Ch%2Ch%2Ch%2Ch%2ChrT~%3D9r4-8dB%3DHUcUrFVL%3Dh%2Chr1H4dT%3DRzHf%2CUbzU9r-B%3D9rs8B%3DRy1a3n~p(q!P3e4PFBr2GPRFdT%3DhzfOrTYB%3DOb9fHhRcUfRfUfbhROHRHpUHp9ch9hfRcUOROhUUffHbcRUUHU9OhHHRfbfcccRc9HRc9hcUhOhURfhHUcfOH9Uh9cfbHchphbc99cUrs8~%3DhrFVY%3Dhzhhh%2Chrl)BR4dT%3Dhzfcr--%3DIqr22%3D_orVTdBP%3D4Yrs8X%3DM9r2L%3DhrF2G%3DURrwy%3DHhbcrVTds2%3D9rZY-%3DRrVTdsP%3D4YrVTd22V-%3Dhr2Y%3DTs..1PlrT--d*Q!%3DIq%2CIqrT1-8-R%3D9fOrTBY%3D9bhU9fccf9rT1-8-9%3D9fOrVTdYY%3D99rB2%3DcrGPRFdT%3DRzhHrYY%3DbbhrGXdLE2%3Dhzcbr-~~dT8B%3DhzhUrG8-d-B%3DUbrF.d2ZY%3D9rsFPdF4-dT%3DfzHr-lT3%3DhrB2R%3D9rGd1-Z%3DRhRbcrP1-Y%3Dr2Gl)%3DhzfOrG8-dsFPdT%3DhzpOrGPRFd8d-B%3DRhRUh9h99crG8-dsFPdP%3DhrB-ZT%3DURhrLY%3DRRrGPRFd8dT%3Dhzh9rG8-dT%3Dbb9zORrGPRFdsFPdG8%3D9gM9OrsFPdYG8%3DhrGG%3Dhr2GPRFd-B%3DUbrF.G%3DURrPRFdT%3D9hhhrXFdT%3D9zh9%2Chr-~~d-B%3DRhRUh9hRhHrF1B4%3Dhzhhh%2Chr-8B%3DcU99HbH9prsFPdF4-dV2%3DhrVTd-F2%3DVTTrGXs%3DhzcbrBR4dP%3D9hr2GPR%3DhzfOrH42.%3Dfffzcprl)d~-N%3DhzhbrB~~d-YF)%3D-~~d~8)F1Y8lZdYL-YrBR4dT%3DhzffrF4-dT%3DUbzU9rsFPd-F4-dT%3DfzHrFVX4%3Dhzhhh%2ChrFVXB%3Dhzhhh%2Chr8-kL.%3Dhr8-8.%3DhrsFPdF42dT%3DhrT8B%3DhzhUrVTd4Y%3DJl~L41)LrsFPdF4-dFG%3Dhr2TB4%3DhzhUhr-B%3D9r8YD4Ld8B%3D9br-LPPLFdY1)d8B%3DRUUhc9ff9pr-s44PDdY1)d8B%3DrBLYL2YLBdY1)d8B%3DrG8LX1T8P8YD%3Dhzcbr4l-%3DHr12dYD4L%3D9r1BTPV%3DRUUhc9ff9prFL.d2ZY%3D9r1~4%3D9rl)T8B%3DhzhbhrT.PF%3DhzhUhr-s8B%3Dwqgogw5bKDN9QBIl54L8byDfDigrBY2%3DL1-Yd-2rB~~dLF4~%3D.1P-LrB~~%3D-~~d~8)F1Y8lZdYL-YrTB4214B%3DhrB1P)%3D-~~r-lT4%3DrE8B%3DqemM4sTMHO9fhUpccb9cbhH9rNY~P%3D9r-~~d148%3DG9r8T2%3D9rZ-W%3DRrY)-%3DbRcEfh%7CfbhEfhrT-T%3DhrT-4%3DhrY~E%3DRUR&ZYG=h&~~~=1Cwcw)fUU1XKhi!D7b0ohaZfN2qtPl_itW9I-Ea7OtX%3D&8X=bRc&8Zy.F=9&TBFyB=UOh&T8B=HUfhOp&~2.=bOpfR&DB-4F=9&T1L=iELIi1((1iriELIi11I1irULL&V1Y4FL=9&21Bl~18Z=YWkMNt2PMtMJoNIURMss.BZpnmNR8whIO(BHRDUyo235nJ3dVD3lW)%3D%3D&D4P4=9&8-8B=p&1BG=yZGL-YlF%20Al2s-&--~2FdGLF=p&4)8B=4hHOpUpffchYRhRUh9hR9RHU&--PB=%7B%22--84%22%3A%22ROhR%3A..2c%3AhhhR%3Ahhhh%3Ahhhh%3Ahhhh%3Ahhhh%3Ahhhh%22%2C%22--22%22%3A%22_o%22%2C%22---2%22%3A%22I7%22%2C%22--2YD%22%3A%22is..1Pl%22%7D&4LF.=9&NY~P-F2=9&sflct=8828251&ure=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.168.66 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-168-66.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
f308c529cc867ef760b323e0d50388030f9f05f2a462870ccc124fe97ea9a976
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2908&&kkdd=n3%7C!%7C3*Ah9HWun&22=_o&G8=9bhU9fccf9p9Hbph9RR&)B4F=h&~-41=h&2BG=99Uh&Y-2L=tHOO&28B=cw_QmO9mO&242B=CU(38tNUgTiUI8vfeWsE40%3D%3D&2F8B=cU99HbH9p&-8WL=bRcEfh&-2=yt&2NZ~=-~~d~8)F1Y8lZdYL-Y&48B=cvnAOh5HR&Y48B=Q6pUOof&NYY4-=9&FFF=7X4d.YbUig2kRB_FlacKT_alw2bFLlT5.nGaw~o10YFR-N~vhJCRoE!6o0iLFsXp&Z-L=p&PX=9&s)B=U&1BY9=cw_AURHpi&1BYR=fOfURcpHR&TB1Y1=-BR%3DZsPPr8sFPdP%3D9hrl)LF4~%3DhzhbrBl~dT%3Dhzp9r-2B%3DZDrF1L%3Dh%2ChrBl~dP%3DRhrGPRFd-B%3DRhRUh9hRhHr8sFPdT%3DObUzcOrsFPdYV2%3DhrsFPdFR1dT%3Dhr-YB%3DRUUhc9ff9prF1Y%3Dhzhhh%2Chr84%3D9f6UQv1T4wV389GwyT_pWRr.TT%3DhrF884s1%3D99U%2C99UrF2%3D9rF8-s8B%3Dh%2ChrF4-d-B%3DRhRUh9h9R9rF1BG%3Dhzhhh%2ChrsFPdT%3D9zUcrGPRFdsFPdT%3Dhr-~~dXF%3Dbz9Hh9rsFPdP%3D9hr-PG%3D9Hzpbr)21Y%3DM9hrTT%3D9fOr-~~d~sP%3DhzOUrLF4~%3DhzhbrGPRFdsFPdV2%3Dhghr4-8d2%3DR9%2CH%2Ch%2Ch%2Ch%2Ch%2Ch%2ChrT~%3D9r4-8dB%3DHUcUrFVL%3Dh%2Chr1H4dT%3DRzHf%2CUbzU9r-B%3D9rs8B%3DRy1a3n~p(q!P3e4PFBr2GPRFdT%3DhzfOrTYB%3DOb9fHhRcUfRfUfbhROHRHpUHp9ch9hfRcUOROhUUffHbcRUUHU9OhHHRfbfcccRc9HRc9hcUhOhURfhHUcfOH9Uh9cfbHchphbc99cUrs8~%3DhrFVY%3Dhzhhh%2Chrl)BR4dT%3Dhzfcr--%3DIqr22%3D_orVTdBP%3D4Yrs8X%3DM9r2L%3DhrF2G%3DURrwy%3DHhbcrVTds2%3D9rZY-%3DRrVTdsP%3D4YrVTd22V-%3Dhr2Y%3DTs..1PlrT--d*Q!%3DIq%2CIqrT1-8-R%3D9fOrTBY%3D9bhU9fccf9rT1-8-9%3D9fOrVTdYY%3D99rB2%3DcrGPRFdT%3DRzhHrYY%3DbbhrGXdLE2%3Dhzcbr-~~dT8B%3DhzhUrG8-d-B%3DUbrF.d2ZY%3D9rsFPdF4-dT%3DfzHr-lT3%3DhrB2R%3D9rGd1-Z%3DRhRbcrP1-Y%3Dr2Gl)%3DhzfOrG8-dsFPdT%3DhzpOrGPRFd8d-B%3DRhRUh9h99crG8-dsFPdP%3DhrB-ZT%3DURhrLY%3DRRrGPRFd8dT%3Dhzh9rG8-dT%3Dbb9zORrGPRFdsFPdG8%3D9gM9OrsFPdYG8%3DhrGG%3Dhr2GPRFd-B%3DUbrF.G%3DURrPRFdT%3D9hhhrXFdT%3D9zh9%2Chr-~~d-B%3DRhRUh9hRhHrF1B4%3Dhzhhh%2Chr-8B%3DcU99HbH9prsFPdF4-dV2%3DhrVTd-F2%3DVTTrGXs%3DhzcbrBR4dP%3D9hr2GPR%3DhzfOrH42.%3Dfffzcprl)d~-N%3DhzhbrB~~d-YF)%3D-~~d~8)F1Y8lZdYL-YrBR4dT%3DhzffrF4-dT%3DUbzU9rsFPd-F4-dT%3DfzHrFVX4%3Dhzhhh%2ChrFVXB%3Dhzhhh%2Chr8-kL.%3Dhr8-8.%3DhrsFPdF42dT%3DhrT8B%3DhzhUrVTd4Y%3DJl~L41)LrsFPdF4-dFG%3Dhr2TB4%3DhzhUhr-B%3D9r8YD4Ld8B%3D9br-LPPLFdY1)d8B%3DRUUhc9ff9pr-s44PDdY1)d8B%3DrBLYL2YLBdY1)d8B%3DrG8LX1T8P8YD%3Dhzcbr4l-%3DHr12dYD4L%3D9r1BTPV%3DRUUhc9ff9prFL.d2ZY%3D9r1~4%3D9rl)T8B%3DhzhbhrT.PF%3DhzhUhr-s8B%3Dwqgogw5bKDN9QBIl54L8byDfDigrBY2%3DL1-Yd-2rB~~dLF4~%3D.1P-LrB~~%3D-~~d~8)F1Y8lZdYL-YrTB4214B%3DhrB1P)%3D-~~r-lT4%3DrE8B%3DqemM4sTMHO9fhUpccb9cbhH9rNY~P%3D9r-~~d148%3DG9r8T2%3D9rZ-W%3DRrY)-%3DbRcEfh%7CfbhEfhrT-T%3DhrT-4%3DhrY~E%3DRUR&ZYG=h&~~~=1Cwcw)fUU1XKhi!D7b0ohaZfN2qtPl_itW9I-Ea7OtX%3D&8X=bRc&8Zy.F=9&TBFyB=UOh&T8B=HUfhOp&~2.=bOpfR&DB-4F=9&T1L=iELIi1((1iriELIi11I1irULL&V1Y4FL=9&21Bl~18Z=YWkMNt2PMtMJoNIURMss.BZpnmNR8whIO(BHRDUyo235nJ3dVD3lW)%3D%3D&D4P4=9&8-8B=p&1BG=yZGL-YlF%20Al2s-&--~2FdGLF=p&4)8B=4hHOpUpffchYRhRUh9hR9RHU&--PB=%7B%22--84%22%3A%22ROhR%3A..2c%3AhhhR%3Ahhhh%3Ahhhh%3Ahhhh%3Ahhhh%3Ahhhh%22%2C%22--22%22%3A%22_o%22%2C%22---2%22%3A%22I7%22%2C%22--2YD%22%3A%22is..1Pl%22%7D&4LF.=9&NY~P-F2=9&sflct=8828251&ure=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 12:34:52 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 03 Mar 2018 23:45:11 GMT
server
nginx
etag
"5a9b3387-37b2"
content-type
image/jpeg
accept-ranges
bytes
content-length
14258
truncated
/ Frame 3DAB 		107 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
726358b8-8709-4ed2-afed-8b2e7dfe3c1f.jpg
contextual.media.net/kimg/new/140x110/3/65/102/246/ Frame 3DAB 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/kimg/new/140x110/3/65/102/246/726358b8-8709-4ed2-afed-8b2e7dfe3c1f.jpg?v=9
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2908&&kkdd=n3%7C!%7C3*Ah9HWun&22=_o&G8=9bhU9fccf9p9Hbph9RR&)B4F=h&~-41=h&2BG=99Uh&Y-2L=tHOO&28B=cw_QmO9mO&242B=CU(38tNUgTiUI8vfeWsE40%3D%3D&2F8B=cU99HbH9p&-8WL=bRcEfh&-2=yt&2NZ~=-~~d~8)F1Y8lZdYL-Y&48B=cvnAOh5HR&Y48B=Q6pUOof&NYY4-=9&FFF=7X4d.YbUig2kRB_FlacKT_alw2bFLlT5.nGaw~o10YFR-N~vhJCRoE!6o0iLFsXp&Z-L=p&PX=9&s)B=U&1BY9=cw_AURHpi&1BYR=fOfURcpHR&TB1Y1=-BR%3DZsPPr8sFPdP%3D9hrl)LF4~%3DhzhbrBl~dT%3Dhzp9r-2B%3DZDrF1L%3Dh%2ChrBl~dP%3DRhrGPRFd-B%3DRhRUh9hRhHr8sFPdT%3DObUzcOrsFPdYV2%3DhrsFPdFR1dT%3Dhr-YB%3DRUUhc9ff9prF1Y%3Dhzhhh%2Chr84%3D9f6UQv1T4wV389GwyT_pWRr.TT%3DhrF884s1%3D99U%2C99UrF2%3D9rF8-s8B%3Dh%2ChrF4-d-B%3DRhRUh9h9R9rF1BG%3Dhzhhh%2ChrsFPdT%3D9zUcrGPRFdsFPdT%3Dhr-~~dXF%3Dbz9Hh9rsFPdP%3D9hr-PG%3D9Hzpbr)21Y%3DM9hrTT%3D9fOr-~~d~sP%3DhzOUrLF4~%3DhzhbrGPRFdsFPdV2%3Dhghr4-8d2%3DR9%2CH%2Ch%2Ch%2Ch%2Ch%2Ch%2ChrT~%3D9r4-8dB%3DHUcUrFVL%3Dh%2Chr1H4dT%3DRzHf%2CUbzU9r-B%3D9rs8B%3DRy1a3n~p(q!P3e4PFBr2GPRFdT%3DhzfOrTYB%3DOb9fHhRcUfRfUfbhROHRHpUHp9ch9hfRcUOROhUUffHbcRUUHU9OhHHRfbfcccRc9HRc9hcUhOhURfhHUcfOH9Uh9cfbHchphbc99cUrs8~%3DhrFVY%3Dhzhhh%2Chrl)BR4dT%3Dhzfcr--%3DIqr22%3D_orVTdBP%3D4Yrs8X%3DM9r2L%3DhrF2G%3DURrwy%3DHhbcrVTds2%3D9rZY-%3DRrVTdsP%3D4YrVTd22V-%3Dhr2Y%3DTs..1PlrT--d*Q!%3DIq%2CIqrT1-8-R%3D9fOrTBY%3D9bhU9fccf9rT1-8-9%3D9fOrVTdYY%3D99rB2%3DcrGPRFdT%3DRzhHrYY%3DbbhrGXdLE2%3Dhzcbr-~~dT8B%3DhzhUrG8-d-B%3DUbrF.d2ZY%3D9rsFPdF4-dT%3DfzHr-lT3%3DhrB2R%3D9rGd1-Z%3DRhRbcrP1-Y%3Dr2Gl)%3DhzfOrG8-dsFPdT%3DhzpOrGPRFd8d-B%3DRhRUh9h99crG8-dsFPdP%3DhrB-ZT%3DURhrLY%3DRRrGPRFd8dT%3Dhzh9rG8-dT%3Dbb9zORrGPRFdsFPdG8%3D9gM9OrsFPdYG8%3DhrGG%3Dhr2GPRFd-B%3DUbrF.G%3DURrPRFdT%3D9hhhrXFdT%3D9zh9%2Chr-~~d-B%3DRhRUh9hRhHrF1B4%3Dhzhhh%2Chr-8B%3DcU99HbH9prsFPdF4-dV2%3DhrVTd-F2%3DVTTrGXs%3DhzcbrBR4dP%3D9hr2GPR%3DhzfOrH42.%3Dfffzcprl)d~-N%3DhzhbrB~~d-YF)%3D-~~d~8)F1Y8lZdYL-YrBR4dT%3DhzffrF4-dT%3DUbzU9rsFPd-F4-dT%3DfzHrFVX4%3Dhzhhh%2ChrFVXB%3Dhzhhh%2Chr8-kL.%3Dhr8-8.%3DhrsFPdF42dT%3DhrT8B%3DhzhUrVTd4Y%3DJl~L41)LrsFPdF4-dFG%3Dhr2TB4%3DhzhUhr-B%3D9r8YD4Ld8B%3D9br-LPPLFdY1)d8B%3DRUUhc9ff9pr-s44PDdY1)d8B%3DrBLYL2YLBdY1)d8B%3DrG8LX1T8P8YD%3Dhzcbr4l-%3DHr12dYD4L%3D9r1BTPV%3DRUUhc9ff9prFL.d2ZY%3D9r1~4%3D9rl)T8B%3DhzhbhrT.PF%3DhzhUhr-s8B%3Dwqgogw5bKDN9QBIl54L8byDfDigrBY2%3DL1-Yd-2rB~~dLF4~%3D.1P-LrB~~%3D-~~d~8)F1Y8lZdYL-YrTB4214B%3DhrB1P)%3D-~~r-lT4%3DrE8B%3DqemM4sTMHO9fhUpccb9cbhH9rNY~P%3D9r-~~d148%3DG9r8T2%3D9rZ-W%3DRrY)-%3DbRcEfh%7CfbhEfhrT-T%3DhrT-4%3DhrY~E%3DRUR&ZYG=h&~~~=1Cwcw)fUU1XKhi!D7b0ohaZfN2qtPl_itW9I-Ea7OtX%3D&8X=bRc&8Zy.F=9&TBFyB=UOh&T8B=HUfhOp&~2.=bOpfR&DB-4F=9&T1L=iELIi1((1iriELIi11I1irULL&V1Y4FL=9&21Bl~18Z=YWkMNt2PMtMJoNIURMss.BZpnmNR8whIO(BHRDUyo235nJ3dVD3lW)%3D%3D&D4P4=9&8-8B=p&1BG=yZGL-YlF%20Al2s-&--~2FdGLF=p&4)8B=4hHOpUpffchYRhRUh9hR9RHU&--PB=%7B%22--84%22%3A%22ROhR%3A..2c%3AhhhR%3Ahhhh%3Ahhhh%3Ahhhh%3Ahhhh%3Ahhhh%22%2C%22--22%22%3A%22_o%22%2C%22---2%22%3A%22I7%22%2C%22--2YD%22%3A%22is..1Pl%22%7D&4LF.=9&NY~P-F2=9&sflct=8828251&ure=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.168.66 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-168-66.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
f970e18ee55b33261ce4e8b24076fab6be2df6238746cfab70b8169258666fdb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2908&&kkdd=n3%7C!%7C3*Ah9HWun&22=_o&G8=9bhU9fccf9p9Hbph9RR&)B4F=h&~-41=h&2BG=99Uh&Y-2L=tHOO&28B=cw_QmO9mO&242B=CU(38tNUgTiUI8vfeWsE40%3D%3D&2F8B=cU99HbH9p&-8WL=bRcEfh&-2=yt&2NZ~=-~~d~8)F1Y8lZdYL-Y&48B=cvnAOh5HR&Y48B=Q6pUOof&NYY4-=9&FFF=7X4d.YbUig2kRB_FlacKT_alw2bFLlT5.nGaw~o10YFR-N~vhJCRoE!6o0iLFsXp&Z-L=p&PX=9&s)B=U&1BY9=cw_AURHpi&1BYR=fOfURcpHR&TB1Y1=-BR%3DZsPPr8sFPdP%3D9hrl)LF4~%3DhzhbrBl~dT%3Dhzp9r-2B%3DZDrF1L%3Dh%2ChrBl~dP%3DRhrGPRFd-B%3DRhRUh9hRhHr8sFPdT%3DObUzcOrsFPdYV2%3DhrsFPdFR1dT%3Dhr-YB%3DRUUhc9ff9prF1Y%3Dhzhhh%2Chr84%3D9f6UQv1T4wV389GwyT_pWRr.TT%3DhrF884s1%3D99U%2C99UrF2%3D9rF8-s8B%3Dh%2ChrF4-d-B%3DRhRUh9h9R9rF1BG%3Dhzhhh%2ChrsFPdT%3D9zUcrGPRFdsFPdT%3Dhr-~~dXF%3Dbz9Hh9rsFPdP%3D9hr-PG%3D9Hzpbr)21Y%3DM9hrTT%3D9fOr-~~d~sP%3DhzOUrLF4~%3DhzhbrGPRFdsFPdV2%3Dhghr4-8d2%3DR9%2CH%2Ch%2Ch%2Ch%2Ch%2Ch%2ChrT~%3D9r4-8dB%3DHUcUrFVL%3Dh%2Chr1H4dT%3DRzHf%2CUbzU9r-B%3D9rs8B%3DRy1a3n~p(q!P3e4PFBr2GPRFdT%3DhzfOrTYB%3DOb9fHhRcUfRfUfbhROHRHpUHp9ch9hfRcUOROhUUffHbcRUUHU9OhHHRfbfcccRc9HRc9hcUhOhURfhHUcfOH9Uh9cfbHchphbc99cUrs8~%3DhrFVY%3Dhzhhh%2Chrl)BR4dT%3Dhzfcr--%3DIqr22%3D_orVTdBP%3D4Yrs8X%3DM9r2L%3DhrF2G%3DURrwy%3DHhbcrVTds2%3D9rZY-%3DRrVTdsP%3D4YrVTd22V-%3Dhr2Y%3DTs..1PlrT--d*Q!%3DIq%2CIqrT1-8-R%3D9fOrTBY%3D9bhU9fccf9rT1-8-9%3D9fOrVTdYY%3D99rB2%3DcrGPRFdT%3DRzhHrYY%3DbbhrGXdLE2%3Dhzcbr-~~dT8B%3DhzhUrG8-d-B%3DUbrF.d2ZY%3D9rsFPdF4-dT%3DfzHr-lT3%3DhrB2R%3D9rGd1-Z%3DRhRbcrP1-Y%3Dr2Gl)%3DhzfOrG8-dsFPdT%3DhzpOrGPRFd8d-B%3DRhRUh9h99crG8-dsFPdP%3DhrB-ZT%3DURhrLY%3DRRrGPRFd8dT%3Dhzh9rG8-dT%3Dbb9zORrGPRFdsFPdG8%3D9gM9OrsFPdYG8%3DhrGG%3Dhr2GPRFd-B%3DUbrF.G%3DURrPRFdT%3D9hhhrXFdT%3D9zh9%2Chr-~~d-B%3DRhRUh9hRhHrF1B4%3Dhzhhh%2Chr-8B%3DcU99HbH9prsFPdF4-dV2%3DhrVTd-F2%3DVTTrGXs%3DhzcbrBR4dP%3D9hr2GPR%3DhzfOrH42.%3Dfffzcprl)d~-N%3DhzhbrB~~d-YF)%3D-~~d~8)F1Y8lZdYL-YrBR4dT%3DhzffrF4-dT%3DUbzU9rsFPd-F4-dT%3DfzHrFVX4%3Dhzhhh%2ChrFVXB%3Dhzhhh%2Chr8-kL.%3Dhr8-8.%3DhrsFPdF42dT%3DhrT8B%3DhzhUrVTd4Y%3DJl~L41)LrsFPdF4-dFG%3Dhr2TB4%3DhzhUhr-B%3D9r8YD4Ld8B%3D9br-LPPLFdY1)d8B%3DRUUhc9ff9pr-s44PDdY1)d8B%3DrBLYL2YLBdY1)d8B%3DrG8LX1T8P8YD%3Dhzcbr4l-%3DHr12dYD4L%3D9r1BTPV%3DRUUhc9ff9prFL.d2ZY%3D9r1~4%3D9rl)T8B%3DhzhbhrT.PF%3DhzhUhr-s8B%3Dwqgogw5bKDN9QBIl54L8byDfDigrBY2%3DL1-Yd-2rB~~dLF4~%3D.1P-LrB~~%3D-~~d~8)F1Y8lZdYL-YrTB4214B%3DhrB1P)%3D-~~r-lT4%3DrE8B%3DqemM4sTMHO9fhUpccb9cbhH9rNY~P%3D9r-~~d148%3DG9r8T2%3D9rZ-W%3DRrY)-%3DbRcEfh%7CfbhEfhrT-T%3DhrT-4%3DhrY~E%3DRUR&ZYG=h&~~~=1Cwcw)fUU1XKhi!D7b0ohaZfN2qtPl_itW9I-Ea7OtX%3D&8X=bRc&8Zy.F=9&TBFyB=UOh&T8B=HUfhOp&~2.=bOpfR&DB-4F=9&T1L=iELIi1((1iriELIi11I1irULL&V1Y4FL=9&21Bl~18Z=YWkMNt2PMtMJoNIURMss.BZpnmNR8whIO(BHRDUyo235nJ3dVD3lW)%3D%3D&D4P4=9&8-8B=p&1BG=yZGL-YlF%20Al2s-&--~2FdGLF=p&4)8B=4hHOpUpffchYRhRUh9hR9RHU&--PB=%7B%22--84%22%3A%22ROhR%3A..2c%3AhhhR%3Ahhhh%3Ahhhh%3Ahhhh%3Ahhhh%3Ahhhh%22%2C%22--22%22%3A%22_o%22%2C%22---2%22%3A%22I7%22%2C%22--2YD%22%3A%22is..1Pl%22%7D&4LF.=9&NY~P-F2=9&sflct=8828251&ure=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 12:34:52 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 19 Mar 2018 19:22:55 GMT
server
nginx
etag
"5ab00e0f-2ab9"
content-type
image/jpeg
accept-ranges
bytes
content-length
10937
truncated
/ Frame 3DAB 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 3DAB 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
OpenSans_Bold.woff
contextual.media.net/__media__/fonts/OpenSans_Bold/ Frame 3DAB 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/__media__/fonts/OpenSans_Bold/OpenSans_Bold.woff
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2908&&kkdd=n3%7C!%7C3*Ah9HWun&22=_o&G8=9bhU9fccf9p9Hbph9RR&)B4F=h&~-41=h&2BG=99Uh&Y-2L=tHOO&28B=cw_QmO9mO&242B=CU(38tNUgTiUI8vfeWsE40%3D%3D&2F8B=cU99HbH9p&-8WL=bRcEfh&-2=yt&2NZ~=-~~d~8)F1Y8lZdYL-Y&48B=cvnAOh5HR&Y48B=Q6pUOof&NYY4-=9&FFF=7X4d.YbUig2kRB_FlacKT_alw2bFLlT5.nGaw~o10YFR-N~vhJCRoE!6o0iLFsXp&Z-L=p&PX=9&s)B=U&1BY9=cw_AURHpi&1BYR=fOfURcpHR&TB1Y1=-BR%3DZsPPr8sFPdP%3D9hrl)LF4~%3DhzhbrBl~dT%3Dhzp9r-2B%3DZDrF1L%3Dh%2ChrBl~dP%3DRhrGPRFd-B%3DRhRUh9hRhHr8sFPdT%3DObUzcOrsFPdYV2%3DhrsFPdFR1dT%3Dhr-YB%3DRUUhc9ff9prF1Y%3Dhzhhh%2Chr84%3D9f6UQv1T4wV389GwyT_pWRr.TT%3DhrF884s1%3D99U%2C99UrF2%3D9rF8-s8B%3Dh%2ChrF4-d-B%3DRhRUh9h9R9rF1BG%3Dhzhhh%2ChrsFPdT%3D9zUcrGPRFdsFPdT%3Dhr-~~dXF%3Dbz9Hh9rsFPdP%3D9hr-PG%3D9Hzpbr)21Y%3DM9hrTT%3D9fOr-~~d~sP%3DhzOUrLF4~%3DhzhbrGPRFdsFPdV2%3Dhghr4-8d2%3DR9%2CH%2Ch%2Ch%2Ch%2Ch%2Ch%2ChrT~%3D9r4-8dB%3DHUcUrFVL%3Dh%2Chr1H4dT%3DRzHf%2CUbzU9r-B%3D9rs8B%3DRy1a3n~p(q!P3e4PFBr2GPRFdT%3DhzfOrTYB%3DOb9fHhRcUfRfUfbhROHRHpUHp9ch9hfRcUOROhUUffHbcRUUHU9OhHHRfbfcccRc9HRc9hcUhOhURfhHUcfOH9Uh9cfbHchphbc99cUrs8~%3DhrFVY%3Dhzhhh%2Chrl)BR4dT%3Dhzfcr--%3DIqr22%3D_orVTdBP%3D4Yrs8X%3DM9r2L%3DhrF2G%3DURrwy%3DHhbcrVTds2%3D9rZY-%3DRrVTdsP%3D4YrVTd22V-%3Dhr2Y%3DTs..1PlrT--d*Q!%3DIq%2CIqrT1-8-R%3D9fOrTBY%3D9bhU9fccf9rT1-8-9%3D9fOrVTdYY%3D99rB2%3DcrGPRFdT%3DRzhHrYY%3DbbhrGXdLE2%3Dhzcbr-~~dT8B%3DhzhUrG8-d-B%3DUbrF.d2ZY%3D9rsFPdF4-dT%3DfzHr-lT3%3DhrB2R%3D9rGd1-Z%3DRhRbcrP1-Y%3Dr2Gl)%3DhzfOrG8-dsFPdT%3DhzpOrGPRFd8d-B%3DRhRUh9h99crG8-dsFPdP%3DhrB-ZT%3DURhrLY%3DRRrGPRFd8dT%3Dhzh9rG8-dT%3Dbb9zORrGPRFdsFPdG8%3D9gM9OrsFPdYG8%3DhrGG%3Dhr2GPRFd-B%3DUbrF.G%3DURrPRFdT%3D9hhhrXFdT%3D9zh9%2Chr-~~d-B%3DRhRUh9hRhHrF1B4%3Dhzhhh%2Chr-8B%3DcU99HbH9prsFPdF4-dV2%3DhrVTd-F2%3DVTTrGXs%3DhzcbrBR4dP%3D9hr2GPR%3DhzfOrH42.%3Dfffzcprl)d~-N%3DhzhbrB~~d-YF)%3D-~~d~8)F1Y8lZdYL-YrBR4dT%3DhzffrF4-dT%3DUbzU9rsFPd-F4-dT%3DfzHrFVX4%3Dhzhhh%2ChrFVXB%3Dhzhhh%2Chr8-kL.%3Dhr8-8.%3DhrsFPdF42dT%3DhrT8B%3DhzhUrVTd4Y%3DJl~L41)LrsFPdF4-dFG%3Dhr2TB4%3DhzhUhr-B%3D9r8YD4Ld8B%3D9br-LPPLFdY1)d8B%3DRUUhc9ff9pr-s44PDdY1)d8B%3DrBLYL2YLBdY1)d8B%3DrG8LX1T8P8YD%3Dhzcbr4l-%3DHr12dYD4L%3D9r1BTPV%3DRUUhc9ff9prFL.d2ZY%3D9r1~4%3D9rl)T8B%3DhzhbhrT.PF%3DhzhUhr-s8B%3Dwqgogw5bKDN9QBIl54L8byDfDigrBY2%3DL1-Yd-2rB~~dLF4~%3D.1P-LrB~~%3D-~~d~8)F1Y8lZdYL-YrTB4214B%3DhrB1P)%3D-~~r-lT4%3DrE8B%3DqemM4sTMHO9fhUpccb9cbhH9rNY~P%3D9r-~~d148%3DG9r8T2%3D9rZ-W%3DRrY)-%3DbRcEfh%7CfbhEfhrT-T%3DhrT-4%3DhrY~E%3DRUR&ZYG=h&~~~=1Cwcw)fUU1XKhi!D7b0ohaZfN2qtPl_itW9I-Ea7OtX%3D&8X=bRc&8Zy.F=9&TBFyB=UOh&T8B=HUfhOp&~2.=bOpfR&DB-4F=9&T1L=iELIi1((1iriELIi11I1irULL&V1Y4FL=9&21Bl~18Z=YWkMNt2PMtMJoNIURMss.BZpnmNR8whIO(BHRDUyo235nJ3dVD3lW)%3D%3D&D4P4=9&8-8B=p&1BG=yZGL-YlF%20Al2s-&--~2FdGLF=p&4)8B=4hHOpUpffchYRhRUh9hR9RHU&--PB=%7B%22--84%22%3A%22ROhR%3A..2c%3AhhhR%3Ahhhh%3Ahhhh%3Ahhhh%3Ahhhh%3Ahhhh%22%2C%22--22%22%3A%22_o%22%2C%22---2%22%3A%22I7%22%2C%22--2YD%22%3A%22is..1Pl%22%7D&4LF.=9&NY~P-F2=9&sflct=8828251&ure=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.168.66 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-168-66.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1973bb0e810b8f54792d7ea56c03749f6792541876847b085f58d64fb7adfc07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2908&&kkdd=n3%7C!%7C3*Ah9HWun&22=_o&G8=9bhU9fccf9p9Hbph9RR&)B4F=h&~-41=h&2BG=99Uh&Y-2L=tHOO&28B=cw_QmO9mO&242B=CU(38tNUgTiUI8vfeWsE40%3D%3D&2F8B=cU99HbH9p&-8WL=bRcEfh&-2=yt&2NZ~=-~~d~8)F1Y8lZdYL-Y&48B=cvnAOh5HR&Y48B=Q6pUOof&NYY4-=9&FFF=7X4d.YbUig2kRB_FlacKT_alw2bFLlT5.nGaw~o10YFR-N~vhJCRoE!6o0iLFsXp&Z-L=p&PX=9&s)B=U&1BY9=cw_AURHpi&1BYR=fOfURcpHR&TB1Y1=-BR%3DZsPPr8sFPdP%3D9hrl)LF4~%3DhzhbrBl~dT%3Dhzp9r-2B%3DZDrF1L%3Dh%2ChrBl~dP%3DRhrGPRFd-B%3DRhRUh9hRhHr8sFPdT%3DObUzcOrsFPdYV2%3DhrsFPdFR1dT%3Dhr-YB%3DRUUhc9ff9prF1Y%3Dhzhhh%2Chr84%3D9f6UQv1T4wV389GwyT_pWRr.TT%3DhrF884s1%3D99U%2C99UrF2%3D9rF8-s8B%3Dh%2ChrF4-d-B%3DRhRUh9h9R9rF1BG%3Dhzhhh%2ChrsFPdT%3D9zUcrGPRFdsFPdT%3Dhr-~~dXF%3Dbz9Hh9rsFPdP%3D9hr-PG%3D9Hzpbr)21Y%3DM9hrTT%3D9fOr-~~d~sP%3DhzOUrLF4~%3DhzhbrGPRFdsFPdV2%3Dhghr4-8d2%3DR9%2CH%2Ch%2Ch%2Ch%2Ch%2Ch%2ChrT~%3D9r4-8dB%3DHUcUrFVL%3Dh%2Chr1H4dT%3DRzHf%2CUbzU9r-B%3D9rs8B%3DRy1a3n~p(q!P3e4PFBr2GPRFdT%3DhzfOrTYB%3DOb9fHhRcUfRfUfbhROHRHpUHp9ch9hfRcUOROhUUffHbcRUUHU9OhHHRfbfcccRc9HRc9hcUhOhURfhHUcfOH9Uh9cfbHchphbc99cUrs8~%3DhrFVY%3Dhzhhh%2Chrl)BR4dT%3Dhzfcr--%3DIqr22%3D_orVTdBP%3D4Yrs8X%3DM9r2L%3DhrF2G%3DURrwy%3DHhbcrVTds2%3D9rZY-%3DRrVTdsP%3D4YrVTd22V-%3Dhr2Y%3DTs..1PlrT--d*Q!%3DIq%2CIqrT1-8-R%3D9fOrTBY%3D9bhU9fccf9rT1-8-9%3D9fOrVTdYY%3D99rB2%3DcrGPRFdT%3DRzhHrYY%3DbbhrGXdLE2%3Dhzcbr-~~dT8B%3DhzhUrG8-d-B%3DUbrF.d2ZY%3D9rsFPdF4-dT%3DfzHr-lT3%3DhrB2R%3D9rGd1-Z%3DRhRbcrP1-Y%3Dr2Gl)%3DhzfOrG8-dsFPdT%3DhzpOrGPRFd8d-B%3DRhRUh9h99crG8-dsFPdP%3DhrB-ZT%3DURhrLY%3DRRrGPRFd8dT%3Dhzh9rG8-dT%3Dbb9zORrGPRFdsFPdG8%3D9gM9OrsFPdYG8%3DhrGG%3Dhr2GPRFd-B%3DUbrF.G%3DURrPRFdT%3D9hhhrXFdT%3D9zh9%2Chr-~~d-B%3DRhRUh9hRhHrF1B4%3Dhzhhh%2Chr-8B%3DcU99HbH9prsFPdF4-dV2%3DhrVTd-F2%3DVTTrGXs%3DhzcbrBR4dP%3D9hr2GPR%3DhzfOrH42.%3Dfffzcprl)d~-N%3DhzhbrB~~d-YF)%3D-~~d~8)F1Y8lZdYL-YrBR4dT%3DhzffrF4-dT%3DUbzU9rsFPd-F4-dT%3DfzHrFVX4%3Dhzhhh%2ChrFVXB%3Dhzhhh%2Chr8-kL.%3Dhr8-8.%3DhrsFPdF42dT%3DhrT8B%3DhzhUrVTd4Y%3DJl~L41)LrsFPdF4-dFG%3Dhr2TB4%3DhzhUhr-B%3D9r8YD4Ld8B%3D9br-LPPLFdY1)d8B%3DRUUhc9ff9pr-s44PDdY1)d8B%3DrBLYL2YLBdY1)d8B%3DrG8LX1T8P8YD%3Dhzcbr4l-%3DHr12dYD4L%3D9r1BTPV%3DRUUhc9ff9prFL.d2ZY%3D9r1~4%3D9rl)T8B%3DhzhbhrT.PF%3DhzhUhr-s8B%3Dwqgogw5bKDN9QBIl54L8byDfDigrBY2%3DL1-Yd-2rB~~dLF4~%3D.1P-LrB~~%3D-~~d~8)F1Y8lZdYL-YrTB4214B%3DhrB1P)%3D-~~r-lT4%3DrE8B%3DqemM4sTMHO9fhUpccb9cbhH9rNY~P%3D9r-~~d148%3DG9r8T2%3D9rZ-W%3DRrY)-%3DbRcEfh%7CfbhEfhrT-T%3DhrT-4%3DhrY~E%3DRUR&ZYG=h&~~~=1Cwcw)fUU1XKhi!D7b0ohaZfN2qtPl_itW9I-Ea7OtX%3D&8X=bRc&8Zy.F=9&TBFyB=UOh&T8B=HUfhOp&~2.=bOpfR&DB-4F=9&T1L=iELIi1((1iriELIi11I1irULL&V1Y4FL=9&21Bl~18Z=YWkMNt2PMtMJoNIURMss.BZpnmNR8whIO(BHRDUyo235nJ3dVD3lW)%3D%3D&D4P4=9&8-8B=p&1BG=yZGL-YlF%20Al2s-&--~2FdGLF=p&4)8B=4hHOpUpffchYRhRUh9hR9RHU&--PB=%7B%22--84%22%3A%22ROhR%3A..2c%3AhhhR%3Ahhhh%3Ahhhh%3Ahhhh%3Ahhhh%3Ahhhh%22%2C%22--22%22%3A%22_o%22%2C%22---2%22%3A%22I7%22%2C%22--2YD%22%3A%22is..1Pl%22%7D&4LF.=9&NY~P-F2=9&sflct=8828251&ure=1
Origin
https://contextual.media.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 12:34:52 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 16 May 2016 10:39:41 GMT
server
Apache
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
25720
expires
Wed, 03 Jan 2024 12:34:52 GMT
bql.php
lg3.media.net/ Frame 3DAB 		15 B
178 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lg3.media.net/bql.php?vgd_len=5459&&vgd_canary=0&vgd_l2type=scs_newfl&fp=8bqi_qwhp5N04fc4pXUp4Dj0IjlGyOyYxktq_U_HvtLcpDK7p8PAE09pUHZ-YH2zFi8BTCYa9xL4Q6Xew52IXWKeYJEUNgag3oFmFUO7IASFN13jZayw5n5MjVHUa_K33PhwcG1JclFrOiM9rrokgrgm_rnR1j6ili3zgb4jelw%3D&cme=f6R4ihUzCdIxJZrhEpBdR9kBgdNI_8oVj2Zbixn2I7G10YcbGJS8Vwz4ReTgdvvVfoWPXa-tKoyR8iwU4PnbPMFmLQ0oSO8kIK55-8T1w1qSYqqNyAXN8o9DIUkzOlEJDI8A6Aqy_B_KUAn57glDcrPNgiBftmFnNaNAipyDjiayM6ZHbdGSn6JCmhn2pL-5acwrzaV1SsrbAoBG7xCLwFD7d4NZMJfKVrrqULkDvTY%3D%7C%7Ca0AmFUYXmD5EU_51WtXtM5Gt2jyIgGHhOzuTrXhi5OWhJA-jgorFKw9G0A3pQbD8HjB54MzUZIo%3D%7CcPcb3VhU0BVjXgWFWEAzinttU1oq1ouO%7CEBbuCzoCAdwbwlq0xRF9utepEebucXjlE2GN2xNZmrBkC9U0GaQdPHejOEd1Xc8AtCOxQKO10p2zlh8lLgw-ZlMx2slDa32VK0MC_g69UkMxPj6tWOIrgXPk_AaZB8gtg5puJvGMcy2bsxckbWguKdAsclNCbw-T99OXfQ5cW9MhTMBHJG_gUl-75Nh89RsHNfGtGkXk7cv0pfXFJRFmvMpuygnIJTY6IYiE8W_2DrNh8iiLuvdKenhd2e5B_Mgg77tY9w3AnsVf4UBy6qKrxd4PfuurkEv7OiPT3sVI2saQyPIyYYhpOw%3D%3D%7Cu8A6SM53vAegAGxV45CeTQhqXMfGG42b%7CVZH8mW-OwxRAU9C_y1JtNKIVRXBvqVJN%7CWGV0YFlErcpuo3Pma1EBA706uXx3IZ3_s1njI9zvr5U%3D%7C&subBdr=196&bdrid=460&ksu=224&fdkt=475&vgde_kbbh=ffoyxQJuO&kwd[]=Best+Dentist+Near+You&kwt[]=475&kbc[]=94be68621cde5d77e1c7c5a79157d06a.d2s&kwp[]=1&kid[]=329462294&kbc2[]=eset%3D1%7Ce_st%3D37%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0004%7C8%3D010117%7C13%3D0.0981%7C14%3D010206%7Cokt%3D475%7Cbdkt%3D475%7Cir%3D1%7Ciid%3D8421106%7Cps%3D0.914%7C1%3D1.99%7C2%3D7.67&ktd[]=275700388096&kwd[]=Personal+Loans+for+Very+Poor+Credit&kwt[]=475&kbc[]=94be68621cde5d77e1c7c5a79157d06a.d2s&kwp[]=2&kid[]=329491837&kbc2[]=eset%3D1%7Ce_st%3D37%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C19%3D0.00%7C7%3D0.0003%7C8%3D010117%7C13%3D0.1105%7C14%3D010206%7Cokt%3D475%7Cbdkt%3D475%7Cir%3D1%7Ciid%3D4860847%7Cps%3D0.914%7C1%3D1.17%7C2%3D8.44&ktd[]=4503875327758592&v=1&geo=42.37%7C-71.1&dlper=20&lper=100&lpid=&tsid=4&hint=&cc=US&wsip=170774850&bca=0&ugd=4&vgde_setid=Nff&ssld=%7B%22QQNN%22%3A%22Pb%22%2C%22QQN75%22%3A%22Rxkk1jm%22%2C%22QQ8E%22%3A%22fF9f%3AkkNW%3A999f%3A9999%3A9999%3A9999%3A9999%3A9999%22%2C%22QQQN%22%3A%22I3%22%7D&cid=8CUTX61X6&vi=1704198891513750122&vsid=3472004916634949&tdAdd[]=asnum%3D20278&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_adprefflag=11&vgd_adpref_diff=0100&vgd_fm_lang=EN&vgd_implt=3&vgd_cage=11&vgd_tsce=L366-S366&vgd_l3_sc=IL&vgd_chost=contextual.media.net&vgd_sslb=1111&vgd_hb_audit_1=8CUF4235B&vgd_hb_audit_2=969428532&vgd_pdtid=1&vgd_nrrv=37575&vgd_nrrmf=43001c82a&vgd_nrrsf=scrr&vgd_cty=cambridge&vgd_ifrmode=14&sttm=1704198891815&upk=1704198892.4510&hvsid=00001704198891815016112663493870&verid=3111299&sbdrId=196&tsrc=entity&tdAdd[]=%7C%40%7Cfsap%3D1%7C%40%7Clsat%3D3&vgd_l1rakh=1704198891133494180&vgd_ecrid=1700080807684000728009000059500&vgd_isiolc=1&kbbq=%26asn%3D20278&vgde_ydsp=%7B%22QEx%22%3A%22%2FKTP4nXuWX%22%7D&vgd_mcf=76592&vgd_vstrid=3472004916634949&vgde_bdata=QOfvzxjj~8xLjMjvu9~myJLEYv9.9h~OmYMGv9.Xu~QNOvz5~L1Jv9%2C9~OmYMjvf9~ejfLMQOvf9fH9u9f9A~8xLjMGvFhH.WF~xLjM7UNv9~xLjMLf1MGv9~Q7OvfHH9WuiiuX~L17v9.999%2C9~8Evui6H_01GE%3DUd8ue%3DVGPXlf~kGGv9~L88Ex1vuuH%2CuuH~LNvu~L8Qx8Ov9%2C9~LEQMQOvf9fH9u9ufu~L1Oev9.999%2C9~xLjMGvu.HW~ejfLMxLjMGv9~QYYMBLvh.uA9u~xLjMjvu9~QjevuA.Xh~yN17vou9~GGvuiF~QYYMYxjv9.FH~JLEYv9.9h~ejfLMxLjMUNv949~EQ8MNvfu%2CA%2C9%2C9%2C9%2C9%2C9%2C9~GYvu~EQ8MOvAHWH~LUJv9%2C9~1AEMGvf.Ai%2CHh.Hu~QOvu~x8OvfV1ZdaYX%20KpjdrEjLO~NejfLMGv9.iF~G7OvFhuiA9fWHifiHih9fFAfAXHAXuW9u9ifWHFfF9HHiiAhWfHHAHuF9AAfihiWWWfWuAfWu9WH9F9Hfi9AHWiFAuH9uWihAW9X9hWuuWH~x8Yv9~LU7v9.999%2C9~myOfEMGv9.iW~QQvIK~NNvPb~UGMOjvE7~x8Bvou~NJv9~LNevHf~%3DVvA9hW~UGMxNvu~z7Qvf~UGMxjvE7~UGMNNUQv9~N7vGxkk1jm~GQQMC_pvIK%2CIK~G1Q8QfvuiF~GO7vuh9HuiWWiu~G1Q8QuvuiF~UGM77vuu~ONvW~ejfLMGvf.9A~77vhh9~eBMJ-Nv9.Wh~QYYMG8Ov9.9H~e8QMQOvHh~LkMNz7vu~xLjMLEQMGvi.A~QmGdv9~ONfvu~eM1Qzvf9fhW~j1Q7v~Nemyv9.iF~e8QMxLjMGv9.XF~ejfLM8MQOvf9fH9u9uuW~e8QMxLjMjv9~OQzGvHf9~J7vff~ejfLM8MGv9.9u~e8QMGvhhu.Ff~ejfLMxLjMe8vu4ouF~xLjM7e8v9~eev9~NejfLMQOvHh~LkevHf~jfLMGvu999~BLMGvu.9u%2C9~QYYMQOvf9fH9u9f9A~L1OEv9.999%2C9~Q8OvWHuuAhAuX~xLjMLEQMUNv9~UGMQLNvUGG~eBxv9.Wh~OfEMjvu9~Nejfv9.iF~AENkviii.WX~myMYQwv9.9h~OYYMQ7LyvQYYMY8yL178mzM7JQ7~OfEMGv9.ii~LEQMGvHh.Hu~xLjMQLEQMGvi.A~LUBEv9.999%2C9~LUBOv9.999%2C9~8QDJkv9~8Q8kv9~xLjMLENMGv9~G8Ov9.9H~UGME7vqmYJE1yJ~xLjMLEQMLev9~NGOEv9.9H9~QOvu~875EJM8Ovuh~QJjjJLM71yM8OvfHH9WuiiuX~QxEEj5M71yM8Ov~OJ7JN7JOM71yM8Ov~e8JB1G8j875v9.Wh~EmQvA~1NM75EJvu~1OGjUvfHH9WuiiuX~LJkMNz7vu~1YEvu~myG8Ov9.9h9~GkjLv9.9H9~Qx8Ov%3DK4b4%3D%2Fh25wu_OIm%2FEJ8hV5i5R4~O7NvJ1Q7MQN~OYYMJLEYvk1jQJ~OYYvQYYMY8yL178mzM7JQ7~GOEN1EOv9~O1jyvQYY~QmGEv~-8OvKrtoExGoAFui9HXWWhuWh9Au~w7Yjvu~QYYM1E8veu~8GNvu~zQlvf~7yQvhfW-i9%7Cih9-i9~GQGv9~GQEv9~7Y-vfHf&vgd_cfud=230323&vgd_scsver=307&vgd_optout=0&vgd_ydspr=1&vgd_l2shld=1&vgd_rensize=728_90&vgd_scr_h=1200&vgd_scr_w=1600&vgd_dma=602&vgd_ect=4g&vgde_ydata=duh%25Aru&vgd_l1cdv=1140&vgd_l1rpth=%2Fnmedianet.js&vgd_lbt=50&vgd_mbr=1&vgd_pgids=1&tdAdd[]=uiparams%3D%3Brend_w%3A728%3Brend_h%3A90&vgd_uspa=0&vgd_sc=IL&vgd_l1rhst=contextual.media.net&hvsid=00001704198891815016112663493870&rc=0&rand=1704198892139&acid=86932eb44ac7adf9ef948cf90f07bf40&matm=1704198892139&vgd_ltimesrc=1&vgd_ltime=551&vgd_rtime=508&vgd_etm=13&vgd_l1hcsd=Otp9r%7C8731&vgda_l1btm=%5B%22SPAMPXL%22%2C%22PRLG%22%2C%22URLDC%22%5D&vgd_l1ch=1&vgd_lhl=6371&vgd_pgid=p0365459980t202401021234&vgd_csip=rtb-appnexus-7fcc865bf5-gvp2v.SC&vgd_sbSup=1&vgd_nrrs=37575&vgd_cntrdt=SF%7C1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com&vgd_eadm=1&vgd_matchstr=hr%3D0%7Cbcat%3D7%2Cgo%2Ci2%7Ccsh%3D1&vgd_end=2
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?ule=2908&&kkdd=n3%7C!%7C3*Ah9HWun&22=_o&G8=9bhU9fccf9p9Hbph9RR&)B4F=h&~-41=h&2BG=99Uh&Y-2L=tHOO&28B=cw_QmO9mO&242B=CU(38tNUgTiUI8vfeWsE40%3D%3D&2F8B=cU99HbH9p&-8WL=bRcEfh&-2=yt&2NZ~=-~~d~8)F1Y8lZdYL-Y&48B=cvnAOh5HR&Y48B=Q6pUOof&NYY4-=9&FFF=7X4d.YbUig2kRB_FlacKT_alw2bFLlT5.nGaw~o10YFR-N~vhJCRoE!6o0iLFsXp&Z-L=p&PX=9&s)B=U&1BY9=cw_AURHpi&1BYR=fOfURcpHR&TB1Y1=-BR%3DZsPPr8sFPdP%3D9hrl)LF4~%3DhzhbrBl~dT%3Dhzp9r-2B%3DZDrF1L%3Dh%2ChrBl~dP%3DRhrGPRFd-B%3DRhRUh9hRhHr8sFPdT%3DObUzcOrsFPdYV2%3DhrsFPdFR1dT%3Dhr-YB%3DRUUhc9ff9prF1Y%3Dhzhhh%2Chr84%3D9f6UQv1T4wV389GwyT_pWRr.TT%3DhrF884s1%3D99U%2C99UrF2%3D9rF8-s8B%3Dh%2ChrF4-d-B%3DRhRUh9h9R9rF1BG%3Dhzhhh%2ChrsFPdT%3D9zUcrGPRFdsFPdT%3Dhr-~~dXF%3Dbz9Hh9rsFPdP%3D9hr-PG%3D9Hzpbr)21Y%3DM9hrTT%3D9fOr-~~d~sP%3DhzOUrLF4~%3DhzhbrGPRFdsFPdV2%3Dhghr4-8d2%3DR9%2CH%2Ch%2Ch%2Ch%2Ch%2Ch%2ChrT~%3D9r4-8dB%3DHUcUrFVL%3Dh%2Chr1H4dT%3DRzHf%2CUbzU9r-B%3D9rs8B%3DRy1a3n~p(q!P3e4PFBr2GPRFdT%3DhzfOrTYB%3DOb9fHhRcUfRfUfbhROHRHpUHp9ch9hfRcUOROhUUffHbcRUUHU9OhHHRfbfcccRc9HRc9hcUhOhURfhHUcfOH9Uh9cfbHchphbc99cUrs8~%3DhrFVY%3Dhzhhh%2Chrl)BR4dT%3Dhzfcr--%3DIqr22%3D_orVTdBP%3D4Yrs8X%3DM9r2L%3DhrF2G%3DURrwy%3DHhbcrVTds2%3D9rZY-%3DRrVTdsP%3D4YrVTd22V-%3Dhr2Y%3DTs..1PlrT--d*Q!%3DIq%2CIqrT1-8-R%3D9fOrTBY%3D9bhU9fccf9rT1-8-9%3D9fOrVTdYY%3D99rB2%3DcrGPRFdT%3DRzhHrYY%3DbbhrGXdLE2%3Dhzcbr-~~dT8B%3DhzhUrG8-d-B%3DUbrF.d2ZY%3D9rsFPdF4-dT%3DfzHr-lT3%3DhrB2R%3D9rGd1-Z%3DRhRbcrP1-Y%3Dr2Gl)%3DhzfOrG8-dsFPdT%3DhzpOrGPRFd8d-B%3DRhRUh9h99crG8-dsFPdP%3DhrB-ZT%3DURhrLY%3DRRrGPRFd8dT%3Dhzh9rG8-dT%3Dbb9zORrGPRFdsFPdG8%3D9gM9OrsFPdYG8%3DhrGG%3Dhr2GPRFd-B%3DUbrF.G%3DURrPRFdT%3D9hhhrXFdT%3D9zh9%2Chr-~~d-B%3DRhRUh9hRhHrF1B4%3Dhzhhh%2Chr-8B%3DcU99HbH9prsFPdF4-dV2%3DhrVTd-F2%3DVTTrGXs%3DhzcbrBR4dP%3D9hr2GPR%3DhzfOrH42.%3Dfffzcprl)d~-N%3DhzhbrB~~d-YF)%3D-~~d~8)F1Y8lZdYL-YrBR4dT%3DhzffrF4-dT%3DUbzU9rsFPd-F4-dT%3DfzHrFVX4%3Dhzhhh%2ChrFVXB%3Dhzhhh%2Chr8-kL.%3Dhr8-8.%3DhrsFPdF42dT%3DhrT8B%3DhzhUrVTd4Y%3DJl~L41)LrsFPdF4-dFG%3Dhr2TB4%3DhzhUhr-B%3D9r8YD4Ld8B%3D9br-LPPLFdY1)d8B%3DRUUhc9ff9pr-s44PDdY1)d8B%3DrBLYL2YLBdY1)d8B%3DrG8LX1T8P8YD%3Dhzcbr4l-%3DHr12dYD4L%3D9r1BTPV%3DRUUhc9ff9prFL.d2ZY%3D9r1~4%3D9rl)T8B%3DhzhbhrT.PF%3DhzhUhr-s8B%3Dwqgogw5bKDN9QBIl54L8byDfDigrBY2%3DL1-Yd-2rB~~dLF4~%3D.1P-LrB~~%3D-~~d~8)F1Y8lZdYL-YrTB4214B%3DhrB1P)%3D-~~r-lT4%3DrE8B%3DqemM4sTMHO9fhUpccb9cbhH9rNY~P%3D9r-~~d148%3DG9r8T2%3D9rZ-W%3DRrY)-%3DbRcEfh%7CfbhEfhrT-T%3DhrT-4%3DhrY~E%3DRUR&ZYG=h&~~~=1Cwcw)fUU1XKhi!D7b0ohaZfN2qtPl_itW9I-Ea7OtX%3D&8X=bRc&8Zy.F=9&TBFyB=UOh&T8B=HUfhOp&~2.=bOpfR&DB-4F=9&T1L=iELIi1((1iriELIi11I1irULL&V1Y4FL=9&21Bl~18Z=YWkMNt2PMtMJoNIURMss.BZpnmNR8whIO(BHRDUyo235nJ3dVD3lW)%3D%3D&D4P4=9&8-8B=p&1BG=yZGL-YlF%20Al2s-&--~2FdGLF=p&4)8B=4hHOpUpffchYRhRUh9hR9RHU&--PB=%7B%22--84%22%3A%22ROhR%3A..2c%3AhhhR%3Ahhhh%3Ahhhh%3Ahhhh%3Ahhhh%3Ahhhh%22%2C%22--22%22%3A%22_o%22%2C%22---2%22%3A%22I7%22%2C%22--2YD%22%3A%22is..1Pl%22%7D&4LF.=9&NY~P-F2=9&sflct=8828251&ure=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.199.48.23 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-199-48-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Tue, 02 Jan 2024 12:34:52 GMT
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
timing-allow-origin
*
content-length
15
expires
Tue, 02 Jan 2024 12:34:52 GMT
ptmd
dts.clnmde.com/ Frame E54A 		70 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dts.clnmde.com/ptmd?t=170419889197131396635828_N4IgpgHiBcIAwgDQgM4GMD2MQEYDscALDgJwAcZJOA+gGy2WF5k6EDMtOSqmAZjDmToMAF2z4ipClToMSTFu07UyAIwBMcMnlU446tCTBswAVl68wAExxpWza2ubdhI-tEE9RV7ADkAgi6YIlbuALTqyGAA1gCG2KYcRqFwYbEktKphODhgYGFkvDhWYXjknOqFcLZcUdGqAshoAG4o2MAAOiAANhhosd3UKCIYAE6xAOZgXdBdibTJvKnpmdm5+YXFpeU4lUs1XYhdKGAoKACWGAB2QyPjUzNzSdZLaRlZOXkFRSVlZBVVA5ILqYDDRc5gahWWIiWKPEDzRbLd5rL6bX47PbVOxdAC+LlhIgArm1oABtdRsRCaAC6yAAXvEPMgAA4TbDNbgTAAW4gIxHIlFIeBwbFFGVobFMZEq3Fa2FoADo4IrTHh1NwBjAqSBeGgYNkoiJznzJIKqNw0GgfLAAKoAZQJ7OgcCE0VNAukNHojGYrA4tXA5xZ2AyipIivUhAjhFMcrAo2wLNGGB8USJTM8RJNzPAzW6MDJoCusQAtmBsKpzlYrAnqNXuNDYTBQFWa3WG7BCLQEMhmud6zbcPypELTKK8KZquoNbjcYhi2WK7BYmgG8gm0zQKvOyB-iQ2OowKpCIRV3hYqEjLx5GQ0De4EsdLxCL2QP3Bx7R1Rx2xJ9PZ1xOkQBZeVyWAlBumGL9zVIThuG6dxPFUboxGgV8mhJERP1gMgAGFbQAFQADU4Ui5QHXcJE9McJynXYNSiWIQ3JEAwwjKMYzjYDeDZNCETIbhRmsGBXRACZ9Q8EdzUpaVkAAR2XTxeBzQhWRY0xpVxIA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.96.116 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
116.96.111.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 12:34:52 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-powered-by
Express
access-control-max-age
1800
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
alt-svc
clear
log
lg3.media.net/ Frame E54A 		35 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/log?logid=kfk&evtid=perf&cid=8CUTX61X6&vi=1704198891513750122&hvsid=00001704198891815016112663493870&cdv=1140&bid=349065&l2s_dnsTime=0&l2s_connectionTime=0&l2s_waitTime=286&l2s_downloadTime=10&l2s_total=297&l2s_start=228&l2s_sslTime=0&l2s_trfSize=30.4&l2s_decSize=73.4&l2s_encSize=30.1&l2s_nhp=h2&l2s_host=contextual.media.net&bql_dnsTime=0&bql_connectionTime=0&bql_waitTime=75&bql_downloadTime=0&bql_total=76&bql_start=363&bql_sslTime=0&bql_trfSize=0.3&bql_decSize=0.0&bql_encSize=0.0&bql_nhp=h2&bql_host=lg3.media.net&l1s_dnsTime=0&l1s_connectionTime=56&l1s_waitTime=124&l1s_downloadTime=31&l1s_total=155&l1s_start=40&l1s_sslTime=30&l1s_trfSize=38.6&l1s_decSize=101.5&l1s_encSize=38.3&l1s_nhp=h2&l1s_host=contextual.media.net&font_dnsTime=0&font_connectionTime=0&font_waitTime=42&font_downloadTime=8&font_total=50&font_start=309&font_sslTime=0&font_trfSize=25.4&font_decSize=25.1&font_encSize=25.1&font_nhp=h2&font_host=contextual.media.net&kimg_dnsTime=0&kimg_connectionTime=0&kimg_waitTime=35&kimg_downloadTime=4&kimg_total=40&kimg_start=307&kimg_sslTime=0&kimg_trfSize=14.2&kimg_decSize=13.9&kimg_encSize=13.9&kimg_nhp=h2&kimg_host=contextual.media.net&gdpr=0&mspa=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.199.48.23 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-199-48-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:53 GMT
strict-transport-security
max-age=21600
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Tue, 02 Jan 2024 12:34:53 GMT
universal.min.js
tag.navdmp.com/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.navdmp.com/universal.min.js
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/dfp/49fd207b-10c8-4894-9b57-08d90e6f6fd7
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:bf3 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e6123603aeabe4b8467cc64a9ee3329093d346f494179fea936f699aeec37fdd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 12:34:54 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 05 Apr 2023 20:59:24 GMT
server
cloudflare
age
2561
etag
W/"642de12c-36d1"
vary
Accept-Encoding
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
*
content-type
application/javascript
cache-control
max-age=3600
cf-ray
83f309f09aba6aee-BUF
expires
Tue, 02 Jan 2024 12:05:04 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame E54A 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssAxE859QyPQw_LECyeGd0vWjdbP3Y5Cg3q6VpQ0yiPNHx863VMzJi9TFA8Ju0JW_CfgrOzIFXxvxmZW4y41SGUfF3GKnMu1R3pNRNef1BKKhUHbpKTKAOe&sig=Cg0ArKJSzHZ62F00L-x7EAE&id=lidar2&mcvt=1000&p=1245,436,1339,1164&mtos=0,883,1000,1067,1183&tos=0,883,117,67,116&v=20231213&bin=7&avms=nio&bs=0,0&mc=0.79&if=1&vu=1&app=0&itpl=20&adk=2440819915&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704198891605&rpt=275&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bqi.php
lg3.media.net/ Frame E54A 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bqi.php?vgd_len=2797&lf=3&&vgd_hb_audit_1=8CUF4235B&vgd_hb_audit_2=969428532&vgd_tsce=L366&vgd_l2type=scs_newfl&vgd_ydspr=1&vgd_bid=349065&vgd_cdv=1140&vgd_cage=11&vgd_rensize=728_90&vgde_bdata=QOfvzxjj~8xLjMjvu9~myJLEYv9.9h~OmYMGv9.Xu~QNOvz5~L1Jv9%2C9~OmYMjvf9~ejfLMQOvf9fH9u9f9A~8xLjMGvFhH.WF~xLjM7UNv9~xLjMLf1MGv9~Q7OvfHH9WuiiuX~L17v9.999%2C9~8Evui6H_01GE%3DUd8ue%3DVGPXlf~kGGv9~L88Ex1vuuH%2CuuH~LNvu~L8Qx8Ov9%2C9~LEQMQOvf9fH9u9ufu~L1Oev9.999%2C9~xLjMGvu.HW~ejfLMxLjMGv9~QYYMBLvh.uA9u~xLjMjvu9~QjevuA.Xh~yN17vou9~GGvuiF~QYYMYxjv9.FH~JLEYv9.9h~ejfLMxLjMUNv949~EQ8MNvfu%2CA%2C9%2C9%2C9%2C9%2C9%2C9~GYvu~EQ8MOvAHWH~LUJv9%2C9~1AEMGvf.Ai%2CHh.Hu~QOvu~x8OvfV1ZdaYX%20KpjdrEjLO~NejfLMGv9.iF~G7OvFhuiA9fWHifiHih9fFAfAXHAXuW9u9ifWHFfF9HHiiAhWfHHAHuF9AAfihiWWWfWuAfWu9WH9F9Hfi9AHWiFAuH9uWihAW9X9hWuuWH~x8Yv9~LU7v9.999%2C9~myOfEMGv9.iW~QQvIK~NNvPb~UGMOjvE7~x8Bvou~NJv9~LNevHf~%3DVvA9hW~UGMxNvu~z7Qvf~UGMxjvE7~UGMNNUQv9~N7vGxkk1jm~GQQMC_pvIK%2CIK~G1Q8QfvuiF~GO7vuh9HuiWWiu~G1Q8QuvuiF~UGM77vuu~ONvW~ejfLMGvf.9A~77vhh9~eBMJ-Nv9.Wh~QYYMG8Ov9.9H~e8QMQOvHh~LkMNz7vu~xLjMLEQMGvi.A~QmGdv9~ONfvu~eM1Qzvf9fhW~j1Q7v~Nemyv9.iF~e8QMxLjMGv9.XF~ejfLM8MQOvf9fH9u9uuW~e8QMxLjMjv9~OQzGvHf9~J7vff~ejfLM8MGv9.9u~e8QMGvhhu.Ff~ejfLMxLjMe8vu4ouF~xLjM7e8v9~eev9~NejfLMQOvHh~LkevHf~jfLMGvu999~BLMGvu.9u%2C9~QYYMQOvf9fH9u9f9A~L1OEv9.999%2C9~Q8OvWHuuAhAuX~xLjMLEQMUNv9~UGMQLNvUGG~eBxv9.Wh~OfEMjvu9~Nejfv9.iF~AENkviii.WX~myMYQwv9.9h~OYYMQ7LyvQYYMY8yL178mzM7JQ7~OfEMGv9.ii~LEQMGvHh.Hu~xLjMQLEQMGvi.A~LUBEv9.999%2C9~LUBOv9.999%2C9~8QDJkv9~8Q8kv9~xLjMLENMGv9~G8Ov9.9H~UGME7vqmYJE1yJ~xLjMLEQMLev9~NGOEv9.9H9~QOvu~875EJM8Ovuh~QJjjJLM71yM8OvfHH9WuiiuX~QxEEj5M71yM8Ov~OJ7JN7JOM71yM8Ov~e8JB1G8j875v9.Wh~EmQvA~1NM75EJvu~1OGjUvfHH9WuiiuX~LJkMNz7vu~1YEvu~myG8Ov9.9h9~GkjLv9.9H9~Qx8Ov%3DK4b4%3D%2Fh25wu_OIm%2FEJ8hV5i5R4~O7NvJ1Q7MQN~OYYMJLEYvk1jQJ~OYYvQYYMY8yL178mzM7JQ7~GOEN1EOv9~O1jyvQYY~QmGEv~-8OvKrtoExGoAFui9HXWWhuWh9Au~w7Yjvu~QYYM1E8veu~8GNvu~zQlvf~7yQvhfW-i9%7Cih9-i9~GQGv9~GQEv9~7Y-vfHf&vgd_lbt=50&vgda_l1btm=%5B%22SPAMPXL%22%2C%22PRLG%22%2C%22URLDC%22%5D&gdpr=0&mspa=0&prid=8PRVCXX19&cid=8CUTX61X6&crid=841137315&rrr=Ywp_ft74BEcR2dUroG8ZbUGoCc7reobVfOvGCmSaQtr2shmP0HM2SxWJSQBeruw5&requrl=https%3A%2F%2Fapp.bigonline.top.enquetebbb.com.br%2F&vi=1704198891513750122&ugd=4&cc=US&sc=IL&bdrid=460&subBdr=196&startTime=1704198891809&l1ch=1&l1hcsd=l1!Otp9r|8731&mmm=aMC8Cg944awZ0BWyY7QS0Gn9hcALloUBLz1NsxGY6Lw=&buid=349065&sttm=1704198891815&upk=1704198892.4510&hvsid=00001704198891815016112663493870&acid=86932eb44ac7adf9ef948cf90f07bf40&verid=3111299&infr=1&twna=1&dma=602&stime=1704198891645&tsrc=entity&tdAdd[]=%7C%40%7Cfsap%3D1%7C%40%7Clsat%3D3&vgd_l1rhst=contextual.media.net&vgd_l1rakh=1704198891133494180&vgd_sc=IL&vgd_ecrid=1700080807684000728009000059500&vgd_uspa=0&vgd_isiolc=1&vgd_pgid=p0365459980t202401021234&vgd_pgids=1&vgd_end=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.199.48.23 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-199-48-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Tue, 02 Jan 2024 12:34:53 GMT
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
15
expires
Tue, 02 Jan 2024 12:34:53 GMT
log
hblg.media.net/ Frame E54A 		35 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?logid=kfke&evtid=adpvlog&__q=AfIFMgCAjAQAAACAAAAAgAEAAAAIAAAEAAEAAAAAAgEEAAAAAAAAIAAAAAAAAAxQwAQAQDg2OTMyZWI0NGFjN2FkZjllZjk0OGNmOTBmMDdiZjQw6LjCnAeYBwRVU0ZhcHAuYmlnb25saW5lLnRvcC5lbnF1ZXRlYmJiLmNvbS5ichI4Q1VGNDIzNUIADDcyOHg5MA5lYXN0X3NjBDIzBkFEWBI4UFIxMTNKR0MOQklEX0FQSQAAAjBAcnRiLWFwcG5leHVzLTdmY2M4NjViZjUtZ3ZwMnYuU0M-MTcwMDA4MDgwNzY4NDAwMDcyODAwOTAwMDA1OTUwMAIwACIAEEVYQ0hBTkdFAgJk&evttyp=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.199.48.23 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-199-48-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:53 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Tue, 02 Jan 2024 12:34:53 GMT
46575
tag.navdmp.com/u/ 		497 B
475 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.navdmp.com/u/46575
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:bf3 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
27f6c8c22d2d9d2f7483a241cd3197bb47761032845bdd1c28cc0e2713484af3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 12:34:54 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 06 Apr 2023 18:41:30 GMT
server
cloudflare
etag
W/"642f125a-1f1"
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
*
content-type
application/javascript
cache-control
max-age=3600
cf-ray
83f309f0dadf6aee-BUF
expires
Tue, 02 Jan 2024 13:34:54 GMT
usr
usr.navdmp.com/ 		359 B
430 B 		Script
General
Check archive.org
Download Go to
Full URL
https://usr.navdmp.com/usr?v=7&acc=46575&u=1&new=1&wst=0&wct=1&wla=1
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:bf3 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
eb6c067b2cc0a2df996e078d9d39e426388e2ec72605119b801f9fbd6ad3deac

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
public
date
Tue, 02 Jan 2024 12:34:54 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript
p3p
CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
max-age=3600
act
f0
cf-ray
83f309f1cb386aee-BUF
expires
Tue, 02 Jan 2024 13:34:54 GMT
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fapp.bigonline.top.enquetebbb.com.br%2F&domain=app.bigonline.top.enquetebbb.com.br&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=GHqbQXxkTmx3VC9CN3Vnd1hHU3NvSXVaWitlNi9IR2J2M3F1U0RlTk85eFgyNmQ0ZmNaUlV3TExENm93UHpYVzJoVFdoMkRMWjRRSEhWTUU0ZDg3TUtnTDg1cU9BeW4vVjJlcXJxeG5vaHA4bTNub0x6VzMraSt5cGYzTU...
458 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=GHqbQXxkTmx3VC9CN3Vnd1hHU3NvSXVaWitlNi9IR2J2M3F1U0RlTk85eFgyNmQ0ZmNaUlV3TExENm93UHpYVzJoVFdoMkRMWjRRSEhWTUU0ZDg3TUtnTDg1cU9BeW4vVjJlcXJxeG5vaHA4bTNub0x6VzMraSt5cGYzTUE1MzN6ckxRMWhJS29ETUt6Wk1kOXBNY3FuQ21SS1pRa2lId25ySkYvMkRnYUQySXFhemFsOGgvdW4rUUFqV0ZEVS9QeEhIZkdOTkxRVDZQSjhNMk1STWZoZ3JmdGRZMTYzazloNHpTU0hpc1R0aGJiekd6Y0oxc25SRDBwamM0VFI5cWhodmdvNjBSeVM4MmlLTGU4OXBaVmNiYjBoNTNtTDV3QWdSemxrK1FYQU1xdkVreDR2aU4vLytkcmU1aWpIbklxUTNLUHw&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
30df5fb89cc696d1d7d3af81f2afcd4c5e0dcc01141dd83a09a74c0ea9fb0b6f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:54 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1495458
expires
0

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:53 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
access-control-allow-origin
https://app.bigonline.top.enquetebbb.com.br
location
https://mug.criteo.com/sid?cpp=GHqbQXxkTmx3VC9CN3Vnd1hHU3NvSXVaWitlNi9IR2J2M3F1U0RlTk85eFgyNmQ0ZmNaUlV3TExENm93UHpYVzJoVFdoMkRMWjRRSEhWTUU0ZDg3TUtnTDg1cU9BeW4vVjJlcXJxeG5vaHA4bTNub0x6VzMraSt5cGYzTUE1MzN6ckxRMWhJS29ETUt6Wk1kOXBNY3FuQ21SS1pRa2lId25ySkYvMkRnYUQySXFhemFsOGgvdW4rUUFqV0ZEVS9QeEhIZkdOTkxRVDZQSjhNMk1STWZoZ3JmdGRZMTYzazloNHpTU0hpc1R0aGJiekd6Y0oxc25SRDBwamM0VFI5cWhodmdvNjBSeVM4MmlLTGU4OXBaVmNiYjBoNTNtTDV3QWdSemxrK1FYQU1xdkVreDR2aU4vLytkcmU1aWpIbklxUTNLUHw&cppv=2
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
301637
content-length
0
expires
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fapp.bigonline.top.enquetebbb.com.br%2F&domain=app.bigonline.top.enquetebbb.com.br&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://app.bigonline.top.enquetebbb.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://app.bigonline.top.enquetebbb.com.br
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 02 Jan 2024 12:34:54 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
230391
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame F79B 		35 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUM45834&prvid=2012%2C2034%2C2033%2C2055%2C2031%2C2030%2C3020%2C251%2C175%2C450%2C2009%2C550%2C178%2C233%2C2028%2C3018%2C2027%2C3017%2C214%2C236%2C237%2C117%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C2022%2C3012%2C3010%2C141%2C262%2C461%2C222%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C10000%2C404%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.168.66 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-168-66.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
13c0e5cc61a713f6a517a6b34bbf4f85c65784517ed574c23ad0a98aedae14b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://app.bigonline.top.enquetebbb.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
11792
content-type
text/html; charset=UTF-8
date
Tue, 02 Jan 2024 12:34:54 GMT
expires
Thu, 04 Jan 2024 12:34:54 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
usync.html
eus.rubiconproject.com/ Frame FC5D 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.47.170.102 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://app.bigonline.top.enquetebbb.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 02 Jan 2024 12:34:54 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 19BD 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
e16cf64e732ddd210302c5591723d4622645fe85c04550b8fe3e700c21645cc4

Request headers

Referer
https://app.bigonline.top.enquetebbb.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1343
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 12:34:54 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
async_usersync.html
acdn.adnxs.com/dmp/ Frame 22D8 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: tags.premiumads.com.br
URL: https://tags.premiumads.com.br/scripts/pbjs-min.js?v=20230601
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://app.bigonline.top.enquetebbb.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
25377
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 02 Jan 2024 12:34:54 GMT
ETag
W/"623de86a-cf34"
Expires
Sun, 17 Dec 2023 05:31:30 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
309, 23728
X-Served-By
cache-lga13626-LGA, cache-yyz4537-YYZ
X-Timer
S1704198894.427517,VS0,VE0
xuid
eb2.3lift.com/ Frame 19BD
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=af38e5ef-962e-4c54-b33b-218628dd34a2&dongle=0cfd&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=af38e5ef-962e-4c54-b33b-218628dd34a2&dongle=0cfd&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 02 Jan 2024 12:34:54 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=3658&xuid=af38e5ef-962e-4c54-b33b-218628dd34a2&dongle=0cfd&gdpr=0&gdpr_consent=
date
Tue, 02 Jan 2024 12:34:54 GMT
server
Kestrel
content-length
251
ebda
eb2.3lift.com/ Frame 19BD
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTI5Njk2NjA2MTIxMzE0OTA4MjMyNQ%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 12:34:54 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 19BD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEPqyhmrBbhLwd9hBBIDLODo&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEPqyhmrBbhLwd9hBBIDLODo&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 02 Jan 2024 12:34:54 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEPqyhmrBbhLwd9hBBIDLODo&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 19BD
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTI5Njk2NjA2MTIxMzE0OTA4MjMyNQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTI5Njk2NjA2MTIxMzE0OTA4MjMyNQ%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H3
Server
142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTI5Njk2NjA2MTIxMzE0OTA4MjMyNQ%3D%3D
date
Tue, 02 Jan 2024 12:34:54 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame 19BD 		0
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1296966061213149082325&dbredirect=true&gdpr=0&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 12:34:54 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 13D5DCA213D34511BCDA705CAC9D639F Ref B: NYCEDGE1408 Ref C: 2024-01-02T12:34:54Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYN9bm8Vky6WyK7xfQk6Q==
xuid
eb2.3lift.com/ Frame 19BD
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/1296966061213149082325?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-enMA1yFE2oRZBC_atRr4_O.V97Hs_HPmwFzyfUuc5w--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-enMA1yFE2oRZBC_atRr4_O.V97Hs_HPmwFzyfUuc5w--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 02 Jan 2024 12:34:54 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Tue, 02 Jan 2024 12:34:54 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-enMA1yFE2oRZBC_atRr4_O.V97Hs_HPmwFzyfUuc5w--~A&dongle=0883
content-length
0
xuid
eb2.3lift.com/ Frame 19BD
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=1296966061213149082325&gdpr=0&gdpr_consent=${GDPR_CONSENT}
  • https://x.bidswitch.net/ul_cb/sync?ssp=triplelift&user_id=1296966061213149082325&gdpr=0&gdpr_consent=${GDPR_CONSENT}
  • https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=triplelift&bds_param=7af3ea63-67de-4d28-9d0b-84f04b46ba31
  • https://x.bidswitch.net/sync?dsp_id=340&user_id=8cf98ac7-532f-42cc-9d0b-41b684dd12eb&expires=10&ssp=triplelift&bsw_param=7af3ea63-67de-4d28-9d0b-84f04b46ba31
  • https://eb2.3lift.com/xuid?mid=2409&xuid=618de491-0017-44ae-b586-d6dd76374709&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=618de491-0017-44ae-b586-d6dd76374709&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 02 Jan 2024 12:34:54 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=618de491-0017-44ae-b586-d6dd76374709&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date
Tue, 02 Jan 2024 12:34:54 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
xuid
eb2.3lift.com/ Frame 19BD
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40...
  • https://eb2.3lift.com/xuid?mid=2711&xuid=f92ff2af-c4f3-4d29-8c69-788240200bd6&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=f92ff2af-c4f3-4d29-8c69-788240200bd6&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 02 Jan 2024 12:34:54 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:54 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://eb2.3lift.com/xuid?mid=2711&xuid=f92ff2af-c4f3-4d29-8c69-788240200bd6&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1064936
content-length
0
expires
Tue, 02 Jan 2024 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 19BD
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=9206689877130227959&dongle=4d58&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=9206689877130227959&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 02 Jan 2024 12:34:54 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:54 GMT
an-x-request-uuid
8815ec62-68e8-4c0c-82e2-ae46598bd331
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://eb2.3lift.com/xuid?mid=3335&xuid=9206689877130227959&dongle=4d58&gdpr=0&gdpr_consent=
x-proxy-origin
96.9.249.45; 96.9.249.45; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame 19BD 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=0&gdpr_consent=&uid=1296966061213149082325
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.114 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:54 GMT
an-x-request-uuid
dc7edd28-6441-4bdd-b16c-a7d7ab74e120
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.45; 96.9.249.45; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
gum.criteo.com/ Frame F79B 		88 B
327 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUM45834&prvid=2012%2C2034%2C2033%2C2055%2C2031%2C2030%2C3020%2C251%2C175%2C450%2C2009%2C550%2C178%2C233%2C2028%2C3018%2C2027%2C3017%2C214%2C236%2C237%2C117%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C2022%2C3012%2C3010%2C141%2C262%2C461%2C222%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C10000%2C404%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
31b5ac7ccffe14c8302556cb10cc23127b6e2a74f8947a8c65b4417bde2d1983
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 12:34:53 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
912729
expires
60
usync.html
eus.rubiconproject.com/ Frame AB7D
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
  • https://eus.rubiconproject.com/usync.html?p=medianet
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=medianet
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUM45834&prvid=2012%2C2034%2C2033%2C2055%2C2031%2C2030%2C3020%2C251%2C175%2C450%2C2009%2C550%2C178%2C233%2C2028%2C3018%2C2027%2C3017%2C214%2C236%2C237%2C117%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C2022%2C3012%2C3010%2C141%2C262%2C461%2C222%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C10000%2C404%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.47.170.102 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 02 Jan 2024 12:34:54 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 02 Jan 2024 12:34:54 GMT
location
https://eus.rubiconproject.com/usync.html?p=medianet
server
AkamaiGHost
cksync.html
contextual.media.net/ Frame C7AC
Redirect Chain
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3472004916634949000V10%26type%3Drkt%26refUrl%3D%26vid%3D419889444934720049166349490...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3472004916634949000V10&type=rkt&refUrl=&vid=41988944493472004916634949000V10&axid_e=&ovsid=1600704161744483559
231 B
654 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3472004916634949000V10&type=rkt&refUrl=&vid=41988944493472004916634949000V10&axid_e=&ovsid=1600704161744483559
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUM45834&prvid=2012%2C2034%2C2033%2C2055%2C2031%2C2030%2C3020%2C251%2C175%2C450%2C2009%2C550%2C178%2C233%2C2028%2C3018%2C2027%2C3017%2C214%2C236%2C237%2C117%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C2022%2C3012%2C3010%2C141%2C262%2C461%2C222%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C10000%2C404%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.168.66 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-168-66.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
95d98804a6e5f1e07cca375e5eff2d59603f175e6f35f1de42a5fd1112b0dc1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
231
content-type
text/html;charset=UTF-8
date
Tue, 02 Jan 2024 12:34:54 GMT
expires
Tue, 02 Jan 2024 12:34:54 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E

Redirect headers

Content-Length
0
Date
Tue, 02 Jan 2024 12:34:54 GMT
Location
https://contextual.media.net/cksync.html?cs=8&vsid=3472004916634949000V10&type=rkt&refUrl=&vid=41988944493472004916634949000V10&axid_e=&ovsid=1600704161744483559
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2E27 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472004916634949000V10%26type%3Dpba%26refUrl%3D%26vid%3D41988944493472004916634949000V10%26axid_e%3D%26ovsid%3DPM_UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUM45834&prvid=2012%2C2034%2C2033%2C2055%2C2031%2C2030%2C3020%2C251%2C175%2C450%2C2009%2C550%2C178%2C233%2C2028%2C3018%2C2027%2C3017%2C214%2C236%2C237%2C117%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C2022%2C3012%2C3010%2C141%2C262%2C461%2C222%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C10000%2C404%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.51.57.13 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=134234
content-encoding
gzip
content-length
5622
content-type
text/html
date
Tue, 02 Jan 2024 12:34:54 GMT
expires
Thu, 04 Jan 2024 01:52:08 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cksync.php
contextual.media.net/ Frame F79B
Redirect Chain
  • https://sync.go.sonobi.com/us?https://contextual.media.net/cksync.php?cs=8&vsid=3472004916634949000V10&type=son&refUrl=&vid=41988944493472004916634949000V10&axid_e=&ovsid=[UID]
  • https://contextual.media.net/cksync.php?cs=8&vsid=3472004916634949000V10&type=son&refUrl=&vid=41988944493472004916634949000V10&axid_e=&ovsid=0999f6f6-71e8-47bb-8d87-5de7d9f0535c
57 B
469 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3472004916634949000V10&type=son&refUrl=&vid=41988944493472004916634949000V10&axid_e=&ovsid=0999f6f6-71e8-47bb-8d87-5de7d9f0535c
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUM45834&prvid=2012%2C2034%2C2033%2C2055%2C2031%2C2030%2C3020%2C251%2C175%2C450%2C2009%2C550%2C178%2C233%2C2028%2C3018%2C2027%2C3017%2C214%2C236%2C237%2C117%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C2022%2C3012%2C3010%2C141%2C262%2C461%2C222%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C10000%2C404%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.47.168.66 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-168-66.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 02 Jan 2024 12:34:54 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
57
x-mnet-hl2
E
expires
Tue, 02 Jan 2024 12:34:54 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:54 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-38
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://contextual.media.net/cksync.php?cs=8&vsid=3472004916634949000V10&type=son&refUrl=&vid=41988944493472004916634949000V10&axid_e=&ovsid=0999f6f6-71e8-47bb-8d87-5de7d9f0535c
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
cksync.html
contextual.media.net/ Frame F79B
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3472004916634949...
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D34720049166...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3472004916634949000V10&type=opx&refUrl=&vid=41988944493472004916634949000V10&axid_e=&ovsid=444ff40e-fa15-02d1-1485-a2427f771eda
231 B
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3472004916634949000V10&type=opx&refUrl=&vid=41988944493472004916634949000V10&axid_e=&ovsid=444ff40e-fa15-02d1-1485-a2427f771eda
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUM45834&prvid=2012%2C2034%2C2033%2C2055%2C2031%2C2030%2C3020%2C251%2C175%2C450%2C2009%2C550%2C178%2C233%2C2028%2C3018%2C2027%2C3017%2C214%2C236%2C237%2C117%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C2022%2C3012%2C3010%2C141%2C262%2C461%2C222%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C10000%2C404%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.47.168.66 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-168-66.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 02 Jan 2024 12:34:54 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
text/html;charset=UTF-8
cache-control
max-age=0, no-cache, no-store
content-length
231
x-mnet-hl2
E
expires
Tue, 02 Jan 2024 12:34:54 GMT

Redirect headers

date
Tue, 02 Jan 2024 12:34:54 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://contextual.media.net/cksync.html?cs=8&vsid=3472004916634949000V10&type=opx&refUrl=&vid=41988944493472004916634949000V10&axid_e=&ovsid=444ff40e-fa15-02d1-1485-a2427f771eda
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cksync.php
contextual.media.net/ Frame F79B
Redirect Chain
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472004916634949000V10%26type%3Dr1%26refUrl%3D%26vid%3D41988944493472004916...
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&zcc=1&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472004916634949000V10%26type%3Dr1%26refUrl%3D%26vid%3D41988944493472...
  • https://ad.turn.com/r/cs?pid=45&rndcb=3686212573
  • https://sync.1rx.io/usersync/turn/4552696001463320161?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-13408c71-979d-4506-9ca8-9f7d48bced75-005?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472004916634949000V10%26type%3Dr1%2...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3472004916634949000V10&type=r1&refUrl=&vid=41988944493472004916634949000V10&axid_e=&ovsid=RX-13408c71-979d-4506-9ca8-9f7d48bced75-005
57 B
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3472004916634949000V10&type=r1&refUrl=&vid=41988944493472004916634949000V10&axid_e=&ovsid=RX-13408c71-979d-4506-9ca8-9f7d48bced75-005
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUM45834&prvid=2012%2C2034%2C2033%2C2055%2C2031%2C2030%2C3020%2C251%2C175%2C450%2C2009%2C550%2C178%2C233%2C2028%2C3018%2C2027%2C3017%2C214%2C236%2C237%2C117%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C2022%2C3012%2C3010%2C141%2C262%2C461%2C222%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C10000%2C404%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.47.168.66 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-168-66.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 02 Jan 2024 12:34:54 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
57
x-mnet-hl2
E
expires
Tue, 02 Jan 2024 12:34:54 GMT

Redirect headers

location
https://contextual.media.net/cksync.php?cs=8&vsid=3472004916634949000V10&type=r1&refUrl=&vid=41988944493472004916634949000V10&axid_e=&ovsid=RX-13408c71-979d-4506-9ca8-9f7d48bced75-005
date
Tue, 02 Jan 2024 12:34:54 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX13408c71979d45069ca89f7d48bced75005
content-type
text/html
cksync.php
contextual.media.net/ Frame F79B
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472004916634949000V10%26type%3Ddxu%26refUrl%3D%26vid%3D41988944493472004916634...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472004916634949000V10%26type%3Ddxu%26refUrl%3D%26vid%3D41988944493472004...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3472004916634949000V10&type=dxu&refUrl=&vid=41988944493472004916634949000V10&axid_e=&ovsid=EZLUh37U1RkDYW5
57 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3472004916634949000V10&type=dxu&refUrl=&vid=41988944493472004916634949000V10&axid_e=&ovsid=EZLUh37U1RkDYW5
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUM45834&prvid=2012%2C2034%2C2033%2C2055%2C2031%2C2030%2C3020%2C251%2C175%2C450%2C2009%2C550%2C178%2C233%2C2028%2C3018%2C2027%2C3017%2C214%2C236%2C237%2C117%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C2022%2C3012%2C3010%2C141%2C262%2C461%2C222%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C10000%2C404%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.47.168.66 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-168-66.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 02 Jan 2024 12:34:54 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
57
x-mnet-hl2
E
expires
Tue, 02 Jan 2024 12:34:54 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 12:34:53 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-0f09d969c4ca0aff7@us-east-1e@dxedge-app-us-east-1-prod-asg
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3472004916634949000V10&type=dxu&refUrl=&vid=41988944493472004916634949000V10&axid_e=&ovsid=EZLUh37U1RkDYW5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame F79B
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsi...
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=f92ff2af-c4f3-4d29-8c69-788240200bd6&gdpr=0&gdpr_consent=&us_privacy=
57 B
619 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=f92ff2af-c4f3-4d29-8c69-788240200bd6&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUM45834&prvid=2012%2C2034%2C2033%2C2055%2C2031%2C2030%2C3020%2C251%2C175%2C450%2C2009%2C550%2C178%2C233%2C2028%2C3018%2C2027%2C3017%2C214%2C236%2C237%2C117%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C2022%2C3012%2C3010%2C141%2C262%2C461%2C222%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C10000%2C404%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.47.168.66 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-168-66.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 02 Jan 2024 12:34:54 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
57
x-mnet-hl2
E
expires
Tue, 02 Jan 2024 12:34:54 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:53 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=f92ff2af-c4f3-4d29-8c69-788240200bd6&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
6059380
content-length
0
expires
Tue, 02 Jan 2024 00:00:00 GMT
cksync.php
contextual.media.net/ Frame F79B
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://x.bidswitch.net/ul_cb/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://server.cpmstar.com/usersync.aspx?bsw_custom_parameter=618de491-0017-44ae-b586-d6dd76374709&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D440%26ss...
  • https://x.bidswitch.net/sync?dsp_id=440&ssp=medianet&user_id=Q7HEbcmV3HYhtOdJJ05b0
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=618de491-0017-44ae-b586-d6dd76374709&gdpr=&gdpr_consent=&gdpr_pd=
57 B
468 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=618de491-0017-44ae-b586-d6dd76374709&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUM45834&prvid=2012%2C2034%2C2033%2C2055%2C2031%2C2030%2C3020%2C251%2C175%2C450%2C2009%2C550%2C178%2C233%2C2028%2C3018%2C2027%2C3017%2C214%2C236%2C237%2C117%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C2022%2C3012%2C3010%2C141%2C262%2C461%2C222%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C10000%2C404%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.47.168.66 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-168-66.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 02 Jan 2024 12:34:54 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
57
x-mnet-hl2
E
expires
Tue, 02 Jan 2024 12:34:54 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?cs=1&type=bs&ovsid=618de491-0017-44ae-b586-d6dd76374709&gdpr=&gdpr_consent=&gdpr_pd=
Date
Tue, 02 Jan 2024 12:34:54 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cksync.php
contextual.media.net/ Frame F79B
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?puid=${VSID}&cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__
  • https://contextual.media.net/cksync.php?cs=1&type=zem&ovsid=SPy5dD86EshfZHztDSOp
57 B
459 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=zem&ovsid=SPy5dD86EshfZHztDSOp
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUM45834&prvid=2012%2C2034%2C2033%2C2055%2C2031%2C2030%2C3020%2C251%2C175%2C450%2C2009%2C550%2C178%2C233%2C2028%2C3018%2C2027%2C3017%2C214%2C236%2C237%2C117%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C2022%2C3012%2C3010%2C141%2C262%2C461%2C222%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C10000%2C404%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.47.168.66 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-168-66.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 02 Jan 2024 12:34:54 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
57
x-mnet-hl2
E
expires
Tue, 02 Jan 2024 12:34:54 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 12:34:54 GMT
Content-Type
text/html; charset=utf-8
Location
https://contextual.media.net/cksync.php?cs=1&type=zem&ovsid=SPy5dD86EshfZHztDSOp
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
111
Expires
Thu, 01 Dec 1994 16:00:00 GMT
cksync.php
contextual.media.net/ Frame F79B
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3472004916634949000V10
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3472004916634949000V10
  • https://contextual.media.net/cksync.php?type=mf&ovsid=b1773a14-06a8-468a-b46a-396139fa559a&cs=1
57 B
468 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=mf&ovsid=b1773a14-06a8-468a-b46a-396139fa559a&cs=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUM45834&prvid=2012%2C2034%2C2033%2C2055%2C2031%2C2030%2C3020%2C251%2C175%2C450%2C2009%2C550%2C178%2C233%2C2028%2C3018%2C2027%2C3017%2C214%2C236%2C237%2C117%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C2022%2C3012%2C3010%2C141%2C262%2C461%2C222%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C10000%2C404%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.47.168.66 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-168-66.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 02 Jan 2024 12:34:54 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
57
x-mnet-hl2
E
expires
Tue, 02 Jan 2024 12:34:54 GMT

Redirect headers

location
//contextual.media.net/cksync.php?type=mf&ovsid=b1773a14-06a8-468a-b46a-396139fa559a&cs=1
date
Tue, 02 Jan 2024 12:34:54 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cksync
cs.media.net/ Frame F79B
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=af38e5ef-962e-4c54-b33b-218628dd34a2
57 B
454 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=af38e5ef-962e-4c54-b33b-218628dd34a2
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUM45834&prvid=2012%2C2034%2C2033%2C2055%2C2031%2C2030%2C3020%2C251%2C175%2C450%2C2009%2C550%2C178%2C233%2C2028%2C3018%2C2027%2C3017%2C214%2C236%2C237%2C117%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C2022%2C3012%2C3010%2C141%2C262%2C461%2C222%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C10000%2C404%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.199.48.23 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-199-48-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:54 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
57
x-mnet-hl2
E
expires
Tue, 02 Jan 2024 12:34:54 GMT

Redirect headers

location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=af38e5ef-962e-4c54-b33b-218628dd34a2
date
Tue, 02 Jan 2024 12:34:54 GMT
server
Kestrel
content-length
199
async_usersync
ib.adnxs.com/ Frame 22D8 		0
593 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.114 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:54 GMT
an-x-request-uuid
97a4a214-8ea8-4eab-adea-229a53864349
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.45; 96.9.249.45; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
log
c21lg-d.media.net/ Frame F79B 		35 B
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&origin=1&pvgid=data-c&ovsid=M1X8bPGYSGZu8eFUTxi3MonQBMJ_YksP&cs=15&vsid=3472004916634949000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUM45834&prvid=2012%2C2034%2C2033%2C2055%2C2031%2C2030%2C3020%2C251%2C175%2C450%2C2009%2C550%2C178%2C233%2C2028%2C3018%2C2027%2C3017%2C214%2C236%2C237%2C117%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C2022%2C3012%2C3010%2C141%2C262%2C461%2C222%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C10000%2C404%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.199.48.23 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-199-48-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 02 Jan 2024 12:34:54 GMT
cache-control
max-age=0, no-cache, no-store
expires
Tue, 02 Jan 2024 12:34:54 GMT
content-length
35
content-type
image/gif
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=GHqbQXxkTmx3VC9CN3Vnd1hHU3NvSXVaWitlNi9IR2J2M3F1U0RlTk85eFgyNmQ0ZmNaUlV3TExENm93UHpYVzJoVFdoMkRMWjRRSEhWTUU0ZDg3TUtnTDg1cU9BeW4vVjJlcXJxeG5vaHA4bTNub0x6VzMraSt5cGYzTUE1MzN6ckxRMWhJS29ETUt6Wk1kOXBNY3FuQ21SS1pRa2lId25ySkYvMkRnYUQySXFhemFsOGgvdW4rUUFqV0ZEVS9QeEhIZkdOTkxRVDZQSjhNMk1STWZoZ3JmdGRZMTYzazloNHpTU0hpc1R0aGJiekd6Y0oxc25SRDBwamM0VFI5cWhodmdvNjBSeVM4MmlLTGU4OXBaVmNiYjBoNTNtTDV3QWdSemxrK1FYQU1xdkVreDR2aU4vLytkcmU1aWpIbklxUTNLUHw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 02 Jan 2024 12:34:53 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
373036
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
req
cdn.navdmp.com/ 		6 B
77 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.navdmp.com/req?v=7&id=13e91a9f1d3a0d2ca0b908c24410%7C0&acc=46575&tit=Enquete%2520BBB%2520-%2520Votar%2520BBB%252023&url=https%253A%2F%2Fapp.bigonline.top.enquetebbb.com.br%2F&upd=1&new=1&h1=A%2520Fazenda%252015%253A%2520Qual%2520foi%2520seu%2520pe%25E3o%2520favorito%253F
Requested by
Host: tag.navdmp.com
URL: https://tag.navdmp.com/universal.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:bf3 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 12:34:54 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
83f309f2cc216aee-BUF
content-length
6
content-type
application/x-javascript
sync
sync2.navdmp.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=85515214621
  • https://sync2.navdmp.com/sync?prtid=2&id=85515214621&google_gid=CAESEBBcFkijltzDL10FSuDM09g&google_cver=1
6 B
57 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync2.navdmp.com/sync?prtid=2&id=85515214621&google_gid=CAESEBBcFkijltzDL10FSuDM09g&google_cver=1
Protocol
H2
Server
2606:4700::6810:bf3 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 12:34:54 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
83f309f30c396aee-BUF
content-length
6
content-type
application/javascript

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync2.navdmp.com/sync?prtid=2&id=85515214621&google_gid=CAESEBBcFkijltzDL10FSuDM09g&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
sync.navdmp.com/
Redirect Chain
  • https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D
  • https://sync.navdmp.com/sync?img=1&mdia=49e16594-02ee-4900-bff3-e5b9a3a264b7
43 B
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.navdmp.com/sync?img=1&mdia=49e16594-02ee-4900-bff3-e5b9a3a264b7
Protocol
H2
Server
2606:4700::6810:bf3 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 12:34:54 GMT
cf-cache-status
DYNAMIC
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
cloudflare
cf-ray
83f309f37c5b6aee-BUF
content-length
43
content-type
image/gif

Redirect headers

Date
Tue, 02 Jan 2024 12:34:54 GMT
Server
MT3 1237 600843f master iad iad-pixel-x23 config_version:"2793"
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Location
https://sync.navdmp.com/sync?img=1&mdia=49e16594-02ee-4900-bff3-e5b9a3a264b7
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Expires
Tue, 02 Jan 2024 12:34:53 GMT
cms
ups.analytics.yahoo.com/ups/58727/
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=NAVEG
  • https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG
0
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG
Protocol
H2
Server
3.225.218.10 -, , ASN (),
Reverse DNS
Software
ATS/9.1.10.94 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.bigonline.top.enquetebbb.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 12:34:54 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG
date
Tue, 02 Jan 2024 12:34:54 GMT
cache-control
no-store
content-type
text/html
server
ATS/9.1.10.94
content-length
344
content-language
en
usync.js
eus.rubiconproject.com/ Frame FC5D 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.47.170.102 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
2a28c42fa0b2b8d6ef406cc533e6067f53b4286dcfe977a5a0d897aed19a24de

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 12:34:54 GMT
Content-Encoding
gzip
Last-Modified
Tue, 02 Jan 2024 09:44:07 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=76146
Connection
keep-alive
Content-Length
13174
Expires
Wed, 03 Jan 2024 09:44:00 GMT
khaos.json
token.rubiconproject.com/ Frame FC5D 		7 B
820 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
e71ccbe96f42d70fa40603ada4c96b28
Expires
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 2E27 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=78221266&p=159463&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472004916634949000V10%26type%3Dpba%26refUrl%3D%26vid%3D41988944493472004916634949000V10%26axid_e%3D%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.81 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
eebbb84e1a8cc69064eff36ef286f57c7df7a2708b59e264981bf83d30516f86

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Tue, 02 Jan 2024 12:34:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usync.js
eus.rubiconproject.com/ Frame AB7D 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.47.170.102 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
2a28c42fa0b2b8d6ef406cc533e6067f53b4286dcfe977a5a0d897aed19a24de

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=medianet
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 12:34:54 GMT
Content-Encoding
gzip
Last-Modified
Tue, 02 Jan 2024 09:44:07 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=76146
Connection
keep-alive
Content-Length
13174
Expires
Wed, 03 Jan 2024 09:44:00 GMT
khaos.json
token.rubiconproject.com/ Frame AB7D 		7 B
820 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
19ea072139d67f7022c6e463249c998e
Expires
0
dcm
s.amazon-adsystem.com/ Frame CB1D
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=C0601E02-970D-4920-82C3-AA8D8C480787&redir=true&gdpr=0&gdpr_consent=
  • https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=C0601E02-970D-4920-82C3-AA8D8C480787&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=C0601E02-970D-4920-82C3-AA8D8C480787&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472004916634949000V10%26type%3Dpba%26refUrl%3D%26vid%3D41988944493472004916634949000V10%26axid_e%3D%26ovsid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 02 Jan 2024 12:34:54 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
3YK3QS38VDKR8PM834M3

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Tue, 02 Jan 2024 12:34:54 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=C0601E02-970D-4920-82C3-AA8D8C480787&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
E1Q0DJVTQ1E4JJ4J5FKQ
141
match.deepintent.com/usersync/ Frame D8A0 		0
338 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472004916634949000V10%26type%3Dpba%26refUrl%3D%26vid%3D41988944493472004916634949000V10%26axid_e%3D%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 -, , ASN (),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
0
content-type
image/gif
date
Tue, 02 Jan 2024 12:34:53 GMT
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
server
b
Pug
image2.pubmatic.com/AdServer/ Frame 9F25
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFaTNFN0xLQVlBQUJPMFkxLXZTUQ&gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Csas%2Cpp%2Cpm&bee_sync_current_partner=adx&b...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Csas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://sync.technoratimedia.com/services?uid=AAEi3E7LKAYAABO0Y1-vSQ&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpp%252Cpm%26bee_sync_cu...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=2
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAEi3E7LKAYAABO0Y1-vSQ&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=5366406421068034784&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?ev=AAEi3E7LKAYAABO0Y1-vSQ&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D5366406421068034784%26gdpr%3D0%26gdpr_consen...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=5366406421068034784&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=4&ev=AAEi3E7...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEi3E7LKAYAABO0Y1-vSQ&gdpr=0&gdpr_consent=
42 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEi3E7LKAYAABO0Y1-vSQ&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472004916634949000V10%26type%3Dpba%26refUrl%3D%26vid%3D41988944493472004916634949000V10%26axid_e%3D%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 02 Jan 2024 02:06:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Tue, 02 Jan 2024 12:34:55 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEi3E7LKAYAABO0Y1-vSQ&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 5FBD
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=9206689877130227959&gdpr=0&gdpr_consent=
42 B
447 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=9206689877130227959&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472004916634949000V10%26type%3Dpba%26refUrl%3D%26vid%3D41988944493472004916634949000V10%26axid_e%3D%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 02 Jan 2024 01:53:23 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
8ac6fabe-29e3-4f25-b17b-281bd5bb2c40
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 12:34:54 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=9206689877130227959&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
96.9.249.45; 96.9.249.45; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame AA05 		85 B
260 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472004916634949000V10%26type%3Dpba%26refUrl%3D%26vid%3D41988944493472004916634949000V10%26axid_e%3D%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Tue, 02 Jan 2024 12:34:54 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yyz4562-YYZ
x-timer
S1704198895.702010,VS0,VE41
Pug
simage2.pubmatic.com/AdServer/ Frame 0DB6
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=5510a11c-a96b-11ee-acd8-c5cd5cccdf0b
42 B
389 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=5510a11c-a96b-11ee-acd8-c5cd5cccdf0b
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472004916634949000V10%26type%3Dpba%26refUrl%3D%26vid%3D41988944493472004916634949000V10%26axid_e%3D%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 02 Jan 2024 01:35:08 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Tue, 02 Jan 2024 12:34:54 GMT
Expires
Thu, 23 Sep 2004 17:42:04 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=5510a11c-a96b-11ee-acd8-c5cd5cccdf0b
P3P
CP="NOI OTC OTP OUR NOR"
Pragma
no-cache
X-RealServer-NX
lga-delivery-8
server
Cowboy
Pug
image2.pubmatic.com/AdServer/ Frame B5EE
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=8jQhQvQzfU_pNnkXomI1E6I2LhfpNCsUoTFnDt-r
42 B
339 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=8jQhQvQzfU_pNnkXomI1E6I2LhfpNCsUoTFnDt-r
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472004916634949000V10%26type%3Dpba%26refUrl%3D%26vid%3D41988944493472004916634949000V10%26axid_e%3D%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 02 Jan 2024 12:34:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Tue, 02 Jan 2024 12:34:54 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=8jQhQvQzfU_pNnkXomI1E6I2LhfpNCsUoTFnDt-r
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame F622
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://rtb.adstanding.com/ssp/bidswitch/cookie?bidswitch_ssp_id=pubmatic&bidswitch_custom_parameter=618de491-0017-44ae-b586-d6dd76374709
  • https://x.bidswitch.net/sync?dsp_id=317&user_id=8a0735ab52839512c19c5aa6c9c7c525&expires=30&ssp=pubmatic&bsw_param=618de491-0017-44ae-b586-d6dd76374709
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=618de491-0017-44ae-b586-d6dd76374709&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
1 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=618de491-0017-44ae-b586-d6dd76374709&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472004916634949000V10%26type%3Dpba%26refUrl%3D%26vid%3D41988944493472004916634949000V10%26axid_e%3D%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 01:53:04 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Tue, 02 Jan 2024 12:34:54 GMT
Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=618de491-0017-44ae-b586-d6dd76374709&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 484F
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=HLiTh2iyUpl_l7NZChyoE2AJ-S0&gdpr=0&gdpr_consent=
42 B
377 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=HLiTh2iyUpl_l7NZChyoE2AJ-S0&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472004916634949000V10%26type%3Dpba%26refUrl%3D%26vid%3D41988944493472004916634949000V10%26axid_e%3D%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 02 Jan 2024 12:34:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Tue, 02 Jan 2024 12:34:54 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=HLiTh2iyUpl_l7NZChyoE2AJ-S0&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame EA0F
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:EZLUh37U1RkDYW5&gdpr=0&gdpr_consent=
42 B
300 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:EZLUh37U1RkDYW5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472004916634949000V10%26type%3Dpba%26refUrl%3D%26vid%3D41988944493472004916634949000V10%26axid_e%3D%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 02 Jan 2024 01:35:08 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Tue, 02 Jan 2024 12:34:54 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:EZLUh37U1RkDYW5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-03e8869aed321456e@us-east-1e@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 5D91
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1600704161744483559
42 B
424 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1600704161744483559
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472004916634949000V10%26type%3Dpba%26refUrl%3D%26vid%3D41988944493472004916634949000V10%26axid_e%3D%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 02 Jan 2024 12:34:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Tue, 02 Jan 2024 12:34:54 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1600704161744483559
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
pbmtc.gif
beacon.lynx.cognitivlabs.com/ Frame B1C8
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=43f46dcd-38cc-4113-acb4-64ec0faec9ef&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=$...
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=C0601E02-970D-4920-82C3-AA8D8C480787
42 B
493 B 		Document
General
Check archive.org
Download Go to
Full URL
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=C0601E02-970D-4920-82C3-AA8D8C480787
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472004916634949000V10%26type%3Dpba%26refUrl%3D%26vid%3D41988944493472004916634949000V10%26axid_e%3D%26ovsid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.232.179.229 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
42
Content-Type
image/gif
Date
Tue, 02 Jan 2024 12:34:54 GMT
Server
Kestrel

Redirect headers

cache-control
no-store, no-cache, private
date
Tue, 02 Jan 2024 12:34:53 GMT
location
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=C0601E02-970D-4920-82C3-AA8D8C480787
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
i.match
a.tribalfusion.com/ Frame 3DDB 		43 B
490 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472004916634949000V10%26type%3Dpba%26refUrl%3D%26vid%3D41988944493472004916634949000V10%26axid_e%3D%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
83f309f41a454bc1-BUF
content-length
43
content-type
image/gif; charset=utf-8
date
Tue, 02 Jan 2024 12:34:54 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302
Pug
simage2.pubmatic.com/AdServer/ Frame B05C
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472004916634949000V10%26type%3Dpba%26refUrl%3D%26vid%3D41988944493472004916634949000V10%26axid_e%3D%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 02 Jan 2024 02:05:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 12:34:54 GMT
expires
Tue, 02 Jan 2024 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
1204164
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
image2.pubmatic.com/AdServer/ Frame D163
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU175dd950f095451fad05ca720b810bdc
42 B
357 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU175dd950f095451fad05ca720b810bdc
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472004916634949000V10%26type%3Dpba%26refUrl%3D%26vid%3D41988944493472004916634949000V10%26axid_e%3D%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 02 Jan 2024 01:53:23 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
166
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 12:34:54 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU175dd950f095451fad05ca720b810bdc
pragma
no-cache
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 5FAC
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=6
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=871892442096
42 B
287 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=871892442096
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472004916634949000V10%26type%3Dpba%26refUrl%3D%26vid%3D41988944493472004916634949000V10%26axid_e%3D%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 02 Jan 2024 02:03:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=871892442096
Pug
simage2.pubmatic.com/AdServer/ Frame 71E8
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472004916634949000V10%26type%3Dpba%26refUrl%3D%26vid%3D41988944493472004916634949000V10%26axid_e%3D%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 12:34:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Tue, 02 Jan 2024 12:34:54 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
cksync.php
contextual.media.net/ Frame B409 		57 B
470 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3472004916634949000V10&type=pba&refUrl=&vid=41988944493472004916634949000V10&axid_e=&ovsid=C0601E02-970D-4920-82C3-AA8D8C480787
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472004916634949000V10%26type%3Dpba%26refUrl%3D%26vid%3D41988944493472004916634949000V10%26axid_e%3D%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.47.168.66 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-168-66.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
57
content-type
image/gif
date
Tue, 02 Jan 2024 12:34:54 GMT
expires
Tue, 02 Jan 2024 12:34:54 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
x-mnet-hl2
E
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2E27
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=wGAeApcNSSCCw6qNjEgHhw%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472004916634949000V10%26type%3Dpba%26refUrl%3D%26vid%3D41988944493472004916634949000V10%26axid_e%3D%26ovsid%3DPM_UID
Protocol
H2
Server
23.51.57.13 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 12:34:54 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=134234
accept-ranges
bytes
content-length
5622
expires
Thu, 04 Jan 2024 01:52:08 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame 2E27
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=C0601E02-970D-4920-82C3-AA8D8C480787
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=C0601E02-970D-4920-82C3-AA8D8C480787
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=d3df6546-ef2d-43dc-b804-20c211c5a134%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=af38e5ef-962e-4c54-b33b-218628dd34a2&ttd_puid=d3df6546-ef2d-43dc-b804-20c211c5a134%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=af38e5ef-962e-4c54-b33b-218628dd34a2&ttd_puid=d3df6546-ef2d-43dc-b804-20c211c5a134%2C%2C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472004916634949000V10%26type%3Dpba%26refUrl%3D%26vid%3D41988944493472004916634949000V10%26axid_e%3D%26ovsid%3DPM_UID
Protocol
H3
Server
34.111.113.62 -, , ASN (),
Reverse DNS
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 12:34:54 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=af38e5ef-962e-4c54-b33b-218628dd34a2&ttd_puid=d3df6546-ef2d-43dc-b804-20c211c5a134%2C%2C
date
Tue, 02 Jan 2024 12:34:54 GMT
server
Kestrel
content-length
359
FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3A...
us01.z.antigena.com/l/ Frame 2E27 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%20C0601E02-970D-4920-82C3-AA8D8C480787&rnd=RND
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472004916634949000V10%26type%3Dpba%26refUrl%3D%26vid%3D41988944493472004916634949000V10%26axid_e%3D%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
40.76.134.238 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
xuid
eb2.3lift.com/ Frame 2E27 		37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7976&xuid=C0601E02-970D-4920-82C3-AA8D8C480787&dongle=u6nf&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472004916634949000V10%26type%3Dpba%26refUrl%3D%26vid%3D41988944493472004916634949000V10%26axid_e%3D%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 02 Jan 2024 12:34:54 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
Pug
image2.pubmatic.com/AdServer/ Frame 2E27
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzA2MDFFMDItOTcwRC00OTIwLTgyQzMtQUE4RDhDNDgwNzg3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472004916634949000V10%26type%3Dpba%26refUrl%3D%26vid%3D41988944493472004916634949000V10%26axid_e%3D%26ovsid%3DPM_UID
Protocol
H2
Server
8.28.7.83 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 02 Jan 2024 02:06:20 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 2E27
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAEMl33ySKEPRqrB3Vvj8DA&google_cver=1
42 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAEMl33ySKEPRqrB3Vvj8DA&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472004916634949000V10%26type%3Dpba%26refUrl%3D%26vid%3D41988944493472004916634949000V10%26axid_e%3D%26ovsid%3DPM_UID
Protocol
H2
Server
8.28.7.83 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 02 Jan 2024 12:34:54 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAEMl33ySKEPRqrB3Vvj8DA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 2E27
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:9D8A318B020A4D588B4CC29AC1211ACB
42 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:9D8A318B020A4D588B4CC29AC1211ACB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472004916634949000V10%26type%3Dpba%26refUrl%3D%26vid%3D41988944493472004916634949000V10%26axid_e%3D%26ovsid%3DPM_UID
Protocol
H2
Server
8.28.7.83 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 02 Jan 2024 12:34:54 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Tue, 02 Jan 2024 12:34:54 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:9D8A318B020A4D588B4CC29AC1211ACB
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 01 Jan 2024 12:34:54 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 2E27
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=af38e5ef-962e-4c54-b33b-218628dd34a2&gdpr=0&gdpr_consent=
42 B
392 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=af38e5ef-962e-4c54-b33b-218628dd34a2&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472004916634949000V10%26type%3Dpba%26refUrl%3D%26vid%3D41988944493472004916634949000V10%26axid_e%3D%26ovsid%3DPM_UID
Protocol
H2
Server
8.28.7.83 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 02 Jan 2024 02:05:20 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=af38e5ef-962e-4c54-b33b-218628dd34a2&gdpr=0&gdpr_consent=
date
Tue, 02 Jan 2024 12:34:54 GMT
server
Kestrel
content-length
355
C0601E02-970D-4920-82C3-AA8D8C480787
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 2E27 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/C0601E02-970D-4920-82C3-AA8D8C480787?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472004916634949000V10%26type%3Dpba%26refUrl%3D%26vid%3D41988944493472004916634949000V10%26axid_e%3D%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a07:8d75:79f2:fdf1:69ff Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 12:34:54 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame 2E27
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=C0601E02-970D-4920-82C3-AA8D8C480787&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-huxRaL9E2uXaUbS02EfcRO5jaDlPPnU-~A&gdpr=0
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-huxRaL9E2uXaUbS02EfcRO5jaDlPPnU-~A&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472004916634949000V10%26type%3Dpba%26refUrl%3D%26vid%3D41988944493472004916634949000V10%26axid_e%3D%26ovsid%3DPM_UID
Protocol
H2
Server
162.248.18.34 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 12:34:54 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-huxRaL9E2uXaUbS02EfcRO5jaDlPPnU-~A&gdpr=0
date
Tue, 02 Jan 2024 12:34:54 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 2E27
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=3b668e52-a230-4448-b403-896f63457504&gdpr=0&gdpr_consent=
1 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=3b668e52-a230-4448-b403-896f63457504&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472004916634949000V10%26type%3Dpba%26refUrl%3D%26vid%3D41988944493472004916634949000V10%26axid_e%3D%26ovsid%3DPM_UID
Protocol
H2
Server
8.28.7.83 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 12:34:54 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=3b668e52-a230-4448-b403-896f63457504&gdpr=0&gdpr_consent=
Date
Tue, 02 Jan 2024 12:34:54 GMT
Connection
keep-alive
X-CI-RTID
5777e1c9-cbf1-451b-81b4-9bd09b8af3da
Content-Length
205
Content-Type
text/html; charset=utf-8
Pug
simage2.pubmatic.com/AdServer/ Frame 2E27
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=C0601E02-970D-4920-82C3-AA8D8C480787&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=44c634b3d6a610ff&is_secure=true&networkId=17100&version=1&nuid=C0601E02-970D-4920-82C3-AA8D8C480787&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAFzWpyI2y9KQNKvVHvAAAAAAA&expiration=1704285294&nuid=C0601E02-970D-4920-82C3-AA8D8C480787&...
42 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAFzWpyI2y9KQNKvVHvAAAAAAA&expiration=1704285294&nuid=C0601E02-970D-4920-82C3-AA8D8C480787&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472004916634949000V10%26type%3Dpba%26refUrl%3D%26vid%3D41988944493472004916634949000V10%26axid_e%3D%26ovsid%3DPM_UID
Protocol
H2
Server
8.28.7.83 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 02 Jan 2024 02:06:01 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:54 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAFzWpyI2y9KQNKvVHvAAAAAAA&expiration=1704285294&nuid=C0601E02-970D-4920-82C3-AA8D8C480787&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
sn.ashx
pmp.mxptint.net/ Frame 2E27
Redirect Chain
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R35CA5_10EA86277_176F8DB3&r=https://pmp.mxptint.net/sn.ashx?ak=1
  • https://pmp.mxptint.net/sn.ashx?ak=1
43 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pmp.mxptint.net/sn.ashx?ak=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472004916634949000V10%26type%3Dpba%26refUrl%3D%26vid%3D41988944493472004916634949000V10%26axid_e%3D%26ovsid%3DPM_UID
Protocol
HTTP/1.1
Server
38.68.201.140 Ashburn, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=-387203694; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Expires
-1
Pragma
no-cache
Date
Tue, 02 Jan 2024 12:34:54 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=-387203694; includeSubDomains
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://pmp.mxptint.net/sn.ashx?ak=1
date
Tue, 02 Jan 2024 12:34:54 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame 2E27 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472004916634949000V10%26type%3Dpba%26refUrl%3D%26vid%3D41988944493472004916634949000V10%26axid_e%3D%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.223.16.170 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 12:34:54 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 2E27
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8011460515283861089&gdpr=0&gdpr_consent=&us_privacy=
1 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8011460515283861089&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472004916634949000V10%26type%3Dpba%26refUrl%3D%26vid%3D41988944493472004916634949000V10%26axid_e%3D%26ovsid%3DPM_UID
Protocol
H2
Server
8.28.7.83 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 02 Jan 2024 02:06:28 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8011460515283861089&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Tue, 02 Jan 2024 12:34:54 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
image2.pubmatic.com/AdServer/ Frame 2E27
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=f785e243-effd-4840-b131-239d9e1a979e-659402ee-5553&gdpr=0&gdpr_consent=
42 B
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=f785e243-effd-4840-b131-239d9e1a979e-659402ee-5553&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472004916634949000V10%26type%3Dpba%26refUrl%3D%26vid%3D41988944493472004916634949000V10%26axid_e%3D%26ovsid%3DPM_UID
Protocol
H2
Server
8.28.7.83 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 02 Jan 2024 02:06:28 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:54 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=f785e243-effd-4840-b131-239d9e1a979e-659402ee-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 2E27
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8447736855382576817
42 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8447736855382576817
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3472004916634949000V10%26type%3Dpba%26refUrl%3D%26vid%3D41988944493472004916634949000V10%26axid_e%3D%26ovsid%3DPM_UID
Protocol
H2
Server
8.28.7.83 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 02 Jan 2024 01:53:04 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8447736855382576817
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
cksync.php
contextual.media.net/ Frame AB7D
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=LQWC0MKO-1M-GO5E
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=LQWC0MKO-1M-GO5E
57 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=rbcn&ovsid=LQWC0MKO-1M-GO5E
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUM45834&prvid=2012%2C2034%2C2033%2C2055%2C2031%2C2030%2C3020%2C251%2C175%2C450%2C2009%2C550%2C178%2C233%2C2028%2C3018%2C2027%2C3017%2C214%2C236%2C237%2C117%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C2022%2C3012%2C3010%2C141%2C262%2C461%2C222%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C10000%2C404%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.47.168.66 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-168-66.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 02 Jan 2024 12:34:55 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
57
x-mnet-hl2
E
expires
Tue, 02 Jan 2024 12:34:55 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://contextual.media.net/cksync.php?type=rbcn&ovsid=LQWC0MKO-1M-GO5E
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
2fcb300b847bad3e7dd1184ec8a1c2f5
Expires
0
pixel
cm.g.doubleclick.net/ Frame FC5D
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFFXQzBNS08tMU0tR081RQ==
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMTJuohpAmyyGK9JPa6J8QA&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFXQzBNS08tMU0tR081RQ==&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFXQzBNS08tMU0tR081RQ==&google_push=
Protocol
H3
Server
142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFFXQzBNS08tMU0tR081RQ==&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0b388c490ecfef74be7d13328a4f3ac3
Expires
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame FC5D 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.228.200 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 12:34:55 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
V90627ZTTC7E8V0B9HD5
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
setuid
px.ads.linkedin.com/ Frame FC5D
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQWC0MKO-1M-GO5E
0
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQWC0MKO-1M-GO5E
Protocol
H2
Server
2620:1ec:21::14 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 12:34:54 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 676CFE6076A4460DB7F17AAD0D0FD2C6 Ref B: NYCEDGE1408 Ref C: 2024-01-02T12:34:54Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYN9bnCKPYv+Hoz5cz7gg==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LQWC0MKO-1M-GO5E
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
44e748b6247b033344ab4f6b8c0f8cbb
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame FC5D
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=WAJNDFX9SWu-Q3EtjqZAvQ&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=WAJNDFX9SWu-Q3EtjqZAvQ
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=WAJNDFX9SWu-Q3EtjqZAvQ
Protocol
HTTP/1.1
Server
52.46.130.91 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 12:34:55 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
F8MBPBTHP9ZAJWJKHT6X
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=WAJNDFX9SWu-Q3EtjqZAvQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0228ab361cece0438ff9eb16e4e5890e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame FC5D
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OGZmNmRkNDc4OTQzOWM5N2U4ZGFiMjQ5ODM0YTRmYTNkNzFkYzJjYg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OGZmNmRkNDc4OTQzOWM5N2U4ZGFiMjQ5ODM0YTRmYTNkNzFkYzJjYg
Protocol
H3
Server
142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OGZmNmRkNDc4OTQzOWM5N2U4ZGFiMjQ5ODM0YTRmYTNkNzFkYzJjYg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5e07703167439847c6c49a939083c0fd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame FC5D
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/1b4GQTx4ypA1YAHqK0pwEMn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-z2WxDLlE2oImvcwwvcMxGpieW0AmWmoLtmrIdg--~A
42 B
885 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-z2WxDLlE2oImvcwwvcMxGpieW0AmWmoLtmrIdg--~A
Protocol
HTTP/1.1
Server
69.173.151.100 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
19c1ac3b9706c83a73951eba4d239689
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Tue, 02 Jan 2024 12:34:54 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-z2WxDLlE2oImvcwwvcMxGpieW0AmWmoLtmrIdg--~A
content-length
0
tap.php
pixel.rubiconproject.com/ Frame FC5D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJwCXqxvtIxALyMob-EDdUg&google_cver=1
42 B
885 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJwCXqxvtIxALyMob-EDdUg&google_cver=1
Protocol
HTTP/1.1
Server
69.173.151.100 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
314e432eb2d967cf733b82bdbbe35231
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJwCXqxvtIxALyMob-EDdUg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame FC5D
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=af38e5ef-962e-4c54-b33b-218628dd34a2&gdpr=0&gdpr_consent=&expires=30
42 B
885 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=af38e5ef-962e-4c54-b33b-218628dd34a2&gdpr=0&gdpr_consent=&expires=30
Protocol
HTTP/1.1
Server
69.173.151.100 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
5e07703167439847c6c49a939083c0fd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=af38e5ef-962e-4c54-b33b-218628dd34a2&gdpr=0&gdpr_consent=&expires=30
date
Tue, 02 Jan 2024 12:34:54 GMT
server
Kestrel
content-length
289
ecm3
s.amazon-adsystem.com/ Frame FC5D
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
  • https://s.amazon-adsystem.com/ecm3?id=LQWC0MKO-1M-GO5E&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LQWC0MKO-1M-GO5E&ex=d-rubiconproject.com&status=ok
Protocol
HTTP/1.1
Server
52.46.130.91 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 12:34:54 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
HH4GDKZYVWB6CXNE5REG
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LQWC0MKO-1M-GO5E&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
20e8391fc78a9019eb67dba4b22f0ac2
Expires
0
tap.php
pixel.rubiconproject.com/ Frame FC5D
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAJjgE7LKAYAABZ4CoiZHA&expires=30
42 B
885 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAJjgE7LKAYAABZ4CoiZHA&expires=30
Protocol
HTTP/1.1
Server
69.173.151.100 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
29af2665c43893332e84c235bac366c1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAJjgE7LKAYAABZ4CoiZHA&expires=30
Date
Tue, 02 Jan 2024 12:34:54 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
ProfilesEngineServlet
sync1.intentiq.com/profiles_engine/ Frame FC5D
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LQWC0MKO-1M-GO5E
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQWC0MKO-1M-GO5E
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQWC0MKO-1M-GO5E&ckls=true&ci=jZUYgnnJwV&nc=false&trid=117024541
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQWC0MKO-1M-GO5E&ckls=true&ci=jZUYgnnJwV&nc=false&trid=117024541
Protocol
H2
Server
108.139.47.105 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:55 GMT
via
1.1 694c2ab22098fd212b8d6808ee6c5aaa.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P1
x-cache
Miss from cloudfront
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
Zk_j3DXmehKTrkewVzg8us5DGVMlfMxdDbNPxaU879VqaZeSvKGlNA==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:55 GMT
via
1.1 dedf8f82a63be28fe4cc799f6c4bfc08.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LQWC0MKO-1M-GO5E&ckls=true&ci=jZUYgnnJwV&nc=false&trid=117024541
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
g4k_7EljhF1Dgy2BeIZvyjKN503GBhpm4-VLXUqMCLrTaEkuaB2-1w==
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
capi.connatix.com/us/ Frame FC5D
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564
  • https://capi.connatix.com/us/pixel?puid=LQWC0MKO-1M-GO5E&pId=11&gdpr=&gdpr_consent=&us_privacy=
  • https://capi.connatix.com/us/pixel?puid=LQWC0MKO-1M-GO5E&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
82 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/us/pixel?puid=LQWC0MKO-1M-GO5E&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
Protocol
H2
Server
172.64.146.152 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 12:34:55 GMT
cf-cache-status
DYNAMIC
server
cloudflare
surrogate-control
no-cache, no-store, must-revalidate, max-age=0
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
83f309f67f623a06-YYZ
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Tue, 02 Jan 2024 12:34:55 GMT
cf-cache-status
DYNAMIC
server
cloudflare
location
https://capi.connatix.com/us/pixel?puid=LQWC0MKO-1M-GO5E&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
83f309f60ee83a06-YYZ
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400
cksync
hb.yahoo.net/ Frame FC5D
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LQWC0MKO-1M-GO5E&redir=true
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LQWC0MKO-1M-GO5E&redir=true
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1KdmVDUGtwRTJ1SFlrSmRhVDk2ZTNab2JTWGNSU3phbX5B&ovsid=LQWC0MKO-1M-GO5E&dpid=58160
57 B
650 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1KdmVDUGtwRTJ1SFlrSmRhVDk2ZTNab2JTWGNSU3phbX5B&ovsid=LQWC0MKO-1M-GO5E&dpid=58160
Protocol
H2
Server
23.40.179.35 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Tue, 02 Jan 2024 12:34:55 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
57
x-mnet-hl2
E
expires
Tue, 02 Jan 2024 12:34:55 GMT

Redirect headers

location
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1KdmVDUGtwRTJ1SFlrSmRhVDk2ZTNab2JTWGNSU3phbX5B&ovsid=LQWC0MKO-1M-GO5E&dpid=58160
date
Tue, 02 Jan 2024 12:34:55 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
receive
pixel.tapad.com/idsync/ex/ Frame FC5D
Redirect Chain
  • https://token.rubiconproject.com/token?pid=37556&a=1
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LQWC0MKO-1M-GO5E
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LQWC0MKO-1M-GO5E
Protocol
H3
Server
34.111.113.62 -, , ASN (),
Reverse DNS
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 12:34:55 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

Location
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LQWC0MKO-1M-GO5E
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e71ccbe96f42d70fa40603ada4c96b28
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
magnite
prebid.a-mo.net/setuid/ Frame FC5D
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx
  • https://prebid.a-mo.net/setuid/magnite?uid=LQWC0MKO-1M-GO5E
0
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LQWC0MKO-1M-GO5E
Protocol
H2
Server
147.28.146.89 -, , ASN (),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 12:34:54 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LQWC0MKO-1M-GO5E
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
82a6cabd8b3f0d2d2ae6e86e2699f0ba
Expires
0
v1
match.sharethrough.com/sync/ Frame FC5D
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQWC0MKO-1M-GO5E
68 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQWC0MKO-1M-GO5E
Protocol
H2
Server
3.91.137.4 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 12:34:55 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LQWC0MKO-1M-GO5E
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ffef7c53154b04a892ce1f9531c32cb1
Expires
0
merge
ce.lijit.com/ Frame AB7D
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn
  • https://ce.lijit.com/merge?pid=80&3pid=LQWC0MKO-1M-GO5E
  • https://ce.lijit.com/merge?pid=80&3pid=LQWC0MKO-1M-GO5E&dnr=1
43 B
664 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LQWC0MKO-1M-GO5E&dnr=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUM45834&prvid=2012%2C2034%2C2033%2C2055%2C2031%2C2030%2C3020%2C251%2C175%2C450%2C2009%2C550%2C178%2C233%2C2028%2C3018%2C2027%2C3017%2C214%2C236%2C237%2C117%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C2022%2C3012%2C3010%2C141%2C262%2C461%2C222%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C10000%2C404%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
63.251.86.50 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 12:34:55 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 02 Jan 2024 12:34:55 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ce.lijit.com/merge?pid=80&3pid=LQWC0MKO-1M-GO5E&dnr=1
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2dca1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame AB7D
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LQWC0MKO-1M-GO5E
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LQWC0MKO-1M-GO5E
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUM45834&prvid=2012%2C2034%2C2033%2C2055%2C2031%2C2030%2C3020%2C251%2C175%2C450%2C2009%2C550%2C178%2C233%2C2028%2C3018%2C2027%2C3017%2C214%2C236%2C237%2C117%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C2022%2C3012%2C3010%2C141%2C262%2C461%2C222%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C10000%2C404%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
68.67.160.114 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:55 GMT
an-x-request-uuid
84306298-0372-4b4a-9350-9179f0c8bd75
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.45; 96.9.249.45; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LQWC0MKO-1M-GO5E
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
d3682eda7e5cb79782b1d5475f50e8fc
Expires
0
tap.php
pixel.rubiconproject.com/ Frame AB7D
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=3b668e52-a230-4448-b403-896f63457504&expires=30
42 B
885 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=3b668e52-a230-4448-b403-896f63457504&expires=30
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUM45834&prvid=2012%2C2034%2C2033%2C2055%2C2031%2C2030%2C3020%2C251%2C175%2C450%2C2009%2C550%2C178%2C233%2C2028%2C3018%2C2027%2C3017%2C214%2C236%2C237%2C117%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C2022%2C3012%2C3010%2C141%2C262%2C461%2C222%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C10000%2C404%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
69.173.151.100 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
0228ab361cece0438ff9eb16e4e5890e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=3b668e52-a230-4448-b403-896f63457504&expires=30
Date
Tue, 02 Jan 2024 12:34:54 GMT
Connection
keep-alive
X-CI-RTID
07b09e8e-368e-4ddb-9834-98bd22025d59
Content-Length
144
Content-Type
text/html; charset=utf-8
tap.php
pixel.rubiconproject.com/ Frame AB7D
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=6&p=70&cp=Rubicon&cu=1&url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D6434%26nid%3D2149%26put%3D%40%40CRITEO_USERID%40%40
  • https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=f92ff2af-c4f3-4d29-8c69-788240200bd6
42 B
885 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=f92ff2af-c4f3-4d29-8c69-788240200bd6
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUM45834&prvid=2012%2C2034%2C2033%2C2055%2C2031%2C2030%2C3020%2C251%2C175%2C450%2C2009%2C550%2C178%2C233%2C2028%2C3018%2C2027%2C3017%2C214%2C236%2C237%2C117%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C2022%2C3012%2C3010%2C141%2C262%2C461%2C222%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C10000%2C404%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
69.173.151.100 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
382e2818ca015d35b02cd449aa60881d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:54 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=f92ff2af-c4f3-4d29-8c69-788240200bd6
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
755860
content-length
0
expires
Tue, 02 Jan 2024 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame AB7D
Redirect Chain
  • https://bttrack.com/pixel/cookiesync?source=c91bfcce-bb43-46f7-b14e-567c0a4332b3
  • https://pixel.rubiconproject.com/tap.php?v=71772&nid=3664&put=adb608ad-90bf-4c4a-9a69-3f142606034d
42 B
885 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=71772&nid=3664&put=adb608ad-90bf-4c4a-9a69-3f142606034d
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUM45834&prvid=2012%2C2034%2C2033%2C2055%2C2031%2C2030%2C3020%2C251%2C175%2C450%2C2009%2C550%2C178%2C233%2C2028%2C3018%2C2027%2C3017%2C214%2C236%2C237%2C117%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C2022%2C3012%2C3010%2C141%2C262%2C461%2C222%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C10000%2C404%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
69.173.151.100 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
af308bb17a856a105b8c87aaae7d7f8c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-servername
Track004-iad
pragma
no-cache
date
Tue, 02 Jan 2024 12:34:17 GMT
strict-transport-security
max-age=31536000;
content-type
text/html; charset=utf-8
location
https://pixel.rubiconproject.com/tap.php?v=71772&nid=3664&put=adb608ad-90bf-4c4a-9a69-3f142606034d
cache-control
private,no-cache
content-length
223
expires
-1
Rubicon
s.seedtag.com/cs/cookiesync/ Frame AB7D
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=seedtag
  • https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LQWC0MKO-1M-GO5E
0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LQWC0MKO-1M-GO5E
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUM45834&prvid=2012%2C2034%2C2033%2C2055%2C2031%2C2030%2C3020%2C251%2C175%2C450%2C2009%2C550%2C178%2C233%2C2028%2C3018%2C2027%2C3017%2C214%2C236%2C237%2C117%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C2022%2C3012%2C3010%2C141%2C262%2C461%2C222%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C10000%2C404%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
34.149.50.64 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 12:34:55 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LQWC0MKO-1M-GO5E
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
78008fe701b681dce86a72fc23cacc40
Expires
0
tap.php
pixel.rubiconproject.com/ Frame AB7D
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1164
  • https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=8447736855382576817
42 B
885 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=8447736855382576817
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUM45834&prvid=2012%2C2034%2C2033%2C2055%2C2031%2C2030%2C3020%2C251%2C175%2C450%2C2009%2C550%2C178%2C233%2C2028%2C3018%2C2027%2C3017%2C214%2C236%2C237%2C117%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C2022%2C3012%2C3010%2C141%2C262%2C461%2C222%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C10000%2C404%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
69.173.151.100 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
d67ad46d58ddbab9fb03c088eabaaff8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=8447736855382576817
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
tap.php
pixel.rubiconproject.com/ Frame AB7D
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=14
  • https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=HLiTh2iyUpl_l7NZChyoE2AJ-S0
42 B
885 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=HLiTh2iyUpl_l7NZChyoE2AJ-S0
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUM45834&prvid=2012%2C2034%2C2033%2C2055%2C2031%2C2030%2C3020%2C251%2C175%2C450%2C2009%2C550%2C178%2C233%2C2028%2C3018%2C2027%2C3017%2C214%2C236%2C237%2C117%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C2022%2C3012%2C3010%2C141%2C262%2C461%2C222%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C10000%2C404%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
69.173.151.100 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
d67ad46d58ddbab9fb03c088eabaaff8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=HLiTh2iyUpl_l7NZChyoE2AJ-S0
Date
Tue, 02 Jan 2024 12:34:54 GMT
Connection
keep-alive
Content-Length
121
Content-Type
text/html; charset=utf-8
tap.php
pixel.rubiconproject.com/ Frame AB7D
Redirect Chain
  • https://ad.turn.com/r/cs?pid=6
  • https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=8011460515283861089&expires=60&gdpr=&gdpr_consent=
42 B
885 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=8011460515283861089&expires=60&gdpr=&gdpr_consent=
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUM45834&prvid=2012%2C2034%2C2033%2C2055%2C2031%2C2030%2C3020%2C251%2C175%2C450%2C2009%2C550%2C178%2C233%2C2028%2C3018%2C2027%2C3017%2C214%2C236%2C237%2C117%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C2022%2C3012%2C3010%2C141%2C262%2C461%2C222%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C10000%2C404%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
69.173.151.100 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
574abe46412f7df61ec8713ff1a5b646
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=8011460515283861089&expires=60&gdpr=&gdpr_consent=
pragma
no-cache
date
Tue, 02 Jan 2024 12:34:54 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
tap.php
pixel.rubiconproject.com/ Frame AB7D
Redirect Chain
  • https://secure.adnxs.com/getuidnb?https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4894%26nid%3D1986%26put%3D$UID%26expires%3D30
  • https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=9206689877130227959&expires=30
42 B
885 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=9206689877130227959&expires=30
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUM45834&prvid=2012%2C2034%2C2033%2C2055%2C2031%2C2030%2C3020%2C251%2C175%2C450%2C2009%2C550%2C178%2C233%2C2028%2C3018%2C2027%2C3017%2C214%2C236%2C237%2C117%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C2022%2C3012%2C3010%2C141%2C262%2C461%2C222%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C10000%2C404%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
69.173.151.100 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
c1df09169f58a071f2a391dff1b3307b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:55 GMT
an-x-request-uuid
515ddc63-9a4f-4d6f-9642-3c61c2ace580
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=9206689877130227959&expires=30
x-proxy-origin
96.9.249.45; 96.9.249.45; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame AB7D
Redirect Chain
  • https://sync.1rx.io/usersync2/rubicon
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2959439599
  • https://sync.1rx.io/usersync/tradedesk/af38e5ef-962e-4c54-b33b-218628dd34a2
  • https://sync.targeting.unrulymedia.com/csync/RX-13408c71-979d-4506-9ca8-9f7d48bced75-005?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D186028%26nid%3D4112%26put%3DRX-13408c71-979d-45...
  • https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-13408c71-979d-4506-9ca8-9f7d48bced75-005&expires=30
42 B
885 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-13408c71-979d-4506-9ca8-9f7d48bced75-005&expires=30
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUM45834&prvid=2012%2C2034%2C2033%2C2055%2C2031%2C2030%2C3020%2C251%2C175%2C450%2C2009%2C550%2C178%2C233%2C2028%2C3018%2C2027%2C3017%2C214%2C236%2C237%2C117%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C2022%2C3012%2C3010%2C141%2C262%2C461%2C222%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C10000%2C404%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
69.173.151.100 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
78008fe701b681dce86a72fc23cacc40
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=186028&nid=4112&put=RX-13408c71-979d-4506-9ca8-9f7d48bced75-005&expires=30
date
Tue, 02 Jan 2024 12:34:55 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX13408c71979d45069ca89f7d48bced75005
content-type
text/html
esync
token.rubiconproject.com/ Frame AB7D
Redirect Chain
  • https://id.rlcdn.com/709414.gif
  • https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUM45834&prvid=2012%2C2034%2C2033%2C2055%2C2031%2C2030%2C3020%2C251%2C175%2C450%2C2009%2C550%2C178%2C233%2C2028%2C3018%2C2027%2C3017%2C214%2C236%2C237%2C117%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C2022%2C3012%2C3010%2C141%2C262%2C461%2C222%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C10000%2C404%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
69.173.151.100 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
f84b118a3f01dd6ffa744f6af941f4e8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Tue, 02 Jan 2024 12:34:54 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cookie-sync
sync.outbrain.com/ Frame AB7D
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=outbrain
  • https://sync.outbrain.com/cookie-sync?p=rubicon&uid=LQWC0MKO-1M-GO5E&obUid=&initiator=
0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=rubicon&uid=LQWC0MKO-1M-GO5E&obUid=&initiator=
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUM45834&prvid=2012%2C2034%2C2033%2C2055%2C2031%2C2030%2C3020%2C251%2C175%2C450%2C2009%2C550%2C178%2C233%2C2028%2C3018%2C2027%2C3017%2C214%2C236%2C237%2C117%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C2022%2C3012%2C3010%2C141%2C262%2C461%2C222%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C10000%2C404%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
64.202.112.191 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Tue, 02 Jan 2024 12:34:55 GMT
Cache-Control
no-cache
X-TraceId
7a72ddab375fd2fbe7db4e9a7264eb61
Content-Length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.outbrain.com/cookie-sync?p=rubicon&uid=LQWC0MKO-1M-GO5E&obUid=&initiator=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f84b118a3f01dd6ffa744f6af941f4e8
Expires
0
redirect
exchange.mediavine.com/usersync/ Frame AB7D
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=17404
  • https://exchange.mediavine.com/usersync/redirect?partner=rubicon&partnerId=LQWC0MKO-1M-GO5E
0
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.mediavine.com/usersync/redirect?partner=rubicon&partnerId=LQWC0MKO-1M-GO5E
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUM45834&prvid=2012%2C2034%2C2033%2C2055%2C2031%2C2030%2C3020%2C251%2C175%2C450%2C2009%2C550%2C178%2C233%2C2028%2C3018%2C2027%2C3017%2C214%2C236%2C237%2C117%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C2022%2C3012%2C3010%2C141%2C262%2C461%2C222%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C10000%2C404%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
44.218.225.237 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 12:34:55 GMT
cache-control
private, no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://exchange.mediavine.com/usersync/redirect?partner=rubicon&partnerId=LQWC0MKO-1M-GO5E
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5e07703167439847c6c49a939083c0fd
Expires
0
cs
cs.minutemedia-prebid.com/ Frame AB7D
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=minute_media
  • https://cs.minutemedia-prebid.com/cs?aid=21479&id=LQWC0MKO-1M-GO5E
0
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21479&id=LQWC0MKO-1M-GO5E
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUM45834&prvid=2012%2C2034%2C2033%2C2055%2C2031%2C2030%2C3020%2C251%2C175%2C450%2C2009%2C550%2C178%2C233%2C2028%2C3018%2C2027%2C3017%2C214%2C236%2C237%2C117%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C2022%2C3012%2C3010%2C141%2C262%2C461%2C222%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C10000%2C404%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
52.0.247.215 -, , ASN (),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 12:34:55 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://eus.rubiconproject.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cs.minutemedia-prebid.com/cs?aid=21479&id=LQWC0MKO-1M-GO5E
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
314e432eb2d967cf733b82bdbbe35231
Expires
0
sync
visitor.omnitagjs.com/visitor/ Frame AB7D
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adyoulike
  • https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LQWC0MKO-1M-GO5E&name=RUBICON
49 B
385 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LQWC0MKO-1M-GO5E&name=RUBICON
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUM45834&prvid=2012%2C2034%2C2033%2C2055%2C2031%2C2030%2C3020%2C251%2C175%2C450%2C2009%2C550%2C178%2C233%2C2028%2C3018%2C2027%2C3017%2C214%2C236%2C237%2C117%2C459%2C70%2C97%2C55%2C99%2C77%2C38%2C2022%2C3012%2C3010%2C141%2C262%2C461%2C222%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C10000%2C404%2C80%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
3.141.222.153 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:55 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
4
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LQWC0MKO-1M-GO5E&name=RUBICON
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0190a17a18f2299b1b85aeb1793e601c
Expires
0
ptmd
dts.clnmde.com/ Frame E54A 		70 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dts.clnmde.com/ptmd?t=170419889197131396635828_N4IgHgZiBcIMYGYBsBOARihaAmEBMEKA7AAwAsC2SCJJAHHHWgKx5zM0gA0IAzgC4BDfgFdeMANo0AujwBegmAEYeABwDmMEADduIdQAstS0mSUo6dFOaJKEdlEmrM6eOnu3jYSAHQkfzER4eoIANjAIPBBwMAC0KiAApvwAlsam5pbWenBw2FoAqgDKegKa0CQ8vADW6eSZVkoA+k5WZER0ShRISnqJKapajj4oPnhko2TMHokATlqqswD2+TyJIorQCSJpW2va4dASoAB2ggC2iVpoKdjYc023etjCm6A3dw9PsGRIJB4pR75WAmeoWRrMOxEZgkJR4YIAXwRXFOFyusEEcCePBeQhgoEx3xAdFQCDwiTQZDImKIglwKEShDIDEIJAgJCIaAgZH+PG0gKJoLM4OskIQ0Nh8JASNkIFUnkkIBIAAI8CQ8Mxlb1ZbxQgI6sKsuYenpQlA9iA0KF+DAeTw4GJ+ECtHQAMIFAAqAA0ej6Ac6QRkRUoxRK4cEeOoYlsg1kYeQeABHdEJCC7EgIoA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.96.116 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
116.96.111.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77

Request headers

accept-language
en-US,en;q=0.9
Referer
https://1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 12:34:55 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-powered-by
Express
access-control-max-age
1800
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Bafp-Eg, Bafp-Ec, Bafp-Eg-T, Bafp-Ec-T
alt-svc
clear
async_usersync
ib.adnxs.com/ Frame 22D8 		0
593 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.114 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Jan 2024 12:34:55 GMT
an-x-request-uuid
1bc1c698-220f-452d-8298-fe52997be3f4
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.45; 96.9.249.45; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sync-tm.everesttech.net
URL
https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEAzCPTEDzNeZNSAF5boAICI&google_cver=1&google_push=AXcoOmTZnLr9BRmARkJ6WGPczYl64DGkW0EX14WFDq-8TJPqvPOaY4SQ3N05hMCXUI-0xCcQv13IH71JpEAC8aLdMc7TF8uuaXlY

Verdicts & Comments Add Verdict or Comment

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| documentPictureInPicture function| gtag object| dataLayer object| googletag object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| google_tag_manager string| GoogleAnalyticsObject function| ga object| gaGlobal object| gaplugins object| gaData object| GooglebQhCsO function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages function| $ function| jQuery function| setImmediate function| clearImmediate function| swal function| sweetAlert function| Swiper function| OneSignal function| SmartBanner function| _extends function| _typeof function| LazyLoad object| lazyLoadInstance object| _ppads object| _pbjs object| google_llp number| __oneSignalSdkLoadCount function| __jp0 object| _pbjsChunk object| mnet object| Criteo object| GoogleGcLKhOms object| google_image_requests object| FB object| __buffer object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_136 object| Criteo_prebid_136

54 Cookies

Domain/Path Name / Value
app.bigonline.top.enquetebbb.com.br/ Name: PHPSESSID
Value: 47e5f759b82179b9f8e7cc5e5cfcbc32
.onesignal.com/ Name: __cf_bm
Value: B2EdcrWFfT7yYB5HxjVE7jn_OMXXqBaqj3G.3vl0A7I-1704198887-1-Ad+2dy6ALzPIt3D3kmfADRjgahDPcw1OzrRzxfq3WzxxUqrEExwVfCx3TrKy3zEltk4tMA0PHiIxAjl6s5gZhcs=
.enquetebbb.com.br/ Name: _ga
Value: GA1.3.1513113727.1704198888
.enquetebbb.com.br/ Name: _gid
Value: GA1.3.1831643438.1704198888
.enquetebbb.com.br/ Name: _gat_gtag_UA_112625574_1
Value: 1
.enquetebbb.com.br/ Name: _gcl_au
Value: 1.1.521350832.1704198888
.doubleclick.net/ Name: IDE
Value: AHWqTUmuAY7F-lktfQd8yqtLQqJBf7JLEqcPFR7C1Q7piCfg_Lgd_ZVntfX0Gk5U
app.bigonline.top.enquetebbb.com.br/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.enquetebbb.com.br/ Name: __gads
Value: ID=b1ae3e7c33ee6f2a:T=1704198888:RT=1704198888:S=ALNI_MZ4Zx-_vf2ab8gc3VJPxZltxHUOug
.enquetebbb.com.br/ Name: __gpi
Value: UID=00000a05d90615a5:T=1704198888:RT=1704198888:S=ALNI_MZ-swE3fPB8RSowax9wgz9k-Fvaow
.rubiconproject.com/ Name: khaos
Value: LQWC0MKO-1M-GO5E
.rubiconproject.com/ Name: audit
Value: 1|i7WLabMcVxIXDaWthfp2TlYvo2XO8wv+z0QnGM0pmGQ/ybvdeqGenhNLSnVSdeImQGOwDz7tP/HhwgF8wsyFr6NXsHmKXa1mkVHx9c1TkTibQtyFmQva20MegDC1i1R7Cw5cFTX0LMQijy0RC4Zd8dAPlTu0R9RN
app.bigonline.top.enquetebbb.com.br/ Name: nvggid
Value: null
.yandex.ru/ Name: yandexuid
Value: 9520564451704198889
.bing.com/ Name: MUID
Value: 17A4A6EEE91B659502F3B514E89464C2
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_-OSMXR2dA129fTI9jTzCtT1yAoqKDfxDIx0M07zMwEAYYaXwR4AAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_-OSMXR2dA129fTI9jTzCtT1yAoqKDfxDIx0M07zMwniNTQ3MDG0tLCwsDQxM3_FiMoHAL-a5PM9AAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjQzMDA3MDE0MzQ3MTGxMDY1tRTiM9RNjc-JdPTQNXVPCUsBANu7kAslAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjQzMDA3MDE0MzQ3MTGxMDY1tRTiM9RNjc-JdPTQNXVPCUsBANu7kAslAAAA
.yahoo.com/ Name: A3
Value: d=AQABBOkClGUCEI7U9BLiw2zpf7z2VVslc6gFEgEBAQFUlWWdZQAAAAAA_eMAAA&S=AQAAAvuFzzVuPZIRxgZl5c9f4L4
.mxptint.net/ Name: mxpim
Value: R35CA5_10EA86277_176F8DB3.1.659402E9
.owneriq.net/ Name: si
Value: Q7574852891107326510P
.owneriq.net/ Name: p2
Value: gguuid
.owneriq.net/ Name: gguuid
Value: 1
.quantserve.com/ Name: d
Value: EFUBCQHnKoEA
.quantserve.com/ Name: mc
Value: 659402e9-7aafc-ef76a-53be0
.adsrvr.org/ Name: TDID
Value: af38e5ef-962e-4c54-b33b-218628dd34a2
.simpli.fi/ Name: suid
Value: 9D8A318B020A4D588B4CC29AC1211ACB
sync-dmp.mobtrakk.com/ Name: chk
Value: 1
.adform.net/ Name: C
Value: 1
.zemanta.com/ Name: zuid
Value: SPy5dD86EshfZHztDSOp
.adsrvr.org/ Name: TDCPM
Value: CAESFQoGZ29vZ2xlEgsIsPL85qfmxTwQBRgFIAEoAjILCMr_kpO-5sU8EAU4AQ..
.adform.net/ Name: uid
Value: 8447736855382576817
sync-dmp.mobtrakk.com/ Name: pid
Value: NjJjZWVjYjJjMzhkMzkxZQ
.tribalfusion.com/ Name: ANON_ID
Value: aNnt6Zayg6AbrA7u8PVN82DZdt62GpYhZaKGnMu9XPU72Zb9fF0ScR5dAh2VRAvGmOcMOsb2cWnXhLILGD4qMb6raZc8X7LZbZc
.adnxs.com/ Name: icu
Value: ChgIqvN4EAoYASABKAEw64XQrAY4AUABSAEQ64XQrAYYAA..
.adnxs.com/ Name: uuid2
Value: 9206689877130227959
.criteo.com/ Name: uid
Value: f92ff2af-c4f3-4d29-8c69-788240200bd6
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.enquetebbb.com.br/ Name: _ga_RQSNYVQKT8
Value: GS1.1.1704198887.1.0.1704198891.56.0.0
.criteo.com/ Name: partitioned_bundle
Value: B9ZtV19kUFpvcjI2JTJGdWl6Q1hvQjJhQXo0UUpXVVdJTERsQzFKZG9TTVpxcjN0UGxrbW9WdllpamU4aERzTm5Mc1Q5WHhlTE9sNFNZajJvMTNtVzhNcXNMdUFjTEE2bTg0azlxRzlGcG45THl6bmxTNWRpa3UweSUyRjRGdFM4eUlnWWElMkZwNW1SbDcweFp5OG1yczh2MFR0ckZTblIxJTJCZlc3SE5vdnBoczcydjMlMkJRY3h1cjh4RUZIVm9RZHhwek53JTJCbHM2ZCUyQg
.enquetebbb.com.br/ Name: cto_bundle
Value: qRFhJ19kUFpvcjI2JTJGdWl6Q1hvQjJhQXo0UUpXVVdJTERsQzFKZG9TTVpxcjN0UGxrbW9WdllpamU4aERzTm5Mc1Q5WHhlTE9sNFNZajJvMTNtVzhNcXNMdUFjTEE2bTg0azlxRzlGcG45THl6bmxTNWRpa3UweSUyRjRGdFM4eUlnWWElMkZwNTZEMFFqc1BJRzNJZlNFcmVSNER2OGxvbDVMJTJCR2tqRXdHTGh6bVR2aFh6RSUzRA
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZZQC6wALhjflXQBU
.openx.net/ Name: i
Value: 2c865e4e-4919-4644-a393-63dc10968aaf%7C1704198891
.3lift.com/ Name: tluid
Value: 1296966061213149082325
.media.net/ Name: data-g
Value: CAESEAJ7jEURlczxT30ykPfx4kM~~6
.pxlclnmdecom-a.akamaihd.net/ Name: bfp_sn
Value: 1704198891_668947814361
.pxlclnmdecom-a.akamaihd.net/ Name: bfp_sn_t_8b2087b102c9e3e5ffed1c1478ed8b78
Value: 1704198891_668947814361_8b2087b102c9e3e5ffed1c1478ed8b78
.adingo.jp/ Name: ID
Value: c7bc41f4280cbae7262dd5ad772c0d97
.media.net/ Name: visitor-id
Value: 3472004916634949000V10
.pxlclnmdecom-a.akamaihd.net/ Name: bafp_t
Value: 5369edf0-a96b-11ee-8f1d-7986128f01c1
.smartadserver.com/ Name: pid
Value: 5366406421068034784
.dotomi.com/ Name: DotomiTest
Value: 6ef36c252d7e11fa
.adx.opera.com/ Name: UID
Value: OPU175dd950f095451fad05ca720b810bdc

3 Console Messages

Source Level URL
Text
other warning URL: https://pxlclnmdecom-a.akamaihd.net/javascripts/browserfp.min.js?templateId=3&customerId=8CUTX61X6&noCookies=true(Line 14)
Message:
The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
network error URL: https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%20C0601E02-970D-4920-82C3-AA8D8C480787&rnd=RND
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1222e9a964f4eb504b770596adef3f60.safeframe.googlesyndication.com
a.rfihub.com
a.tribalfusion.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.turn.com
ads.pubmatic.com
adsdk.microsoft.com
aep.mxptint.net
analytics.google.com
app.bigonline.top.enquetebbb.com.br
b1sync.zemanta.com
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bidder.criteo.com
bs.yandex.ru
bttrack.com
c1.adform.net
c21lg-d.media.net
capi.connatix.com
cc.adingo.jp
cdn.adnxs.com
cdn.navdmp.com
cdn.onesignal.com
cdn6.votarenquete.com.br
ce.lijit.com
cm.adgrx.com
cm.g.doubleclick.net
cm.smadex.com
cms.analytics.yahoo.com
cms.quantserve.com
connect.facebook.net
contextual.media.net
cs.media.net
cs.minutemedia-prebid.com
csi.gstatic.com
csync.loopme.me
dclk-match.dotomi.com
dis.criteo.com
dts.clnmde.com
dts6.clnmde.com
eb2.3lift.com
eus.rubiconproject.com
exchange.mediavine.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
hb.yahoo.net
hblg.media.net
i1.ytimg.com
ib.adnxs.com
id.navegg.com
id.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
lg3.media.net
live.primis.tech
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
mug.criteo.com
nym1-ib.adnxs.com
onesignal.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.mathtag.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pmp.mxptint.net
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prebid.media.net
pubmatic-match.dotomi.com
px.ads.linkedin.com
px.owneriq.net
pxlclnmdecom-a.akamaihd.net
qsearch-a.akamaihd.net
rr4---sn-ab5l6nr6.googlevideo.com
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.adstanding.com
rtb.mfadsrvr.com
rtb.openx.net
s.amazon-adsystem.com
s.seedtag.com
s.tribalfusion.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
server.cpmstar.com
simage2.pubmatic.com
ssbsync.smartadserver.com
static.criteo.net
stats.g.doubleclick.net
sync-dmp.mobtrakk.com
sync-tm.everesttech.net
sync.1rx.io
sync.go.sonobi.com
sync.intentiq.com
sync.ipredictive.com
sync.navdmp.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
sync1.intentiq.com
sync2.navdmp.com
t.adx.opera.com
tag.navdmp.com
tags.premiumads.com.br
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
us01.z.antigena.com
usr.navdmp.com
visitor.omnitagjs.com
warp.media.net
www.bing.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
sync-tm.everesttech.net
108.139.47.105
13.225.214.101
131.153.170.212
142.250.65.226
147.28.146.89
151.101.129.108
151.101.193.108
151.101.2.49
162.248.18.34
172.64.146.152
173.231.178.116
18.238.55.125
185.167.164.49
192.132.33.69
198.148.27.131
199.38.167.130
2001:4860:4802:38::181
207.198.113.203
216.22.16.40
216.22.16.53
23.199.48.23
23.40.179.173
23.40.179.35
23.40.179.50
23.47.168.66
23.47.169.12
23.47.170.102
23.51.57.13
23.66.229.147
23.73.245.216
2600:1901:0:cba2::
2600:1f18:4e9:5a07:8d75:79f2:fdf1:69ff
2600:9000:23cb:1400:1b:6b7d:2300:93a1
2600:9000:2512:8a00:1a:5235:f980:93a1
2602:803:c002:300::98
2603:c020:400d:3000:7130:bb0b:d7e:bee2
2606:4700:10::ac43:206e
2606:4700:20::ac43:4a15
2606:4700::6810:bf3
2606:4700::6812:19ad
2606:4700::6812:d63b
2606:ae80:1451:18::1690
2607:f350:3:2569:0:10:0:d
2607:f8b0:4004:c06::9a
2607:f8b0:4006:809::2002
2607:f8b0:4006:809::200e
2607:f8b0:4006:80b::2002
2607:f8b0:4006:80d::2001
2607:f8b0:4006:80e::2008
2607:f8b0:4006:80f::2004
2607:f8b0:4006:816::2003
2607:f8b0:4006:816::200e
2607:f8b0:4006:81c::2001
2607:f8b0:4006:81d::2003
2607:f8b0:4006:81f::2002
2607:f8b0:4006:821::2002
2607:f8b0:4006:824::200a
2607:f8b0:4006:8::9
2620:100:a001::18
2620:100:a001::4
2620:100:a001::c
2620:112:f002:bbbb::21
2620:116:800b:21:c1e8:5385:5098:6bf0
2620:1ec:21::14
2620:1ec:46::40
2620:1ec:c11::200
2a00:1450:4013:c06::5e
2a02:6b8::90
2a03:2880:f012:8:face:b00c:0:1
3.141.222.153
3.223.16.170
3.223.214.250
3.225.218.10
3.232.179.229
3.91.137.4
34.111.113.62
34.111.96.116
34.120.63.153
34.149.50.64
34.150.170.96
34.203.80.35
35.207.24.140
35.211.178.172
35.214.224.191
35.227.252.103
35.244.154.8
35.244.159.8
35.71.131.137
38.68.201.140
38.91.45.7
40.76.134.238
44.218.225.237
5.161.92.137
51.222.239.232
52.0.205.209
52.0.247.215
52.223.22.214
52.45.219.8
52.46.130.91
52.86.139.62
54.156.229.21
54.198.173.106
63.251.86.50
64.202.112.191
67.220.228.200
67.225.224.10
68.67.160.114
69.173.151.100
69.194.240.13
69.90.254.78
70.42.32.63
74.119.119.139
74.119.119.150
8.28.7.81
8.28.7.83
82.145.213.8
003413439cb5fa037d219b2635432a0488e406bd27a20ffc71543973b22ca10c
01f0ead0b5f2aba10c679daeed7f18e6070d8cfaa8255423c9da22a893285e1d
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
078fb63c950a96d87ef24f2e116dea03aca44344d7fd55a34d649086564c684a
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
087ac2cab95b209141be74e4b3a5adb057c721d2f2e77a4bbf0ad60a57d3ebb3
091f904c37ce1d020c72330376797bc475f6f50969fa49efafdc474df3328d66
09650e7165d64938499c63260d5283cbad459ba397b12903ac92d6c50024270f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c2bdea3699a8538b5e8cfa72687e278626ac46810f37efd8ee2ad9094fd7beb
0cabf13da10ee8f91fe37f5c6b797154b1fce56930c0f1c54ae937e532bedfcc
0e655d3e35382faf2c38e5e62debebb2b3081dc22d19dfccd6df871e4c93776a
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
1293b5fad35816536947c4cd7a6487642b4646783a0c8aa2ac6acb1522e769f6
12b9cd65f98d1ffaf02a4df14d27d10be674d9f5888cc2b4a89466ec0b45ac6e
13c0e5cc61a713f6a517a6b34bbf4f85c65784517ed574c23ad0a98aedae14b6
15211e0be73438987ed05236dc4ce90962f7c46452427364446576505e66697b
1616c8cd083e6b17f6a75ab0695bd4a4573b31ae8398ffb43758288028f6a773
17188ee3f162f6cd4b674ca31c0d0ad1cec633dd72cb896f91daa2220fc8e829
182083c2af568f88138fac088315f89acc4b94866b0c423ce78c04e21e14f857
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1973bb0e810b8f54792d7ea56c03749f6792541876847b085f58d64fb7adfc07
1b4070317b191a46d4232177035a80b8b98ca75b92f36cb554ddc32e8ce809d3
1e3bbf2a6d9503811213baca9f5e309618ca968136199ca532a0a5167c0b0f1c
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
242ef1ffde7693000de5d0b4778c2797aefff3a2253c5bd5724dc84e54cf3de4
24e9ed9eab09216ff15ca9714caf4c6334d318b0997bcac6e72c5029d1d93f43
25a5de68d390f7c0ee9384f03a6f087c66bc3b6eb37c37f7351735770183017f
25fdb817b24a548c69cd32f1420fb6a4e20a0aaf760b88c9a3179023a7432396
2631b82949f1c3cc9755701e6261c8ff97c9982c3db6ff98b7c69b31d3fbeed9
27d5ba2175dc395614adb2c69fe9f4bff9abddef3a7c6e3e30a68587f428a37b
27f6c8c22d2d9d2f7483a241cd3197bb47761032845bdd1c28cc0e2713484af3
28031808ac5c5297b997786aa8431f314169909959994298ec0015569c79b4cf
2a28c42fa0b2b8d6ef406cc533e6067f53b4286dcfe977a5a0d897aed19a24de
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2e1808ad68a7f5f4999f152886b4963a9e640f59392f73360af73860cc6a71bf
2e611fd7baa19a3ecad5f87083a7a3c47d8dc6052854d34c9e56a8b1d56f3528
2f1e52f6d470035f5c81553858e7581636a3079bd9e85a6107737af4badec51a
2f256611f838d74f92a96fe6469e05ff8dd9151e38a12d784cdcc7511f3938e0
2fda69f83698c870c477234b9495b934eae216985e3bf1568bcd689a7374d8f3
30df5fb89cc696d1d7d3af81f2afcd4c5e0dcc01141dd83a09a74c0ea9fb0b6f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31b5ac7ccffe14c8302556cb10cc23127b6e2a74f8947a8c65b4417bde2d1983
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347
32b0d2b1ef56d48131221c07e77ee1f9b15708a7e5c4f2c610114d51bca8c42f
34419ecac23d0389a78f87d82543d68177399ad204ea5f0fdf677ee51cd1ef1a
347c1aa4c3fc3dfe7f611d1f237b919e6e500e0c5e582920d380d8d5b5787e4e
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3921a1b162dfde77a136eb59baeab096961820fe6a881d0e66a5b125792dd334
3aedbdf902d674833e0b165aa379a3ff8d2100f1576ce2c4e4badc93723a11ec
3c31f594d2c133ec20aef3e2def5e3ab3f136c84d536972fe074040a3873933b
3d405e4cee91060ee3933df68f542563c72f28da14e30b666d8b87f8dfe78949
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3de9f5231882b16bddccb492d140b88a3b7b2fd80d36c3f9d382b821779515c2
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f0286b191e52b5e7af22af3a3056958fa411c8a7861ec57eb4d5c96d39314d6
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40572fd0ffc5ae5e4b0c0a7d8d048532e7c149cc9511b78503965e795bed1f25
4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f
41b43f64c3e5d7f9eca80634429adb1b8e0a1c5e1fe67ad71ec651a991ebfe68
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
42df22c7b1ffc073e52506eeaa1c4e96a1d2530a90dc6aec4737c24a4cfd6498
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
4601a643331e142e3a4952eb54b66cf953f1dfad9b13574c5b5d47a069d949b3
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46a0243b7af18e28661c127f50884b9ee8c27181051f62bd70d8b3fe67e207d2
46a3ce1eeea0cd80006f409482d8baf6246e28cec4c616bfe81dcccd04fd1204
47b0e7129add982c0e394f0dfa8d9621e6c9e4126859b26e1ad25c18def0d812
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a10219bee747aadeeda78f166d787adf32583f361f88d44b472f6f3da798083
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4ec435ae17cbe202d302b02444eef33f7650b521bd1db7ef5928377de1e8c9a9
4f4149b0e07b9b44d0160db3863ddf0a1e998b7f7d581975d836436b4b4eca49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4
558ffc306fcfed53467bbf376f405a03f22c4b47a02c4a446d05a769852585dc
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
576868c925dedc43d47345bd0b908e1668e1c041a612cdbeecaf0d88d7a9c439
59ba03a159f5d0adaf5cc34aa67bd34884b8fab72a1e351b296fb2308f77de58
59f0d5bf476a8ad14331f54b39a23a0fa01f4c7da761378b81936da655558540
5abe8d796c549abaa421b31ab43cd327c756bab9695e8bbce0f31e56eaade7a8
5c2279c3f32586cb1a79d9a7b25ac4e04e0559ae77705bac72b4dfa1db29de21
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5f15ce32c4d4615fd46480fa919b2bdd7ccfeeb07ddfa43a2bd61c2b1b5483fa
5fe44ad4c9b756a66e695ed3748ff3c22804135cf7518012a03a8490ca59d66a
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
601b37db618f94ca70bd1d16390d3fea996fe6c956bee4a2a93d817dfc255cbb
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
6168c03ffe3f1dc89480d5182c3afd390a66315137a9acd5b233483e0b4fc94b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62373de6691128ad6c9e5f24fb08d0b8f479fd129412823d1d4d2bfff1e2302b
63c97e11ea143afafc4aa123fe04f28c16fc0aa86dac0e8653d3f8c81fb8d5c1
64493b7677f4b236fbcbed15196c5ad541766733376b49b2d737a08869a07704
66459edfc739be4f517ce02992bde40cdc3fa3e93a5496d36c12a128c4e76e1c
69a8bbf88282d2cf6e4f975cf238fd71adec2a5c98195bfb7a9a86d888b80b79
6a21411487148e31e36c76e37a0b5da80e03d0f175d9180f6de7aa089622e3c6
6d9778bc3f894f02e1907f4e2c4caae7f442521ccb76376958ea06ca7d3472af
721e552350ba1a85ec105f996266ced8140214913fcf3ab625de8987e911714b
732675cfccf977f7fab5b4cc351efb9fbc17a868da78114b484f80b0d53fc281
74e902da7510e538e4949ad6e725dcf9e987381e9b2b565b9249c659e85f9d0c
763621a0d305c29ece369ed561eaf469c8b517172996290c6afe2c29838ffae3
7713dffabca932ae870e1aad59653270cdfd64f186851dcc0e89774b76ee6ce7
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7a237a7064de02f7d64ad4f4ac1d125165e78daf38020ef59ad5a709de88b6f1
7b07bffbf21142fa51120eb03293d0d27d8e76099c8f55bb23d951ceca89bc31
7bc7f37f61c6e04925175ad3bae04e63dc87643550c96bced48b217cde40a99e
7ec5561af74114c3b4b8e0a3e4e2d6f0718e60449f99d4266d8c026bfba8ddcc
807e84e1168b4e2f461467a2d2b255f8947e8dadaa269e66bf561a7c0ff90bde
80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
847b69fb54fbe7de0bf6efb3af9d1f458d8632ca866588c4d93e640e115efec2
84db822bb001b2f43a9cd40db01c803168cad26b89be3c740bc8dec1cafcc063
86acc3626551a828f13f30863d1bf5a88038ba81eecf5425d8f5e30e24702005
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
890d5eaa10e9bd7b67de7279581e2fe6a2b1c57c37d7baf47b9ed9a73c111f88
8947dad051b2d1e94e13b891490a267a7921292ec30e3c718dc7fe6359df5155
8d57f50455c15b852891afe3e3d88e594836d10fb6bf734af5480e331e1fda10
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
8df2c7fec3541500a38d4273e9ea7495225fe2ab86431503df5d866f351f4ca4
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8ff4a30392a3966fe5af95652920fef78fbceaa1f6a8c9f474c28af36de5cc08
9254ffe1310ecb839ed25a69e4cc751bd8e1ab74a964b4c91d67cf3964eae29b
93d4bddeb674e69bbc1b49fe44bab60d195b4a11c19da58156ea025090789e19
93dbf285b7283b07c10f9deea83270dab1b12efe52d3d155dd921e5780dda3f1
94971ea51716e2fb012fa588c909d8c8794be579262c28dd668a1dc326e5768d
956f488ad5f9e03ec3bff2b1e2b429e3e4b6b238ef8a98aae4b954336a991d91
95d98804a6e5f1e07cca375e5eff2d59603f175e6f35f1de42a5fd1112b0dc1c
966406239f00931b32d3e676cdb6dca6f991faad0c6a33d679fcc9dee2f5d3e9
976b1d446e9f000ebc33704968e386bdf9a1c80afa733825c1fb92006d1736ae
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98ea92621a1e03efc11987fba7aff5dae88cd39ffa85960a627b7c8c7b002e8e
9963f6e3cc68a9488f258ee3814be17f6e48d37176ee74cb864a554eaa0abecb
9a03568e65e089a8d0141da6371d935d35b6ea13a8c5af029d9e4e32c6233f3f
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c379e4510fbb454d5eefc35758f83750f1824e9cffb24e14fe813d8afbffd9d
9cdb163d229f2eb24fc0db41c72a849104b89d480512570030afbeef56fc2f09
9dd5584140f2ec5ed5c5f39b20ba0800c742c6a60b621c97d972b4239fc6b1fa
9f930bdaa248eb6bcc523cbb2d62ec297427dc658c0ce121e9b18ee8f0ddcd70
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a31579de079ace0a7e4bec7f0c489c4a4ddc7e8afc2b9828bbb6896d455e6676
a358b26ef00f7e937fd9baf7269222496202ce0eb3f48614b40de678b3182c7b
a36c24ae7ba241bba601ac4e528f763966998f5b13e533f3288e5ef1272cdb43
a3cf2d367d36c4f207c93ef1207dd71b196fbffb8f50b78b47bae495ee266ba7
a5c2728e77ced2a8d93431b63c328adfd0900eb8364c82552870de9da43a2233
a70770556b3feb3c4a79ddfbb99768e58a262e5a2c744e922d65fc4612a04e61
aaf10a29a6e9369fd99a81c3ff0bb8de76316a621a659bade750eb27a980d33e
ab1f4efb036796f88657f041c0165a3d2e6625efe93d0ceb7185e32aeb1c3158
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ae64813d3c5cf8a1ae3304ab6fcc80b28a728296984e4289c64aa6d630e06bf5
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
b0d021c949fbec9adc0ac9b984ec89334613a28f1b92c9409f71a4a2bb1fe07f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2305848886c4142114686cb0bfbe23da48f99d0bc0ec95baadff633bef2236e
b250ef39399eb55f93d850fe15561b82c2c296c7046e9d6690d7d2f95789caea
b28bb4f6c1233693a4e891fafff6bda6a26fc0b75440238774babcdcf068146f
b4557d023216781e0a1d45405ca1017817151a258e852f439f870ad6a9a8ac17
b4a6f10015f3f06e90821d3cb9d527a67c51341f52b029cfb034a00d27d2aa32
b5186a7465255e973dc0cc06762cfc741d0a75d12a9f570fa04a147289cfd5e2
b70e33fdd2cc9cb3d9baf246b79f5bede81fa22b7242ac0930c21bae97263da4
b77e8da8c14b84a8c0b2a906b58c45f821bb7f25b5708a13b55758790cc8df35
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bd74d38d22665a19ec2e9525c7d953251dd7a64946a14ae3e0a25d8a71c880b4
bdfb63a8bc54a1f786116dd76df21fed408dff0ab65577958009741f9762680d
beecff1ab9cca2203c9e18df18f3146c174efdcc8ecebe6a5995a9a3039e973e
beed418c15d8ba53d4614855c0726610bffcb08c121dd3f1e94748e538255902
c05e5b8993e3f1de70c94fb5864edd970728bc72422dd29878287881e1bf529d
c15c644e95e73e6b1c0c0667b63a050757787b98b045ce2fff32a478d2dc8668
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c39e3f1752a220942b9d0ccb6d316902a403977aa43b421a283e9b362fcd9015
c414cd0e204de974f73753c7e28d7638e7b3691bb8b1a2bab6b25bb7fed7ce77
c5987c529814bca758deb15c889113e35e87d0fc6fe4788202c326da2dc3559c
c6dbee1e15950de3f157c5074a3696c09914c4b31a7db5d5b8be692a17171046
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
c979be3ca2ea19a41e656e1372c36f4677da11ace44f40c27c2c48bfe5a33cca
c9a726fb5e408c905af5fa916e23740a283b9ab6f8adfa955a0b3b40e7c6cdf9
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cb1ca001c0178df972a6c5c5235a80208cf54d572682e042bae85456b5bef5cc
ce88d5f642b64bdbe3a09a2e13737547a729486da6ef009399f67c1cb4236504
cf2e9bbdef32f1bd4e75dd8e1ecf2e7fa61697babb54f4d7e502445608b0d399
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0c2360a26fd57ed8e7537ec6a2cb580ddc4701192d80a772420f12014f6f178
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d1384ae51e633ed5d189f6ef2383a0d23540c897cd21566cb70155ae8fb1e478
d2b62eac63a8beed205970c42627ef3fda865187eb074a15a22f9591bbc94b6c
d40285f61cf97c481d61f0ccbe1ae23b47ef63cca6822d90eb37f4922cd56f81
d42cf300087dde82d619952ccbe596a0ec3f6845057d7b75299aa58ea8ea94ff
d514665695568bb918c9c1265aa93e2542c9d3090ac1480dfee8468d2a2f8e68
d596ca97514cd5cf329cf62a215ee08a23e52bdcbf7880be0b2d453c9c28e4fc
d877bd244ace8fdc2194396052b01e2b0fed74321dace85bf206d6d546d6d6b8
d8ed801e6587da5e413812342f568fcf71bcc51a3d4259cdfcc5f0243e60edaa
d8eebfd90e3568dbb47b08fb67619f05bc6306eff7fd2e65e9920b34891cafe5
d9a2b1472c2611f0f39e2965d7faee82d99717c347f5c7e52aa9c5f27e0174d6
db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d
db5f08f71cb73a6d0b162b0e1e87d59d269e83b2ef414c2b1688ad7831340469
dce806794f0ab48ebc35bfec3556e08e2835d052e96a759b4b7b8140da78b7ae
dd8a170f5013195015b51c6d3cedf48702d5fdab82cdfc8449ec791e7f4fa99c
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de4451c6eb4c78b702515388d134d0ba0ad41aa18e3388f1a592b87cd9cb4f46
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26
e15550e747885311c9effdb1722fbfae193d29eba419ec65122678c4add2f3ea
e16cf64e732ddd210302c5591723d4622645fe85c04550b8fe3e700c21645cc4
e19c6f2ae2b4e3b5caf5a583f94d4eb9e95505c75be11fc528639c6e108f607d
e38543f876939c7f65bdb621d90f583f7aec2630b4f8ec29384c4e304b13810b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f6d84d12af33e3f831102084bad06cf46d8d3d05d471cc00ecc7ef8594833d
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6123603aeabe4b8467cc64a9ee3329093d346f494179fea936f699aeec37fdd
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f
e713f164dab50349afdb77e0d94494e7899c5ab012974e95aa4f1608ce485ba3
e714c04bd8303c2cb34fb0e9004d63bb2b3def0e8d69995808b7043dcd5792ed
eb6c067b2cc0a2df996e078d9d39e426388e2ec72605119b801f9fbd6ad3deac
ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a
ec35218519989e415ada36f932815d10628420e6d7c0bf2ac06d0e29ff980cab
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
ed1f1280767284ad2052156ac8da97e432a076a69dbea400af6ed0077cb26978
ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108
ed721a3c888082587ba404d93a3b7ef77547c78b1e87b8410bbd8d9576fc1505
eeadff4c682623d1cd12f60d7d620011353d20db4ad1970a9f8dbd16885ea2b0
eebbb84e1a8cc69064eff36ef286f57c7df7a2708b59e264981bf83d30516f86
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f23c245ea5a38f63022aa074a4ccfe104df9a690d376460dc2562d63dde4b820
f308c529cc867ef760b323e0d50388030f9f05f2a462870ccc124fe97ea9a976
f430d73220fdc94f0ea382e4b09340deacd61738f85786df3eaea69a2ac6237a
f4beba437d39a47ef09fcffdc403a170792ffe77b3bd716a0538999895d17ba5
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f970e18ee55b33261ce4e8b24076fab6be2df6238746cfab70b8169258666fdb
fa827aa7379bdd5c150347a04903391f240c1610b9c9d539819b6a2d4c2829bc
fc6f580810c33b1b5df1510b9d222429adb6d1f2ac5bf810a4c6ed7ead3cf061
fcb980cc482294d0f1928229f4fc4a4856efa5bee2c87fdd339bc2c59a81e71f
fda9ef9d3fda898fc315283504eb0aeb8ada64df1bda7e2e11165f28f59c1fb6
fe19a0337cbb7bd0b7a2bbc41cae76c2df3b9b1e8942589b6652bdbc3ff12db0
fe72a7069b1925cfeca98dbd05d4a65798214f22bd79c83ab42f1551140cf1f4
ff1f876993a9e941440a6173852028b3432f19be1df5a2ebdbd7d6131a8b1604
ff539acbae62f5e970cf513e9024b9f180117afc74ae5bada176b53d42e4315f
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995