www.eotimedopovo.com.br Open in urlscan Pro
2a00:1450:4001:831::2013 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.eotimedopovo.com.br/login.php
Submission Tags: krdprod
Submission: On May 20 via api (May 20th 2021, 11:48:01 am UTC) from JP

Summary HTTP 492 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 62 IPs in 11 countries across 70 domains to perform 492 HTTP transactions. The main IP is 2a00:1450:4001:831::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is www.eotimedopovo.com.br.
TLS certificate: Issued by GTS CA 1D4 on May 18th 2021. Valid for: 3 months.

This is the only time www.eotimedopovo.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	2a00:1450:400... 2a00:1450:4001:831::2013	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:809::2009	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	3.129.250.65 3.129.250.65	16509 (AMAZON-02) (AMAZON-02)
17	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
1	2a0b:4d07:102::1 2a0b:4d07:102::1	44239 (PROINITY ...) (PROINITY PROINITY)
3	199.232.137.44 199.232.137.44	54113 (FASTLY) (FASTLY)
3	2606:4700:10:... 2606:4700:10::6816:5a5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2	176.9.125.108 176.9.125.108	24940 (HETZNER-AS) (HETZNER-AS)
3	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1	35.201.123.184 35.201.123.184	15169 (GOOGLE) (GOOGLE)
10 12	143.204.202.38 143.204.202.38	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400c:c04::9a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	104.18.135.145 104.18.135.145	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::681a:a75	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.102.185.99 34.102.185.99	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1	148.69.64.109 148.69.64.109	12353 (VODAFONE-...) (VODAFONE-PT Vodafone Portugal)
28	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
1	184.30.21.112 184.30.21.112	16625 (AKAMAI-AS) (AKAMAI-AS)
7 7	66.155.71.149 66.155.71.149	13768 (COGECO-PEER1) (COGECO-PEER1)
3 7	18.198.69.109 18.198.69.109	16509 (AMAZON-02) (AMAZON-02)
6 6	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
2	54.93.84.136 54.93.84.136	16509 (AMAZON-02) (AMAZON-02)
14 14	3.64.28.223 3.64.28.223	16509 (AMAZON-02) (AMAZON-02)
1 1	185.29.135.227 185.29.135.227	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	52.26.62.110 52.26.62.110	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
37	146.20.132.205 146.20.132.205	27357 (RACKSPACE) (RACKSPACE)
2	2a00:1450:400... 2a00:1450:4001:828::2006	15169 (GOOGLE) (GOOGLE)
75	146.20.132.134 146.20.132.134	27357 (RACKSPACE) (RACKSPACE)
26 99	146.20.132.67 146.20.132.67	27357 (RACKSPACE) (RACKSPACE)
8	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
8 8	8.2.110.134 8.2.110.134	46636 (NATCOWEB) (NATCOWEB)
8	52.30.95.9 52.30.95.9	16509 (AMAZON-02) (AMAZON-02)
8 8	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (TURN) (TURN)
10 10	54.175.198.118 54.175.198.118	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
5 5	34.107.184.81 34.107.184.81	15169 (GOOGLE) (GOOGLE)
9	193.0.160.129 193.0.160.129	54312 (ROCKETFUEL) (ROCKETFUEL)
7 7	2606:4700::68... 2606:4700::6812:c05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	52.19.106.86 52.19.106.86	16509 (AMAZON-02) (AMAZON-02)
8	52.45.128.104 52.45.128.104	14618 (AMAZON-AES) (AMAZON-AES)
9 9	213.19.147.45 213.19.147.45	3356 (LEVEL3) (LEVEL3)
12 12	13.248.242.197 13.248.242.197	16509 (AMAZON-02) (AMAZON-02)
1 1	146.0.227.107 146.0.227.107	20773 (GODADDY) (GODADDY)
34 36	2a05:d018:24:... 2a05:d018:24:b002:ebbe:4057:3491:6f67	16509 (AMAZON-02) (AMAZON-02)
8 8	51.178.20.140 51.178.20.140	16276 (OVH) (OVH)
3 3	3.222.79.98 3.222.79.98	14618 (AMAZON-AES) (AMAZON-AES)
5 5	2001:678:cb4:... 2001:678:cb4:bbbb::13	56396 (TURN) (TURN)
5 5	63.33.31.50 63.33.31.50	16509 (AMAZON-02) (AMAZON-02)
6 6	23.45.99.241 23.45.99.241	16625 (AKAMAI-AS) (AKAMAI-AS)
8 8	151.101.14.49 151.101.14.49	54113 (FASTLY) (FASTLY)
3 3	198.148.27.140 198.148.27.140	19189 (PULSEPOINT) (PULSEPOINT)
4 4	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
8	2620:116:800d... 2620:116:800d:21:5a23:9c4e:e774:96c1	16509 (AMAZON-02) (AMAZON-02)
2 2	52.208.103.128 52.208.103.128	16509 (AMAZON-02) (AMAZON-02)
1 7	47.252.78.131 47.252.78.131	45102 (CNNIC-ALI...) (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co.)
12	37.157.2.236 37.157.2.236	198622 (ADFORM) (ADFORM)
13	185.94.180.123 185.94.180.123	35220 (SPOTX-AMS) (SPOTX-AMS)
3	2600:1f18:612... 2600:1f18:612b:4200:dadf:a359:f0cd:5654	14618 (AMAZON-AES) (AMAZON-AES)
42 42	52.28.189.33 52.28.189.33	16509 (AMAZON-02) (AMAZON-02)
21 21	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
28 28	52.59.28.101 52.59.28.101	16509 (AMAZON-02) (AMAZON-02)
21	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
8	18.235.138.170 18.235.138.170	14618 (AMAZON-AES) (AMAZON-AES)
4	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
3 9	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
2 2	18.195.105.17 18.195.105.17	16509 (AMAZON-02) (AMAZON-02)
11 32	18.185.202.111 18.185.202.111	16509 (AMAZON-02) (AMAZON-02)
2 2	23.111.200.118 23.111.200.118	7979 (SERVERS-COM) (SERVERS-COM)
492	62

3 2a00:1450:4001:831::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.eotimedopovo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:809::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
resources.blogblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

netdna.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googledrive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
2.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
4.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.129.250.65 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-129-250-65.us-east-2.compute.amazonaws.com

ads.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh4.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:102::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

cdn.simpleads.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 199.232.137.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:5a5 (United States)

ASN13335 (CLOUDFLARENET, US)

v3.denakop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 176.9.125.108 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.108.125.9.176.clients.your-server.de

ad.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.123.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.123.201.35.bc.googleusercontent.com

d.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 143.204.202.38 (United States) 10 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-202-38.fra53.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c04::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.135.145 (United States)

ASN13335 (CLOUDFLARENET, US)

config.seedtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:a75 (United States)

ASN13335 (CLOUDFLARENET, US)

clevernt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.185.99 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 99.185.102.34.bc.googleusercontent.com

d.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.69.64.109 (Porto, Portugal)

ASN12353 (VODAFONE-PT Vodafone Portugal, PT)
PTR: host-109.clevernetwork.pt

ui.clevernt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)

ad.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.21.112 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-21-112.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 66.155.71.149 (Portsmouth, United Kingdom) 7 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 18.198.69.109 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.227.248.159 (Kansas City, United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.93.84.136 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-84-136.eu-central-1.compute.amazonaws.com

a.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 3.64.28.223 (Frankfurt am Main, Germany) 14 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-28-223.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.135.227 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.26.62.110 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-26-62-110.us-west-2.compute.amazonaws.com

rtb.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 146.20.132.205 (United States)

ASN27357 (RACKSPACE, US)

v.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

75 146.20.132.134 (United States)

ASN27357 (RACKSPACE, US)

t.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

99 146.20.132.67 (United States) 26 redirects

ASN27357 (RACKSPACE, US)

cs.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 8.2.110.134 (United States) 8 redirects

ASN46636 (NATCOWEB, US)

cs.krushmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.30.95.9 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-95-9.eu-west-1.compute.amazonaws.com

c.deployads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2001:678:cb4:bbbb::11 (United Kingdom) 8 redirects

ASN56396 (TURN, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 54.175.198.118 (Ashburn, United States) 10 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-198-118.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.107.184.81 (Kansas City, United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: 81.184.107.34.bc.googleusercontent.com

nxd.adhaven.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 193.0.160.129 (United States)

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6812:c05 (United States) 7 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 52.19.106.86 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.45.128.104 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

rtb.adentifi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 213.19.147.45 (United Kingdom) 9 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 13.248.242.197 (United States) 12 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.0.227.107 (Ascension Island) 1 redirects

ASN20773 (GODADDY, DE)

inv-nets.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2a05:d018:24:b002:ebbe:4057:3491:6f67 (Dublin, Ireland) 34 redirects

ASN16509 (AMAZON-02, US)

sync.tidaltv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 51.178.20.140 (France) 8 redirects

ASN16276 (OVH, FR)
PTR: ns31193670.ip-51-178-20.eu

gu.dyntrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.222.79.98 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)

media.sabio.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2001:678:cb4:bbbb::13 (United Kingdom) 5 redirects

ASN56396 (TURN, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 63.33.31.50 (Dublin, Ireland) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-31-50.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.45.99.241 (Frankfurt am Main, Germany) 6 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-99-241.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.14.49 (Frankfurt am Main, Germany) 8 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 198.148.27.140 (New York, United States) 3 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.98 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.208.103.128 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 47.252.78.131 (United States) 1 redirects

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN)

event.clientgear.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 37.157.2.236 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 185.94.180.123 (United States)

ASN35220 (SPOTX-AMS, US)

search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1f18:612b:4200:dadf:a359:f0cd:5654 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

4cywq-eqnre.ads.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 52.28.189.33 (Frankfurt am Main, Germany) 42 redirects

ASN16509 (AMAZON-02, US)

ads.adaptv.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1288:110:c305::8000 (United Kingdom) 21 redirects

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 52.59.28.101 (Frankfurt am Main, Germany) 28 redirects

ASN16509 (AMAZON-02, US)

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 18.235.138.170 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-235-138-170.compute-1.amazonaws.com

vast.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

vpaid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 34.98.64.218 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)

vidoomy-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.195.105.17 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

ads.creative-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 18.185.202.111 (Frankfurt am Main, Germany) 11 redirects

ASN16509 (AMAZON-02, US)

ads-eu.v.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.111.200.118 (Russian Federation) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
239	lkqd.net 26 redirects ad.lkqd.net v.lkqd.net t.lkqd.net cs.lkqd.net	951 KB
74	yahoo.com 32 redirects pr-bh.ybp.yahoo.com ups.analytics.yahoo.com ads-eu.v.ssp.yahoo.com	69 KB
70	advertising.com 70 redirects ads.adaptv.advertising.com pixel.advertising.com	45 KB
36	tidaltv.com 34 redirects sync.tidaltv.com	13 KB
21	blogspot.com 1.bp.blogspot.com 2.bp.blogspot.com 4.bp.blogspot.com	375 KB
18	youtube.com www.youtube.com	1 MB
14	bidswitch.net 14 redirects x.bidswitch.net	6 KB
14	doubleclick.net 4 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net static.doubleclick.net cm.g.doubleclick.net	137 KB
13	spotxchange.com search.spotxchange.com	16 KB
13	turn.com 13 redirects ad.turn.com d.turn.com	5 KB
12	adform.net adx.adform.net	8 KB
12	adsrvr.org 12 redirects match.adsrvr.org	5 KB
12	scorecardresearch.com 10 redirects sb.scorecardresearch.com	6 KB
10	stackadapt.com 10 redirects sync.srv.stackadapt.com	4 KB
9	openx.net 3 redirects vidoomy-d.openx.net	3 KB
9	bidr.io match.prod.bidr.io	4 KB
9	rfihub.com p.rfihub.com	5 KB
9	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	158 KB
8	emxdgt.com vast.emxdgt.com	3 KB
8	quantserve.com cms.quantserve.com	2 KB
8	everesttech.net 8 redirects sync-tm.everesttech.net	2 KB
8	dyntrk.com 8 redirects gu.dyntrk.com	5 KB
8	adentifi.com rtb.adentifi.com	704 B
8	deployads.com c.deployads.com	2 KB
8	krushmedia.com 8 redirects cs.krushmedia.com	4 KB
8	rlcdn.com idsync.rlcdn.com	360 B
7	clientgear.com 1 redirects event.clientgear.com	260 B
7	tribalfusion.com 7 redirects a.tribalfusion.com s.tribalfusion.com	4 KB
7	exelator.com 3 redirects loadm.exelator.com	3 KB
7	sitescout.com 7 redirects pixel-sync.sitescout.com	5 KB
7	googleapis.com fonts.googleapis.com ajax.googleapis.com	124 KB
6	bluekai.com 6 redirects tags.bluekai.com	4 KB
6	1rx.io 6 redirects sync.1rx.io	3 KB
6	tapad.com 6 redirects pixel.tapad.com	2 KB
6	gstatic.com fonts.gstatic.com www.gstatic.com	79 KB
6	google.com apis.google.com www.google.com adservice.google.com	27 KB
5	demdex.net 5 redirects dpm.demdex.net	3 KB
5	adhaven.com 5 redirects nxd.adhaven.com	944 B
5	blogger.com www.blogger.com	216 KB
4	pubmatic.com vpaid.pubmatic.com	3 KB
4	google-analytics.com www.google-analytics.com	19 KB
4	vidoomy.com 1 redirects ads.vidoomy.com a.vidoomy.com rtb.vidoomy.com	6 KB
3	tremorhub.com 4cywq-eqnre.ads.tremorhub.com	1 KB
3	contextweb.com 3 redirects bh.contextweb.com	2 KB
3	sabio.us 3 redirects media.sabio.us	706 B
3	unrulymedia.com 3 redirects sync.targeting.unrulymedia.com	1 KB
3	google.de www.google.de adservice.google.de	969 B
3	facebook.net connect.facebook.net	68 KB
3	denakop.com v3.denakop.com	74 KB
3	taboola.com cdn.taboola.com	141 KB
3	eotimedopovo.com.br www.eotimedopovo.com.br	65 KB
2	betweendigital.com 2 redirects ads.betweendigital.com	1011 B
2	creative-serving.com 2 redirects ads.creative-serving.com	1 KB
2	crwdcntrl.net 2 redirects bcp.crwdcntrl.net	1 KB
2	clevernt.com clevernt.com ui.clevernt.com	49 KB
2	tailtarget.com d.tailtarget.com d.t.tailtarget.com	6 KB
2	a-ads.com ad.a-ads.com	5 KB
1	admixer.net 1 redirects inv-nets.admixer.net	554 B
1	googletagservices.com www.googletagservices.com	28 KB
1	googleadservices.com partner.googleadservices.com	444 B
1	mathtag.com 1 redirects sync.mathtag.com	686 B
1	stickyadstv.com ads.stickyadstv.com	599 B
1	seedtag.com config.seedtag.com	12 KB
1	facebook.com www.facebook.com
1	simpleads.com.br cdn.simpleads.com.br	3 KB
1	googleusercontent.com lh4.googleusercontent.com
1	blogblog.com resources.blogblog.com	612 B
1	googledrive.com googledrive.com
1	bootstrapcdn.com netdna.bootstrapcdn.com	5 KB
0	po.st Failed s.po.st Failed
492	70

	Domain	Requested by
99	cs.lkqd.net	26 redirects ad.lkqd.net www.eotimedopovo.com.br
75	t.lkqd.net	ad.lkqd.net
42	ads.adaptv.advertising.com	42 redirects
37	v.lkqd.net	ad.lkqd.net
36	sync.tidaltv.com	34 redirects
32	ads-eu.v.ssp.yahoo.com	11 redirects
28	pixel.advertising.com	28 redirects
28	ad.lkqd.net	www.eotimedopovo.com.br ad.lkqd.net
21	ups.analytics.yahoo.com
21	pr-bh.ybp.yahoo.com	21 redirects
19	1.bp.blogspot.com	www.eotimedopovo.com.br
18	www.youtube.com	www.eotimedopovo.com.br www.youtube.com
14	x.bidswitch.net	14 redirects
13	search.spotxchange.com	ad.lkqd.net
12	adx.adform.net	ad.lkqd.net
12	match.adsrvr.org	12 redirects
12	sb.scorecardresearch.com	10 redirects cdn.taboola.com www.eotimedopovo.com.br
10	sync.srv.stackadapt.com	10 redirects
9	vidoomy-d.openx.net	3 redirects ad.lkqd.net
9	match.prod.bidr.io	ad.lkqd.net www.eotimedopovo.com.br
9	p.rfihub.com	ad.lkqd.net www.eotimedopovo.com.br
8	vast.emxdgt.com	ad.lkqd.net
8	cms.quantserve.com	www.eotimedopovo.com.br ad.lkqd.net
8	sync-tm.everesttech.net	8 redirects
8	gu.dyntrk.com	8 redirects
8	rtb.adentifi.com	www.eotimedopovo.com.br ad.lkqd.net
8	ad.turn.com	8 redirects
8	c.deployads.com	ad.lkqd.net
8	cs.krushmedia.com	8 redirects
8	idsync.rlcdn.com	ad.lkqd.net
7	event.clientgear.com	1 redirects www.eotimedopovo.com.br
7	loadm.exelator.com	3 redirects
7	pixel-sync.sitescout.com	7 redirects
7	pagead2.googlesyndication.com	www.eotimedopovo.com.br pagead2.googlesyndication.com tpc.googlesyndication.com
6	tags.bluekai.com	6 redirects
6	sync.1rx.io	6 redirects
6	pixel.tapad.com	6 redirects
5	dpm.demdex.net	5 redirects
5	d.turn.com	5 redirects
5	a.tribalfusion.com	5 redirects
5	nxd.adhaven.com	5 redirects
5	ajax.googleapis.com	www.eotimedopovo.com.br
5	www.blogger.com	www.eotimedopovo.com.br
4	vpaid.pubmatic.com	ad.lkqd.net
4	cm.g.doubleclick.net	4 redirects www.eotimedopovo.com.br
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.youtube.com
4	www.google.com	www.eotimedopovo.com.br www.youtube.com
4	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
4	www.google-analytics.com	www.eotimedopovo.com.br www.google-analytics.com
3	4cywq-eqnre.ads.tremorhub.com	ad.lkqd.net
3	bh.contextweb.com	3 redirects
3	media.sabio.us	3 redirects
3	sync.targeting.unrulymedia.com	3 redirects
3	connect.facebook.net	www.eotimedopovo.com.br connect.facebook.net
3	v3.denakop.com	www.eotimedopovo.com.br v3.denakop.com
3	cdn.taboola.com	www.eotimedopovo.com.br cdn.taboola.com
3	www.eotimedopovo.com.br	www.eotimedopovo.com.br
2	ads.betweendigital.com	2 redirects
2	ads.creative-serving.com	2 redirects
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	bcp.crwdcntrl.net	2 redirects
2	s.tribalfusion.com	2 redirects
2	www.gstatic.com	www.youtube.com
2	static.doubleclick.net	www.youtube.com
2	a.vidoomy.com	www.eotimedopovo.com.br
2	www.google.de	www.eotimedopovo.com.br
2	stats.g.doubleclick.net	www.google-analytics.com
2	securepubads.g.doubleclick.net	v3.denakop.com securepubads.g.doubleclick.net
2	ad.a-ads.com	www.eotimedopovo.com.br
2	fonts.googleapis.com	www.eotimedopovo.com.br ajax.googleapis.com
1	inv-nets.admixer.net	1 redirects
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	rtb.vidoomy.com	1 redirects
1	sync.mathtag.com	1 redirects
1	ads.stickyadstv.com	www.eotimedopovo.com.br
1	ui.clevernt.com	www.eotimedopovo.com.br
1	d.t.tailtarget.com	d.tailtarget.com
1	clevernt.com	www.eotimedopovo.com.br
1	config.seedtag.com	www.eotimedopovo.com.br
1	www.facebook.com	connect.facebook.net
1	d.tailtarget.com	v3.denakop.com
1	cdn.simpleads.com.br	www.eotimedopovo.com.br
1	lh4.googleusercontent.com	www.eotimedopovo.com.br
1	apis.google.com	www.eotimedopovo.com.br
1	4.bp.blogspot.com	www.eotimedopovo.com.br
1	2.bp.blogspot.com	www.eotimedopovo.com.br
1	ads.vidoomy.com	www.eotimedopovo.com.br
1	resources.blogblog.com	www.eotimedopovo.com.br
1	googledrive.com	www.eotimedopovo.com.br
1	netdna.bootstrapcdn.com	www.eotimedopovo.com.br
0	s.po.st Failed	www.eotimedopovo.com.br
492	94

This site contains links to these domains. Also see Links.

Domain
refpa.top
www.youtube.com
www.instagram.com
www.facebook.com
twitter.com
www.blogger.com

Subject Issuer	Validity	Valid
www.eotimedopovo.com.br GTS CA 1D4	`2021-05-18` - `2021-08-16`	3 months	crt.sh
*.blogger.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-01` - `2022-02-28`	a year	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
misc-sni.blogspot.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.vidoomy.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-13` - `2021-08-13`	a year	crt.sh
*.apis.google.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
cdn.simpleads.com.br Sectigo RSA Domain Validation Secure Server CA	`2020-04-27` - `2022-07-26`	2 years	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
denakop.com Cloudflare Inc ECC CA-3	`2021-01-14` - `2022-01-13`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-04-06` - `2021-07-03`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.a-ads.com Sectigo ECC Domain Validation Secure Server CA	`2020-12-02` - `2022-01-02`	a year	crt.sh
*.tailtarget.com Sectigo RSA Domain Validation Secure Server CA	`2020-05-30` - `2021-05-30`	a year	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.clevernt.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-23` - `2022-02-23`	a year	crt.sh
ad.lkqd.net R3	`2021-03-27` - `2021-06-25`	3 months	crt.sh
ads.stickyadstv.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-11-17`	a year	crt.sh
*.lkqd.net Go Daddy Secure Certificate Authority - G2	`2019-05-13` - `2021-07-12`	2 years	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.deployads.com Sectigo RSA Domain Validation Secure Server CA	`2019-07-04` - `2021-07-03`	2 years	crt.sh
*.rfihub.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-18` - `2022-06-18`	2 years	crt.sh
*.match.prod.bidr.io Amazon	`2021-02-26` - `2022-03-27`	a year	crt.sh
adentifi.com Amazon	`2020-10-02` - `2021-11-02`	a year	crt.sh
*.tidaltv.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-04` - `2022-06-04`	2 years	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.clientgear.com Go Daddy Secure Certificate Authority - G2	`2020-12-24` - `2022-01-25`	a year	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
*.spotxchange.com GeoTrust RSA CA 2018	`2021-03-10` - `2022-03-29`	a year	crt.sh
*.tremorhub.com Amazon	`2020-07-25` - `2021-08-25`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-22` - `2021-09-15`	6 months	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2020-05-18` - `2021-07-17`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.exelator.com Go Daddy Secure Certificate Authority - G2	`2019-05-17` - `2021-06-25`	2 years	crt.sh
*.v.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-12-26` - `2021-06-22`	6 months	crt.sh

This page contains 52 frames:

Primary Page: https://www.eotimedopovo.com.br/login.php
Frame ID: A264C329A26EB80A1D4F7193D2FF5204
Requests: 178 HTTP requests in this frame

Frame: https://ad.a-ads.com/1347217?size=728x90
Frame ID: 28C208039CFFA64872661BD215E7209A
Requests: 1 HTTP requests in this frame

Frame: https://d.tailtarget.com/profiles.js
Frame ID: 85B269535D1E2C2B18412FE5CED994E9
Requests: 2 HTTP requests in this frame

Frame: https://ad.a-ads.com/831975?size=300x250
Frame ID: 22C1C7DD6FFCF1FBE3B2C966FDD0C23C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210517/r20190131/zrt_lookup.html
Frame ID: 47FFDB17AA4BE308D70CD57E0A43B9CF
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/HiZ8OQj6u20?autoplay=0&origin=http://example.com
Frame ID: 931E1613ED09FF46477BEAF005BF0C1F
Requests: 14 HTTP requests in this frame

Frame: https://www.youtube.com/embed/PqJe0OuJSMI?autoplay=0&origin=http://example.com
Frame ID: C7A92754C522F73CDFBC2E2FFBD771ED
Requests: 14 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: 5292B53DFC8F6549581609F524347F6D
Requests: 13 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: 10C19D5B8CA3B090DDC452ED3383505B
Requests: 2 HTTP requests in this frame

Frame: https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=017cec76-58f2-47c3-a24c-2b627210aaa1-60a64c53-4348
Frame ID: F04568CBDEFE0A6605033F1BB6C4DD5D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-6682610916885114&output=html&adk=1812271804&adf=3025194257&lmt=1621511251&plat=1%3A16809992%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621511250757&bpp=2&bdt=441&idt=289&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8444465050750&frm=20&pv=2&ga_vid=1000485672.1621511251&ga_sid=1621511251&ga_hid=935990782&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=587487176775854&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=320
Frame ID: 1AE1C980198BD7F3C65296323B6F7CFF
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 16C14A204E94A40948B28868339EF49A
Requests: 6 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: EE23C6F9885AC992E376EFC56F4C9844
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 1473949B1480AA3622BA343D9628E0BD
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 93B4F2195E0D0CDF5CC31A3433905D25
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: AC7825204DC85C264ED44DAD72662C96
Requests: 20 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: B3B74E5D26377A91092711E56AE8FAAE
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 2A982500ADDD2F1861D2A33D14FCEF13
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 3866B567865BFE397B777CD4EEC2BA3C
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: CAFFE3718EDE953AC5817A34B5611E46
Requests: 20 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 24D6815F97CD0E9DCDD1EF3E0FA7EB98
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: A516B3A9EC42C9F18CD242D41F775D35
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 7CF83141DEB0651FCC46E0F4FF88704D
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 38DDB6AA84051889DF688B852BD1CB82
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 9586C185D6BD00DE8ED067E28E68C964
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 344F6A43B4B740B63306756D679384B8
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: E433D9A60995409CE09C1D17E0E053E6
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: C07CA0968D4285545E4D01C23AF40928
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 06D83E66065C4D22BE87C8BC968FD395
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: BC26DB4F7126613066150A540DDDBE8E
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 5E1D6DD1513943E80F2EDDAF8EA4AB01
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 8E4B475CF419D80ADD3F072D677C543C
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 395C9C2B5078C345F708C1C95072CEBC
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: BEE600429FE1C9D1621F40C53226C5C1
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 05C677A4BDBAAFE3A1F08A4C2FF07FCD
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 281331057FBF4B32C3CEFDB772DB795C
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: D3E8DF763506BC70A3BF55F3015486E2
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: B01812D7BC5584B7E1B1D0A5DC40BF3C
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: AEC1372549F4F42B01D559474BD76004
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 13C819A6132F611EBA8276470D4D304C
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: D51DC4BE5BBB7395A5B007020DDB7CF2
Requests: 25 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: A0BBCEB06B12ADFD646238F026ED3128
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: B3265C48A6A7F50C78747A389C7F7E9F
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: F11321BD4B945FBBB984C756FD2B4DC9
Requests: 9 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: AF6B9173388D17D9143C5E6F044F68BF
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 52909E04D775586E51E8F458E1C203B2
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: E033C913D1CA69A7E95F94310F712F69
Requests: 25 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: B9160E825999283AF9ED9F4494A846AE
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 1AA236445E00A79C0296A4AF4DFF7776
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 19C7B0945DD8D59C2E82627AFB660D13
Requests: 10 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 141BFA008761A076FE69B338B7A648AD
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 71D400685A9D0A866A5379AA00DDF8FF
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Java (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /GSE/i

OpenGSE (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /GSE/i

Page Statistics

492
Requests

99 %
HTTPS

41 %
IPv6

70
Domains

94
Subdomains

62
IPs

11
Countries

3955 kB
Transfer

12349 kB
Size

36
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: http://refpa.top/L?tag=d_398451m_97c__[]general[]_d46490_l42734_catfish&site=398451&ad=97

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCCyDoDd8F6SpEVYkxgTfODw
Title: 𝗬𝗢𝗨𝗧𝗨𝗕𝗘 ▶️

Search URL Search Domain Scan URL

URL: https://www.instagram.com/timedopovooficial/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/TimeDoPovoOficial/

Search URL Search Domain Scan URL

URL: https://twitter.com/eotimedopovo_/

Search URL Search Domain Scan URL

URL: https://www.blogger.com/go/blogspot-cookies
Title: Weitere Informationen

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 70

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1621511250861&ns_c=UTF-8&cv=3.5&c8=P%C3%A1gina%20n%C3%A3o%20encontrada%20%C3%89%20o%20Time%20do%20Povo%20-%20Not%C3%ADcias%20do%20Corinthians&c7=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1621511250861&ns_c=UTF-8&cv=3.5&c8=P%C3%A1gina%20n%C3%A3o%20encontrada%20%C3%89%20o%20Time%20do%20Povo%20-%20Not%C3%ADcias%20do%20Corinthians&c7=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&c9=

Request Chain 79

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D HTTP 302
https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=017cec76-58f2-47c3-a24c-2b627210aaa1-60a64c53-4348&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D017cec76-58f2-47c3-a24c-2b627210aaa1-60a64c53-4348%26partner_url%3Dhttps%253A%252F%252Fa.vidoomy.com%252Fapi%252Frtbserver%252Fcookie%253Fi%253DCEN%2526uid%253D017cec76-58f2-47c3-a24c-2b627210aaa1-60a64c53-4348 HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=017cec76-58f2-47c3-a24c-2b627210aaa1-60a64c53-4348&partner_url=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D017cec76-58f2-47c3-a24c-2b627210aaa1-60a64c53-4348 HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=017cec76-58f2-47c3-a24c-2b627210aaa1-60a64c53-4348&partner_url=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D017cec76-58f2-47c3-a24c-2b627210aaa1-60a64c53-4348 HTTP 302
https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=017cec76-58f2-47c3-a24c-2b627210aaa1-60a64c53-4348

Request Chain 80

https://x.bidswitch.net/sync?ssp=vidoomy&user_id=24426744.017631784174898596.74708521 HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=24426744.017631784174898596.74708521 HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dvidoomy%26bsw_param%3Dc75114ef-7e43-4254-a1fd-f3076364f650&gdpr=&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=80&user_id=b06d60a6-4c53-4100-b320-a4e0416ef324&expires=30&ssp=vidoomy&bsw_param=c75114ef-7e43-4254-a1fd-f3076364f650&gdpr=&gdpr_consent= HTTP 302
https://rtb.vidoomy.com/cookie/?exchange_cookie=c75114ef-7e43-4254-a1fd-f3076364f650&exchange_name=BSW HTTP 302
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=c75114ef-7e43-4254-a1fd-f3076364f650

Request Chain 122

https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if HTTP 302
https://idsync.rlcdn.com/464986.gif?partner_uid=vmtdWv1uu2U

Request Chain 123

https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if HTTP 302
https://cs.krushmedia.com/cd607442bfdf172cfcec45014a5f4ece.gif?puid=vmtdWv1uu2U&redir=https://cs.lkqd.net/cs?partnerId%3D102%26partnerUserId%3D%5BUID%5D HTTP 302
https://cs.lkqd.net/cs?partnerId=102&partnerUserId=302f0ca6-1b01-4196-bf8c-80753633913a

Request Chain 124

https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if HTTP 302
https://c.deployads.com/cs/NXST?b=vmtdWv1uu2U

Request Chain 125

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2457259372858366305

Request Chain 126

https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=0N6m9HVaS19_qSZpuPpXviV4iZQ

Request Chain 127

https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if HTTP 302
https://idsync.rlcdn.com/464986.gif?partner_uid=vmtdWv1uu2U

Request Chain 128

https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if HTTP 302
https://cs.krushmedia.com/cd607442bfdf172cfcec45014a5f4ece.gif?puid=vmtdWv1uu2U&redir=https://cs.lkqd.net/cs?partnerId%3D102%26partnerUserId%3D%5BUID%5D HTTP 302
https://cs.lkqd.net/cs?partnerId=102&partnerUserId=53527e69-d119-4164-8cbc-0aee8d6f033d

Request Chain 129

https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if HTTP 302
https://c.deployads.com/cs/NXST?b=vmtdWv1uu2U

Request Chain 130

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2529316966896294241

Request Chain 131

https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=IG1K94RoRx5Wj-Q7wXbeUiV4iZQ

Request Chain 142

https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=Z1MikquaSANsQQbyoLH5PSV4iZQ

Request Chain 143

https://nxd.adhaven.com/bid-engine/cs/2e288610711ad6050acd86a3fc72a6c3/v1?rd=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D90%26partnerUserId%3D%24UID HTTP 302
https://cs.lkqd.net/cs?partnerId=90&partnerUserId=4c_59c74759-fe0d-4e07-af06-da959dcfd51e

Request Chain 145

https://cs.lkqd.net/cs?partnerId=85&redirect=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db30%26u%3D%24%24rawlkqduserid%24%24%26redirect%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D85%2526partnerUserId%253D%2524TF_USER_ID_ENC%2524&r=if HTTP 302
https://a.tribalfusion.com/i.match?p=b30&u=vmtdWv1uu2U&redirect=https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D$TF_USER_ID_ENC$ HTTP 302
https://s.tribalfusion.com/z/i.match?p=b30&u=vmtdWv1uu2U&redirect=https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D$TF_USER_ID_ENC$ HTTP 302
https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D18072662185289981349

Request Chain 149

https://nxd.adhaven.com/bid-engine/cs/2e288610711ad6050acd86a3fc72a6c3/v1?rd=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D90%26partnerUserId%3D%24UID HTTP 302
https://cs.lkqd.net/cs?partnerId=90&partnerUserId=4c_59c74759-fe0d-4e07-af06-da959dcfd51e

Request Chain 150

https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=Z1MikquaSANsQQbyoLH5PSV4iZQ

Request Chain 152

https://sync.1rx.io/usersync2/lkqd HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1934575865 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1934575865 HTTP 302
https://sync.1rx.io/usersync/tradedesk/3ab2aa33-9814-40e5-b53c-797e1a747377 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-261af8de-00e1-4558-9b65-88de8b3d81fb-003?redir=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D7%26partnerUserId%3DRX-261af8de-00e1-4558-9b65-88de8b3d81fb-003 HTTP 302
https://cs.lkqd.net/cs?partnerId=7&partnerUserId=RX-261af8de-00e1-4558-9b65-88de8b3d81fb-003

Request Chain 153

https://x.bidswitch.net/sync?ssp=lkqd HTTP 302
https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dlkqd%26bsw_param%3Dc75114ef-7e43-4254-a1fd-f3076364f650%26gdpr%3D%26consent%3D%26gdpr_pd%3D HTTP 302
https://x.bidswitch.net/sync?dsp_id=354&user_id=5b38242278254faa9c7e3159d84be2de&ssp=lkqd&bsw_param=c75114ef-7e43-4254-a1fd-f3076364f650&gdpr=&consent=&gdpr_pd= HTTP 302
https://cs.lkqd.net/cs?partnerId=12&partnerUserId=c75114ef-7e43-4254-a1fd-f3076364f650&redirect=%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D43%26partnerUserId%3Dc75114ef-7e43-4254-a1fd-f3076364f650%26redirect%3D%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D46%2526partnerUserId%253Dc75114ef-7e43-4254-a1fd-f3076364f650 HTTP 302
https://cs.lkqd.net/cs?partnerId=43&partnerUserId=c75114ef-7e43-4254-a1fd-f3076364f650&redirect=//cs.lkqd.net/cs?partnerId%3D46%26partnerUserId%3Dc75114ef-7e43-4254-a1fd-f3076364f650 HTTP 302
https://cs.lkqd.net/cs?partnerId=46&partnerUserId=c75114ef-7e43-4254-a1fd-f3076364f650

Request Chain 154

https://match.adsrvr.org/track/cmf/generic?ttd_pid=e0d6q5j&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=e0d6q5j&ttd_tpi=1 HTTP 302
https://cs.lkqd.net/cs?partnerId=22&partnerUserId=3f010ecf-3155-4e6d-ad05-5b2a04bc82ea

Request Chain 155

https://sync.tidaltv.com/genericusersync.ashx?dpid=3162 HTTP 302
https://sync.tidaltv.com/genericusersync.ashx?dpid=3162&s_h=1 HTTP 302
https://cs.lkqd.net/cs?partnerId=23&partnerUserId=fa43162d-07e3-4d11-9490-f48f7b5ad0f0&gdpr=1&gdpr_consent=

Request Chain 156

https://gu.dyntrk.com/adx/lkqd/us.php?dynk=l1k4q1d4&gdpr=&gdpr_consent= HTTP 302
https://gu.dyntrk.com/adx/lkqd/us.php?dynk=l1k4q1d4&gdpr=&gdpr_consent=&prevuid=03030001_60a64c564ea94&knw=0 HTTP 302
https://cs.lkqd.net/cs?partnerId=25&partnerUserId=03030001_60a64c564ea94

Request Chain 157

https://media.sabio.us/imp_pixel?invsrc=11&secure=1 HTTP 302
https://cs.lkqd.net/cs?partnerId=39&partnerUserId=2556487421951403526

Request Chain 158

https://sync.tidaltv.com/genericusersync.ashx?dpid=lkqd HTTP 302
https://sync.tidaltv.com/genericusersync.ashx?dpid=lkqd&s_h=1 HTTP 302
https://sb.scorecardresearch.com/p?c1=9&c2=5989497&cs_xi=fa43162d-07e3-4d11-9490-f48f7b5ad0f0&rn=TIMESTAMP&cs_xs=3315&r=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1266&gdpr=1&gdpr_consent= HTTP 302
https://sync.tidaltv.com/genericusersync.ashx?dpid=1266 HTTP 302
https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzMxODMxNDE0/mpuid/fa43162d-07e3-4d11-9490-f48f7b5ad0f0/rnd/0/url/https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1261%2F&gdpr=1&gdpr_consent= HTTP 302
https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1261%2F&gdpr=1&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=445&dpuuid=fa43162d-07e3-4d11-9490-f48f7b5ad0f0?redir=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1262&gdpr=1&gdpr_consent= HTTP 302
https://sync.tidaltv.com/genericusersync.ashx?dpid=1262 HTTP 302
https://tags.bluekai.com/site/5379?id=fa43162d-07e3-4d11-9490-f48f7b5ad0f0&redir=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1263&gdpr=1&gdpr_consent= HTTP 302
https://sync.tidaltv.com/genericusersync.ashx?dpid=1263

Request Chain 159

https://sync-tm.everesttech.net/upi/pid/aUTuBPNf?redir=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D52%26partnerUserId%3D%24%7BUSER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/aUTuBPNf?redir=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D52%26partnerUserId%3D%24%7BUSER_ID%7D&_test=YKZMVgAA9qNdTABg HTTP 302
https://cs.lkqd.net/cs?partnerId=52&partnerUserId=YKZMVgAA9qNdTABg&_test=YKZMVgAA9qNdTABg

Request Chain 160

https://bh.contextweb.com/bh/rtset?pid=561322&ev=1&rurl=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D53%26partnerUserId%3D%25%25VGUID%25%25 HTTP 302
https://cs.lkqd.net/cs?partnerId=53&partnerUserId=us9CBzzLQIEp&ev=1&pid=561322

Request Chain 161

https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm&google_hm=dm10ZFd2MXV1MlU HTTP 302
https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEIh8jtyiYSZaUoCM3oS8lv4&google_cver=1

Request Chain 165

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=118 HTTP 302
https://tags.bluekai.com/site/17724?id=017cec76-58f2-47c3-a24c-2b627210aaa1-60a64c53-4348&redir=https%3A%2F%2Fbcp.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D017cec76-58f2-47c3-a24c-2b627210aaa1-60a64c53-4348%3Fhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D97%2526partnerUserId%253D017cec76-58f2-47c3-a24c-2b627210aaa1-60a64c53-4348 HTTP 302
https://bcp.crwdcntrl.net/map/c=1389/tp=STSC/tpid=017cec76-58f2-47c3-a24c-2b627210aaa1-60a64c53-4348?https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D97%26partnerUserId%3D017cec76-58f2-47c3-a24c-2b627210aaa1-60a64c53-4348 HTTP 302
https://bcp.crwdcntrl.net/map/ct=y/c=1389/tp=STSC/tpid=017cec76-58f2-47c3-a24c-2b627210aaa1-60a64c53-4348?https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D97%26partnerUserId%3D017cec76-58f2-47c3-a24c-2b627210aaa1-60a64c53-4348 HTTP 302
https://cs.lkqd.net/cs?partnerId=97&partnerUserId=017cec76-58f2-47c3-a24c-2b627210aaa1-60a64c53-4348

Request Chain 170

https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&cb=180507457&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C2885701172523724841149866228,, HTTP 302
https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&cb=180507457&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C2885701172523724841149866228,, HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc

Request Chain 171

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1752052724&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&eov=eov&hp=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/adtech/VA29e10a51-b961-11eb-8389-068ca93f1b73?gdpr=1&gdpr_consent=&nsync=1 HTTP 302
https://pixel.advertising.com/ups/56465/sync?uid=y-ABbK.JdE2p6NLzNbZwdId0hexN_WQe0ZL2st~A&_origin=0&nsync=1 HTTP 302
https://pixel.advertising.com/ups/56465/sync?uid=y-ABbK.JdE2p6NLzNbZwdId0hexN_WQe0ZL2st~A&_origin=0&nsync=1&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-ABbK.JdE2p6NLzNbZwdId0hexN_WQe0ZL2st~A&_origin=0&nsync=1&apid=UP2ae59ffe-b961-11eb-af25-02855fc39000

Request Chain 172

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=575593981&gdpr=&gdpr_consent=&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/adtech/VA2a7d09c7-b961-11eb-8066-020694bd10ca?gdpr=1&gdpr_consent=&nsync=1 HTTP 302
https://pixel.advertising.com/ups/56465/sync?uid=y-ABbK.JdE2p6NLzNbZwdId0hexN_WQe0ZL2st~A&_origin=0&nsync=1 HTTP 302
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-ABbK.JdE2p6NLzNbZwdId0hexN_WQe0ZL2st~A&_origin=0&nsync=1&apid=UP2ae59ffe-b961-11eb-af25-02855fc39000

Request Chain 173

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=1710716513&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/adtech/VA2a742926-b961-11eb-93c1-06f94beed07d?gdpr=1&gdpr_consent=&nsync=1 HTTP 302
https://pixel.advertising.com/ups/56465/sync?uid=y-ozY42D1E2p4L8jmA.DkP3Ndj_bq8VpYMNsVR~A&_origin=0&nsync=1 HTTP 302
https://pixel.advertising.com/ups/56465/sync?uid=y-ozY42D1E2p4L8jmA.DkP3Ndj_bq8VpYMNsVR~A&_origin=0&nsync=1&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-ozY42D1E2p4L8jmA.DkP3Ndj_bq8VpYMNsVR~A&_origin=0&nsync=1&apid=UP2ad65e20-b961-11eb-b61e-027945aaa9d4

Request Chain 174

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1894497021&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/adtech/VA29ec5fac-b961-11eb-b442-02b90c27b1e5?gdpr=1&gdpr_consent=&nsync=1 HTTP 302
https://pixel.advertising.com/ups/56465/sync?uid=y-ABbK.JdE2p6NLzNbZwdId0hexN_WQe0ZL2st~A&_origin=0&nsync=1 HTTP 302
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-ABbK.JdE2p6NLzNbZwdId0hexN_WQe0ZL2st~A&_origin=0&nsync=1&apid=UP2ae59ffe-b961-11eb-af25-02855fc39000

Request Chain 175

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=503949549&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/adtech/VA2a7cef43-b961-11eb-838a-068ca93f1b73?gdpr=1&gdpr_consent=&nsync=1 HTTP 302
https://pixel.advertising.com/ups/56465/sync?uid=y-D3X44iZE2p5MRZrmH8_lYXLMqimBAvK7P9sO~A&_origin=0&nsync=1 HTTP 302
https://pixel.advertising.com/ups/56465/sync?uid=y-D3X44iZE2p5MRZrmH8_lYXLMqimBAvK7P9sO~A&_origin=0&nsync=1&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-D3X44iZE2p5MRZrmH8_lYXLMqimBAvK7P9sO~A&_origin=0&nsync=1&apid=UP2ad65e20-b961-11eb-b61e-027945aaa9d4

Request Chain 179

https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&cb=180507457&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C2885701172523724841149866228,, HTTP 302
https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&cb=180507457&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C2885701172523724841149866228,,

Request Chain 193

https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if HTTP 302
https://cs.krushmedia.com/cd607442bfdf172cfcec45014a5f4ece.gif?puid=KX9DgKThe44&redir=https://cs.lkqd.net/cs?partnerId%3D102%26partnerUserId%3D%5BUID%5D HTTP 302
https://cs.lkqd.net/cs?partnerId=102&partnerUserId=84799288-0a85-48e9-9860-8d426cd39b72

Request Chain 194

https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=jYFajdLdRKZKulquD7JoSSV4iZQ

Request Chain 195

https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if HTTP 302
https://idsync.rlcdn.com/464986.gif?partner_uid=KX9DgKThe44

Request Chain 196

https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if HTTP 302
https://c.deployads.com/cs/NXST?b=KX9DgKThe44

Request Chain 197

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2674282077460420961

Request Chain 200

https://x.bidswitch.net/sync?ssp=lkqd HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=lkqd HTTP 302
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=lkqd&bsw_custom_parameter=f98e543a-ae98-4dc8-a7d6-e0042bc122b7 HTTP 302
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=lkqd&bsw_custom_parameter=f98e543a-ae98-4dc8-a7d6-e0042bc122b7 HTTP 302
https://x.bidswitch.net/sync?dsp_id=4&user_id=2ffae8c6-d169-4aed-8141-fac92dcefd34&ssp=lkqd&expires=30&user_group=5&bsw_param=f98e543a-ae98-4dc8-a7d6-e0042bc122b7 HTTP 302
https://cs.lkqd.net/cs?partnerId=12&partnerUserId=f98e543a-ae98-4dc8-a7d6-e0042bc122b7&redirect=%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D43%26partnerUserId%3Df98e543a-ae98-4dc8-a7d6-e0042bc122b7%26redirect%3D%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D46%2526partnerUserId%253Df98e543a-ae98-4dc8-a7d6-e0042bc122b7 HTTP 302
https://cs.lkqd.net/cs?partnerId=43&partnerUserId=f98e543a-ae98-4dc8-a7d6-e0042bc122b7&redirect=//cs.lkqd.net/cs?partnerId%3D46%26partnerUserId%3Df98e543a-ae98-4dc8-a7d6-e0042bc122b7 HTTP 302
https://cs.lkqd.net/cs?partnerId=46&partnerUserId=f98e543a-ae98-4dc8-a7d6-e0042bc122b7

Request Chain 201

https://match.adsrvr.org/track/cmf/generic?ttd_pid=e0d6q5j&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=e0d6q5j&ttd_tpi=1 HTTP 302
https://cs.lkqd.net/cs?partnerId=22&partnerUserId=4203a61f-17c1-4123-90ed-fad94a8f46c0

Request Chain 202

https://sync.tidaltv.com/genericusersync.ashx?dpid=3162 HTTP 302
https://cs.lkqd.net/cs?partnerId=23&partnerUserId=90ac8d94-bbc4-4327-8b2c-5fa404848d27&gdpr=1&gdpr_consent=

Request Chain 203

https://gu.dyntrk.com/adx/lkqd/us.php?dynk=l1k4q1d4&gdpr=&gdpr_consent= HTTP 302
https://gu.dyntrk.com/adx/lkqd/us.php?dynk=l1k4q1d4&gdpr=&gdpr_consent=&prevuid=03030002_60a64c5896aa5&knw=0 HTTP 302
https://cs.lkqd.net/cs?partnerId=25&partnerUserId=03030002_60a64c5896aa5

Request Chain 204

https://sync.tidaltv.com/genericusersync.ashx?dpid=lkqd HTTP 302
https://sb.scorecardresearch.com/p?c1=9&c2=5989497&cs_xi=90ac8d94-bbc4-4327-8b2c-5fa404848d27&rn=TIMESTAMP&cs_xs=3315&r=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1266&gdpr=1&gdpr_consent= HTTP 302
https://sb.scorecardresearch.com/p2?c1=9&c2=5989497&cs_xi=90ac8d94-bbc4-4327-8b2c-5fa404848d27&rn=TIMESTAMP&cs_xs=3315&r=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1266&gdpr=1&gdpr_consent= HTTP 302
https://sync.tidaltv.com/genericusersync.ashx?dpid=1266 HTTP 302
https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzMxODMxNDE0/mpuid/90ac8d94-bbc4-4327-8b2c-5fa404848d27/rnd/0/url/https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1261%2F&gdpr=1&gdpr_consent= HTTP 302
https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1261%2F&gdpr=1&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=445&dpuuid=90ac8d94-bbc4-4327-8b2c-5fa404848d27?redir=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1262&gdpr=1&gdpr_consent= HTTP 302
https://sync.tidaltv.com/genericusersync.ashx?dpid=1262 HTTP 302
https://tags.bluekai.com/site/5379?id=90ac8d94-bbc4-4327-8b2c-5fa404848d27&redir=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1263&gdpr=1&gdpr_consent= HTTP 302
https://sync.tidaltv.com/genericusersync.ashx?dpid=1263 HTTP 302
https://loadm.exelator.com/load/?p=204&g=281&buid=90ac8d94-bbc4-4327-8b2c-5fa404848d27&j=0&ru=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1265&gdpr=1&gdpr_consent=

Request Chain 205

https://sync-tm.everesttech.net/upi/pid/aUTuBPNf?redir=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D52%26partnerUserId%3D%24%7BUSER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/aUTuBPNf?redir=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D52%26partnerUserId%3D%24%7BUSER_ID%7D&_test=YKZMWAABHKrXbwAC HTTP 302
https://cs.lkqd.net/cs?partnerId=52&partnerUserId=YKZMWAABHKrXbwAC&_test=YKZMWAABHKrXbwAC

Request Chain 209

https://nxd.adhaven.com/bid-engine/cs/2e288610711ad6050acd86a3fc72a6c3/v1?rd=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D90%26partnerUserId%3D%24UID HTTP 302
https://cs.lkqd.net/cs?partnerId=90&partnerUserId=4c_04961437-bf94-43c8-89f5-f05aa4f6042b

Request Chain 210

https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=jYFajdLdRKZKulquD7JoSSV4iZQ

Request Chain 211

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2674282077460420961

Request Chain 214

https://a.tribalfusion.com/i.match?p=b30&u=KX9DgKThe44&redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D85%26partnerUserId%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b30&u=KX9DgKThe44&redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D85%26partnerUserId%3D%24TF_USER_ID_ENC%24 HTTP 302
https://cs.lkqd.net/cs?partnerId=85&partnerUserId=18072662185289981210

Request Chain 216

https://cs.krushmedia.com/cd607442bfdf172cfcec45014a5f4ece.gif?puid=KX9DgKThe44&redir=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D102%26partnerUserId%3D%5BUID%5D HTTP 302
https://cs.lkqd.net/cs?partnerId=102&partnerUserId=84799288-0a85-48e9-9860-8d426cd39b72

Request Chain 221

https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&cb=1212400236&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C46381394047160910329289270,, HTTP 302
https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&cb=1212400236&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C46381394047160910329289270,, HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MTQ2Mjc2MzktNWQxZS02NTcxLTdmMWItNjczOWE0MGFkODc1

Request Chain 222

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=857592839&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&eov=eov&hp=1 HTTP 302
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=857592839&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&eov=eov&hp=1&a.y_rid=800f3c21-1722-42a7-95a8-e296c2155c72&a.is_yahoo=3&redirect_y=dHM9MTYyMTUxMTI1NjYyNC4xMTU0Nzk6dXVpZD0iOTA5MzMzNzk2MTQ5Njk4MTgxNV9fVElNRV9fMjAyMS0wNS0yMCswNCUzQTQ3JTNBMzQiOmFwaWQ9VVAyYWU1OWZmZS1iOTYxLTExZWItYWYyNS0wMjg1NWZjMzkwMDA6cmVxdWVzdF9pZD04MDBmM2MyMS0xNzIyLTQyYTctOTVhOC1lMjk2YzIxNTVjNzI=

Request Chain 223

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=565605590&gdpr=&gdpr_consent=&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1 HTTP 302
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=565605590&gdpr=&gdpr_consent=&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1&a.y_rid=5bb8cd93-3355-4b42-8f65-e213ccdf76d0&a.is_yahoo=3&redirect_y=dHM9MTYyMTUxMTI1NjYyMS4xNTM1NjQ6dXVpZD0iOTA5MzMzNzk2MTQ5Njk4MTgxNV9fVElNRV9fMjAyMS0wNS0yMCswNCUzQTQ3JTNBMzQiOmFwaWQ9VVAyYWU1OWZmZS1iOTYxLTExZWItYWYyNS0wMjg1NWZjMzkwMDA6cmVxdWVzdF9pZD01YmI4Y2Q5My0zMzU1LTRiNDItOGY2NS1lMjEzY2NkZjc2ZDA=

Request Chain 224

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=1905427685&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1 HTTP 302
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=1905427685&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1&a.y_rid=d8fd4f99-b4ce-43dc-8521-e512f3507706&a.is_yahoo=3&redirect_y=dHM9MTYyMTUxMTI1NjYyNC43MzgwMzc6dXVpZD0iOTA5MzMzNzk2MTQ5Njk4MTgxNV9fVElNRV9fMjAyMS0wNS0yMCswNCUzQTQ3JTNBMzQiOmFwaWQ9VVAyYWU1OWZmZS1iOTYxLTExZWItYWYyNS0wMjg1NWZjMzkwMDA6cmVxdWVzdF9pZD1kOGZkNGY5OS1iNGNlLTQzZGMtODUyMS1lNTEyZjM1MDc3MDY=

Request Chain 225

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=589468053&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1 HTTP 302
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=589468053&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1&a.y_rid=aa9dae42-188b-45dd-875f-561c3f98b96c&a.is_yahoo=3&redirect_y=dHM9MTYyMTUxMTI1NjYzNi42MDEwNzQ6dXVpZD0iOTA5MzMzNzk2MTQ5Njk4MTgxNV9fVElNRV9fMjAyMS0wNS0yMCswNCUzQTQ3JTNBMzQiOmFwaWQ9VVAyYWU1OWZmZS1iOTYxLTExZWItYWYyNS0wMjg1NWZjMzkwMDA6cmVxdWVzdF9pZD1hYTlkYWU0Mi0xODhiLTQ1ZGQtODc1Zi01NjFjM2Y5OGI5NmM=

Request Chain 226

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=581784682&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1 HTTP 302
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=581784682&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1&a.y_rid=77c7e5ae-a8a0-4306-af14-cd24262d0906&a.is_yahoo=3&redirect_y=dHM9MTYyMTUxMTI1NjYyMi41Njk4MjQ6dXVpZD0iOTA5MzMzNzk2MTQ5Njk4MTgxNV9fVElNRV9fMjAyMS0wNS0yMCswNCUzQTQ3JTNBMzQiOmFwaWQ9VVAyYWU1OWZmZS1iOTYxLTExZWItYWYyNS0wMjg1NWZjMzkwMDA6cmVxdWVzdF9pZD03N2M3ZTVhZS1hOGEwLTQzMDYtYWYxNC1jZDI0MjYyZDA5MDY=

Request Chain 228

https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&cb=1212400236&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C46381394047160910329289270,, HTTP 302
https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&cb=1212400236&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C46381394047160910329289270,,

Request Chain 243

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1239684411&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&eov=eov&hp=1 HTTP 302
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1239684411&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&eov=eov&hp=1&a.y_rid=3f9eca53-76c4-4715-a999-e27c0abb5baf&a.is_yahoo=3&redirect_y=dHM9MTYyMTUxMTI1ODA1Ny43MTUwODg6dXVpZD0iOTA5MzMzNzk2MTQ5Njk4MTgxNV9fVElNRV9fMjAyMS0wNS0yMCswNCUzQTQ3JTNBMzQiOmFwaWQ9VVAyYWU1OWZmZS1iOTYxLTExZWItYWYyNS0wMjg1NWZjMzkwMDA6bWlncmF0ZWQyeT0iMSI6cmVxdWVzdF9pZD0zZjllY2E1My03NmM0LTQ3MTUtYTk5OS1lMjdjMGFiYjViYWY=

Request Chain 244

https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=800901527&gdpr=&gdpr_consent=&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&a.ip=37.120.137.148&a.ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&lat=47.3925&lon=8.4546&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1 HTTP 302
https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=800901527&gdpr=&gdpr_consent=&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&a.ip=37.120.137.148&a.ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&lat=47.3925&lon=8.4546&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1&a.y_rid=14844eec-449e-48ad-9713-266f8f7de0e1&a.is_yahoo=3&redirect_y=dHM9MTYyMTUxMTI1ODA2Mi43MTcyODU6dXVpZD0iOTA5MzMzNzk2MTQ5Njk4MTgxNV9fVElNRV9fMjAyMS0wNS0yMCswNCUzQTQ3JTNBMzQiOmFwaWQ9VVAyYWU1OWZmZS1iOTYxLTExZWItYWYyNS0wMjg1NWZjMzkwMDA6bWlncmF0ZWQyeT0iMSI6cmVxdWVzdF9pZD0xNDg0NGVlYy00NDllLTQ4YWQtOTcxMy0yNjZmOGY3ZGUwZTE=

Request Chain 245

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1017839592&gdpr=&gdpr_consent=&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1 HTTP 302
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1017839592&gdpr=&gdpr_consent=&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1&a.y_rid=76452fdb-73ef-4cfb-9c96-15a8c21f91ad&a.is_yahoo=3&redirect_y=dHM9MTYyMTUxMTI1ODA2Mi43MDE5MDQ6dXVpZD0iOTA5MzMzNzk2MTQ5Njk4MTgxNV9fVElNRV9fMjAyMS0wNS0yMCswNCUzQTQ3JTNBMzQiOmFwaWQ9VVAyYWU1OWZmZS1iOTYxLTExZWItYWYyNS0wMjg1NWZjMzkwMDA6bWlncmF0ZWQyeT0iMSI6cmVxdWVzdF9pZD03NjQ1MmZkYi03M2VmLTRjZmItOWM5Ni0xNWE4YzIxZjkxYWQ=

Request Chain 246

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=2047840621&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1 HTTP 302
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=2047840621&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1&a.y_rid=9e673e5c-d769-4e5e-952a-836288fe129e&a.is_yahoo=3&redirect_y=dHM9MTYyMTUxMTI1ODA2MS41MjE0ODQ6dXVpZD0iOTA5MzMzNzk2MTQ5Njk4MTgxNV9fVElNRV9fMjAyMS0wNS0yMCswNCUzQTQ3JTNBMzQiOmFwaWQ9VVAyYWU1OWZmZS1iOTYxLTExZWItYWYyNS0wMjg1NWZjMzkwMDA6bWlncmF0ZWQyeT0iMSI6cmVxdWVzdF9pZD05ZTY3M2U1Yy1kNzY5LTRlNWUtOTUyYS04MzYyODhmZTEyOWU=

Request Chain 247

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=617487797&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1 HTTP 302
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=617487797&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1&a.y_rid=01882c66-8d5a-46a8-98b9-922f12883a3f&a.is_yahoo=3&redirect_y=dHM9MTYyMTUxMTI1ODA3MC43MTk3Mjc6dXVpZD0iOTA5MzMzNzk2MTQ5Njk4MTgxNV9fVElNRV9fMjAyMS0wNS0yMCswNCUzQTQ3JTNBMzQiOmFwaWQ9VVAyYWU1OWZmZS1iOTYxLTExZWItYWYyNS0wMjg1NWZjMzkwMDA6bWlncmF0ZWQyeT0iMSI6cmVxdWVzdF9pZD0wMTg4MmM2Ni04ZDVhLTQ2YTgtOThiOS05MjJmMTI4ODNhM2Y=

Request Chain 248

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=711589997&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1 HTTP 302
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=711589997&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1&a.y_rid=ade734dc-d3fb-4e26-96db-f57189cc804b&a.is_yahoo=3&redirect_y=dHM9MTYyMTUxMTI1ODA3Ni43OTE3NDg6dXVpZD0iOTA5MzMzNzk2MTQ5Njk4MTgxNV9fVElNRV9fMjAyMS0wNS0yMCswNCUzQTQ3JTNBMzQiOmFwaWQ9VVAyYWU1OWZmZS1iOTYxLTExZWItYWYyNS0wMjg1NWZjMzkwMDA6bWlncmF0ZWQyeT0iMSI6cmVxdWVzdF9pZD1hZGU3MzRkYy1kM2ZiLTRlMjYtOTZkYi1mNTcxODljYzgwNGI=

Request Chain 263

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1238417684&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&eov=eov&hp=1 HTTP 302
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1238417684&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&eov=eov&hp=1&a.y_rid=511110ae-8b57-4187-95d7-3ac472df6806&a.is_yahoo=3&redirect_y=dHM9MTYyMTUxMTI1OTU3MC4xMjQwMjM6dXVpZD0iOTA5MzMzNzk2MTQ5Njk4MTgxNV9fVElNRV9fMjAyMS0wNS0yMCswNCUzQTQ3JTNBMzQiOmFwaWQ9VVAyYWU1OWZmZS1iOTYxLTExZWItYWYyNS0wMjg1NWZjMzkwMDA6bWlncmF0ZWQyeT0iMSI6cmVxdWVzdF9pZD01MTExMTBhZS04YjU3LTQxODctOTVkNy0zYWM0NzJkZjY4MDY=

Request Chain 264

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1788611024&gdpr=&gdpr_consent=&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1 HTTP 302
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1788611024&gdpr=&gdpr_consent=&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1&a.y_rid=7b464323-dcee-4b84-bcad-eb9a01567a14&a.is_yahoo=3&redirect_y=dHM9MTYyMTUxMTI1OTU2OS42OTM4NDg6dXVpZD0iOTA5MzMzNzk2MTQ5Njk4MTgxNV9fVElNRV9fMjAyMS0wNS0yMCswNCUzQTQ3JTNBMzQiOmFwaWQ9VVAyYWU1OWZmZS1iOTYxLTExZWItYWYyNS0wMjg1NWZjMzkwMDA6bWlncmF0ZWQyeT0iMSI6cmVxdWVzdF9pZD03YjQ2NDMyMy1kY2VlLTRiODQtYmNhZC1lYjlhMDE1NjdhMTQ=

Request Chain 265

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=71895966&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1 HTTP 302
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=71895966&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1&a.y_rid=2ae32906-c64f-469a-a36b-7cb115cc4d48&a.is_yahoo=3&redirect_y=dHM9MTYyMTUxMTI1OTU3My41OTk2MDk6dXVpZD0iOTA5MzMzNzk2MTQ5Njk4MTgxNV9fVElNRV9fMjAyMS0wNS0yMCswNCUzQTQ3JTNBMzQiOmFwaWQ9VVAyYWU1OWZmZS1iOTYxLTExZWItYWYyNS0wMjg1NWZjMzkwMDA6bWlncmF0ZWQyeT0iMSI6cmVxdWVzdF9pZD0yYWUzMjkwNi1jNjRmLTQ2OWEtYTM2Yi03Y2IxMTVjYzRkNDg=

Request Chain 266

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1322015747&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1 HTTP 302
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1322015747&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1&a.y_rid=edfb58e0-1834-4dac-92d5-6fb35d63c4a6&a.is_yahoo=3&redirect_y=dHM9MTYyMTUxMTI1OTU3Ny4zNDk4NTQ6dXVpZD0iOTA5MzMzNzk2MTQ5Njk4MTgxNV9fVElNRV9fMjAyMS0wNS0yMCswNCUzQTQ3JTNBMzQiOmFwaWQ9VVAyYWU1OWZmZS1iOTYxLTExZWItYWYyNS0wMjg1NWZjMzkwMDA6bWlncmF0ZWQyeT0iMSI6cmVxdWVzdF9pZD1lZGZiNThlMC0xODM0LTRkYWMtOTJkNS02ZmIzNWQ2M2M0YTY=

Request Chain 281

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=950552447&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1 HTTP 302
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=950552447&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1&a.y_rid=65a6529b-f1e8-4f7d-9d6c-9f0a0c3b6822&a.is_yahoo=3&redirect_y=dHM9MTYyMTUxMTI2MDg3NS43OTY2MzE6dXVpZD0iOTA5MzMzNzk2MTQ5Njk4MTgxNV9fVElNRV9fMjAyMS0wNS0yMCswNCUzQTQ3JTNBMzQiOmFwaWQ9VVAyYWU1OWZmZS1iOTYxLTExZWItYWYyNS0wMjg1NWZjMzkwMDA6bWlncmF0ZWQyeT0iMSI6cmVxdWVzdF9pZD02NWE2NTI5Yi1mMWU4LTRmN2QtOWQ2Yy05ZjBhMGMzYjY4MjI=

Request Chain 331

https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if HTTP 302
https://cs.krushmedia.com/cd607442bfdf172cfcec45014a5f4ece.gif?puid=j9KPKhZllhw&redir=https://cs.lkqd.net/cs?partnerId%3D102%26partnerUserId%3D%5BUID%5D HTTP 302
https://cs.lkqd.net/cs?partnerId=102&partnerUserId=bcd1163a-d09a-4f6d-96ab-c286d37325f0

Request Chain 332

https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if HTTP 302
https://c.deployads.com/cs/NXST?b=j9KPKhZllhw

Request Chain 333

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8712104939489290288

Request Chain 334

https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=ScPsOp4aQoBLCdONZ5txYCV4iZQ

Request Chain 335

https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if HTTP 302
https://idsync.rlcdn.com/464986.gif?partner_uid=j9KPKhZllhw

Request Chain 338

https://sync.1rx.io/usersync2/lkqd HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8751100508 HTTP 302
https://sync.1rx.io/usersync/tradedesk/15aa95cb-2071-42bd-bde1-4f9ee752e36d HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-c5874a6e-c7f3-4197-86d9-991956a03dff-003?redir=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D7%26partnerUserId%3DRX-c5874a6e-c7f3-4197-86d9-991956a03dff-003 HTTP 302
https://cs.lkqd.net/cs?partnerId=7&partnerUserId=RX-c5874a6e-c7f3-4197-86d9-991956a03dff-003

Request Chain 339

https://x.bidswitch.net/sync?ssp=lkqd HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=lkqd HTTP 302
https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=lkqd&bsw_custom_parameter=bbf65c79-5a3d-4c62-8b49-a15869f868fa HTTP 302
https://x.bidswitch.net/sync?dsp_id=257&user_id=mk6a7486a4-82f3-4148-a345-ed168036c463&expires=7&user_group=5&ssp=lkqd&bsw_param=bbf65c79-5a3d-4c62-8b49-a15869f868fa HTTP 302
https://cs.lkqd.net/cs?partnerId=12&partnerUserId=bbf65c79-5a3d-4c62-8b49-a15869f868fa&redirect=%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D43%26partnerUserId%3Dbbf65c79-5a3d-4c62-8b49-a15869f868fa%26redirect%3D%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D46%2526partnerUserId%253Dbbf65c79-5a3d-4c62-8b49-a15869f868fa HTTP 302
https://cs.lkqd.net/cs?partnerId=43&partnerUserId=bbf65c79-5a3d-4c62-8b49-a15869f868fa&redirect=//cs.lkqd.net/cs?partnerId%3D46%26partnerUserId%3Dbbf65c79-5a3d-4c62-8b49-a15869f868fa HTTP 302
https://cs.lkqd.net/cs?partnerId=46&partnerUserId=bbf65c79-5a3d-4c62-8b49-a15869f868fa

Request Chain 340

https://match.adsrvr.org/track/cmf/generic?ttd_pid=e0d6q5j&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=e0d6q5j&ttd_tpi=1 HTTP 302
https://cs.lkqd.net/cs?partnerId=22&partnerUserId=15aa95cb-2071-42bd-bde1-4f9ee752e36d

Request Chain 341

https://sync.tidaltv.com/genericusersync.ashx?dpid=3162 HTTP 302
https://sync.tidaltv.com/genericusersync.ashx?dpid=3162&s_h=1 HTTP 302
https://cs.lkqd.net/cs?partnerId=23&partnerUserId=b467150e-e027-4f6b-a079-acaa6700cfac&gdpr=1&gdpr_consent=

Request Chain 342

https://gu.dyntrk.com/adx/lkqd/us.php?dynk=l1k4q1d4&gdpr=&gdpr_consent= HTTP 302
https://gu.dyntrk.com/adx/lkqd/us.php?dynk=l1k4q1d4&gdpr=&gdpr_consent=&prevuid=03030003_60a64c61efdec&knw=0 HTTP 302
https://cs.lkqd.net/cs?partnerId=25&partnerUserId=03030003_60a64c61efdec

Request Chain 343

https://media.sabio.us/imp_pixel?invsrc=11&secure=1 HTTP 302
https://cs.lkqd.net/cs?partnerId=39&partnerUserId=3519514776392745427

Request Chain 344

https://sync-tm.everesttech.net/upi/pid/aUTuBPNf?redir=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D52%26partnerUserId%3D%24%7BUSER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/aUTuBPNf?redir=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D52%26partnerUserId%3D%24%7BUSER_ID%7D&_test=YKZMYQABKiffdAA4 HTTP 302
https://cs.lkqd.net/cs?partnerId=52&partnerUserId=YKZMYQABKiffdAA4&_test=YKZMYQABKiffdAA4

Request Chain 345

https://bh.contextweb.com/bh/rtset?pid=561322&ev=1&rurl=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D53%26partnerUserId%3D%25%25VGUID%25%25 HTTP 302
https://cs.lkqd.net/cs?partnerId=53&partnerUserId=v0OIbcn04veC&ev=1&pid=561322

Request Chain 349

https://nxd.adhaven.com/bid-engine/cs/2e288610711ad6050acd86a3fc72a6c3/v1?rd=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D90%26partnerUserId%3D%24UID HTTP 302
https://cs.lkqd.net/cs?partnerId=90&partnerUserId=4c_2f13f168-5838-42f5-8ddd-fb3a8e07048b

Request Chain 350

https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=ScPsOp4aQoBLCdONZ5txYCV4iZQ

Request Chain 351

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8712104939489290288

Request Chain 352

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=118 HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=118 HTTP 302
https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=928c58db-ba27-4e54-811d-e2ee97a93c7b-60a64c62-4348&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D928c58db-ba27-4e54-811d-e2ee97a93c7b-60a64c62-4348%26partner_url%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D97%2526partnerUserId%253D928c58db-ba27-4e54-811d-e2ee97a93c7b-60a64c62-4348 HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=928c58db-ba27-4e54-811d-e2ee97a93c7b-60a64c62-4348&partner_url=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D97%26partnerUserId%3D928c58db-ba27-4e54-811d-e2ee97a93c7b-60a64c62-4348 HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=928c58db-ba27-4e54-811d-e2ee97a93c7b-60a64c62-4348&partner_url=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D97%26partnerUserId%3D928c58db-ba27-4e54-811d-e2ee97a93c7b-60a64c62-4348 HTTP 302
https://cs.lkqd.net/cs?partnerId=97&partnerUserId=928c58db-ba27-4e54-811d-e2ee97a93c7b-60a64c62-4348

Request Chain 354

https://sync.tidaltv.com/genericusersync.ashx?dpid=lkqd HTTP 302
https://sb.scorecardresearch.com/p?c1=9&c2=5989497&cs_xi=b467150e-e027-4f6b-a079-acaa6700cfac&rn=TIMESTAMP&cs_xs=3315&r=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1266&gdpr=1&gdpr_consent= HTTP 302
https://sb.scorecardresearch.com/p2?c1=9&c2=5989497&cs_xi=b467150e-e027-4f6b-a079-acaa6700cfac&rn=TIMESTAMP&cs_xs=3315&r=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1266&gdpr=1&gdpr_consent= HTTP 302
https://sync.tidaltv.com/genericusersync.ashx?dpid=1266 HTTP 302
https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzMxODMxNDE0/mpuid/b467150e-e027-4f6b-a079-acaa6700cfac/rnd/0/url/https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1261%2F&gdpr=1&gdpr_consent= HTTP 302
https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1261%2F&gdpr=1&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=445&dpuuid=b467150e-e027-4f6b-a079-acaa6700cfac?redir=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1262&gdpr=1&gdpr_consent= HTTP 302
https://sync.tidaltv.com/genericusersync.ashx?dpid=1262 HTTP 302
https://tags.bluekai.com/site/5379?id=b467150e-e027-4f6b-a079-acaa6700cfac&redir=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1263&gdpr=1&gdpr_consent= HTTP 302
https://sync.tidaltv.com/genericusersync.ashx?dpid=1263 HTTP 302
https://loadm.exelator.com/load/?p=204&g=281&buid=b467150e-e027-4f6b-a079-acaa6700cfac&j=0&ru=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1265&gdpr=1&gdpr_consent=

Request Chain 356

https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm&google_hm=ajlLUEtoWmxsaHc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm=&google_hm=ajlLUEtoWmxsaHc&google_tc= HTTP 302
https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEKzEY9mwtzyJHJz6A6AXee4&google_cver=1

Request Chain 357

https://a.tribalfusion.com/i.match?p=b30&u=j9KPKhZllhw&redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D85%26partnerUserId%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b30&u=j9KPKhZllhw&redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D85%26partnerUserId%3D%24TF_USER_ID_ENC%24 HTTP 302
https://cs.lkqd.net/cs?partnerId=85&partnerUserId=18072662185288781919

Request Chain 359

https://cs.krushmedia.com/cd607442bfdf172cfcec45014a5f4ece.gif?puid=j9KPKhZllhw&redir=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D102%26partnerUserId%3D%5BUID%5D HTTP 302
https://cs.lkqd.net/cs?partnerId=102&partnerUserId=bcd1163a-d09a-4f6d-96ab-c286d37325f0

Request Chain 363

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=834358577&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&eov=eov&hp=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/adtech/VA3103bfc3-b961-11eb-b443-02b90c27b1e5?gdpr=1&gdpr_consent=&nsync=1 HTTP 302
https://pixel.advertising.com/ups/56465/sync?uid=y-djjyqw5E2p7z1wy_egYQameTRnNjqBZF9wTo~A&_origin=0&nsync=1 HTTP 302
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-djjyqw5E2p7z1wy_egYQameTRnNjqBZF9wTo~A&_origin=0&nsync=1&apid=VA307393dd-b961-11eb-8ad4-068489b665ff

Request Chain 364

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=2063845834&gdpr=&gdpr_consent=&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/adtech/VA3112f192-b961-11eb-8099-06dba23ddddc?gdpr=1&gdpr_consent=&nsync=1 HTTP 302
https://pixel.advertising.com/ups/56465/sync?uid=y-djjyqw5E2p7z1wy_egYQameTRnNjqBZF9wTo~A&_origin=0&nsync=1 HTTP 302
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-djjyqw5E2p7z1wy_egYQameTRnNjqBZF9wTo~A&_origin=0&nsync=1&apid=VA3073c1c9-b961-11eb-b183-021cb587458c

Request Chain 365

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=1226889538&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/adtech/VA307393dd-b961-11eb-8ad4-068489b665ff?gdpr=1&gdpr_consent=&nsync=1 HTTP 302
https://pixel.advertising.com/ups/56465/sync?uid=y-djjyqw5E2p7z1wy_egYQameTRnNjqBZF9wTo~A&_origin=0&nsync=1 HTTP 302
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-djjyqw5E2p7z1wy_egYQameTRnNjqBZF9wTo~A&_origin=0&nsync=1&apid=VA307393dd-b961-11eb-8ad4-068489b665ff

Request Chain 366

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=331234367&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/adtech/VA30879885-b961-11eb-a92c-0289a724f814?gdpr=1&gdpr_consent=&nsync=1 HTTP 302
https://pixel.advertising.com/ups/56465/sync?uid=y-DyP1UklE2p5Ip3KGCQQunCdE7FSNhFYmZvTz~A&_origin=0&nsync=1 HTTP 302
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-DyP1UklE2p5Ip3KGCQQunCdE7FSNhFYmZvTz~A&_origin=0&nsync=1&apid=VA3073c1c9-b961-11eb-b183-021cb587458c

Request Chain 367

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1701371096&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/adtech/VA3073c1c9-b961-11eb-b183-021cb587458c?gdpr=1&gdpr_consent=&nsync=1 HTTP 302
https://pixel.advertising.com/ups/56465/sync?uid=y-dNauiaxE2p5w2T0gKm7C_AUUg.NAWju7gTb3~A&_origin=0&nsync=1 HTTP 302
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-dNauiaxE2p5w2T0gKm7C_AUUg.NAWju7gTb3~A&_origin=0&nsync=1&apid=VA3103bfc3-b961-11eb-b443-02b90c27b1e5

Request Chain 380

https://cs.lkqd.net/cs?partnerId=85&redirect=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db30%26u%3D%24%24rawlkqduserid%24%24%26redirect%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D85%2526partnerUserId%253D%2524TF_USER_ID_ENC%2524&r=if HTTP 302
https://a.tribalfusion.com/i.match?p=b30&u=j9KPKhZllhw&redirect=https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D$TF_USER_ID_ENC$ HTTP 302
https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D18072662185288781919

Request Chain 387

https://sync.tidaltv.com/genericusersync.ashx?dpid=3162 HTTP 302
https://cs.lkqd.net/cs?partnerId=23&partnerUserId=b467150e-e027-4f6b-a079-acaa6700cfac&gdpr=1&gdpr_consent=

Request Chain 388

https://sync.tidaltv.com/genericusersync.ashx?dpid=lkqd HTTP 302
https://sb.scorecardresearch.com/p?c1=9&c2=5989497&cs_xi=b467150e-e027-4f6b-a079-acaa6700cfac&rn=TIMESTAMP&cs_xs=3315&r=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1266&gdpr=1&gdpr_consent= HTTP 302
https://sb.scorecardresearch.com/p2?c1=9&c2=5989497&cs_xi=b467150e-e027-4f6b-a079-acaa6700cfac&rn=TIMESTAMP&cs_xs=3315&r=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1266&gdpr=1&gdpr_consent= HTTP 302
https://sync.tidaltv.com/genericusersync.ashx?dpid=1266

Request Chain 395

https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&cb=886236449&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C3636710294731955763905944764,, HTTP 302
https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&cb=886236449&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C3636710294731955763905944764,, HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OTg4YTgxYjQtYzkyMi02YTEwLTZkNmMtYmI5YzZkYjBhMjhj

Request Chain 396

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=642947417&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&eov=eov&hp=1 HTTP 302
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=642947417&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&eov=eov&hp=1&a.y_rid=8a4866d3-78df-4393-9566-104eeba40f1e&a.is_yahoo=3&redirect_y=dHM9MTYyMTUxMTI2NzcwNS41MzE3Mzg6dXVpZD0iNzMyNjA0ODQ4NjQ0MDk4NDIwMV9fVElNRV9fMjAyMS0wNS0yMCswNCUzQTQ3JTNBNDUiOmFwaWQ9VkEzMDczOTNkZC1iOTYxLTExZWItOGFkNC0wNjg0ODliNjY1ZmY6cmVxdWVzdF9pZD04YTQ4NjZkMy03OGRmLTQzOTMtOTU2Ni0xMDRlZWJhNDBmMWU= HTTP 302
https://pr-bh.ybp.yahoo.com/sync/adtech/VA307393dd-b961-11eb-8ad4-068489b665ff?gdpr=1&gdpr_consent=&nsync=1 HTTP 302
https://pixel.advertising.com/ups/56465/sync?uid=y-JhXAuiZE2p6tksXhIvNfziW1_PT4lOjjcTf1~A&_origin=0&nsync=1 HTTP 302
https://pixel.advertising.com/ups/56465/sync?uid=y-JhXAuiZE2p6tksXhIvNfziW1_PT4lOjjcTf1~A&_origin=0&nsync=1&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-JhXAuiZE2p6tksXhIvNfziW1_PT4lOjjcTf1~A&_origin=0&nsync=1&apid=UP32c305da-b961-11eb-bd50-0622eae3f606

Request Chain 397

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=2094912092&gdpr=&gdpr_consent=&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1 HTTP 302
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=2094912092&gdpr=&gdpr_consent=&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1&a.y_rid=1bab4eeb-f380-4019-8c7a-701945bc4afa&a.is_yahoo=3&redirect_y=dHM9MTYyMTUxMTI2NzcwNC44NDA4MjA6dXVpZD0iNzMyNjA0ODQ4NjQ0MDk4NDIwMV9fVElNRV9fMjAyMS0wNS0yMCswNCUzQTQ3JTNBNDUiOmFwaWQ9VkEzMDczOTNkZC1iOTYxLTExZWItOGFkNC0wNjg0ODliNjY1ZmY6cmVxdWVzdF9pZD0xYmFiNGVlYi1mMzgwLTQwMTktOGM3YS03MDE5NDViYzRhZmE= HTTP 302
https://pr-bh.ybp.yahoo.com/sync/adtech/VA307393dd-b961-11eb-8ad4-068489b665ff?gdpr=1&gdpr_consent=&nsync=1 HTTP 302
https://pixel.advertising.com/ups/56465/sync?uid=y-zCJMoIlE2p7YcgSkmNICXYRbKu.G1nUJrdcW~A&_origin=0&nsync=1 HTTP 302
https://pixel.advertising.com/ups/56465/sync?uid=y-zCJMoIlE2p7YcgSkmNICXYRbKu.G1nUJrdcW~A&_origin=0&nsync=1&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-zCJMoIlE2p7YcgSkmNICXYRbKu.G1nUJrdcW~A&_origin=0&nsync=1&apid=UP32c3c8fb-b961-11eb-af25-02855fc39000

Request Chain 398

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=342308393&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1 HTTP 302
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=342308393&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1&a.y_rid=1a3dd768-9456-4bdf-8a91-470880b4fde9&a.is_yahoo=3&redirect_y=dHM9MTYyMTUxMTI2NzcwMy45NDQ4MjQ6dXVpZD0iNzMyNjA0ODQ4NjQ0MDk4NDIwMV9fVElNRV9fMjAyMS0wNS0yMCswNCUzQTQ3JTNBNDUiOmFwaWQ9VkEzMDczOTNkZC1iOTYxLTExZWItOGFkNC0wNjg0ODliNjY1ZmY6cmVxdWVzdF9pZD0xYTNkZDc2OC05NDU2LTRiZGYtOGE5MS00NzA4ODBiNGZkZTk= HTTP 302
https://pr-bh.ybp.yahoo.com/sync/adtech/VA307393dd-b961-11eb-8ad4-068489b665ff?gdpr=1&gdpr_consent=&nsync=1 HTTP 302
https://pixel.advertising.com/ups/56465/sync?uid=y-m0OeXWVE2p4B7Zw1NYkGcczVhrVuxXtnSZ22~A&_origin=0&nsync=1 HTTP 302
https://pixel.advertising.com/ups/56465/sync?uid=y-m0OeXWVE2p4B7Zw1NYkGcczVhrVuxXtnSZ22~A&_origin=0&nsync=1&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-m0OeXWVE2p4B7Zw1NYkGcczVhrVuxXtnSZ22~A&_origin=0&nsync=1&apid=UP32c353bf-b961-11eb-bc4d-06ae1a11dd7e

Request Chain 399

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=898011742&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1 HTTP 302
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=898011742&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1&a.y_rid=0b603c08-afc2-417d-99ea-4cdeae59aaa6&a.is_yahoo=3&redirect_y=dHM9MTYyMTUxMTI2NzcwNy42MDc2NjY6dXVpZD0iNzMyNjA0ODQ4NjQ0MDk4NDIwMV9fVElNRV9fMjAyMS0wNS0yMCswNCUzQTQ3JTNBNDUiOmFwaWQ9VkEzMDczOTNkZC1iOTYxLTExZWItOGFkNC0wNjg0ODliNjY1ZmY6cmVxdWVzdF9pZD0wYjYwM2MwOC1hZmMyLTQxN2QtOTllYS00Y2RlYWU1OWFhYTY= HTTP 302
https://pr-bh.ybp.yahoo.com/sync/adtech/VA307393dd-b961-11eb-8ad4-068489b665ff?gdpr=1&gdpr_consent=&nsync=1 HTTP 302
https://pixel.advertising.com/ups/56465/sync?uid=y-URwyG5BE2p72MXpTc6ZQgD7Vi8f2LskGoTyY~A&_origin=0&nsync=1 HTTP 302
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-URwyG5BE2p72MXpTc6ZQgD7Vi8f2LskGoTyY~A&_origin=0&nsync=1&apid=UP32c3c8fb-b961-11eb-af25-02855fc39000

Request Chain 400

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1081693236&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1 HTTP 302
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1081693236&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1&a.y_rid=1b5092e2-eae6-4ebd-8693-d56efbc9ad83&a.is_yahoo=3&redirect_y=dHM9MTYyMTUxMTI2NzcwMy40NTE5MDQ6dXVpZD0iNzMyNjA0ODQ4NjQ0MDk4NDIwMV9fVElNRV9fMjAyMS0wNS0yMCswNCUzQTQ3JTNBNDUiOmFwaWQ9VkEzMDczOTNkZC1iOTYxLTExZWItOGFkNC0wNjg0ODliNjY1ZmY6cmVxdWVzdF9pZD0xYjUwOTJlMi1lYWU2LTRlYmQtODY5My1kNTZlZmJjOWFkODM= HTTP 302
https://pr-bh.ybp.yahoo.com/sync/adtech/VA307393dd-b961-11eb-8ad4-068489b665ff?gdpr=1&gdpr_consent=&nsync=1 HTTP 302
https://pixel.advertising.com/ups/56465/sync?uid=y-tWpQVStE2p47vjwsQDRKLY_3DFAo2DxL2EHB~A&_origin=0&nsync=1 HTTP 302
https://pixel.advertising.com/ups/56465/sync?uid=y-tWpQVStE2p47vjwsQDRKLY_3DFAo2DxL2EHB~A&_origin=0&nsync=1&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-tWpQVStE2p47vjwsQDRKLY_3DFAo2DxL2EHB~A&_origin=0&nsync=1&apid=UP32c2b769-b961-11eb-8fe6-06a224eca24a

Request Chain 402

https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&cb=886236449&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C3636710294731955763905944764,, HTTP 302
https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&cb=886236449&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C3636710294731955763905944764,,

Request Chain 412

https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if HTTP 302
https://idsync.rlcdn.com/464986.gif?partner_uid=qu_UChsShAo

Request Chain 413

https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if HTTP 302
https://cs.krushmedia.com/cd607442bfdf172cfcec45014a5f4ece.gif?puid=qu_UChsShAo&redir=https://cs.lkqd.net/cs?partnerId%3D102%26partnerUserId%3D%5BUID%5D HTTP 302
https://cs.lkqd.net/cs?partnerId=102&partnerUserId=0948d5c6-e961-4d18-943a-a59bb26a4fd0

Request Chain 414

https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if HTTP 302
https://c.deployads.com/cs/NXST?b=qu_UChsShAo

Request Chain 415

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3163667999545583664

Request Chain 416

https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=eS7-UnPgQWRWj2qD77kZQiV4iZQ

Request Chain 419

https://sync.tidaltv.com/genericusersync.ashx?dpid=3162 HTTP 302
https://cs.lkqd.net/cs?partnerId=23&partnerUserId=42145d48-f16a-4cf0-96a2-87ec9ed1cbee&gdpr=1&gdpr_consent=

Request Chain 420

https://sync.tidaltv.com/genericusersync.ashx?dpid=lkqd HTTP 302
https://sb.scorecardresearch.com/p?c1=9&c2=5989497&cs_xi=42145d48-f16a-4cf0-96a2-87ec9ed1cbee&rn=TIMESTAMP&cs_xs=3315&r=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1266&gdpr=1&gdpr_consent= HTTP 302
https://sync.tidaltv.com/genericusersync.ashx?dpid=1266 HTTP 302
https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzMxODMxNDE0/mpuid/42145d48-f16a-4cf0-96a2-87ec9ed1cbee/rnd/0/url/https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1261%2F&gdpr=1&gdpr_consent= HTTP 302
https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1261%2F&gdpr=1&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=445&dpuuid=42145d48-f16a-4cf0-96a2-87ec9ed1cbee?redir=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1262&gdpr=1&gdpr_consent= HTTP 302
https://sync.tidaltv.com/genericusersync.ashx?dpid=1262 HTTP 302
https://tags.bluekai.com/site/5379?id=42145d48-f16a-4cf0-96a2-87ec9ed1cbee&redir=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1263&gdpr=1&gdpr_consent= HTTP 302
https://sync.tidaltv.com/genericusersync.ashx?dpid=1263 HTTP 302
https://loadm.exelator.com/load/?p=204&g=281&buid=42145d48-f16a-4cf0-96a2-87ec9ed1cbee&j=0&ru=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1265&gdpr=1&gdpr_consent=

Request Chain 424

https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=eS7-UnPgQWRWj2qD77kZQiV4iZQ

Request Chain 425

https://ad.turn.com/r/cs?pid=65 HTTP 302
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3163667999545583664

Request Chain 427

https://sync.1rx.io/usersync2/lkqd HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2969674725 HTTP 302
https://sync.1rx.io/usersync/tradedesk/5512846e-bcba-4197-b122-7912e75eb50e HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-14285006-9f45-4d02-b5c4-d4ac3ea206ca-003?redir=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D7%26partnerUserId%3DRX-14285006-9f45-4d02-b5c4-d4ac3ea206ca-003 HTTP 302
https://cs.lkqd.net/cs?partnerId=7&partnerUserId=RX-14285006-9f45-4d02-b5c4-d4ac3ea206ca-003

Request Chain 428

https://x.bidswitch.net/sync?ssp=lkqd HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=lkqd HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dlkqd%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dlkqd%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D&crf=1 HTTP 302
https://x.bidswitch.net/sync?dsp_id=429&user_id=a0b51c11-e555-518c-a123-c9ddc18585b8&ssp=lkqd&expires=30&user_group=1 HTTP 302
https://cs.lkqd.net/cs?partnerId=12&partnerUserId=fe994ebe-b114-4f08-a346-1fe5094d61b2&redirect=%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D43%26partnerUserId%3Dfe994ebe-b114-4f08-a346-1fe5094d61b2%26redirect%3D%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D46%2526partnerUserId%253Dfe994ebe-b114-4f08-a346-1fe5094d61b2 HTTP 302
https://cs.lkqd.net/cs?partnerId=43&partnerUserId=fe994ebe-b114-4f08-a346-1fe5094d61b2&redirect=//cs.lkqd.net/cs?partnerId%3D46%26partnerUserId%3Dfe994ebe-b114-4f08-a346-1fe5094d61b2 HTTP 302
https://cs.lkqd.net/cs?partnerId=46&partnerUserId=fe994ebe-b114-4f08-a346-1fe5094d61b2

Request Chain 429

https://match.adsrvr.org/track/cmf/generic?ttd_pid=e0d6q5j&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=e0d6q5j&ttd_tpi=1 HTTP 302
https://cs.lkqd.net/cs?partnerId=22&partnerUserId=5512846e-bcba-4197-b122-7912e75eb50e

Request Chain 430

https://gu.dyntrk.com/adx/lkqd/us.php?dynk=l1k4q1d4&gdpr=&gdpr_consent= HTTP 302
https://gu.dyntrk.com/adx/lkqd/us.php?dynk=l1k4q1d4&gdpr=&gdpr_consent=&prevuid=03030002_60a64c6528549&knw=0 HTTP 302
https://cs.lkqd.net/cs?partnerId=25&partnerUserId=03030002_60a64c6528549

Request Chain 431

https://media.sabio.us/imp_pixel?invsrc=11&secure=1 HTTP 302
https://cs.lkqd.net/cs?partnerId=39&partnerUserId=4506489259793383308

Request Chain 432

https://sync-tm.everesttech.net/upi/pid/aUTuBPNf?redir=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D52%26partnerUserId%3D%24%7BUSER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/aUTuBPNf?redir=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D52%26partnerUserId%3D%24%7BUSER_ID%7D&_test=YKZMZQABKaARjgA4 HTTP 302
https://cs.lkqd.net/cs?partnerId=52&partnerUserId=YKZMZQABKaARjgA4&_test=YKZMZQABKaARjgA4

Request Chain 433

https://bh.contextweb.com/bh/rtset?pid=561322&ev=1&rurl=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D53%26partnerUserId%3D%25%25VGUID%25%25 HTTP 302
https://cs.lkqd.net/cs?partnerId=53&partnerUserId=QrSP8scRswXR&ev=1&pid=561322

Request Chain 435

https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm&google_hm=cXVfVUNoc1NoQW8 HTTP 302
https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESENSXdxoJp1uFzXPMCeTejgw&google_cver=1

Request Chain 436

https://a.tribalfusion.com/i.match?p=b30&u=qu_UChsShAo&redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D85%26partnerUserId%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b30&u=qu_UChsShAo&redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D85%26partnerUserId%3D%24TF_USER_ID_ENC%24

Request Chain 437

https://nxd.adhaven.com/bid-engine/cs/2e288610711ad6050acd86a3fc72a6c3/v1?rd=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D90%26partnerUserId%3D%24UID HTTP 302
https://cs.lkqd.net/cs?partnerId=90&partnerUserId=4c_5abfd22e-e72c-4fcd-8e8b-6301405c84ca

Request Chain 438

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=118 HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=118 HTTP 302
https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=f6d2e308-ad07-4b59-810c-70feba95f015-60a64c65-4348&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Df6d2e308-ad07-4b59-810c-70feba95f015-60a64c65-4348%26partner_url%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D97%2526partnerUserId%253Df6d2e308-ad07-4b59-810c-70feba95f015-60a64c65-4348 HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=f6d2e308-ad07-4b59-810c-70feba95f015-60a64c65-4348&partner_url=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D97%26partnerUserId%3Df6d2e308-ad07-4b59-810c-70feba95f015-60a64c65-4348 HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=f6d2e308-ad07-4b59-810c-70feba95f015-60a64c65-4348&partner_url=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D97%26partnerUserId%3Df6d2e308-ad07-4b59-810c-70feba95f015-60a64c65-4348 HTTP 302
https://cs.lkqd.net/cs?partnerId=97&partnerUserId=f6d2e308-ad07-4b59-810c-70feba95f015-60a64c65-4348

Request Chain 440

https://cs.krushmedia.com/cd607442bfdf172cfcec45014a5f4ece.gif?puid=qu_UChsShAo&redir=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D102%26partnerUserId%3D%5BUID%5D HTTP 302
https://cs.lkqd.net/cs?partnerId=102&partnerUserId=0948d5c6-e961-4d18-943a-a59bb26a4fd0

Request Chain 446

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=674399562&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&eov=eov&hp=1 HTTP 302
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=674399562&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&eov=eov&hp=1&a.y_rid=23db3295-71f1-4286-9cd2-5d04e1bf7ab5&a.is_yahoo=3&redirect_y=dHM9MTYyMTUxMTI2OTE0Mi4xNTAzOTE6YXBpZD1VUDMyYzNjOGZiLWI5NjEtMTFlYi1hZjI1LTAyODU1ZmMzOTAwMDptaWdyYXRlZDJ5PSIxIjpyZXF1ZXN0X2lkPTIzZGIzMjk1LTcxZjEtNDI4Ni05Y2QyLTVkMDRlMWJmN2FiNQ== HTTP 302
https://pr-bh.ybp.yahoo.com/sync/adtech/UP32c3c8fb-b961-11eb-af25-02855fc39000?gdpr=1&gdpr_consent=&nsync=1 HTTP 302
https://pixel.advertising.com/ups/56465/sync?uid=y-URwyG5BE2p72MXpTc6ZQgD7Vi8f2LskGoTyY~A&_origin=0&nsync=1 HTTP 302
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-URwyG5BE2p72MXpTc6ZQgD7Vi8f2LskGoTyY~A&_origin=0&nsync=1&apid=UP32c3c8fb-b961-11eb-af25-02855fc39000

Request Chain 447

https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=1420329705&gdpr=&gdpr_consent=&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&a.ip=37.120.137.148&a.ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&lat=47.3925&lon=8.4546&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1 HTTP 302
https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=1420329705&gdpr=&gdpr_consent=&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&a.ip=37.120.137.148&a.ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&lat=47.3925&lon=8.4546&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1&a.y_rid=5e14aa78-381a-4d0f-ae6e-ba5a8523e560&a.is_yahoo=3&redirect_y=dHM9MTYyMTUxMTI2OTE0MC41MzAwMjk6YXBpZD1VUDMyYzNjOGZiLWI5NjEtMTFlYi1hZjI1LTAyODU1ZmMzOTAwMDptaWdyYXRlZDJ5PSIxIjpyZXF1ZXN0X2lkPTVlMTRhYTc4LTM4MWEtNGQwZi1hZTZlLWJhNWE4NTIzZTU2MA== HTTP 302
https://pr-bh.ybp.yahoo.com/sync/adtech/UP32c3c8fb-b961-11eb-af25-02855fc39000?gdpr=1&gdpr_consent=&nsync=1 HTTP 302
https://pixel.advertising.com/ups/56465/sync?uid=y-URwyG5BE2p72MXpTc6ZQgD7Vi8f2LskGoTyY~A&_origin=0&nsync=1 HTTP 302
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-URwyG5BE2p72MXpTc6ZQgD7Vi8f2LskGoTyY~A&_origin=0&nsync=1&apid=UP32c3c8fb-b961-11eb-af25-02855fc39000

Request Chain 448

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1685083178&gdpr=&gdpr_consent=&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1 HTTP 302
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1685083178&gdpr=&gdpr_consent=&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1&a.y_rid=b60f51ab-b775-4ec6-a9d8-464381d72427&a.is_yahoo=3&redirect_y=dHM9MTYyMTUxMTI2OTE0My42Nzg5NTU6YXBpZD1VUDMyYzNjOGZiLWI5NjEtMTFlYi1hZjI1LTAyODU1ZmMzOTAwMDptaWdyYXRlZDJ5PSIxIjpyZXF1ZXN0X2lkPWI2MGY1MWFiLWI3NzUtNGVjNi1hOWQ4LTQ2NDM4MWQ3MjQyNw== HTTP 302
https://pr-bh.ybp.yahoo.com/sync/adtech/UP32c3c8fb-b961-11eb-af25-02855fc39000?gdpr=1&gdpr_consent=&nsync=1 HTTP 302
https://pixel.advertising.com/ups/56465/sync?uid=y-URwyG5BE2p72MXpTc6ZQgD7Vi8f2LskGoTyY~A&_origin=0&nsync=1 HTTP 302
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-URwyG5BE2p72MXpTc6ZQgD7Vi8f2LskGoTyY~A&_origin=0&nsync=1&apid=UP32c3c8fb-b961-11eb-af25-02855fc39000

Request Chain 449

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=1717271722&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1 HTTP 302
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=1717271722&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1&a.y_rid=3527aeb3-5470-490d-b143-54300e9d696f&a.is_yahoo=3&redirect_y=dHM9MTYyMTUxMTI2OTE0MC41ODQ5NjE6YXBpZD1VUDMyYzNjOGZiLWI5NjEtMTFlYi1hZjI1LTAyODU1ZmMzOTAwMDptaWdyYXRlZDJ5PSIxIjpyZXF1ZXN0X2lkPTM1MjdhZWIzLTU0NzAtNDkwZC1iMTQzLTU0MzAwZTlkNjk2Zg== HTTP 302
https://pr-bh.ybp.yahoo.com/sync/adtech/UP32c3c8fb-b961-11eb-af25-02855fc39000?gdpr=1&gdpr_consent=&nsync=1 HTTP 302
https://pixel.advertising.com/ups/56465/sync?uid=y-URwyG5BE2p72MXpTc6ZQgD7Vi8f2LskGoTyY~A&_origin=0&nsync=1 HTTP 302
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-URwyG5BE2p72MXpTc6ZQgD7Vi8f2LskGoTyY~A&_origin=0&nsync=1&apid=UP32c3c8fb-b961-11eb-af25-02855fc39000

Request Chain 450

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1028276186&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1 HTTP 302
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1028276186&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1&a.y_rid=f9c8ebad-f3d4-4a83-ac22-4e2c45aed846&a.is_yahoo=3&redirect_y=dHM9MTYyMTUxMTI2OTE0MS4zNDA4MjA6YXBpZD1VUDMyYzNjOGZiLWI5NjEtMTFlYi1hZjI1LTAyODU1ZmMzOTAwMDptaWdyYXRlZDJ5PSIxIjpyZXF1ZXN0X2lkPWY5YzhlYmFkLWYzZDQtNGE4My1hYzIyLTRlMmM0NWFlZDg0Ng== HTTP 302
https://pr-bh.ybp.yahoo.com/sync/adtech/UP32c3c8fb-b961-11eb-af25-02855fc39000?gdpr=1&gdpr_consent=&nsync=1 HTTP 302
https://pixel.advertising.com/ups/56465/sync?uid=y-URwyG5BE2p72MXpTc6ZQgD7Vi8f2LskGoTyY~A&_origin=0&nsync=1 HTTP 302
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-URwyG5BE2p72MXpTc6ZQgD7Vi8f2LskGoTyY~A&_origin=0&nsync=1&apid=UP32c3c8fb-b961-11eb-af25-02855fc39000

Request Chain 451

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=2038623958&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1 HTTP 302
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=2038623958&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1&a.y_rid=4ea84e0d-6be1-40b4-8e25-7c3011cd968d&a.is_yahoo=3&redirect_y=dHM9MTYyMTUxMTI2OTE0MC41NTcxMjk6YXBpZD1VUDMyYzNjOGZiLWI5NjEtMTFlYi1hZjI1LTAyODU1ZmMzOTAwMDptaWdyYXRlZDJ5PSIxIjpyZXF1ZXN0X2lkPTRlYTg0ZTBkLTZiZTEtNDBiNC04ZTI1LTdjMzAxMWNkOTY4ZA== HTTP 302
https://pr-bh.ybp.yahoo.com/sync/adtech/UP32c3c8fb-b961-11eb-af25-02855fc39000?gdpr=1&gdpr_consent=&nsync=1 HTTP 302
https://pixel.advertising.com/ups/56465/sync?uid=y-URwyG5BE2p72MXpTc6ZQgD7Vi8f2LskGoTyY~A&_origin=0&nsync=1 HTTP 302
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-URwyG5BE2p72MXpTc6ZQgD7Vi8f2LskGoTyY~A&_origin=0&nsync=1&apid=UP32c3c8fb-b961-11eb-af25-02855fc39000

Request Chain 466

https://cs.lkqd.net/cs?partnerId=85&redirect=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db30%26u%3D%24%24rawlkqduserid%24%24%26redirect%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D85%2526partnerUserId%253D%2524TF_USER_ID_ENC%2524&r=if HTTP 302
https://a.tribalfusion.com/i.match?p=b30&u=qu_UChsShAo&redirect=https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D$TF_USER_ID_ENC$ HTTP 302
https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D18072662185288432215

Request Chain 470

https://sync.tidaltv.com/genericusersync.ashx?dpid=3162 HTTP 302
https://cs.lkqd.net/cs?partnerId=23&partnerUserId=42145d48-f16a-4cf0-96a2-87ec9ed1cbee&gdpr=1&gdpr_consent=

Request Chain 475

https://sync.tidaltv.com/genericusersync.ashx?dpid=lkqd HTTP 302
https://sb.scorecardresearch.com/p?c1=9&c2=5989497&cs_xi=42145d48-f16a-4cf0-96a2-87ec9ed1cbee&rn=TIMESTAMP&cs_xs=3315&r=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1266&gdpr=1&gdpr_consent= HTTP 302
https://sync.tidaltv.com/genericusersync.ashx?dpid=1266 HTTP 302
https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzMxODMxNDE0/mpuid/42145d48-f16a-4cf0-96a2-87ec9ed1cbee/rnd/0/url/https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1261%2F&gdpr=1&gdpr_consent= HTTP 302
https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1261%2F&gdpr=1&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=445&dpuuid=42145d48-f16a-4cf0-96a2-87ec9ed1cbee?redir=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1262&gdpr=1&gdpr_consent= HTTP 302
https://sync.tidaltv.com/genericusersync.ashx?dpid=1262 HTTP 302
https://tags.bluekai.com/site/5379?id=42145d48-f16a-4cf0-96a2-87ec9ed1cbee&redir=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1263&gdpr=1&gdpr_consent= HTTP 302
https://sync.tidaltv.com/genericusersync.ashx?dpid=1263 HTTP 302
https://loadm.exelator.com/load/?p=204&g=281&buid=42145d48-f16a-4cf0-96a2-87ec9ed1cbee&j=0&ru=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1265&gdpr=1&gdpr_consent=

Request Chain 476

https://a.tribalfusion.com/i.match?p=b30&u=qu_UChsShAo&redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D85%26partnerUserId%3D%24TF_USER_ID_ENC%24 HTTP 302
https://cs.lkqd.net/cs?partnerId=85&partnerUserId=18072662185288432210

Request Chain 481

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1602890011&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&eov=eov&hp=1 HTTP 302
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1602890011&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&eov=eov&hp=1&a.y_rid=2685b864-446b-4ce7-906e-91c93fc73409&a.is_yahoo=3&redirect_y=dHM9MTYyMTUxMTI3MDY1My42NTYyNTA6YXBpZD1VUDMyYzNjOGZiLWI5NjEtMTFlYi1hZjI1LTAyODU1ZmMzOTAwMDptaWdyYXRlZDJ5PSIxIjpyZXF1ZXN0X2lkPTI2ODViODY0LTQ0NmItNGNlNy05MDZlLTkxYzkzZmM3MzQwOQ==

Request Chain 482

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=374777289&gdpr=&gdpr_consent=&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1 HTTP 302
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=374777289&gdpr=&gdpr_consent=&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1&a.y_rid=b77cdb3a-8f0d-4766-9da0-954f2e275471&a.is_yahoo=3&redirect_y=dHM9MTYyMTUxMTI3MDY1My44MjY0MTY6YXBpZD1VUDMyYzNjOGZiLWI5NjEtMTFlYi1hZjI1LTAyODU1ZmMzOTAwMDptaWdyYXRlZDJ5PSIxIjpyZXF1ZXN0X2lkPWI3N2NkYjNhLThmMGQtNDc2Ni05ZGEwLTk1NGYyZTI3NTQ3MQ==

Request Chain 483

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=2134638520&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1 HTTP 302
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=2134638520&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1&a.y_rid=237a712c-e794-4fbd-b541-1652ff72a8d1&a.is_yahoo=3&redirect_y=dHM9MTYyMTUxMTI3MDY1Mi4zODUyNTQ6YXBpZD1VUDMyYzNjOGZiLWI5NjEtMTFlYi1hZjI1LTAyODU1ZmMzOTAwMDptaWdyYXRlZDJ5PSIxIjpyZXF1ZXN0X2lkPTIzN2E3MTJjLWU3OTQtNGZiZC1iNTQxLTE2NTJmZjcyYThkMQ==

Request Chain 484

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=239700927&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1 HTTP 302
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=239700927&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1&a.y_rid=d17afaef-aaa4-4973-91e3-c6d0d1539e31&a.is_yahoo=3&redirect_y=dHM9MTYyMTUxMTI3MDY1My4xNzI4NTI6YXBpZD1VUDMyYzNjOGZiLWI5NjEtMTFlYi1hZjI1LTAyODU1ZmMzOTAwMDptaWdyYXRlZDJ5PSIxIjpyZXF1ZXN0X2lkPWQxN2FmYWVmLWFhYTQtNDk3My05MWUzLWM2ZDBkMTUzOWUzMQ==

Request Chain 485

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=34594151&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1 HTTP 302
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=34594151&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1&a.y_rid=8e45c2e5-2edb-4ed1-95fc-bfe28c66c65e&a.is_yahoo=3&redirect_y=dHM9MTYyMTUxMTI3MDY1Mi44Njk2Mjk6YXBpZD1VUDMyYzNjOGZiLWI5NjEtMTFlYi1hZjI1LTAyODU1ZmMzOTAwMDptaWdyYXRlZDJ5PSIxIjpyZXF1ZXN0X2lkPThlNDVjMmU1LTJlZGItNGVkMS05NWZjLWJmZTI4YzY2YzY1ZQ==

492 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 404 Primary Request login.php Show response
www.eotimedopovo.com.br/ 128 KB
33 KB 206ms
180ms Document
text/html 2a00:1450:4001:831::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eotimedopovo.com.br/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d0e2aef40f6bad59a3c810e359295939c29be74da740770efebed27e8c999e3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.eotimedopovo.com.br
:scheme: https
:path: /login.php
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 20 May 2021 11:47:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 33452
server: GSE

GET
H2 200 115981500-css_bundle_v2.css
www.blogger.com/static/v1/widgets/ 36 KB
37 KB 27ms
7ms Stylesheet
text/css 2a00:1450:4001:809::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/115981500-css_bundle_v2.css

Requested by

Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22ca5e3dcd26fa66a4af4b4a5d47a6a3a17f4cb9abdd03707901758b28f5c1d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 13 May 2021 20:26:55 GMT
x-content-type-options: nosniff
last-modified: Thu, 13 May 2021 01:10:00 GMT
server: sffe
age: 573635
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36990
x-xss-protection: 0
expires: Fri, 13 May 2022 20:26:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
655 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed

Requested by

Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f51c09f7389cdc5cfdbd249cc66f95f51480041e42da46e5adf088e7bea9a686

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 20 May 2021 11:17:49 GMT
server: ESF
date: Thu, 20 May 2021 11:47:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 20 May 2021 11:47:30 GMT

GET
H3-29 200 1535467126-widget_css_2_bundle.css
www.blogger.com/static/v1/widgets/ 34 KB
34 KB 22ms
7ms Stylesheet
text/css 2a00:1450:4001:809::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/1535467126-widget_css_2_bundle.css

Requested by

Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/login.php

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2d903176d4df72e36c554fe65598e07df6e8b0b920cd9e37ee91d96389a44791

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 16:53:31 GMT
x-content-type-options: nosniff
last-modified: Tue, 25 Nov 2014 14:03:24 GMT
server: sffe
age: 500039
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35063
x-xss-protection: 0
expires: Sat, 14 May 2022 16:53:31 GMT

GET
H2 200 font-awesome.min.css
netdna.bootstrapcdn.com/font-awesome/4.2.0/css/ 21 KB
5 KB 26ms
22ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netdna.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css

Requested by

Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 718
age: 5050335
cdn-cachedat: 2021-03-11 11:57:57
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b3339f100004e317f315000000001
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:53 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 3b35cfc40f6e2fec33602eb5ba4a8889
cf-ray: 652554a318dd4e31-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.3.2/ 56 KB
20 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js

Requested by

Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8370a2d050359e9d505acc411e6f457a49b21360a21e6cbc9229bad3a767899

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 07:20:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 275202
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19926
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 May 2022 07:20:48 GMT

GET
H2 404 0ByoCwyjwB1aDTXhnVVlxcTBadVk
googledrive.com/host/ 0
0 28ms
6ms Script
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://googledrive.com/host/0ByoCwyjwB1aDTXhnVVlxcTBadVk
Requested by: Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/login.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ 94 KB
33 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js

Requested by

Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 19:17:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59398
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33434
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 May 2022 19:17:32 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.8.1/ 91 KB
33 KB 13ms
10ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.8.1/jquery.min.js

Requested by

Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc184f96dd18794e204c41075a00923be7e8e568744231d74f2fdf8921f78d29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 07:51:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 100556
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33396
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 May 2022 07:51:34 GMT

GET
H2 200 Street_sport_970x90%2B%25282%2529.gif
1.bp.blogspot.com/-Zi1v9rluYSY/YImET4g51bI/AAAAAAAB9nM/iCqSIHjYXLUpHOf1z0_qgO3cgRMYo21AwCLcBGAsYHQ/s16000/ 156 KB
157 KB 67ms
34ms Image
image/gif 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-Zi1v9rluYSY/YImET4g51bI/AAAAAAAB9nM/iCqSIHjYXLUpHOf1z0_qgO3cgRMYo21AwCLcBGAsYHQ/s16000/Street_sport_970x90%2B%25282%2529.gif

Requested by

Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ab227ebdf30bbd3a5675a22cd849325c19c009cb3d5c821495440126697530bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:30 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="Street_sport_970x90 (2).gif"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 160199
x-xss-protection: 0
server: fife
etag: "v1f676"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 10 May 2021 23:18:08 GMT

GET
H2 200 icon18_wrench_allbkg.png
resources.blogblog.com/img/ 475 B
612 B 11ms
7ms Image
image/png 2a00:1450:4001:809::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/icon18_wrench_allbkg.png

Requested by

Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 15 May 2021 05:47:31 GMT
x-content-type-options: nosniff
last-modified: Fri, 14 May 2021 12:12:59 GMT
server: sffe
age: 453599
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 475
x-xss-protection: 0
expires: Sat, 22 May 2021 05:47:31 GMT

GET
H2 200 %25C3%2589%2BO%2BTIME%2BDO%2BPOVO.png
1.bp.blogspot.com/-ONKkXrrD2Kg/XuzKz9QDBEI/AAAAAAAB3R8/I858HcYJkK0mhBzZnFiBuV5bT6LuErIjACK4BGAsYHg/s1600/ 54 KB
54 KB 61ms
28ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-ONKkXrrD2Kg/XuzKz9QDBEI/AAAAAAAB3R8/I858HcYJkK0mhBzZnFiBuV5bT6LuErIjACK4BGAsYHg/s1600/%25C3%2589%2BO%2BTIME%2BDO%2BPOVO.png

Requested by

Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0c09a6e064d23cf9cf4a9cbbb412fdaa78af9ff0d454ece8d90edb5b6b50e889

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:21:35 GMT
x-content-type-options: nosniff
age: 5155
content-disposition: inline;filename="_ O TIME DO POVO.png";filename*=UTF-8''%C3%89%20O%20TIME%20DO%20POVO.png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54986
x-xss-protection: 0
server: fife
etag: "v1dd21"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 03 May 2021 04:36:53 GMT

GET
H2 200 / Show response
www.eotimedopovo.com.br//feeds/posts/default/ 239 KB
30 KB 209ms
206ms Script
text/javascript 2a00:1450:4001:831::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eotimedopovo.com.br//feeds/posts/default/?orderby=published&alt=json-in-script&callback=showrecentpostswiththumbs

Requested by

Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

dc22f6861c419b751b500e95107c786cbf5cb2bfffd160707cb269fe4c22521d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

:path: //feeds/posts/default/?orderby=published&alt=json-in-script&callback=showrecentpostswiththumbs
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.eotimedopovo.com.br
referer: https://www.eotimedopovo.com.br/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.eotimedopovo.com.br/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 20 May 2021 11:45:02 GMT
server: blogger-renderd
etag: W/"ffd8d4da9fbb9a887a2157b829ac0479f4cfc719eb3577195e57cb8cd3cb78c1"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
content-length: 30268
x-xss-protection: 0
expires: Thu, 20 May 2021 11:47:31 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 132 KB
47 KB 62ms
29ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66692834201188242d64623d532248275efe2ba80101490c96bdce4160b78188

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47950
x-xss-protection: 0
server: cafe
etag: 4501822382306722350
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 20 May 2021 11:47:30 GMT

GET
H2 200 cats.jpg
1.bp.blogspot.com/-Ss6LDMQGD_I/YKKC2pWUcKI/AAAAAAAB-Nw/P0xkvVLQfGYBX5e1qCVlAItCTZ1zKH0-QCLcBGAsYHQ/s72-c/ 3 KB
3 KB 49ms
17ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-Ss6LDMQGD_I/YKKC2pWUcKI/AAAAAAAB-Nw/P0xkvVLQfGYBX5e1qCVlAItCTZ1zKH0-QCLcBGAsYHQ/s72-c/cats.jpg

Requested by

Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

09b0a6bbfe4ca9d3cbb83b7c9131eac0e206a1ccf5677a2a2b60cb40552dd0b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:21:35 GMT
x-content-type-options: nosniff
age: 5155
content-disposition: inline;filename="cats.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3156
x-xss-protection: 0
server: fife
etag: "v1f8dd"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 18 May 2021 15:23:54 GMT

GET
H2 200 cats.jpg
1.bp.blogspot.com/-xL12UjMyWqs/YKAxgqgWVuI/AAAAAAAB9_0/PWx34vsuT-UbXKyNDJCcCE9h21-E0k1fgCLcBGAsYHQ/s72-c/ 3 KB
3 KB 64ms
31ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-xL12UjMyWqs/YKAxgqgWVuI/AAAAAAAB9_0/PWx34vsuT-UbXKyNDJCcCE9h21-E0k1fgCLcBGAsYHQ/s72-c/cats.jpg

Requested by

Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

43d8848280c9ee08ea34ab6cfde5f048815bcfa9249b2eb7f1f2cf3f9effb930

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:21:35 GMT
x-content-type-options: nosniff
age: 5155
content-disposition: inline;filename="cats.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3294
x-xss-protection: 0
server: fife
etag: "v1f7fe"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 16 May 2021 22:12:29 GMT

GET
H2 200 Renato%2BGa%25C3%25BAcho%2BCorinthians.jpg
1.bp.blogspot.com/-YQ-VeSjV23g/YKRGRyUBayI/AAAAAAAB-QY/aBghA8ZRJl43hFF99_Y9DfOY2x3RxHDtACLcBGAsYHQ/s72-c/ 3 KB
3 KB 59ms
27ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-YQ-VeSjV23g/YKRGRyUBayI/AAAAAAAB-QY/aBghA8ZRJl43hFF99_Y9DfOY2x3RxHDtACLcBGAsYHQ/s72-c/Renato%2BGa%25C3%25BAcho%2BCorinthians.jpg

Requested by

Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

580a1f41879a53e50cce789d9d9a00d031e95092e309fa6fd515bac787ac3dc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:21:36 GMT
x-content-type-options: nosniff
age: 5154
content-disposition: inline;filename="Renato Ga_cho Corinthians.jpg";filename*=UTF-8''Renato%20Ga%C3%BAcho%20Corinthians.jpg
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3362
x-xss-protection: 0
server: fife
etag: "v1f907"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 19 May 2021 23:20:06 GMT

GET
H2 200 cats.jpg
1.bp.blogspot.com/-nspbew62EWc/YKUYP7RKgtI/AAAAAAAB-Rs/oGTX4ZZNlAgNXRJ0acJpLUwJR6zA6kOJQCLcBGAsYHQ/s72-c/ 3 KB
3 KB 59ms
27ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-nspbew62EWc/YKUYP7RKgtI/AAAAAAAB-Rs/oGTX4ZZNlAgNXRJ0acJpLUwJR6zA6kOJQCLcBGAsYHQ/s72-c/cats.jpg

Requested by

Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5f814e8fa453efc6c00d80a117bc0a62e9d59e1f4672931ffcd93662a5aae9be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:21:35 GMT
x-content-type-options: nosniff
age: 5155
content-disposition: inline;filename="cats.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3096
x-xss-protection: 0
server: fife
etag: "v1f91d"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 20 May 2021 14:15:51 GMT

GET
H3-29 200 cats.jpg
1.bp.blogspot.com/-9XDUudB7Occ/YKKd9B5m5AI/AAAAAAAB-OA/l93snO6cJC8y8ld9T2GFYN_aqQgUDWtuwCLcBGAsYHQ/s72-c/ 3 KB
4 KB 66ms
29ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-9XDUudB7Occ/YKKd9B5m5AI/AAAAAAAB-OA/l93snO6cJC8y8ld9T2GFYN_aqQgUDWtuwCLcBGAsYHQ/s72-c/cats.jpg

Requested by

Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/login.php

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

769f2d03ab40735029ce1999b9e4cecd25c7b761e720abebd1e9eebe67e933fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:21:35 GMT
x-content-type-options: nosniff
age: 5155
content-disposition: inline;filename="cats.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3563
x-xss-protection: 0
server: fife
etag: "v1f8e1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 18 May 2021 17:07:04 GMT

GET
H3-29 200 cats.jpg
1.bp.blogspot.com/-ANa0QH9TgSM/YKT7lPHSfQI/AAAAAAAB-RY/jRuwpqzFilQsHA9MdUGAt6dmIR3EQXtfgCLcBGAsYHQ/s72-c/ 3 KB
3 KB 68ms
31ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-ANa0QH9TgSM/YKT7lPHSfQI/AAAAAAAB-RY/jRuwpqzFilQsHA9MdUGAt6dmIR3EQXtfgCLcBGAsYHQ/s72-c/cats.jpg

Requested by

Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/login.php

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

51ec8a9af07a659ee548048f63d5a8124be94c229f42c9c689c625229b52da06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:21:35 GMT
x-content-type-options: nosniff
age: 5155
content-disposition: inline;filename="cats.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3496
x-xss-protection: 0
server: fife
etag: "v1f917"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 20 May 2021 12:13:30 GMT

GET
H3-29 200 cats.jpg
1.bp.blogspot.com/-WAQNf158jdo/YKWkZYiazwI/AAAAAAAB-S0/ObHOlhci61oBKf1htnjx0-9-Twvkfiv9ACLcBGAsYHQ/s72-c/ 3 KB
3 KB 66ms
29ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-WAQNf158jdo/YKWkZYiazwI/AAAAAAAB-S0/ObHOlhci61oBKf1htnjx0-9-Twvkfiv9ACLcBGAsYHQ/s72-c/cats.jpg

Requested by

Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/login.php

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4a8ae4813a8c879c93419b0c36e3c48a12df46b3a90e4f1dfa438d6058b4919f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:21:35 GMT
x-content-type-options: nosniff
age: 5155
content-disposition: inline;filename="cats.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3050
x-xss-protection: 0
server: fife
etag: "v1f92e"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 20 May 2021 23:58:15 GMT

GET
H3-29 200 cats.jpg
1.bp.blogspot.com/-Y_M2vCLkGP0/YKRcUbi3orI/AAAAAAAB-Qw/pKzszjX3Vn4_ZKPI-VxET5SP_6nmbWxxgCLcBGAsYHQ/s72-c/ 2 KB
2 KB 66ms
28ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-Y_M2vCLkGP0/YKRcUbi3orI/AAAAAAAB-Qw/pKzszjX3Vn4_ZKPI-VxET5SP_6nmbWxxgCLcBGAsYHQ/s72-c/cats.jpg

Requested by

Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/login.php

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

def6ab8798ab5146c8aa3a2329aa19a8b1246f1248173c11a58538ce0054c5fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:21:35 GMT
x-content-type-options: nosniff
age: 5155
content-disposition: inline;filename="cats.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2491
x-xss-protection: 0
server: fife
etag: "v1f90d"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 20 May 2021 00:46:46 GMT

GET
H3-29 200 Ez5vd5CXEAQ9OjE.jpg
1.bp.blogspot.com/-kIImIaXJ2WE/YKQLWdrm8NI/AAAAAAAB-Pw/k5lhuwZlGQgkcccKe84t9TfAMPOHdDMsACLcBGAsYHQ/s72-c/ 3 KB
3 KB 65ms
28ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-kIImIaXJ2WE/YKQLWdrm8NI/AAAAAAAB-Pw/k5lhuwZlGQgkcccKe84t9TfAMPOHdDMsACLcBGAsYHQ/s72-c/Ez5vd5CXEAQ9OjE.jpg

Requested by

Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/login.php

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0d62cdd589152a75cfb03d4a25e56f01f6567c4191b05841f4e8a3119cb51d3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:21:35 GMT
x-content-type-options: nosniff
age: 5155
content-disposition: inline;filename="Ez5vd5CXEAQ9OjE.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2914
x-xss-protection: 0
server: fife
etag: "v1f8fd"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 19 May 2021 18:54:07 GMT

GET
H3-29 200 WhatsApp-Image-2021-05-17-at-7.44.01-PM.jpeg
1.bp.blogspot.com/-a_dR5tUz9Bo/YKPUGdpqg7I/AAAAAAAB-PY/qnrQgBtmpHoXpAQ3OQDgagy8YUgBiwvzgCLcBGAsYHQ/s72-c/ 3 KB
3 KB 63ms
25ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-a_dR5tUz9Bo/YKPUGdpqg7I/AAAAAAAB-PY/qnrQgBtmpHoXpAQ3OQDgagy8YUgBiwvzgCLcBGAsYHQ/s72-c/WhatsApp-Image-2021-05-17-at-7.44.01-PM.jpeg

Requested by

Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/login.php

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fb150bc6490c6ce800e6320e8ca958dd709e038a66aee125f2a768cca1d24436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:21:35 GMT
x-content-type-options: nosniff
age: 5155
content-disposition: inline;filename="WhatsApp-Image-2021-05-17-at-7.44.01-PM.jpeg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3138
x-xss-protection: 0
server: fife
etag: "v1f8f7"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 19 May 2021 15:08:15 GMT

GET
H/1.1 200
OK eotimedopovo_7488.js Show response
ads.vidoomy.com/ 4 KB
4 KB 411ms
144ms Script
application/javascript 3.129.250.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.vidoomy.com/eotimedopovo_7488.js
Requested by: Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/login.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.129.250.65 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-129-250-65.us-east-2.compute.amazonaws.com
Software: Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 / PHP/7.0.33
Resource Hash: 82c7eaa6c0baa8b047f2102792953ea321dccfd5fec703a73b74109b6a9c613d

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 20 May 2021 11:47:30 GMT
Server: Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=300
Content-Length: 4163

GET
H3-29 200 418251-0-instagram.pngg
1.bp.blogspot.com/-zpvGYH5ubhg/WRlhZI0NhnI/AAAAAAABKNU/1LnuD3090yAyVrOaK5TcMc3pyJZeMke1ACLcB/s1600/ 5 KB
5 KB 65ms
27ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-zpvGYH5ubhg/WRlhZI0NhnI/AAAAAAABKNU/1LnuD3090yAyVrOaK5TcMc3pyJZeMke1ACLcB/s1600/418251-0-instagram.pngg

Requested by

Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/login.php

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ddb17b35aa0a1e43ca7fe01c87acdeba4a316699d65d87e5f9a08fe0bae69fc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:21:35 GMT
x-content-type-options: nosniff
age: 5155
content-disposition: inline;filename="418251-0-instagram.png"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4801
x-xss-protection: 0
server: fife
etag: "v128d6"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 09 May 2021 21:55:01 GMT

GET
H2 200 facebook-preto-e-branco.png
2.bp.blogspot.com/-CSSkcgBasVM/WRlhYDL5fTI/AAAAAAABKNQ/_BqnirEvXxQz_hLJzMPYEr9DsMQP9RghwCLcB/s1600/ 4 KB
5 KB 59ms
28ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-CSSkcgBasVM/WRlhYDL5fTI/AAAAAAABKNQ/_BqnirEvXxQz_hLJzMPYEr9DsMQP9RghwCLcB/s1600/facebook-preto-e-branco.png

Requested by

Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d02db114f4715fed03653bb222f980b53b4ac200bc8586973fa80c465a4f812f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:21:35 GMT
x-content-type-options: nosniff
age: 5155
content-disposition: inline;filename="facebook-preto-e-branco.png"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4277
x-xss-protection: 0
server: fife
etag: "v128d6"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 09 May 2021 22:25:49 GMT

GET
H3-29 200 twitter-logo-round.png
1.bp.blogspot.com/-dtqcKDTMetk/WRlhYFCJCHI/AAAAAAABKNM/eMfUPO98NOwrqPg6oli4gH3PRVDE17ifwCLcB/s1600/ 4 KB
4 KB 62ms
24ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-dtqcKDTMetk/WRlhYFCJCHI/AAAAAAABKNM/eMfUPO98NOwrqPg6oli4gH3PRVDE17ifwCLcB/s1600/twitter-logo-round.png

Requested by

Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/login.php

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

63f01adeb450e4b95d0cf41a7bbbffe8f2d89e74b96d3cd962e1a73faa4c0cbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:21:35 GMT
x-content-type-options: nosniff
age: 5155
content-disposition: inline;filename="twitter-logo-round.png"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4186
x-xss-protection: 0
server: fife
etag: "v128d6"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 01 May 2021 02:39:13 GMT

GET
H2 200 youtube.png
4.bp.blogspot.com/-nqV3Lss3r9Y/WRvrswVSuUI/AAAAAAABKSw/fVkMhcawai4KkEMTdecExsnsd7Pth_kRQCLcB/s1600/ 5 KB
5 KB 34ms
13ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-nqV3Lss3r9Y/WRvrswVSuUI/AAAAAAABKSw/fVkMhcawai4KkEMTdecExsnsd7Pth_kRQCLcB/s1600/youtube.png

Requested by

Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e563dbcbc7c21b60675a5e8c70be5f359867cbc648b39ab952740244b23dae1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:21:35 GMT
x-content-type-options: nosniff
age: 5155
content-disposition: inline;filename="youtube.png"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4783
x-xss-protection: 0
server: fife
etag: "v1292d"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 09 May 2021 21:55:01 GMT

GET
H3-29 200 1.png
1.bp.blogspot.com/-DocStZuzRQo/XuzEAO8e_VI/AAAAAAAB3Q0/VB4ol4f9lrkrbgequSNUaOtNzhh8d9CfACK4BGAsYHg/s300/ 100 KB
100 KB 55ms
18ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-DocStZuzRQo/XuzEAO8e_VI/AAAAAAAB3Q0/VB4ol4f9lrkrbgequSNUaOtNzhh8d9CfACK4BGAsYHg/s300/1.png

Requested by

Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/login.php

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3450c74da5ae4511f7ad644c413d288a58004e65feec48af3f557c5529697069

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:21:35 GMT
x-content-type-options: nosniff
age: 5155
content-disposition: inline;filename="1.png"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102777
x-xss-protection: 0
server: fife
etag: "v1dd0f"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 03 May 2021 18:48:56 GMT

GET
H2 403 plusone.js
apis.google.com/js/ 0
0 461ms
438ms Script
text/html 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://apis.google.com/js/plusone.js
Requested by: Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/login.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 404 EGzdj_SIyVVQzdHc_RDUIHuOdwGTnT-XQmetoABhO8l6-8M_fWs5JW2y7AesNRkWio2y2XffIpihgc8e4E-h4wqtnuLwgBzjV290U_FpZt4P7SAeJx3UQfAG6KS0EsQj6_rkTy3HQZLZIpcfOQ=s0-d
lh4.googleusercontent.com/proxy/ 0
0 46ms
23ms Font
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://lh4.googleusercontent.com/proxy/EGzdj_SIyVVQzdHc_RDUIHuOdwGTnT-XQmetoABhO8l6-8M_fWs5JW2y7AesNRkWio2y2XffIpihgc8e4E-h4wqtnuLwgBzjV290U_FpZt4P7SAeJx3UQfAG6KS0EsQj6_rkTy3HQZLZIpcfOQ=s0-d

Requested by

Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.eotimedopovo.com.br
Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:30 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1718
x-xss-protection: 0

GET
H3-29 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.7.1/ 92 KB
33 KB 32ms
17ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js

Requested by

Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/login.php

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 09:30:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 94620
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33333
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 May 2022 09:30:30 GMT

GET
H2 200 show.js Show response
cdn.simpleads.com.br/v2/s372751/p1310549/ 5 KB
3 KB 49ms
7ms Script
application/x-javascript 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.simpleads.com.br/v2/s372751/p1310549/show.js

Requested by

Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/login.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),

Reverse DNS

Software

keycdn-engine / Express

Resource Hash

0938d24970f9a46f8846edf91d9a35b993b52c2c818bf075dab439563fc0f0f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-edge-location: defr
x-powered-by: Express
x-cache: HIT
x-shield: active
server: keycdn-engine
x-frame-options: DENY
etag: W/"25f4-bDJRdSCLury/BCh+iztIyP0AFds"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
link: <https://tagservice.simpleads.com.br/v2/s372751/p1310549/show.js>; rel="canonical"
expires: Thu, 20 May 2021 12:47:30 GMT

GET
H2 200 cookienotice.js Show response
www.eotimedopovo.com.br/js/ 6 KB
2 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:831::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eotimedopovo.com.br/js/cookienotice.js

Requested by

Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:path: /js/cookienotice.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.eotimedopovo.com.br
referer: https://www.eotimedopovo.com.br/login.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.eotimedopovo.com.br/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 20 May 2021 11:09:43 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 2026
x-xss-protection: 0
expires: Thu, 27 May 2021 11:47:30 GMT

GET
H3-29 200 3464975383-widgets.js Show response
www.blogger.com/static/v1/widgets/ 145 KB
145 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:809::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/3464975383-widgets.js

Requested by

Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/login.php

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69d5bc71bfcac17012ba397dfded0ecfdc21ceeb32d4186291e4cb43b8e4351b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 02:10:13 GMT
x-content-type-options: nosniff
last-modified: Tue, 18 May 2021 18:58:04 GMT
server: sffe
age: 121037
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 148163
x-xss-protection: 0
expires: Thu, 19 May 2022 02:10:13 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/timaodopovo/ 256 KB
27 KB 69ms
17ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/timaodopovo/loader.js
Requested by: Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/login.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7fcb7fab78b1002ea0d6a251db92a8547846d27aaa5462d51c363e0c9e5929dc

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: DRkjvbgqHSqPFfrCjmu7PifTkpl7Yik_
content-encoding: gzip
etag: "51c79bea0e9c955454161318758733b4"
age: 284
x-cache: HIT
content-length: 27654
x-amz-id-2: esBraiOUksncQSZ4NTzv66MCDzXdP9AMVQ0ZPRk1XkWuxmarQQv+ivmqTAM2Mmo4GXMtSAkfQsM=
x-served-by: cache-hhn11529-HHN
last-modified: Thu, 20 May 2021 11:01:14 GMT
server: AmazonS3
x-timer: S1621511251.538278,VS0,VE0
date: Thu, 20 May 2021 11:47:30 GMT
vary: Accept-Encoding
x-amz-request-id: GC5H2TQ2C5KRX4TW
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 53
x-cache-hits: 2

GET post-widget.js
s.po.st/static/v4/ 0
0

GET
H2 200 denakop.js Show response
v3.denakop.com/ 51 KB
15 KB 55ms
19ms Script
application/javascript 2606:4700:10::6816:5a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://v3.denakop.com/denakop.js

Requested by

Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:5a5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a05de7c3de0c9029a963830574fff9cc4a44e93f985d2f1aa2e680f211220af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1526
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b333a5800004ab6cfa41000000001
last-modified: Wed, 28 Apr 2021 18:55:39 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"6089afab-cdf3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 652554a3cfd94ab6-FRA
cf-bgj: minify

GET
H3-29 200 authorization.css
www.blogger.com/dyn-css/ 1 B
43 B 618ms
600ms Stylesheet
text/css 2a00:1450:4001:809::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=1596090506057536954&zx=26c89e52-bd65-402f-9c1c-913328e71acd

Requested by

Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/login.php

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 20 May 2021 11:47:31 GMT
server: GSE
date: Thu, 20 May 2021 11:47:31 GMT
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/css; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 22ms
5ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 1054
date: Thu, 20 May 2021 11:29:56 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Thu, 20 May 2021 13:29:56 GMT

GET
H2 200 all.js Show response
connect.facebook.net/pt_BR/ 3 KB
2 KB 16ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pt_BR/all.js

Requested by

Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

af50123da38c80e4e0737f8316c4bcd4d68e0cbd2530f1e6fbbce7d4f78c32ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: VHrxxrpWKRKOIdD9AD+IOQ==
cross-origin-resource-policy: cross-origin
expires: Thu, 20 May 2021 12:01:03 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1777
x-fb-rlafr: 0
x-fb-debug: j5YB5NRckd+uFkpc0+59NCWAbHJJmcsWRJycAZ7Kpi9od7rdMQohaOWqIJQMjRbWSNX6X6+YzUwx2+Sso3BkSg==
x-fb-trip-id: 917726464
x-fb-content-md5: cb85bfd57f14ab3da06d18ef90abc4ba
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 20 May 2021 11:47:30 GMT
x-frame-options: DENY
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "d0742cefd70a11be2df92b4d9a9c2e5b"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 15 KB
15 KB 15ms
1ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v19/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.eotimedopovo.com.br
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 12:25:39 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:08:56 GMT
server: sffe
age: 516111
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15720
x-xss-protection: 0
expires: Sat, 14 May 2022 12:25:39 GMT

GET
H/1.1 200
OK 1347217 Show response
ad.a-ads.com/ Frame 28C2 6 KB
2 KB 85ms
34ms Document
text/html 176.9.125.108
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/1347217?size=728x90

Requested by

Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/login.php

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

176.9.125.108 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.108.125.9.176.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) / Phusion Passenger(R)

Resource Hash

b06bd7068003e4ef13d5a5b05cae66e683bcb6ed0d4353cd007c512d515ae70a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: ad.a-ads.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.eotimedopovo.com.br/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.eotimedopovo.com.br/

Response headers

Server: nginx/1.14.0 (Ubuntu)
Date: Thu, 20 May 2021 11:47:30 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger(R)
X-Original-Referer: https://www.eotimedopovo.com.br/
Content-Encoding: gzip

GET
H3-29 200 all.js Show response
connect.facebook.net/pt_BR/ 215 KB
64 KB 19ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pt_BR/all.js?hash=4a0d95594f6bee9cdee2ea3c6cbf7059&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/all.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

df7364a2023a3a39a1a85b0d626a358be73a6b0d4fe3267df12d560ada39d12d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://www.eotimedopovo.com.br
Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: ktXgJ41gz/veK9afs83GLQ==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 65061
x-fb-rlafr: 0
x-fb-debug: AQk23Q++hzJIrdcV4qYRw0GXdSRRRhulm/LXXSjyOLPST5wwAZsyZ5k+5ckwHDKb+CPvaDuW6yymEOlFBRjILg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: d79bb826b13bec2816cc758c97adf594
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 20 May 2021 11:47:30 GMT
vary: Accept-Encoding
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "97b0ac8b0d032ec443d723bde5fa8f05"
timing-allow-origin: *
priority: u=3,i
expires: Fri, 20 May 2022 10:29:54 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 29ms
14ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=935990782&t=pageview&_s=1&dl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&ul=en-us&de=UTF-8&dt=P%C3%A1gina%20n%C3%A3o%20encontrada%20%C3%89%20o%20Time%20do%20Povo%20-%20Not%C3%ADcias%20do%20Corinthians&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=574871254&gjid=1180087207&cid=1000485672.1621511251&tid=UA-37184521-1&_gid=1934913654.1621511251&_r=1&_slc=1&z=2018684606

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 20 May 2021 11:47:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.eotimedopovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 62 KB
21 KB 81ms
26ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: v3.denakop.com
URL: https://v3.denakop.com/denakop.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

sffe /

Resource Hash

84b8f881c32a27e38a867f814dcbed62b53cba436db5af8f6e6996a7dbc72129

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "877 / 607 of 1000 / last-modified: 1621509323"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21338
x-xss-protection: 0
expires: Thu, 20 May 2021 11:47:30 GMT

GET
H3-29 200 prebid.js Show response
v3.denakop.com/ 193 KB
58 KB 50ms
38ms Script
application/javascript 2606:4700:10::6816:5a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://v3.denakop.com/prebid.js

Requested by

Host: v3.denakop.com
URL: https://v3.denakop.com/denakop.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:5a5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c20f4e658ca4e7fae8204a198a8c770d19b8eb3e13cca4ddab9769f108173f88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1654
cf-polished: origSize=197617
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b333ab60000d6ddb78ec000000001
last-modified: Wed, 12 May 2021 13:06:05 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"609bd2bd-303f1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 652554a45d19d6dd-FRA
cf-bgj: minify

GET
H3-29 200 eotimedopovo.com.br Show response
v3.denakop.com/ad-request/10491/desktop/ 227 B
600 B 471ms
460ms Script
application/javascript 2606:4700:10::6816:5a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://v3.denakop.com/ad-request/10491/desktop/eotimedopovo.com.br

Requested by

Host: v3.denakop.com
URL: https://v3.denakop.com/denakop.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:5a5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5905f0efb119491a6d8f8b0c16404bfd13cc2a0e503cd3d59adb2fccbd7497ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://www.eotimedopovo.com.br
Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://www.eotimedopovo.com.br
cache-control: private, max-age=1800
access-control-allow-credentials: true
cf-ray: 652554a45d15d6dd-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b333ab60000d6ddb70f6000000001

GET
H2 200 profiles.js Show response
d.tailtarget.com/ Frame 85B2 13 KB
6 KB 52ms
12ms Script
application/javascript 35.201.123.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.tailtarget.com/profiles.js
Requested by: Host: v3.denakop.com
URL: https://v3.denakop.com/denakop.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b5de679f41d5e07318bf721f4877d6320d3e351d6cfd58a00471854e2503d48c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 16:12:15 GMT
content-encoding: gzip
age: 70515
x-guploader-uploadid: ABg5-UzY_SGzdl0AaGEhOzg5Tzaqj5_O30cUTqTTAOAVcQysydspRzjUDyBIDv0FgkOzpMtzrUS_VNJHV5OtTcDNGQk
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 5285
last-modified: Mon, 19 Apr 2021 15:43:34 GMT
server: UploadServer
etag: "603f25fd36318626ab410174bd3e1cd3"
x-goog-hash: crc32c=QOm0Sg==, md5=YD8l/TYxhiarQQF0vT4c0w==
content-language: en
x-goog-generation: 1618847014064238
cache-control: public, max-age=86400,no-transform
x-goog-stored-content-length: 5285
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 20 May 2021 16:12:15 GMT

GET
H2 200 impl.20210520-3-RELEASE.js Show response
cdn.taboola.com/libtrc/ 491 KB
113 KB 28ms
21ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20210520-3-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/timaodopovo/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 986007c6e5ee35ac075b04c5eb0a766f9d5d744acb8f9e55122fd5aec690d94c

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: nRv7kaSu.jFsYmfRc9Y0WguRov_K62vI
content-encoding: br
etag: "199965e0ca4e9a0d105c520257461a50"
age: 11882
x-cache: HIT
content-length: 114965
x-amz-id-2: MzJ9428KZkTpy7UFMhB5JoClgd6BrFLswE5uYMc523y7N39tEvgqYbL8CvuuPYWgsiIvbrURLKo=
x-served-by: cache-hhn11529-HHN
last-modified: Thu, 20 May 2021 08:28:07 GMT
server: AmazonS3-br
x-timer: S1621511251.662015,VS0,VE0
date: Thu, 20 May 2021 11:47:30 GMT
vary: Accept-Encoding
x-amz-request-id: Q4CTJ2XMJAB60X2D
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 90
x-cache-hits: 36627

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
2 KB 76ms
23ms Script
application/javascript 143.204.202.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/timaodopovo/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.202.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-202-38.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:36:47 GMT
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
etag: "1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 643
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 1469
x-amz-cf-id: 6xqPgJwuh3dXZop8pe6zYU3qasz4lsmk8uJVcpFcy2Cp0Bv5vbbrqw==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
94 B 19ms
18ms XHR
text/plain 2a00:1450:400c:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-37184521-1&cid=1000485672.1621511251&jid=574871254&gjid=1180087207&_gid=1934913654.1621511251&_u=IEBAAEAAAAAAAC~&z=876653216

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 20 May 2021 11:47:30 GMT
content-type: text/plain
access-control-allow-origin: https://www.eotimedopovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 31ms
24ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-37184521-1&cid=1000485672.1621511251&jid=574871254&_u=IEBAAEAAAAAAAC~&z=1056846489

Requested by

Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 May 2021 11:47:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 21ms
16ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-37184521-1&cid=1000485672.1621511251&jid=574871254&_u=IEBAAEAAAAAAAC~&z=1056846489

Requested by

Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 May 2021 11:47:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 Renato.jpg
1.bp.blogspot.com/-vR1WktU-Z3o/YKZKdRYycAI/AAAAAAAB-TU/FfcYrK8rFoIkwHv9BhNjAjxeo-d8YaFCACLcBGAsYHQ/s72-c/ 3 KB
3 KB 24ms
19ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-vR1WktU-Z3o/YKZKdRYycAI/AAAAAAAB-TU/FfcYrK8rFoIkwHv9BhNjAjxeo-d8YaFCACLcBGAsYHQ/s72-c/Renato.jpg

Requested by

Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/login.php

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f7d30cf07998d5d7873869f69199d740f49e01fb0e1a1cf1976c7809913b3a1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:30 GMT
x-content-type-options: nosniff
server: fife
etag: "v1f936"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Renato.jpg"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3383
x-xss-protection: 0
expires: Fri, 21 May 2021 11:47:30 GMT

GET
H3-29 200 page.jpg
1.bp.blogspot.com/-7cLz4gKaKbA/YKXJg3q20aI/AAAAAAAB-TE/GJ8SbjGbJ10EUsFG02T9oBXXTxDwxA0lQCLcBGAsYHQ/s72-c/ 4 KB
4 KB 12ms
8ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-7cLz4gKaKbA/YKXJg3q20aI/AAAAAAAB-TE/GJ8SbjGbJ10EUsFG02T9oBXXTxDwxA0lQCLcBGAsYHQ/s72-c/page.jpg

Requested by

Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/login.php

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

51b3c9d9127d7428daf3ca21e9144df48a301a63b5f71c64814bb2a1889926ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:21:37 GMT
x-content-type-options: nosniff
age: 5153
content-disposition: inline;filename="page.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3813
x-xss-protection: 0
server: fife
etag: "v1f932"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 21 May 2021 03:22:25 GMT

GET
H3-29 200 Gil.jpg
1.bp.blogspot.com/-St4hv0Q_K-Y/YKWnCxeBmTI/AAAAAAAB-S8/cj1KtBDctCg39leqQLw7iVytStOtZf8mwCLcBGAsYHQ/s72-c/ 3 KB
3 KB 13ms
10ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-St4hv0Q_K-Y/YKWnCxeBmTI/AAAAAAAB-S8/cj1KtBDctCg39leqQLw7iVytStOtZf8mwCLcBGAsYHQ/s72-c/Gil.jpg

Requested by

Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/login.php

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

424bb50312a7bda2ea46dae4fdfa96d7da5aaf8ed4ff67f6f9dad505adafcf41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:21:37 GMT
x-content-type-options: nosniff
age: 5153
content-disposition: inline;filename="Gil.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3235
x-xss-protection: 0
server: fife
etag: "v1f930"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 21 May 2021 00:06:54 GMT

GET
H3-29 200 35064a68d36ed2e2227fda24486e246f.jpg
1.bp.blogspot.com/-UnJa3OfvBLI/YKVa0K88xeI/AAAAAAAB-Ss/jnQerW7LKQg2Vbn9j-Qx8EXUchlID4KhgCLcBGAsYHQ/s72-c/ 3 KB
3 KB 13ms
11ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-UnJa3OfvBLI/YKVa0K88xeI/AAAAAAAB-Ss/jnQerW7LKQg2Vbn9j-Qx8EXUchlID4KhgCLcBGAsYHQ/s72-c/35064a68d36ed2e2227fda24486e246f.jpg

Requested by

Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/login.php

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9b740fc33c320c32f37ac69c8a49e3c8822ce660678814520069a3e7923c00e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 10:21:37 GMT
x-content-type-options: nosniff
age: 5153
content-disposition: inline;filename="35064a68d36ed2e2227fda24486e246f.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3464
x-xss-protection: 0
server: fife
etag: "v1f92c"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 20 May 2021 19:20:38 GMT

GET
H/1.1 200
OK 831975 Show response
ad.a-ads.com/ Frame 22C1 7 KB
2 KB 47ms
46ms Document
text/html 176.9.125.108
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/831975?size=300x250

Requested by

Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/login.php

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

176.9.125.108 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.108.125.9.176.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) / Phusion Passenger(R)

Resource Hash

dcfb44cae0148f8bdd3d5aeddd31810857710ba248d1205bb1e45e4d69e0d063

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: ad.a-ads.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.eotimedopovo.com.br/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.eotimedopovo.com.br/

Response headers

Server: nginx/1.14.0 (Ubuntu)
Date: Thu, 20 May 2021 11:47:30 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger(R)
X-Original-Referer: https://www.eotimedopovo.com.br/
Content-Encoding: gzip

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 56ms
39ms Fetch
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=183907278420228&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&sdk=joey&wants_cookie_data=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/all.js?hash=4a0d95594f6bee9cdee2ea3c6cbf7059&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: psxK3GfvVzx3MSOQM0TB7t2lBsqVn3CCysUIaqyRWX8Ta6tfuz6tewYmgeUONOtsweAnkxQwiwMxI33vEp0lPw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 20 May 2021 11:47:30 GMT
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.eotimedopovo.com.br
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/ 231 KB
85 KB 46ms
32ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6682610916885114&plah=www.eotimedopovo.com.br&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93ea87740a629b311148b644cb72d376ef82344939bc4d47acff4aa0719ad668

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87252
x-xss-protection: 0
server: cafe
etag: 5322897297824761394
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 20 May 2021 11:47:30 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210517/r20190131/ Frame 47FF 10 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210517/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1dad6cb9a0903898a8f82f89c0d10ee6e94f8459228530fa5df3078100c9f650

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210517/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.eotimedopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.eotimedopovo.com.br/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 19 May 2021 22:33:52 GMT
expires: Wed, 02 Jun 2021 22:33:52 GMT
content-type: text/html; charset=UTF-8
etag: 15349191498103243965
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4506
x-xss-protection: 0
age: 47618
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 loader.js Show response
config.seedtag.com/ 39 KB
12 KB 59ms
30ms Script
application/javascript 104.18.135.145
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://config.seedtag.com/loader.js?v=0.8138939261823941
Requested by: Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/login.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.135.145 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28e7c5883213aac2724862e788fa2c79bcebc5708d2bbccc44ee0206bd54d484

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:30 GMT
content-encoding: br
cf-cache-status: HIT
age: 16321
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b333b68000023553c8c8000000001
last-modified: Wed, 19 May 2021 07:14:51 GMT
server: cloudflare
etag: W/"5aa24f8cf305e38e0d340b3cf5ba438f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=1200
access-control-allow-credentials: true
cf-ray: 652554a57a812355-ZRH
expires: Thu, 20 May 2021 12:07:30 GMT

GET
H2 200 66a78650063d5b194b4c717f4f0d420b.min.js Show response
clevernt.com/scripts/ 120 KB
48 KB 40ms
23ms Script
text/javascript 2606:4700:20::681a:a75
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://clevernt.com/scripts/66a78650063d5b194b4c717f4f0d420b.min.js?20200512=1621511250759
Requested by: Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/login.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a75 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbe61ec8a3efdcd039ec02f99bf9a0a66e1c2ef4831a8e45d12cb4c736709a8d

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 58
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: YPJTW8JD0KSNRWQ3
x-amz-id-2: cLjH+hZdvqfnHeImPsEFvSsrMK0EdNCexAO6hvPZSXCw5ybcrk+HeMAw2NAaO72ybFHT9+VxujE=
last-modified: Thu, 20 May 2021 06:50:25 GMT
server: cloudflare
etag: W/"bba73e1d78477e2727d4be3d24a882dd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2F8cz%2BPn3TqKipkfJUdcU42Qhe0zyIQz6RjuqZEF1azPe%2BGp1eoD20DH4NucGlqQrzm%2FtzfE73gXhIQ67%2FKfVfnV92nAYeA20XHKsWbluDxF4kfVFT0i96Zg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=1800
cf-request-id: 0a2b333b580000177ae81f3000000001
cf-ray: 652554a55a34177a-FRA

GET
H2 200 profile Show response
d.t.tailtarget.com/ Frame 85B2 92 B
268 B 149ms
114ms Script
application/x-javascript 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.t.tailtarget.com/profile
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/profiles.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: e593d32d2b3c25b54c4632fc55d4c55cce4154e0bfaeb75883da07b742e762dc

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:30 GMT
content-encoding: gzip
last-modified: Thu, 30 Jan 2020 20:26:00 GMT
server: nginx/1.17.8
etag: W/"5e333bd8-5c"
vary: Accept-Encoding, Accept-Encoding
content-type: application/x-javascript
via: 1.1 google
cache-control: max-age=3600
alt-svc: clear
expires: Thu, 20 May 2021 12:47:30 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=935990782&t=pageview&_s=2&dl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&ul=en-us&de=UTF-8&dt=P%C3%A1gina%20n%C3%A3o%20encontrada%20%C3%89%20o%20Time%20do%20Povo%20-%20Not%C3%ADcias%20do%20Corinthians&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEBAAEABAAAAAC~&jid=&gjid=&cid=1000485672.1621511251&tid=UA-37184521-1&_gid=1934913654.1621511251&z=157457249

Requested by

Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/login.php

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 May 2021 10:15:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 5492
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 HiZ8OQj6u20 Show response
www.youtube.com/embed/ Frame 931E 52 KB
22 KB 50ms
50ms Document
text/html 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/HiZ8OQj6u20?autoplay=0&origin=http://example.com

Requested by

Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

17802de0e3b1f61a23b67667f91e5eafe7440c4f4bff0d53b40dee5c2e1c4156

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/HiZ8OQj6u20?autoplay=0&origin=http://example.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.eotimedopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.eotimedopovo.com.br/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 20 May 2021 11:47:30 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=ey5uCATUlnE; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=K1-6WyDq7hc; Domain=.youtube.com; Expires=Tue, 16-Nov-2021 11:47:30 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+039; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 PqJe0OuJSMI Show response
www.youtube.com/embed/ Frame C7A9 51 KB
22 KB 64ms
63ms Document
text/html 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/PqJe0OuJSMI?autoplay=0&origin=http://example.com

Requested by

Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/login.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5366b35dd9b34d83a67c49c44700cba3261bd6464fdf9858076d9ebd2b5b11e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/PqJe0OuJSMI?autoplay=0&origin=http://example.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.eotimedopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.eotimedopovo.com.br/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 20 May 2021 11:47:30 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=X1FdlN8QKhQ; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=zIz8dXeNzUo; Domain=.youtube.com; Expires=Tue, 16-Nov-2021 11:47:30 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+982; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 stories-vertical-ui.20210520-3-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 585 B
716 B 18ms
17ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/stories-vertical-ui.20210520-3-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/timaodopovo/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9eb8abd21cd55dccbf594f924fc021a47ad55572e0f621d5cb3fd587e9f668f8

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: h2LnXsN1MEUIgc.BGm.TF4zswzpOi_My
content-encoding: gzip
etag: "938a8cab946323c5b078805ed527becd"
age: 2737
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 316
x-amz-id-2: SXoyK40cUUafPFOOId27Gc8qOCLBOKTMV+vTHIty5JZgbZvUV2qmKRjwMc6OgXhWyp7UZRUEoM4=
x-served-by: cache-hhn11529-HHN
last-modified: Thu, 20 May 2021 11:01:52 GMT
server: AmazonS3
x-timer: S1621511251.840061,VS0,VE0
date: Thu, 20 May 2021 11:47:30 GMT
vary: Accept-Encoding
x-amz-request-id: 2DDXQ92MDFRK4PB5
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 90
x-cache-hits: 39063

GET
H3-29 200 pubads_impl_2021051901.js Show response
securepubads.g.doubleclick.net/gpt/ 310 KB
109 KB 50ms
25ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051901.js?31061260

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

sffe /

Resource Hash

6ac5dc61ad3c547afd1e7eb3594daecd75ab2eda5e53a15c5fb52bb2c60ddd13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 19 May 2021 08:40:12 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 111403
x-xss-protection: 0
expires: Thu, 20 May 2021 11:47:30 GMT

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1621511250861&ns_c=UTF-8&cv=3.5&c8=P%C3%A1gina%20n%C3%A3o%20encontrada%20%C3%89%20o%20Time%20do%20Povo%20-%20Not%C3%ADcias%20do%20Cori...
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1621511250861&ns_c=UTF-8&cv=3.5&c8=P%C3%A1gina%20n%C3%A3o%20encontrada%20%C3%89%20o%20Time%20do%20Povo%20-%20Not%C3%ADcias%20do%20Cor...

64 B
330 B

25ms
24ms

Image
image/gif

143.204.202.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1621511250861&ns_c=UTF-8&cv=3.5&c8=P%C3%A1gina%20n%C3%A3o%20encontrada%20%C3%89%20o%20Time%20do%20Povo%20-%20Not%C3%ADcias%20do%20Corinthians&c7=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&c9=
Requested by: Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/login.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.202.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-202-38.fra53.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:30 GMT
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: ao_xNnL9vzCDFn7S8hdipJR3m3LH-EULWVOgiFgXtLYBz2m8sVjRBQ==

Redirect headers

date: Thu, 20 May 2021 11:47:30 GMT
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1621511250861&ns_c=UTF-8&cv=3.5&c8=P%C3%A1gina%20n%C3%A3o%20encontrada%20%C3%89%20o%20Time%20do%20Povo%20-%20Not%C3%ADcias%20do%20Corinthians&c7=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&c9=
content-length: 284
x-amz-cf-id: VBQ2voftykjr9aU5N8uqcMTZXraMHpajyRpSo4wu0kzGk16UShnSMA==

GET
H2 200 docallbackinfoba35170063eb4f40ba16982140709b47.js Show response
ui.clevernt.com/ 694 B
1017 B 238ms
64ms Script
text/javascript 148.69.64.109
VODAFONE-PT Vodaf...

General

Check archive.org

Show headers Download Go to

Full URL

https://ui.clevernt.com/docallbackinfoba35170063eb4f40ba16982140709b47.js

Requested by

Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/login.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

148.69.64.109 Porto, Portugal, ASN12353 (VODAFONE-PT Vodafone Portugal, PT),

Reverse DNS

host-109.clevernetwork.pt

Software

nginx /

Resource Hash

03c88eb5696a03dcaefb0b43e22fbdd56dffc0d53532c7974b21f49a23871d86

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: cache
date: Thu, 20 May 2021 11:47:31 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=3600
strict-transport-security: max-age=15768000
expires: Thu, 20 May 2021 12:47:31 GMT

GET
H2 200 formats.js Show response
ad.lkqd.net/vpaid/ Frame 5292 118 KB
35 KB 166ms
19ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/formats.js
Requested by: Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/login.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:31 GMT
content-encoding: gzip
last-modified: Fri, 11 Dec 2020 00:09:23 GMT
etag: "286704660baa2c113268f28385080796"
x-hw: 1621511251.cds151.fr8.hn,1621511251.cds289.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 35765

GET
H2 200 formats.js Show response
ad.lkqd.net/vpaid/ Frame 10C1 118 KB
35 KB 171ms
36ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/formats.js
Requested by: Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/login.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:31 GMT
content-encoding: gzip
last-modified: Fri, 11 Dec 2020 00:09:23 GMT
etag: "286704660baa2c113268f28385080796"
x-hw: 1621511251.cds151.fr8.hn,1621511251.cds289.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 35765

GET
H/1.1 200
OK auto-user-sync
ads.stickyadstv.com/ 43 B
599 B 170ms
31ms Image
image/gif 184.30.21.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/auto-user-sync
Requested by: Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/login.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.21.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-112.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 20 May 2021 11:47:31 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1621511251039034-413
Expires: Thu, 20 May 2021 11:47:31 GMT

GET
H3-29 200 google_top_exp.js Show response
pagead2.googlesyndication.com/pagead/js/ 47 B
93 B 7ms
7ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js

Requested by

Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/login.php

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 07:42:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14688
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
server: cafe
etag: 13036835877489095579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 03 Jun 2021 07:42:42 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=935990782&t=pageview&_s=1&dl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&ul=en-us&de=UTF-8&dt=P%C3%A1gina%20n%C3%A3o%20encontrada%20%C3%89%20o%20Time%20do%20Povo%20-%20Not%C3%ADcias%20do%20Corinthians&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEDAAEABAAAAAC~&jid=152461064&gjid=1818185365&cid=1000485672.1621511251&tid=UA-37184521-1&_gid=1934913654.1621511251&_r=1&z=1738394483

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 20 May 2021 11:47:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.eotimedopovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1/ 13 KB
5 KB 17ms
8ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Requested by

Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/login.php

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 08:06:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13266
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 May 2022 08:06:24 GMT

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 16ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/login.php

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

656178f80f84a0d02f39eb8389c3a4fed4368b97f4fce6e99d05d856c9e89ff9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 99R/7vMikKrgDnak8wfqDQ==
cross-origin-resource-policy: cross-origin
expires: Thu, 20 May 2021 11:50:21 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1779
x-fb-rlafr: 0
x-fb-debug: L3jIPqhkOLXv5+u4HdvB5KIy56ZQtZbdfHwHsx/2Na860P4pXrYPwQHXpp/A3/1NDH1fgW2xVcSFsJlaipU6sA==
x-fb-content-md5: 933f1b75809e84424c018f68a9cc965c
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 20 May 2021 11:47:30 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "6eacecd8f67c45dd1f1e44785f3e76d2"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2

200

cookie Show response
a.vidoomy.com/api/rtbserver/ Frame F045
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D
https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=017cec76-58f2-47c3-a24c-2b627210aaa1-60a64c53-4348&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_i...
https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=017cec76-58f2-47c3-a24c-2b627210aaa1-60a64c53-4348&partner_url=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3D...
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=017cec76-58f2-47c3-a24c-2b627210aaa1-60a64c53-4348&partner_url=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%...
https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=017cec76-58f2-47c3-a24c-2b627210aaa1-60a64c53-4348

43 B
334 B

70ms
20ms

Document
image/gif

54.93.84.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=017cec76-58f2-47c3-a24c-2b627210aaa1-60a64c53-4348
Requested by: Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/login.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.93.84.136 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-93-84-136.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

:method: GET
:authority: a.vidoomy.com
:scheme: https
:path: /api/rtbserver/cookie?i=CEN&uid=017cec76-58f2-47c3-a24c-2b627210aaa1-60a64c53-4348
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.eotimedopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.eotimedopovo.com.br/

Response headers

date: Thu, 20 May 2021 11:47:31 GMT
content-type: image/gif
content-length: 43
content-encoding: none
set-cookie: vidoomy-uids=eyJ1aWRzIjp7IkNFTiI6eyJ1aWQiOiIwMTdjZWM3Ni01OGYyLTQ3YzMtYTI0Yy0yYjYyNzIxMGFhYTEtNjBhNjRjNTMtNDM0OCIsImV4cGlyZXMiOjE2MjQxMDMyNTF9fX0=; Path=/; Domain=vidoomy.com; Expires=Fri, 20 May 2022 11:47:31 GMT; Secure; SameSite=None
vary: Origin

Redirect headers

date: Thu, 20 May 2021 11:47:31 GMT
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
set-cookie: TapAd_TS=1621511251320;Expires=Mon, 19 Jul 2021 11:47:31 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None TapAd_DID=6b782152-cdf4-4cd3-a210-77956dd30498;Expires=Mon, 19 Jul 2021 11:47:31 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None TapAd_3WAY_SYNCS=;Expires=Mon, 19 Jul 2021 11:47:31 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
location: https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=017cec76-58f2-47c3-a24c-2b627210aaa1-60a64c53-4348
content-length: 0
server: Jetty(9.4.36.v20210114)
via: 1.1 google
alt-svc: clear

GET
H2

200

cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain

https://x.bidswitch.net/sync?ssp=vidoomy&user_id=24426744.017631784174898596.74708521
https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=24426744.017631784174898596.74708521
https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dvidoomy%26bsw_param%3Dc75114ef-7e43-4254-a1fd-f3076364f65...
https://x.bidswitch.net/sync?dsp_id=80&user_id=b06d60a6-4c53-4100-b320-a4e0416ef324&expires=30&ssp=vidoomy&bsw_param=c75114ef-7e43-4254-a1fd-f3076364f650&gdpr=&gdpr_consent=
https://rtb.vidoomy.com/cookie/?exchange_cookie=c75114ef-7e43-4254-a1fd-f3076364f650&exchange_name=BSW
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=c75114ef-7e43-4254-a1fd-f3076364f650

43 B
413 B

32ms
30ms

Image
image/gif

54.93.84.136
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=c75114ef-7e43-4254-a1fd-f3076364f650
Requested by: Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/login.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.93.84.136 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-93-84-136.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:32 GMT
content-encoding: none
content-length: 43
vary: Origin
content-type: image/gif

Redirect headers

location: https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=c75114ef-7e43-4254-a1fd-f3076364f650
date: Thu, 20 May 2021 11:47:32 GMT
cache-control: no-cache, private
server: nginx/1.19.0
x-powered-by: PHP/7.4.5
content-type: text/html; charset=UTF-8

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 209 B
444 B 27ms
25ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.eotimedopovo.com.br&callback=_gfp_s_&client=ca-pub-6682610916885114

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6682610916885114&plah=www.eotimedopovo.com.br&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

cb5555c8a50b04289f393b2e30e222a650de72d3904705884870ff3713d9ed4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 197
x-xss-protection: 0

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&tn=DIV&id=oopss&ign=false

Requested by

Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/login.php

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 May 2021 11:47:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
799 B 42ms
15ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.eotimedopovo.com.br

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 20 May 2021 11:47:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 41ms
14ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.eotimedopovo.com.br

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 20 May 2021 11:47:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1AE1 25 KB
1 KB 129ms
128ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-6682610916885114&output=html&adk=1812271804&adf=3025194257&lmt=1621511251&plat=1%3A16809992%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621511250757&bpp=2&bdt=441&idt=289&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8444465050750&frm=20&pv=2&ga_vid=1000485672.1621511251&ga_sid=1621511251&ga_hid=935990782&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=587487176775854&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=320

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

841c0859b5572d958f433f18a584bc19eac3563e0dcf59f063c989a2c0038fc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?npa=1&client=ca-pub-6682610916885114&output=html&adk=1812271804&adf=3025194257&lmt=1621511251&plat=1%3A16809992%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621511250757&bpp=2&bdt=441&idt=289&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8444465050750&frm=20&pv=2&ga_vid=1000485672.1621511251&ga_sid=1621511251&ga_hid=935990782&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=587487176775854&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=320
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.eotimedopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.eotimedopovo.com.br/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 20 May 2021 11:47:31 GMT
server: cafe
content-length: 1432
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 20-May-2021 12:02:31 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 20 May 2021 11:47:31 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 37ms
14ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c42d25b217d0238ad491d1174be0b4e0ee1305e71185e817c0d4ec11a18685d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1621424113157718"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27995
x-xss-protection: 0
expires: Thu, 20 May 2021 11:47:31 GMT

GET
H3-29 200 www-player-webp.css
www.youtube.com/s/player/fba90263/ Frame 931E 359 KB
45 KB 17ms
10ms Stylesheet
text/css 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/fba90263/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/HiZ8OQj6u20?autoplay=0&origin=http://example.com

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32fb46e37490028d33d014af2fa2446ddbab6ecbf50318e488483b3b9aa59ad0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/HiZ8OQj6u20?autoplay=0&origin=http://example.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 02:54:52 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 19 May 2021 01:59:33 GMT
server: sffe
age: 118359
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46235
x-xss-protection: 0
expires: Thu, 19 May 2022 02:54:52 GMT

GET
H3-29 200 www-embed-player.js Show response
www.youtube.com/s/player/fba90263/www-embed-player.vflset/ Frame 931E 191 KB
63 KB 36ms
29ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/fba90263/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/HiZ8OQj6u20?autoplay=0&origin=http://example.com

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e581acc738cba51dead610202c58d80a9ab824bbda760b8764d82d0cd5949015

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/HiZ8OQj6u20?autoplay=0&origin=http://example.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 02:54:52 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 19 May 2021 01:59:33 GMT
server: sffe
age: 118359
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64431
x-xss-protection: 0
expires: Thu, 19 May 2022 02:54:52 GMT

GET
H3-29 200 base.js Show response
www.youtube.com/s/player/fba90263/player_ias.vflset/en_US/ Frame 931E 2 MB
465 KB 33ms
26ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/fba90263/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/HiZ8OQj6u20?autoplay=0&origin=http://example.com

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6356dab2c76e9e8b9b9fe33f36effc4b58d2268854e1f4d2609204c4752a765a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/HiZ8OQj6u20?autoplay=0&origin=http://example.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 02:55:43 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 19 May 2021 01:59:33 GMT
server: sffe
age: 118308
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 476171
x-xss-protection: 0
expires: Thu, 19 May 2022 02:55:43 GMT

GET
H3-29 200 fetch-polyfill.js Show response
www.youtube.com/s/player/fba90263/fetch-polyfill.vflset/ Frame 931E 8 KB
8 KB 36ms
30ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/fba90263/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/HiZ8OQj6u20?autoplay=0&origin=http://example.com

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/HiZ8OQj6u20?autoplay=0&origin=http://example.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 02:54:47 GMT
x-content-type-options: nosniff
last-modified: Wed, 19 May 2021 01:59:33 GMT
server: sffe
age: 118364
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8543
x-xss-protection: 0
expires: Thu, 19 May 2022 02:54:47 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 931E 15 KB
15 KB 20ms
16ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/HiZ8OQj6u20?autoplay=0&origin=http://example.com

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 21:46:00 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
age: 136891
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
expires: Wed, 18 May 2022 21:46:00 GMT

POST
H3-29 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 32ms
17ms XHR
text/plain 2a00:1450:400c:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-37184521-1&cid=1000485672.1621511251&jid=152461064&gjid=1818185365&_gid=1934913654.1621511251&_u=KEDAAEABAAAAAC~&z=1444146790

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 20 May 2021 11:47:31 GMT
content-type: text/plain
access-control-allow-origin: https://www.eotimedopovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 www-player-webp.css
www.youtube.com/s/player/fba90263/ Frame C7A9 359 KB
45 KB 11ms
6ms Stylesheet
text/css 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/fba90263/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/PqJe0OuJSMI?autoplay=0&origin=http://example.com

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32fb46e37490028d33d014af2fa2446ddbab6ecbf50318e488483b3b9aa59ad0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/PqJe0OuJSMI?autoplay=0&origin=http://example.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 02:54:52 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 19 May 2021 01:59:33 GMT
server: sffe
age: 118359
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46235
x-xss-protection: 0
expires: Thu, 19 May 2022 02:54:52 GMT

GET
H3-29 200 www-embed-player.js Show response
www.youtube.com/s/player/fba90263/www-embed-player.vflset/ Frame C7A9 191 KB
63 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/fba90263/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/PqJe0OuJSMI?autoplay=0&origin=http://example.com

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e581acc738cba51dead610202c58d80a9ab824bbda760b8764d82d0cd5949015

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/PqJe0OuJSMI?autoplay=0&origin=http://example.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 02:54:52 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 19 May 2021 01:59:33 GMT
server: sffe
age: 118359
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64431
x-xss-protection: 0
expires: Thu, 19 May 2022 02:54:52 GMT

GET
H3-29 200 base.js Show response
www.youtube.com/s/player/fba90263/player_ias.vflset/en_US/ Frame C7A9 2 MB
465 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/fba90263/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/PqJe0OuJSMI?autoplay=0&origin=http://example.com

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6356dab2c76e9e8b9b9fe33f36effc4b58d2268854e1f4d2609204c4752a765a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/PqJe0OuJSMI?autoplay=0&origin=http://example.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 02:55:43 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 19 May 2021 01:59:33 GMT
server: sffe
age: 118308
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 476171
x-xss-protection: 0
expires: Thu, 19 May 2022 02:55:43 GMT

GET
H3-29 200 fetch-polyfill.js Show response
www.youtube.com/s/player/fba90263/fetch-polyfill.vflset/ Frame C7A9 8 KB
8 KB 13ms
11ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/fba90263/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/PqJe0OuJSMI?autoplay=0&origin=http://example.com

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/PqJe0OuJSMI?autoplay=0&origin=http://example.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 02:54:47 GMT
x-content-type-options: nosniff
last-modified: Wed, 19 May 2021 01:59:33 GMT
server: sffe
age: 118364
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8543
x-xss-protection: 0
expires: Thu, 19 May 2022 02:54:47 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame C7A9 15 KB
15 KB 13ms
8ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/PqJe0OuJSMI?autoplay=0&origin=http://example.com

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 21:46:00 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
age: 136891
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
expires: Wed, 18 May 2022 21:46:00 GMT

GET
H3-29 200 authorization.css
www.blogger.com/dyn-css/ 1 B
43 B 112ms
109ms Stylesheet
text/css 2a00:1450:4001:809::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=1596090506057536954&zx=26c89e52-bd65-402f-9c1c-913328e71acd

Requested by

Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/login.php

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 20 May 2021 11:47:31 GMT
server: GSE
date: Thu, 20 May 2021 11:47:31 GMT
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/css; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame 16C1 4 KB
2 KB 24ms
18ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: f1b84287f024bbd570be1f1bc70c321931025ffacde7b25210dcc1ccc0575591

Request headers

:method: GET
:authority: ad.lkqd.net
:scheme: https
:path: /cookie-sync/usync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:31 GMT
content-encoding: gzip
content-length: 1828
content-type: text/html
last-modified: Mon, 12 Apr 2021 19:06:23 GMT
accept-ranges: bytes
etag: "27034f886617b8db418f17a7a29a7e50"
cache-control: public, max-age=1209600
x-hw: 1621511251.cds151.fr8.hn,1621511251.cds226.fr8.c
access-control-allow-origin: *

GET
H2 200 ad Show response
v.lkqd.net/ Frame 5292 2 KB
2 KB 354ms
113ms XHR
application/xml 146.20.132.205
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1092910&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56560%2C1%2C&c4=&c5=&c6=56560&rnd=47220158&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.205 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e930e2b6d8e6e7ea71a7ffe12a463062681a29bf2dee558836678be5b9c86a4c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:31 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://www.eotimedopovo.com.br
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 1377

GET
H3-29 200 css
fonts.googleapis.com/ 2 KB
482 B 30ms
16ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Ubuntu:500&subset=latin

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c16739b2471c717348631363c3a7fe6a49c381d846696168e6945a0f96781df4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 20 May 2021 11:46:58 GMT
server: ESF
date: Thu, 20 May 2021 11:47:31 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 20 May 2021 11:47:31 GMT

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 18ms
18ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-37184521-1&cid=1000485672.1621511251&jid=152461064&_u=KEDAAEABAAAAAC~&z=1519779265

Requested by

Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/login.php

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 May 2021 11:47:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.de/ads/ 42 B
63 B 45ms
30ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-37184521-1&cid=1000485672.1621511251&jid=152461064&_u=KEDAAEABAAAAAC~&z=1519779265

Requested by

Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/login.php

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 May 2021 11:47:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame EE23 4 KB
2 KB 19ms
19ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: f1b84287f024bbd570be1f1bc70c321931025ffacde7b25210dcc1ccc0575591

Request headers

:method: GET
:authority: ad.lkqd.net
:scheme: https
:path: /cookie-sync/usync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:31 GMT
content-encoding: gzip
content-length: 1828
content-type: text/html
last-modified: Mon, 12 Apr 2021 19:06:23 GMT
accept-ranges: bytes
etag: "27034f886617b8db418f17a7a29a7e50"
cache-control: public, max-age=1209600
x-hw: 1621511251.cds151.fr8.hn,1621511251.cds226.fr8.c
access-control-allow-origin: *

GET
H2 200 ad Show response
v.lkqd.net/ Frame 10C1 180 B
496 B 332ms
112ms XHR
application/xml 146.20.132.205
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1092911&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56560%2C1%2C&c4=&c5=&c6=56560&rnd=98896548&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.205 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:31 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://www.eotimedopovo.com.br
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 150

GET
H3-29 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame 931E 113 B
161 B 16ms
16ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/fba90263/www-embed-player.vflset/www-embed-player.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1748aa0a0c5f30609118298e5e606f8cefb1a7be1452688311ff3e723f234c06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 931E 29 B
91 B 9ms
6ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/fba90263/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:33:40 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 831
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
expires: Thu, 20 May 2021 11:48:40 GMT

GET
H3-29 200 4iCv6KVjbNBYlgoCjC3jsGyN.woff2
fonts.gstatic.com/s/ubuntu/v15/ 29 KB
29 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v15/4iCv6KVjbNBYlgoCjC3jsGyN.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:500&subset=latin

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97d812da07c2319e0e64c4137b33a5d3ccfb4c06fa5ab4444f522959e27a9ed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.eotimedopovo.com.br
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 21:11:52 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:02:34 GMT
server: sffe
age: 138939
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29864
x-xss-protection: 0
expires: Wed, 18 May 2022 21:11:52 GMT

GET
H3-29 200 remote.js Show response
www.youtube.com/s/player/fba90263/player_ias.vflset/en_US/ Frame 931E 98 KB
30 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/fba90263/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/fba90263/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

187b2130cdd7857365f314352097dd414d0bea425b98dfb3d0423d7d184d6197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/HiZ8OQj6u20?autoplay=0&origin=http://example.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 02:55:44 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 19 May 2021 01:59:33 GMT
server: sffe
age: 118307
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30864
x-xss-protection: 0
expires: Thu, 19 May 2022 02:55:44 GMT

GET
H3-29 200 AUGvlSuEtHOcWRQLUt13huJM0vW_5kL1XylCO744oBE.js Show response
www.google.com/js/th/ Frame 931E 35 KB
13 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/AUGvlSuEtHOcWRQLUt13huJM0vW_5kL1XylCO744oBE.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/fba90263/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0141af952b84b4739c59140b52dd7786e24cd2f5bfe642f55f29423bbe38a011

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 22:05:48 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 03 May 2021 11:00:00 GMT
server: sffe
age: 135703
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13218
x-xss-protection: 0
expires: Wed, 18 May 2022 22:05:48 GMT

GET
H3-29 200 embed.js Show response
www.youtube.com/s/player/fba90263/player_ias.vflset/en_US/ Frame 931E 25 KB
25 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/fba90263/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/fba90263/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5367b985d0e7260be2ad1a7dcf0578da95c507ba93b57f0facb134374fd4da4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/HiZ8OQj6u20?autoplay=0&origin=http://example.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 02:56:06 GMT
x-content-type-options: nosniff
last-modified: Wed, 19 May 2021 01:59:33 GMT
server: sffe
age: 118285
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25226
x-xss-protection: 0
expires: Thu, 19 May 2022 02:56:06 GMT

GET
H3-29 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame C7A9 113 B
159 B 14ms
14ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/fba90263/www-embed-player.vflset/www-embed-player.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

99f3cfb4284c9ec32399e76f66a59f6b3f933a7ca3c82186ba1c9ff94f29f93b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame C7A9 29 B
52 B 21ms
6ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/fba90263/www-embed-player.vflset/www-embed-player.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:33:40 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 831
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
expires: Thu, 20 May 2021 11:48:40 GMT

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 331ms
107ms Preflight
text/plain 146.20.132.134
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.eotimedopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Thu, 20 May 2021 11:47:31 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.eotimedopovo.com.br

POST t
t.lkqd.net/ Frame 1473 0
0

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 323ms
110ms Preflight
text/plain 146.20.132.134
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.eotimedopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Thu, 20 May 2021 11:47:31 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.eotimedopovo.com.br

POST
H2 200 t Show response
t.lkqd.net/ Frame 93B4 0
170 B 2348ms
2111ms XHR
text/plain 146.20.132.134
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.eotimedopovo.com.br
date: Thu, 20 May 2021 11:47:32 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 vpaid.js Show response
ad.lkqd.net/vpaid/ Frame AC78 230 KB
61 KB 22ms
22ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: ef50960ff4008e29ce90d5fbf828aafc92f1df70f59fb672fa3884fdd2017a5f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:31 GMT
content-encoding: gzip
last-modified: Mon, 10 May 2021 16:09:54 GMT
etag: "18431b5d583ab7507824ab63424fc76a"
x-hw: 1621511251.cds151.fr8.hn,1621511251.cds107.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 62012

GET
H3-29 200 remote.js Show response
www.youtube.com/s/player/fba90263/player_ias.vflset/en_US/ Frame C7A9 98 KB
30 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/fba90263/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/fba90263/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

187b2130cdd7857365f314352097dd414d0bea425b98dfb3d0423d7d184d6197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/PqJe0OuJSMI?autoplay=0&origin=http://example.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 02:55:44 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 19 May 2021 01:59:33 GMT
server: sffe
age: 118307
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30864
x-xss-protection: 0
expires: Thu, 19 May 2022 02:55:44 GMT

GET
H3-29 200 AUGvlSuEtHOcWRQLUt13huJM0vW_5kL1XylCO744oBE.js Show response
www.google.com/js/th/ Frame C7A9 35 KB
13 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/AUGvlSuEtHOcWRQLUt13huJM0vW_5kL1XylCO744oBE.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/fba90263/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0141af952b84b4739c59140b52dd7786e24cd2f5bfe642f55f29423bbe38a011

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 22:05:48 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 03 May 2021 11:00:00 GMT
server: sffe
age: 135703
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13218
x-xss-protection: 0
expires: Wed, 18 May 2022 22:05:48 GMT

GET
H3-29 200 embed.js Show response
www.youtube.com/s/player/fba90263/player_ias.vflset/en_US/ Frame C7A9 25 KB
25 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/fba90263/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/fba90263/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5367b985d0e7260be2ad1a7dcf0578da95c507ba93b57f0facb134374fd4da4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/PqJe0OuJSMI?autoplay=0&origin=http://example.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 02:56:06 GMT
x-content-type-options: nosniff
last-modified: Wed, 19 May 2021 01:59:33 GMT
server: sffe
age: 118285
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25226
x-xss-protection: 0
expires: Thu, 19 May 2022 02:56:06 GMT

GET
H2

451

464986.gif
idsync.rlcdn.com/ Frame 16C1
Redirect Chain

https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if
https://idsync.rlcdn.com/464986.gif?partner_uid=vmtdWv1uu2U

0
66 B

54ms
25ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/464986.gif?partner_uid=vmtdWv1uu2U
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:32 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

Redirect headers

date: Thu, 20 May 2021 11:47:31 GMT
server: nginx
location: https://idsync.rlcdn.com/464986.gif?partner_uid=vmtdWv1uu2U
access-control-max-age: 0
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 0

GET
H2

200

cs
cs.lkqd.net/ Frame 16C1
Redirect Chain

https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252...
https://cs.krushmedia.com/cd607442bfdf172cfcec45014a5f4ece.gif?puid=vmtdWv1uu2U&redir=https://cs.lkqd.net/cs?partnerId%3D102%26partnerUserId%3D%5BUID%5D
https://cs.lkqd.net/cs?partnerId=102&partnerUserId=302f0ca6-1b01-4196-bf8c-80753633913a

43 B
402 B

109ms
107ms

Image
image/gif

146.20.132.67
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=102&partnerUserId=302f0ca6-1b01-4196-bf8c-80753633913a
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:34 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

Pragma: no-cache
Date: Thu, 20 May 2021 11:47:34 GMT
Server: nginx
Transfer-Encoding: chunked
Location: https://cs.lkqd.net/cs?partnerId=102&partnerUserId=302f0ca6-1b01-4196-bf8c-80753633913a
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H2

200

NXST
c.deployads.com/cs/ Frame 16C1
Redirect Chain

https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
https://c.deployads.com/cs/NXST?b=vmtdWv1uu2U

43 B
284 B

120ms
43ms

Image
image/gif

52.30.95.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.deployads.com/cs/NXST?b=vmtdWv1uu2U
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.95.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-95-9.eu-west-1.compute.amazonaws.com
Software: SortableCactus/1.0 /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 May 2021 11:47:32 GMT
cache-control: no-cache
server: SortableCactus/1.0
content-type: image/gif
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Thu, 20 May 2021 11:47:31 GMT
server: nginx
location: https://c.deployads.com/cs/NXST?b=vmtdWv1uu2U
access-control-max-age: 0
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 0

GET
H2

200

cs
cs.lkqd.net/ Frame 16C1
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2457259372858366305

43 B
390 B

151ms
117ms

Image
image/gif

146.20.132.67
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2457259372858366305
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:31 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2457259372858366305
pragma: no-cache
date: Thu, 20 May 2021 11:47:31 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

cs
cs.lkqd.net/ Frame 16C1
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=161
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=0N6m9HVaS19_qSZpuPpXviV4iZQ

43 B
397 B

119ms
118ms

Image
image/gif

146.20.132.67
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=0N6m9HVaS19_qSZpuPpXviV4iZQ
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:32 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

Location: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=0N6m9HVaS19_qSZpuPpXviV4iZQ
Date: Thu, 20 May 2021 11:47:32 GMT
Connection: keep-alive
Content-Length: 104
Content-Type: text/html; charset=utf-8

GET
H2

451

464986.gif
idsync.rlcdn.com/ Frame EE23
Redirect Chain

https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if
https://idsync.rlcdn.com/464986.gif?partner_uid=vmtdWv1uu2U

0
42 B

54ms
26ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/464986.gif?partner_uid=vmtdWv1uu2U
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:32 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

Redirect headers

date: Thu, 20 May 2021 11:47:31 GMT
server: nginx
location: https://idsync.rlcdn.com/464986.gif?partner_uid=vmtdWv1uu2U
access-control-max-age: 0
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 0

GET
H2

200

cs
cs.lkqd.net/ Frame EE23
Redirect Chain

https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252...
https://cs.krushmedia.com/cd607442bfdf172cfcec45014a5f4ece.gif?puid=vmtdWv1uu2U&redir=https://cs.lkqd.net/cs?partnerId%3D102%26partnerUserId%3D%5BUID%5D
https://cs.lkqd.net/cs?partnerId=102&partnerUserId=53527e69-d119-4164-8cbc-0aee8d6f033d

43 B
402 B

109ms
108ms

Image
image/gif

146.20.132.67
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=102&partnerUserId=53527e69-d119-4164-8cbc-0aee8d6f033d
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:34 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

Pragma: no-cache
Date: Thu, 20 May 2021 11:47:34 GMT
Server: nginx
Transfer-Encoding: chunked
Location: https://cs.lkqd.net/cs?partnerId=102&partnerUserId=53527e69-d119-4164-8cbc-0aee8d6f033d
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H2

200

NXST
c.deployads.com/cs/ Frame EE23
Redirect Chain

https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
https://c.deployads.com/cs/NXST?b=vmtdWv1uu2U

43 B
285 B

118ms
42ms

Image
image/gif

52.30.95.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.deployads.com/cs/NXST?b=vmtdWv1uu2U
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.95.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-95-9.eu-west-1.compute.amazonaws.com
Software: SortableCactus/1.0 /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 May 2021 11:47:32 GMT
cache-control: no-cache
server: SortableCactus/1.0
content-type: image/gif
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Thu, 20 May 2021 11:47:31 GMT
server: nginx
location: https://c.deployads.com/cs/NXST?b=vmtdWv1uu2U
access-control-max-age: 0
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 0

GET
H2

200

cs
cs.lkqd.net/ Frame EE23
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2529316966896294241

43 B
389 B

143ms
109ms

Image
image/gif

146.20.132.67
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2529316966896294241
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:31 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2529316966896294241
pragma: no-cache
date: Thu, 20 May 2021 11:47:31 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

cs
cs.lkqd.net/ Frame EE23
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=161
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=IG1K94RoRx5Wj-Q7wXbeUiV4iZQ

43 B
398 B

108ms
107ms

Image
image/gif

146.20.132.67
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=IG1K94RoRx5Wj-Q7wXbeUiV4iZQ
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:32 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

Location: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=IG1K94RoRx5Wj-Q7wXbeUiV4iZQ
Date: Thu, 20 May 2021 11:47:32 GMT
Connection: keep-alive
Content-Length: 104
Content-Type: text/html; charset=utf-8

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 931E 4 KB
2 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/fba90263/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
expires: Thu, 20 May 2021 11:47:31 GMT

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame B3B7 4 KB
2 KB 33ms
33ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: f1b84287f024bbd570be1f1bc70c321931025ffacde7b25210dcc1ccc0575591

Request headers

:method: GET
:authority: ad.lkqd.net
:scheme: https
:path: /cookie-sync/usync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: lkqdidts=1621511251; lkqdid=vmtdWv1uu2U
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:31 GMT
content-encoding: gzip
content-length: 1828
content-type: text/html
last-modified: Mon, 12 Apr 2021 19:06:23 GMT
accept-ranges: bytes
etag: "27034f886617b8db418f17a7a29a7e50"
cache-control: public, max-age=1209600
x-hw: 1621511251.cds151.fr8.hn,1621511251.cds226.fr8.c
access-control-allow-origin: *

OPTIONS
H2 200 ad
v.lkqd.net/ Frame 0
0 465ms
245ms Preflight 146.20.132.205
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1092910&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56560%2C1%2C&c4=&c5=&c6=56560&rnd=47220158&m=&rtv=1&thost=www.eotimedopovo.com.br
Protocol: H2
Server: 146.20.132.205 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.eotimedopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Thu, 20 May 2021 11:47:32 GMT
content-length: 0
access-control-allow-origin: https://www.eotimedopovo.com.br
access-control-max-age: 300
cache-control: max-age=300
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-credentials: true

POST
H2 200 ad Show response
v.lkqd.net/ Frame AC78 86 KB
8 KB 2072ms
2072ms XHR
application/json 146.20.132.205
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1092910&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56560%2C1%2C&c4=&c5=&c6=56560&rnd=47220158&m=&rtv=1&thost=www.eotimedopovo.com.br
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.205 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 08136efb9006ad2902c3aa4929c29505257d51ba3b1b539fbb548a9b8622d52a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 20 May 2021 11:47:32 GMT
content-encoding: gzip
server: nginx
content-type: application/json
access-control-allow-origin: https://www.eotimedopovo.com.br
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 6433

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 204 generate_204
www.youtube.com/ Frame 931E 0
9 B 7ms
6ms Image
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?OZfmmQ
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/HiZ8OQj6u20?autoplay=0&origin=http://example.com
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.youtube.com/embed/HiZ8OQj6u20?autoplay=0&origin=http://example.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:31 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3-29 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame C7A9 4 KB
2 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/fba90263/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
expires: Thu, 20 May 2021 11:47:31 GMT

GET
H3-29 204 generate_204
www.youtube.com/ Frame C7A9 0
9 B 10ms
9ms Image
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?t_iGgw
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/PqJe0OuJSMI?autoplay=0&origin=http://example.com
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.youtube.com/embed/PqJe0OuJSMI?autoplay=0&origin=http://example.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:31 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H2 200 t Show response
t.lkqd.net/ Frame 2A98 0
171 B 2113ms
2111ms XHR
text/plain 146.20.132.134
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.eotimedopovo.com.br
date: Thu, 20 May 2021 11:47:32 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 119ms
119ms Preflight
text/plain 146.20.132.134
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.eotimedopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Thu, 20 May 2021 11:47:32 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.eotimedopovo.com.br

GET
H2

200

cs
cs.lkqd.net/ Frame B3B7
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=161
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=Z1MikquaSANsQQbyoLH5PSV4iZQ

43 B
398 B

2104ms
2104ms

Image
image/gif

146.20.132.67
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=Z1MikquaSANsQQbyoLH5PSV4iZQ
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:34 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

Location: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=Z1MikquaSANsQQbyoLH5PSV4iZQ
Date: Thu, 20 May 2021 11:47:32 GMT
Connection: keep-alive
Content-Length: 104
Content-Type: text/html; charset=utf-8

GET
H2

200

cs
cs.lkqd.net/ Frame B3B7
Redirect Chain

https://nxd.adhaven.com/bid-engine/cs/2e288610711ad6050acd86a3fc72a6c3/v1?rd=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D90%26partnerUserId%3D%24UID
https://cs.lkqd.net/cs?partnerId=90&partnerUserId=4c_59c74759-fe0d-4e07-af06-da959dcfd51e

43 B
403 B

2074ms
2073ms

Image
image/gif

146.20.132.67
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=90&partnerUserId=4c_59c74759-fe0d-4e07-af06-da959dcfd51e
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:32 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=90&partnerUserId=4c_59c74759-fe0d-4e07-af06-da959dcfd51e
date: Thu, 20 May 2021 11:47:32 GMT
via: 1.1 google
server: WildFly/10
x-powered-by: Undertow/1
alt-svc: clear
content-length: 0

GET
H/1.1 200
OK cm
p.rfihub.com/ Frame B3B7 42 B
614 B 143ms
32ms Image
image/gif 193.0.160.129
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.rfihub.com/cm?pub=35678&in=1
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 193.0.160.129 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 11:47:32 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Type: image/gif
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

400

cs
cs.lkqd.net/ Frame B3B7
Redirect Chain

https://cs.lkqd.net/cs?partnerId=85&redirect=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db30%26u%3D%24%24rawlkqduserid%24%24%26redirect%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%2...
https://a.tribalfusion.com/i.match?p=b30&u=vmtdWv1uu2U&redirect=https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D$TF_USER_ID_ENC$
https://s.tribalfusion.com/z/i.match?p=b30&u=vmtdWv1uu2U&redirect=https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D$TF_USER_ID_ENC$
https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D18072662185289981349

0
237 B

1836ms
1836ms

Image
text/plain

146.20.132.67
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D18072662185289981349
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:34 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 0

Redirect headers

pragma: no-cache
date: Thu, 20 May 2021 11:47:32 GMT
cf-cache-status: DYNAMIC
x-function: 209
server: cloudflare
x-reuse-index: 24
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 652554af18e22c4e-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D18072662185289981349
cache-control: no-cache, private
content-type: text/html
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b33416d00002c4e10a69000000001
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK lkq
match.prod.bidr.io/cookie-sync/ Frame B3B7 43 B
430 B 180ms
42ms Image
image/gif 52.19.106.86
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/lkq

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.19.106.86 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
Date: Thu, 20 May 2021 11:47:32 GMT
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
content-type: image/gif
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 931E 28 B
54 B 21ms
20ms XHR
application/json 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/fba90263/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 120
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/HiZ8OQj6u20?autoplay=0&origin=http://example.com
X-YouTube-Client-Version: 1.20210517.1.1
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtLMS02V3lEcTdoYyjSmJmFBg%3D%3D
X-YouTube-Ad-Signals: dt=1621511251310&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&wgl=true&ca_type=image&bid=ANyPxKoE_RPHzbRlghVW2laIJjhewHZO7pgw_KldKsX7Nkng5mKNfcfDjOFFiIrRF2QWwgC9QxRnqET2lJZ-dFcM6dXEoenqBw

Response headers

date: Thu, 20 May 2021 11:47:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Thu, 20 May 2021 11:47:34 GMT

POST
H3-29 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame C7A9 28 B
54 B 20ms
19ms XHR
application/json 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/fba90263/www-embed-player.vflset/www-embed-player.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 120
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/PqJe0OuJSMI?autoplay=0&origin=http://example.com
X-YouTube-Client-Version: 1.20210517.1.1
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: Cgt6SXo4ZFhlTnpVbyjSmJmFBg%3D%3D
X-YouTube-Ad-Signals: dt=1621511251485&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&wgl=true&ca_type=image&bid=ANyPxKpRQnHrEZOHOHUtHpwHw_V-HtZfdumU9p5vqG6noaAUeGUTZyFU6CR5ZUxNz7NyzWhKGN8m2bijL45ec5v6MyWJkoo7ow

Response headers

date: Thu, 20 May 2021 11:47:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Thu, 20 May 2021 11:47:34 GMT

GET
H2

200

cs
cs.lkqd.net/ Frame AC78
Redirect Chain

https://nxd.adhaven.com/bid-engine/cs/2e288610711ad6050acd86a3fc72a6c3/v1?rd=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D90%26partnerUserId%3D%24UID
https://cs.lkqd.net/cs?partnerId=90&partnerUserId=4c_59c74759-fe0d-4e07-af06-da959dcfd51e

43 B
404 B

108ms
107ms

Image
image/gif

146.20.132.67
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=90&partnerUserId=4c_59c74759-fe0d-4e07-af06-da959dcfd51e
Requested by: Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/login.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:34 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=90&partnerUserId=4c_59c74759-fe0d-4e07-af06-da959dcfd51e
date: Thu, 20 May 2021 11:47:34 GMT
via: 1.1 google
server: WildFly/10
x-powered-by: Undertow/1
alt-svc: clear
content-length: 0

GET
H2

200

cs
cs.lkqd.net/ Frame AC78
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=161
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=Z1MikquaSANsQQbyoLH5PSV4iZQ

43 B
398 B

108ms
107ms

Image
image/gif

146.20.132.67
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=Z1MikquaSANsQQbyoLH5PSV4iZQ
Requested by: Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/login.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:34 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

Location: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=Z1MikquaSANsQQbyoLH5PSV4iZQ
Date: Thu, 20 May 2021 11:47:34 GMT
Connection: keep-alive
Content-Length: 104
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK CookieSyncLKQD
rtb.adentifi.com/ Frame AC78 0
88 B 456ms
121ms Image
text/plain 52.45.128.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adentifi.com/CookieSyncLKQD
Requested by: Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/login.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.128.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0
Content-Type: text/plain

GET
H2

200

cs
cs.lkqd.net/ Frame AC78
Redirect Chain

https://sync.1rx.io/usersync2/lkqd
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1934575865
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1934575865
https://sync.1rx.io/usersync/tradedesk/3ab2aa33-9814-40e5-b53c-797e1a747377
https://sync.targeting.unrulymedia.com/csync/RX-261af8de-00e1-4558-9b65-88de8b3d81fb-003?redir=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D7%26partnerUserId%3DRX-261af8de-00e1-4558-9b65-88de8b3d81...
https://cs.lkqd.net/cs?partnerId=7&partnerUserId=RX-261af8de-00e1-4558-9b65-88de8b3d81fb-003

43 B
543 B

121ms
121ms

Image
image/gif

146.20.132.67
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=7&partnerUserId=RX-261af8de-00e1-4558-9b65-88de8b3d81fb-003
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:34 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=7&partnerUserId=RX-261af8de-00e1-4558-9b65-88de8b3d81fb-003
date: Thu, 20 May 2021 11:47:34 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX261af8de00e145589b6588de8b3d81fb003
content-type: text/html

GET
H2

200

cs
cs.lkqd.net/ Frame AC78
Redirect Chain

https://x.bidswitch.net/sync?ssp=lkqd
https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dlkqd%26bsw_param%3Dc...
https://x.bidswitch.net/sync?dsp_id=354&user_id=5b38242278254faa9c7e3159d84be2de&ssp=lkqd&bsw_param=c75114ef-7e43-4254-a1fd-f3076364f650&gdpr=&consent=&gdpr_pd=
https://cs.lkqd.net/cs?partnerId=12&partnerUserId=c75114ef-7e43-4254-a1fd-f3076364f650&redirect=%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D43%26partnerUserId%3Dc75114ef-7e43-4254-a1fd-f3076364f650%26redi...
https://cs.lkqd.net/cs?partnerId=43&partnerUserId=c75114ef-7e43-4254-a1fd-f3076364f650&redirect=//cs.lkqd.net/cs?partnerId%3D46%26partnerUserId%3Dc75114ef-7e43-4254-a1fd-f3076364f650
https://cs.lkqd.net/cs?partnerId=46&partnerUserId=c75114ef-7e43-4254-a1fd-f3076364f650

43 B
402 B

124ms
123ms

Image
image/gif

146.20.132.67
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=46&partnerUserId=c75114ef-7e43-4254-a1fd-f3076364f650
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:34 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

date: Thu, 20 May 2021 11:47:34 GMT
server: nginx
location: //cs.lkqd.net/cs?partnerId=46&partnerUserId=c75114ef-7e43-4254-a1fd-f3076364f650
access-control-max-age: 0
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 0

GET
H2

200

cs
cs.lkqd.net/ Frame AC78
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=e0d6q5j&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=e0d6q5j&ttd_tpi=1
https://cs.lkqd.net/cs?partnerId=22&partnerUserId=3f010ecf-3155-4e6d-ad05-5b2a04bc82ea

43 B
401 B

109ms
109ms

Image
image/gif

146.20.132.67
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=22&partnerUserId=3f010ecf-3155-4e6d-ad05-5b2a04bc82ea
Requested by: Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/login.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:34 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

pragma: no-cache
date: Thu, 20 May 2021 11:47:34 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cs.lkqd.net/cs?partnerId=22&partnerUserId=3f010ecf-3155-4e6d-ad05-5b2a04bc82ea
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 203

GET
H2

200

cs
cs.lkqd.net/ Frame AC78
Redirect Chain

https://sync.tidaltv.com/genericusersync.ashx?dpid=3162
https://sync.tidaltv.com/genericusersync.ashx?dpid=3162&s_h=1
https://cs.lkqd.net/cs?partnerId=23&partnerUserId=fa43162d-07e3-4d11-9490-f48f7b5ad0f0&gdpr=1&gdpr_consent=

43 B
308 B

109ms
108ms

Image
image/gif

146.20.132.67
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=23&partnerUserId=fa43162d-07e3-4d11-9490-f48f7b5ad0f0&gdpr=1&gdpr_consent=
Requested by: Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/login.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:34 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

pragma: no-cache
date: Thu, 20 May 2021 11:47:34 GMT
server: Apache-Coyote/1.1
location: https://cs.lkqd.net/cs?partnerId=23&partnerUserId=fa43162d-07e3-4d11-9490-f48f7b5ad0f0&gdpr=1&gdpr_consent=
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

GET
H2

200

cs
cs.lkqd.net/ Frame AC78
Redirect Chain

https://gu.dyntrk.com/adx/lkqd/us.php?dynk=l1k4q1d4&gdpr=&gdpr_consent=
https://gu.dyntrk.com/adx/lkqd/us.php?dynk=l1k4q1d4&gdpr=&gdpr_consent=&prevuid=03030001_60a64c564ea94&knw=0
https://cs.lkqd.net/cs?partnerId=25&partnerUserId=03030001_60a64c564ea94

43 B
391 B

108ms
107ms

Image
image/gif

146.20.132.67
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=25&partnerUserId=03030001_60a64c564ea94
Requested by: Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/login.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:34 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

date: Thu, 20 May 2021 11:47:34 GMT
server: nginx
access-control-allow-origin: *
transfer-encoding: chunked
access-control-allow-methods: POST, GET, OPTIONS
p3p: CP="NOI DEV OUR BUS UNI"
location: https://cs.lkqd.net/cs?partnerId=25&partnerUserId=03030001_60a64c564ea94
cache-control: no-cache
content-type: text/html; charset=UTF-8
access-control-allow-headers: Origin
keep-alive: timeout=10

GET
H2

200

cs
cs.lkqd.net/ Frame AC78
Redirect Chain

https://media.sabio.us/imp_pixel?invsrc=11&secure=1
https://cs.lkqd.net/cs?partnerId=39&partnerUserId=2556487421951403526

43 B
526 B

118ms
117ms

Image
image/gif

146.20.132.67
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=39&partnerUserId=2556487421951403526
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:34 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=39&partnerUserId=2556487421951403526
date: Thu, 20 May 2021 11:47:34 GMT
server: Apache/2.4.23 (Unix)
content-length: 257
content-type: text/html; charset=iso-8859-1

GET
H2

200

genericusersync.ashx
sync.tidaltv.com/ Frame AC78
Redirect Chain

https://sync.tidaltv.com/genericusersync.ashx?dpid=lkqd
https://sync.tidaltv.com/genericusersync.ashx?dpid=lkqd&s_h=1
https://sb.scorecardresearch.com/p?c1=9&c2=5989497&cs_xi=fa43162d-07e3-4d11-9490-f48f7b5ad0f0&rn=TIMESTAMP&cs_xs=3315&r=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1266&gdpr=1&gd...
https://sync.tidaltv.com/genericusersync.ashx?dpid=1266
https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzMxODMxNDE0/mpuid/fa43162d-07e3-4d11-9490-f48f7b5ad0f0/rnd/0/url/https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1261%2F&gdpr=1&gdpr_consent=
https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1261%2F&gdpr=1&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=445&dpuuid=fa43162d-07e3-4d11-9490-f48f7b5ad0f0?redir=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1262&gdpr=1&gdpr_consent=
https://sync.tidaltv.com/genericusersync.ashx?dpid=1262
https://tags.bluekai.com/site/5379?id=fa43162d-07e3-4d11-9490-f48f7b5ad0f0&redir=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1263&gdpr=1&gdpr_consent=
https://sync.tidaltv.com/genericusersync.ashx?dpid=1263

42 B
327 B

29ms
29ms

Image
image/gif

2a05:d018:24:b002:ebbe:4057:3491:6f67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.tidaltv.com/genericusersync.ashx?dpid=1263

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:24:b002:ebbe:4057:3491:6f67 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 May 2021 11:47:34 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
server: Apache-Coyote/1.1
content-type: image/gif
x-xss-protection: 1; mode=block
expires: 0

Redirect headers

Location: https://sync.tidaltv.com/genericusersync.ashx?dpid=1263
Date: Thu, 20 May 2021 11:47:34 GMT
Connection: keep-alive
Content-Length: 0
BK-Server: 41e
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H2

200

cs
cs.lkqd.net/ Frame AC78
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/aUTuBPNf?redir=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D52%26partnerUserId%3D%24%7BUSER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/aUTuBPNf?redir=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D52%26partnerUserId%3D%24%7BUSER_ID%7D&_test=YKZMVgAA9qNdTABg
https://cs.lkqd.net/cs?partnerId=52&partnerUserId=YKZMVgAA9qNdTABg&_test=YKZMVgAA9qNdTABg

43 B
389 B

110ms
109ms

Image
image/gif

146.20.132.67
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=52&partnerUserId=YKZMVgAA9qNdTABg&_test=YKZMVgAA9qNdTABg
Requested by: Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/login.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:34 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

pragma: no-cache
date: Thu, 20 May 2021 11:47:34 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1621511254.412123,VS0,VE0
x-served-by: cache-fra19138-FRA
x-cache: HIT
location: https://cs.lkqd.net/cs?partnerId=52&partnerUserId=YKZMVgAA9qNdTABg&_test=YKZMVgAA9qNdTABg
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

cs
cs.lkqd.net/ Frame AC78
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=561322&ev=1&rurl=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D53%26partnerUserId%3D%25%25VGUID%25%25
https://cs.lkqd.net/cs?partnerId=53&partnerUserId=us9CBzzLQIEp&ev=1&pid=561322

43 B
386 B

126ms
125ms

Image
image/gif

146.20.132.67
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=53&partnerUserId=us9CBzzLQIEp&ev=1&pid=561322
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:34 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
location: https://cs.lkqd.net/cs?partnerId=53&partnerUserId=us9CBzzLQIEp&ev=1&pid=561322
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-686fd4fb4c-7k5gh
expires: -1

GET
H2

200

cs
cs.lkqd.net/ Frame AC78
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm&google_hm=dm10ZFd2MXV1MlU
https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEIh8jtyiYSZaUoCM3oS8lv4&google_cver=1

43 B
398 B

119ms
119ms

Image
image/gif

146.20.132.67
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEIh8jtyiYSZaUoCM3oS8lv4&google_cver=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:34 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

pragma: no-cache
date: Thu, 20 May 2021 11:47:34 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEIh8jtyiYSZaUoCM3oS8lv4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 296
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 p-E357uSpKxfQzx.gif
cms.quantserve.com/pixel/ Frame AC78 35 B
373 B 295ms
82ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/pixel/p-E357uSpKxfQzx.gif?idmatch=0

Requested by

Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/login.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 May 2021 11:47:34 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200
OK lkq
match.prod.bidr.io/cookie-sync/ Frame AC78 43 B
430 B 42ms
42ms Image
image/gif 52.19.106.86
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/lkq

Requested by

Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/login.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.19.106.86 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
Date: Thu, 20 May 2021 11:47:34 GMT
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
content-type: image/gif
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK cm
p.rfihub.com/ Frame AC78 42 B
614 B 34ms
33ms Image
image/gif 193.0.160.129
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.rfihub.com/cm?pub=35678&in=1
Requested by: Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/login.php
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 193.0.160.129 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 11:47:34 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Type: image/gif
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

cs
cs.lkqd.net/ Frame AC78
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=118
https://tags.bluekai.com/site/17724?id=017cec76-58f2-47c3-a24c-2b627210aaa1-60a64c53-4348&redir=https%3A%2F%2Fbcp.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D017cec76-58f2-47c3-a24c-2b62721...
https://bcp.crwdcntrl.net/map/c=1389/tp=STSC/tpid=017cec76-58f2-47c3-a24c-2b627210aaa1-60a64c53-4348?https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D97%26partnerUserId%3D017cec76-58f2-47c3-a24c-2b6272...
https://bcp.crwdcntrl.net/map/ct=y/c=1389/tp=STSC/tpid=017cec76-58f2-47c3-a24c-2b627210aaa1-60a64c53-4348?https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D97%26partnerUserId%3D017cec76-58f2-47c3-a24c-2...
https://cs.lkqd.net/cs?partnerId=97&partnerUserId=017cec76-58f2-47c3-a24c-2b627210aaa1-60a64c53-4348

43 B
547 B

125ms
125ms

Image
image/gif

146.20.132.67
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=97&partnerUserId=017cec76-58f2-47c3-a24c-2b627210aaa1-60a64c53-4348
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:34 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

pragma: no-cache
date: Thu, 20 May 2021 11:47:34 GMT
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://cs.lkqd.net/cs?partnerId=97&partnerUserId=017cec76-58f2-47c3-a24c-2b627210aaa1-60a64c53-4348
cache-control: no-cache
x-server: 10.45.25.28
content-length: 0
expires: 0

GET
H2 400 lkqd
event.clientgear.com/cookie/ Frame AC78 0
0 323ms
106ms Image
text/html 47.252.78.131
CNNIC-ALIBABA-US-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://event.clientgear.com/cookie/lkqd?partner=lkqd&cookieid=vmtdWv1uu2U&uid={ymcookie}
Requested by: Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/login.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.252.78.131 , United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 / Show response
adx.adform.net/adx/ 65 B
655 B 204ms
123ms XHR
text/xml 37.157.2.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?mid=970530&t=2&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:34 GMT
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 173
pragma: no-cache
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: text/xml; charset=utf-8
access-control-allow-origin: https://www.eotimedopovo.com.br
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H/1.1 200
OK 218947 Show response
search.spotxchange.com/vast/2.0/ 67 B
1 KB 121ms
45ms XHR
text/xml 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.0/218947?VPAID=JS&content_page_url=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&cb=1369145784&player_width=400&player_height=225&media_transcoding=low&ip_addr=37.120.137.148&device[ua]=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&regs[gdpr]=&user[consent]=&device[geo][lat]=47.3925&device[geo][lon]=8.4546&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C2885701172523724841517555785%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 11:47:34 GMT
Content-Encoding: gzip
X-SpotX-Timing-Transform: 0.000337
X-SpotX-Timing-SpotMarket: 0.009486
X-SpotX-Timing-Page-Mux: 0.001296
X-SpotX-Timing-Page-Require: 0.000326
X-fe: 127
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000048
Content-Length: 77
X-SpotX-Timing-Page: 0.017438
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000289
Last-Modified: Thu, 20 May 2021 11:47:34 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Vary: Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary: 0.009486
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.eotimedopovo.com.br
X-SpotX-Timing-Page-Misc: 0.005647
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000008
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 tag Show response
4cywq-eqnre.ads.tremorhub.com/ad/ 119 B
463 B 1413ms
1216ms XHR
text/xml 2600:1f18:612b:4200:dadf:a359:f0cd:5654
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://4cywq-eqnre.ads.tremorhub.com/ad/tag?adCode=4cywq-7ivfu&playerWidth=400&playerHeight=225&srcPageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C3996280592885701172523724841%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4200:dadf:a359:f0cd:5654 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 5616a6e1823b43919f7d1a33817cccfa1d9f30c9f10f2deb00d9c3671f91d5f0

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 May 2021 11:47:35 GMT
content-encoding: gzip
server: Apache-Coyote/1.1
vary: accept-encoding
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin: https://www.eotimedopovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-tremorvideo-status: NO_AD
content-type: text/xml;charset=UTF-8

GET

pixel
cm.g.doubleclick.net/
Redirect Chain

https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&cb=180507457&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C2885701172523724841...
https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&cb=180507457&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C28857011725237...
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc

0
0

GET
H/1.1

200
OK

sync Show response
ups.analytics.yahoo.com/ups/56465/
Redirect Chain

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1752052724&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&pi.width=400&pi.height=225&pi.viewable=1&scpid...
https://pr-bh.ybp.yahoo.com/sync/adtech/VA29e10a51-b961-11eb-8389-068ca93f1b73?gdpr=1&gdpr_consent=&nsync=1
https://pixel.advertising.com/ups/56465/sync?uid=y-ABbK.JdE2p6NLzNbZwdId0hexN_WQe0ZL2st~A&_origin=0&nsync=1
https://pixel.advertising.com/ups/56465/sync?uid=y-ABbK.JdE2p6NLzNbZwdId0hexN_WQe0ZL2st~A&_origin=0&nsync=1&verify=true
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-ABbK.JdE2p6NLzNbZwdId0hexN_WQe0ZL2st~A&_origin=0&nsync=1&apid=UP2ae59ffe-b961-11eb-af25-02855fc39000

227 B
1 KB

59ms
21ms

XHR
text/xml

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-ABbK.JdE2p6NLzNbZwdId0hexN_WQe0ZL2st~A&_origin=0&nsync=1&apid=UP2ae59ffe-b961-11eb-af25-02855fc39000

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.128 /

Resource Hash

6b36889bd724c683ff092fa2b909a8752a9d505004410d3e404a308f2873b51e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 11:47:34 GMT
Strict-Transport-Security: max-age=31536000
Server: ATS/7.1.2.128
Age: 0
Vary: Origin
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Access-Control-Allow-Origin: null
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/xml;charset=UTF-8
Transfer-Encoding: chunked

Redirect headers

date: Thu, 20 May 2021 11:47:34 GMT
location: https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-ABbK.JdE2p6NLzNbZwdId0hexN_WQe0ZL2st~A&_origin=0&nsync=1&apid=UP2ae59ffe-b961-11eb-af25-02855fc39000
vary: Origin
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin: null
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
content-length: 0

GET
H/1.1

200
OK

sync Show response
ups.analytics.yahoo.com/ups/56465/
Redirect Chain

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=575593981&gdpr=&gdpr_consent=&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225...
https://pr-bh.ybp.yahoo.com/sync/adtech/VA2a7d09c7-b961-11eb-8066-020694bd10ca?gdpr=1&gdpr_consent=&nsync=1
https://pixel.advertising.com/ups/56465/sync?uid=y-ABbK.JdE2p6NLzNbZwdId0hexN_WQe0ZL2st~A&_origin=0&nsync=1
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-ABbK.JdE2p6NLzNbZwdId0hexN_WQe0ZL2st~A&_origin=0&nsync=1&apid=UP2ae59ffe-b961-11eb-af25-02855fc39000

227 B
1 KB

68ms
24ms

XHR
text/xml

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-ABbK.JdE2p6NLzNbZwdId0hexN_WQe0ZL2st~A&_origin=0&nsync=1&apid=UP2ae59ffe-b961-11eb-af25-02855fc39000

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.128 /

Resource Hash

6b36889bd724c683ff092fa2b909a8752a9d505004410d3e404a308f2873b51e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 11:47:34 GMT
Strict-Transport-Security: max-age=31536000
Server: ATS/7.1.2.128
Age: 0
Vary: Origin
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Access-Control-Allow-Origin: null
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/xml;charset=UTF-8
Transfer-Encoding: chunked

Redirect headers

date: Thu, 20 May 2021 11:47:34 GMT
location: https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-ABbK.JdE2p6NLzNbZwdId0hexN_WQe0ZL2st~A&_origin=0&nsync=1&apid=UP2ae59ffe-b961-11eb-af25-02855fc39000
vary: Origin
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin: null
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
content-length: 0

GET
H/1.1

200
OK

sync Show response
ups.analytics.yahoo.com/ups/56465/
Redirect Chain

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=1710716513&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&p...
https://pr-bh.ybp.yahoo.com/sync/adtech/VA2a742926-b961-11eb-93c1-06f94beed07d?gdpr=1&gdpr_consent=&nsync=1
https://pixel.advertising.com/ups/56465/sync?uid=y-ozY42D1E2p4L8jmA.DkP3Ndj_bq8VpYMNsVR~A&_origin=0&nsync=1
https://pixel.advertising.com/ups/56465/sync?uid=y-ozY42D1E2p4L8jmA.DkP3Ndj_bq8VpYMNsVR~A&_origin=0&nsync=1&verify=true
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-ozY42D1E2p4L8jmA.DkP3Ndj_bq8VpYMNsVR~A&_origin=0&nsync=1&apid=UP2ad65e20-b961-11eb-b61e-027945aaa9d4

227 B
1 KB

107ms
62ms

XHR
text/xml

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-ozY42D1E2p4L8jmA.DkP3Ndj_bq8VpYMNsVR~A&_origin=0&nsync=1&apid=UP2ad65e20-b961-11eb-b61e-027945aaa9d4

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.128 /

Resource Hash

6b36889bd724c683ff092fa2b909a8752a9d505004410d3e404a308f2873b51e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 11:47:34 GMT
Strict-Transport-Security: max-age=31536000
Server: ATS/7.1.2.128
Age: 0
Vary: Origin
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Access-Control-Allow-Origin: null
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/xml;charset=UTF-8
Transfer-Encoding: chunked

Redirect headers

date: Thu, 20 May 2021 11:47:34 GMT
location: https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-ozY42D1E2p4L8jmA.DkP3Ndj_bq8VpYMNsVR~A&_origin=0&nsync=1&apid=UP2ad65e20-b961-11eb-b61e-027945aaa9d4
vary: Origin
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin: null
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
content-length: 0

GET
H/1.1

200
OK

sync Show response
ups.analytics.yahoo.com/ups/56465/
Redirect Chain

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1894497021&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable...
https://pr-bh.ybp.yahoo.com/sync/adtech/VA29ec5fac-b961-11eb-b442-02b90c27b1e5?gdpr=1&gdpr_consent=&nsync=1
https://pixel.advertising.com/ups/56465/sync?uid=y-ABbK.JdE2p6NLzNbZwdId0hexN_WQe0ZL2st~A&_origin=0&nsync=1
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-ABbK.JdE2p6NLzNbZwdId0hexN_WQe0ZL2st~A&_origin=0&nsync=1&apid=UP2ae59ffe-b961-11eb-af25-02855fc39000

227 B
1 KB

61ms
23ms

XHR
text/xml

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-ABbK.JdE2p6NLzNbZwdId0hexN_WQe0ZL2st~A&_origin=0&nsync=1&apid=UP2ae59ffe-b961-11eb-af25-02855fc39000

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.128 /

Resource Hash

6b36889bd724c683ff092fa2b909a8752a9d505004410d3e404a308f2873b51e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 11:47:34 GMT
Strict-Transport-Security: max-age=31536000
Server: ATS/7.1.2.128
Age: 0
Vary: Origin
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Access-Control-Allow-Origin: null
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/xml;charset=UTF-8
Transfer-Encoding: chunked

Redirect headers

date: Thu, 20 May 2021 11:47:34 GMT
location: https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-ABbK.JdE2p6NLzNbZwdId0hexN_WQe0ZL2st~A&_origin=0&nsync=1&apid=UP2ae59ffe-b961-11eb-af25-02855fc39000
vary: Origin
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin: null
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
content-length: 0

GET
H/1.1

200
OK

sync Show response
ups.analytics.yahoo.com/ups/56465/
Redirect Chain

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=503949549&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&p...
https://pr-bh.ybp.yahoo.com/sync/adtech/VA2a7cef43-b961-11eb-838a-068ca93f1b73?gdpr=1&gdpr_consent=&nsync=1
https://pixel.advertising.com/ups/56465/sync?uid=y-D3X44iZE2p5MRZrmH8_lYXLMqimBAvK7P9sO~A&_origin=0&nsync=1
https://pixel.advertising.com/ups/56465/sync?uid=y-D3X44iZE2p5MRZrmH8_lYXLMqimBAvK7P9sO~A&_origin=0&nsync=1&verify=true
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-D3X44iZE2p5MRZrmH8_lYXLMqimBAvK7P9sO~A&_origin=0&nsync=1&apid=UP2ad65e20-b961-11eb-b61e-027945aaa9d4

227 B
1 KB

126ms
83ms

XHR
text/xml

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-D3X44iZE2p5MRZrmH8_lYXLMqimBAvK7P9sO~A&_origin=0&nsync=1&apid=UP2ad65e20-b961-11eb-b61e-027945aaa9d4

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.128 /

Resource Hash

6b36889bd724c683ff092fa2b909a8752a9d505004410d3e404a308f2873b51e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 11:47:34 GMT
Strict-Transport-Security: max-age=31536000
Server: ATS/7.1.2.128
Age: 0
Vary: Origin
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Access-Control-Allow-Origin: null
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/xml;charset=UTF-8
Transfer-Encoding: chunked

Redirect headers

date: Thu, 20 May 2021 11:47:34 GMT
location: https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-D3X44iZE2p5MRZrmH8_lYXLMqimBAvK7P9sO~A&_origin=0&nsync=1&apid=UP2ad65e20-b961-11eb-b61e-027945aaa9d4
vary: Origin
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin: null
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
content-length: 0

GET
H/1.1 200
OK vtag Show response
vast.emxdgt.com/ 27 B
339 B 477ms
145ms XHR
application/xml 18.235.138.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://vast.emxdgt.com/vtag?tagid=97333&site.page=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&maxduration=119&skip=0&site.domain=eotimedopovo.com.br&device.ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&device.type=2&device.make=Google&device.model=Chrome%20-%20Windows&w=400&h=225&mimes=video%2Fmp4%2Cvideo%2Fweb%2Cvideo%2Fx-ms-wmv%2Capplication%2Fjavascript&protocols=2%2C3%2C5%2C6&placement=1&linearity=1&minduration=2&minbitrate=200&maxbitrate=10000&playbackmethod=1&maxextend=-1&boxingallowed=0&publisher.name=0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.235.138.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-235-138-170.compute-1.amazonaws.com
Software: /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 11:47:33 GMT
Content-Type: application/xml
Access-Control-Allow-Origin: https://www.eotimedopovo.com.br
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Access-Control-Allow-Headers: security, Content-Type
Content-Length: 27

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ 1004 B
882 B 79ms
28ms XHR
application/xml 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C6264721372885701172523724841%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3cb805e1452f05907100e71730097c349d5b0d81a4043a28fe634402dd504445

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 May 2021 11:47:34 GMT
content-encoding: gzip
server: Apache/2.2.15 (CentOS)
etag: "461ced-23ca-5b1869b8fc7b9"
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://www.eotimedopovo.com.br
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 617
expires: Thu, 20 May 2021 11:47:34 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 31ms
17ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210517&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f0b65a3f0a7c8cbd05cba77ad8879bd37a50113379a4e8d87c8c89c68a084186

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 20 May 2021 11:47:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8137
x-xss-protection: 0

GET
H2

200

av Show response
vidoomy-d.openx.net/v/1.0/
Redirect Chain

https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&cb=180507457&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C2885701172523724841...
https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&cb=180507457&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C28857011725237...

48 B
332 B

85ms
85ms

XHR
text/xml

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&cb=180507457&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C2885701172523724841149866228,,
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.207.0 /
Resource Hash: a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 May 2021 11:47:34 GMT
content-encoding: gzip
server: OXGW/16.207.0
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.eotimedopovo.com.br
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: text/xml
alt-svc: clear
content-length: 56
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Thu, 20 May 2021 11:47:34 GMT
via: 1.1 google
server: OXGW/16.207.0
location: https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&cb=180507457&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C2885701172523724841149866228,,
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.eotimedopovo.com.br
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 34ms
14ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Thu, 20 May 2021 11:47:34 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 3866 12 KB
5 KB 22ms
7ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.eotimedopovo.com.br/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.eotimedopovo.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Thu, 20 May 2021 11:36:46 GMT
expires: Fri, 20 May 2022 11:36:46 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 648
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 CWq9ndk-1oeaRFSw5-gDkkYul7vu_3Fd6OpFoFd0cNM.js Show response
pagead2.googlesyndication.com/bg/ Frame 3866 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CWq9ndk-1oeaRFSw5-gDkkYul7vu_3Fd6OpFoFd0cNM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

096abd9dd93ed6879a4454b0e7e80392462e97bbeeff715de8ea45a0577470d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 09:49:10 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 12 May 2021 09:08:00 GMT
server: sffe
age: 7104
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5728
x-xss-protection: 0
expires: Fri, 20 May 2022 09:49:10 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 44ms
43ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210517&jk=587487176775854&bg=!e3ileDzNAAZ7hX_Ue4U7ACkAdvg8WjmbFbLpUft0fzKvQfxUCbDk3pRFOqrCgfBt-qV7GC7PJvUW9AIAAABcUgAAAAloAQcKARbSONc7fRxxhqmNklFSArzJ1xf9vL6bZw5Cq7tFq_Jog8rOR6rtvvqNg2azuj7qvbltrGcO0CAtogB35srqhQlk7Uku_uwGj45GOtuMH6yFQiJLi1FvND7oWo9dsAdUUyYURVy4WkG3Tv5kACQ4jDYXw36j3uj8PRg0yvLGdZKvn3MmM0qveiFdt6TM8UeYgZG8bUwwP8DoWqRsjQ9S5j_m0zyGjQskTgRHkkAB5oDKcl9CTDE5gpHp5KdUpyt7rDXwySxhKjsSHLr0ZDb3DjWC4J1JOYuWt_XFubswxgY5dVMiO-xhUy7EWdQ6c5CkZjwQAFKxuPIJ9bFkgADmWJw8fdjuy1yYx7IkhojK0C-OneTz7XFCa5kCYRojxJApPjO-iycvQD7OsrlsKh0ziWNYQ0ccR1u-J3fh4CR_6bKzW-2E_r2k34SFn8pvKjscljpEiSygw5OlJ9FpcWZs2LvWVyzaN41ZFf3ipSY50rzp8QQcu3sT49gPz5cO533ekYZyl7P0rwWzcNT7Bp59MmpvZ0PZaSgHpO_iwYFQjS0XWSaCQNZnXPdAHmoox_IQmbBKr60FyhHseWeMWW2xidEFNKHyKokwclNws5-B3_FXbIPVxzgG1GohpfCZ2hGZNr_HGg6FyXZ-MAgHZN44QHXF-CqU2p1RIRrCdlXxIqrvqSBjWkew7gHGwGV9RO_pSl0jqql3WLbrRvbtgqKWnVmg53V9Upu9HK61sYZt2edrHHDVYbBzuar_RDVEmel4BO8WJhj07hjyH67gG3MHnASUmqQGJuUU4Nl1Rq_H2eNWDk5qaN_ACTsCx9EFqd8xgYVJaXcuv4byw7bm9tT1tXlm-3Y8i6b2Gyi6n6btiJQ0vFwBbhE0bchKdh0MtWl2lCcBjL8ifLSReujwEA7F8vpBwPm88Nfxke3O3pNKMt8tVgabuZlu8LUQvVEFBNrXxiA26cztkWIlZjp0F6Fp7vQ8u2_7DzV8jqUxl7mcAY3g6vSWsLz0YkV6Y-4s-8aZVcpBF7fQIH7veYRWluR23HjJkvAcn-VX_CrzGq2F7IV7FaslOohz1pWhYP7fjLc04Tn1h5eYUXd_alK7E-zGTER9wW0aISWaZ1ugnvvhzpPwDoxizqiadnMWR6sqL3X97BORJKXSudVqxSd6F-Q1o_VDQUcR0X2y2l9XaQ

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 May 2021 11:47:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 108ms
108ms Preflight
text/plain 146.20.132.134
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.eotimedopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Thu, 20 May 2021 11:47:35 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.eotimedopovo.com.br

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 108ms
108ms Preflight
text/plain 146.20.132.134
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.eotimedopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Thu, 20 May 2021 11:47:35 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.eotimedopovo.com.br

POST
H2 200 t Show response
t.lkqd.net/ Frame 2A98 0
170 B 136ms
135ms XHR
text/plain 146.20.132.134
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.eotimedopovo.com.br
date: Thu, 20 May 2021 11:47:35 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

POST
H2 200 t Show response
t.lkqd.net/ Frame 2A98 0
170 B 130ms
130ms XHR
text/plain 146.20.132.134
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.eotimedopovo.com.br
date: Thu, 20 May 2021 11:47:35 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 ad Show response
v.lkqd.net/ Frame 5292 2 KB
2 KB 113ms
113ms XHR
application/xml 146.20.132.205
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1092910&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56560%2C1%2C&c4=&c5=&c6=56560&rnd=96468619&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.205 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: c14f735c3df6fdabd8141db6e874b741a3d20a4a803c04e33b83d7c7968c99de

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:36 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://www.eotimedopovo.com.br
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 1376

GET
H2 200 vpaid.js Show response
ad.lkqd.net/vpaid/ Frame CAFF 230 KB
61 KB 21ms
20ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: ef50960ff4008e29ce90d5fbf828aafc92f1df70f59fb672fa3884fdd2017a5f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:36 GMT
content-encoding: gzip
last-modified: Mon, 10 May 2021 16:09:54 GMT
etag: "18431b5d583ab7507824ab63424fc76a"
x-hw: 1621511256.cds151.fr8.hn,1621511256.cds107.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 62012

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame 24D6 4 KB
2 KB 21ms
20ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: f1b84287f024bbd570be1f1bc70c321931025ffacde7b25210dcc1ccc0575591

Request headers

:method: GET
:authority: ad.lkqd.net
:scheme: https
:path: /cookie-sync/usync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: sr59=1|CAESEIh8jtyiYSZaUoCM3oS8lv4|1621511254; sr46=1|c75114ef-7e43-4254-a1fd-f3076364f650|1621511254; sr53=1|us9CBzzLQIEp|1621511254; sr7=1|RX-261af8de-00e1-4558-9b65-88de8b3d81fb-003|1621511254; lkqdidts=1621511254; sr39=1|2556487421951403526|1621511254; sr97=1|017cec76-58f2-47c3-a24c-2b627210aaa1-60a64c53-4348|1621511254; lkqdid=KX9DgKThe44
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:36 GMT
content-encoding: gzip
content-length: 1828
content-type: text/html
last-modified: Mon, 12 Apr 2021 19:06:23 GMT
accept-ranges: bytes
etag: "27034f886617b8db418f17a7a29a7e50"
cache-control: public, max-age=1209600
x-hw: 1621511256.cds151.fr8.hn,1621511256.cds226.fr8.c
access-control-allow-origin: *

POST
H2 200 ad Show response
v.lkqd.net/ Frame CAFF 79 KB
7 KB 138ms
137ms XHR
application/json 146.20.132.205
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1092910&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56560%2C1%2C&c4=&c5=&c6=56560&rnd=96468619&m=&rtv=1&thost=www.eotimedopovo.com.br
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.205 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 92cf2b47b93102ba83fdda9833ad4f08c94d6ab43a530b66cf1f33f3d019fe22

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 20 May 2021 11:47:36 GMT
content-encoding: gzip
server: nginx
content-type: application/json
access-control-allow-origin: https://www.eotimedopovo.com.br
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 5824

OPTIONS
H2 200 ad
v.lkqd.net/ Frame 0
0 109ms
109ms Preflight 146.20.132.205
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1092910&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56560%2C1%2C&c4=&c5=&c6=56560&rnd=96468619&m=&rtv=1&thost=www.eotimedopovo.com.br
Protocol: H2
Server: 146.20.132.205 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.eotimedopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Thu, 20 May 2021 11:47:36 GMT
content-length: 0
access-control-allow-origin: https://www.eotimedopovo.com.br
access-control-max-age: 300
cache-control: max-age=300
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-credentials: true

GET
H2

200

cs
cs.lkqd.net/ Frame 24D6
Redirect Chain

https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252...
https://cs.krushmedia.com/cd607442bfdf172cfcec45014a5f4ece.gif?puid=KX9DgKThe44&redir=https://cs.lkqd.net/cs?partnerId%3D102%26partnerUserId%3D%5BUID%5D
https://cs.lkqd.net/cs?partnerId=102&partnerUserId=84799288-0a85-48e9-9860-8d426cd39b72

43 B
402 B

108ms
107ms

Image
image/gif

146.20.132.67
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=102&partnerUserId=84799288-0a85-48e9-9860-8d426cd39b72
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:36 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

Pragma: no-cache
Date: Thu, 20 May 2021 11:47:36 GMT
Server: nginx
Transfer-Encoding: chunked
Location: https://cs.lkqd.net/cs?partnerId=102&partnerUserId=84799288-0a85-48e9-9860-8d426cd39b72
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H2

200

cs
cs.lkqd.net/ Frame 24D6
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=161
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=jYFajdLdRKZKulquD7JoSSV4iZQ

43 B
398 B

107ms
107ms

Image
image/gif

146.20.132.67
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=jYFajdLdRKZKulquD7JoSSV4iZQ
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:36 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

Location: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=jYFajdLdRKZKulquD7JoSSV4iZQ
Date: Thu, 20 May 2021 11:47:36 GMT
Connection: keep-alive
Content-Length: 104
Content-Type: text/html; charset=utf-8

GET
H2

451

464986.gif
idsync.rlcdn.com/ Frame 24D6
Redirect Chain

https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if
https://idsync.rlcdn.com/464986.gif?partner_uid=KX9DgKThe44

0
42 B

26ms
26ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/464986.gif?partner_uid=KX9DgKThe44
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:36 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

Redirect headers

date: Thu, 20 May 2021 11:47:36 GMT
server: nginx
location: https://idsync.rlcdn.com/464986.gif?partner_uid=KX9DgKThe44
access-control-max-age: 0
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 0

GET
H2

200

NXST
c.deployads.com/cs/ Frame 24D6
Redirect Chain

https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
https://c.deployads.com/cs/NXST?b=KX9DgKThe44

43 B
284 B

37ms
36ms

Image
image/gif

52.30.95.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.deployads.com/cs/NXST?b=KX9DgKThe44
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.95.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-95-9.eu-west-1.compute.amazonaws.com
Software: SortableCactus/1.0 /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 May 2021 11:47:36 GMT
cache-control: no-cache
server: SortableCactus/1.0
content-type: image/gif
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Thu, 20 May 2021 11:47:36 GMT
server: nginx
location: https://c.deployads.com/cs/NXST?b=KX9DgKThe44
access-control-max-age: 0
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 0

GET
H2

200

cs
cs.lkqd.net/ Frame 24D6
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2674282077460420961

43 B
389 B

107ms
107ms

Image
image/gif

146.20.132.67
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2674282077460420961
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:36 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2674282077460420961
pragma: no-cache
date: Thu, 20 May 2021 11:47:36 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

POST
H2 200 t Show response
t.lkqd.net/ Frame A516 0
170 B 110ms
110ms XHR
text/plain 146.20.132.134
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.eotimedopovo.com.br
date: Thu, 20 May 2021 11:47:36 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 108ms
108ms Preflight
text/plain 146.20.132.134
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.eotimedopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Thu, 20 May 2021 11:47:36 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.eotimedopovo.com.br

GET
H2

200

cs
cs.lkqd.net/ Frame CAFF
Redirect Chain

https://x.bidswitch.net/sync?ssp=lkqd
https://x.bidswitch.net/ul_cb/sync?ssp=lkqd
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=lkqd&bsw_custom_parameter=f98e543a-ae98-4dc8-a7d6-e0042bc122b7
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=lkqd&bsw_custom_parameter=f98e543a-ae98-4dc8-a7d6-e0042bc122b7
https://x.bidswitch.net/sync?dsp_id=4&user_id=2ffae8c6-d169-4aed-8141-fac92dcefd34&ssp=lkqd&expires=30&user_group=5&bsw_param=f98e543a-ae98-4dc8-a7d6-e0042bc122b7
https://cs.lkqd.net/cs?partnerId=12&partnerUserId=f98e543a-ae98-4dc8-a7d6-e0042bc122b7&redirect=%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D43%26partnerUserId%3Df98e543a-ae98-4dc8-a7d6-e0042bc122b7%26redi...
https://cs.lkqd.net/cs?partnerId=43&partnerUserId=f98e543a-ae98-4dc8-a7d6-e0042bc122b7&redirect=//cs.lkqd.net/cs?partnerId%3D46%26partnerUserId%3Df98e543a-ae98-4dc8-a7d6-e0042bc122b7
https://cs.lkqd.net/cs?partnerId=46&partnerUserId=f98e543a-ae98-4dc8-a7d6-e0042bc122b7

43 B
401 B

112ms
112ms

Image
image/gif

146.20.132.67
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=46&partnerUserId=f98e543a-ae98-4dc8-a7d6-e0042bc122b7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:37 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

date: Thu, 20 May 2021 11:47:36 GMT
server: nginx
location: //cs.lkqd.net/cs?partnerId=46&partnerUserId=f98e543a-ae98-4dc8-a7d6-e0042bc122b7
access-control-max-age: 0
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 0

GET
H2

200

cs
cs.lkqd.net/ Frame CAFF
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=e0d6q5j&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=e0d6q5j&ttd_tpi=1
https://cs.lkqd.net/cs?partnerId=22&partnerUserId=4203a61f-17c1-4123-90ed-fad94a8f46c0

43 B
401 B

112ms
111ms

Image
image/gif

146.20.132.67
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=22&partnerUserId=4203a61f-17c1-4123-90ed-fad94a8f46c0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:36 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

pragma: no-cache
date: Thu, 20 May 2021 11:47:36 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cs.lkqd.net/cs?partnerId=22&partnerUserId=4203a61f-17c1-4123-90ed-fad94a8f46c0
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 203

GET
H2

200

cs
cs.lkqd.net/ Frame CAFF
Redirect Chain

https://sync.tidaltv.com/genericusersync.ashx?dpid=3162
https://cs.lkqd.net/cs?partnerId=23&partnerUserId=90ac8d94-bbc4-4327-8b2c-5fa404848d27&gdpr=1&gdpr_consent=

43 B
308 B

108ms
108ms

Image
image/gif

146.20.132.67
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=23&partnerUserId=90ac8d94-bbc4-4327-8b2c-5fa404848d27&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:36 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

pragma: no-cache
date: Thu, 20 May 2021 11:47:36 GMT
server: Apache-Coyote/1.1
location: https://cs.lkqd.net/cs?partnerId=23&partnerUserId=90ac8d94-bbc4-4327-8b2c-5fa404848d27&gdpr=1&gdpr_consent=
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

GET
H2

200

cs
cs.lkqd.net/ Frame CAFF
Redirect Chain

https://gu.dyntrk.com/adx/lkqd/us.php?dynk=l1k4q1d4&gdpr=&gdpr_consent=
https://gu.dyntrk.com/adx/lkqd/us.php?dynk=l1k4q1d4&gdpr=&gdpr_consent=&prevuid=03030002_60a64c5896aa5&knw=0
https://cs.lkqd.net/cs?partnerId=25&partnerUserId=03030002_60a64c5896aa5

43 B
391 B

109ms
108ms

Image
image/gif

146.20.132.67
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=25&partnerUserId=03030002_60a64c5896aa5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:36 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

date: Thu, 20 May 2021 11:47:36 GMT
server: nginx
access-control-allow-origin: *
transfer-encoding: chunked
access-control-allow-methods: POST, GET, OPTIONS
p3p: CP="NOI DEV OUR BUS UNI"
location: https://cs.lkqd.net/cs?partnerId=25&partnerUserId=03030002_60a64c5896aa5
cache-control: no-cache
content-type: text/html; charset=UTF-8
access-control-allow-headers: Origin
keep-alive: timeout=10

GET
H2

204

/
loadm.exelator.com/load/ Frame CAFF
Redirect Chain

https://sync.tidaltv.com/genericusersync.ashx?dpid=lkqd
https://sb.scorecardresearch.com/p?c1=9&c2=5989497&cs_xi=90ac8d94-bbc4-4327-8b2c-5fa404848d27&rn=TIMESTAMP&cs_xs=3315&r=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1266&gdpr=1&gd...
https://sb.scorecardresearch.com/p2?c1=9&c2=5989497&cs_xi=90ac8d94-bbc4-4327-8b2c-5fa404848d27&rn=TIMESTAMP&cs_xs=3315&r=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1266&gdpr=1&g...
https://sync.tidaltv.com/genericusersync.ashx?dpid=1266
https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzMxODMxNDE0/mpuid/90ac8d94-bbc4-4327-8b2c-5fa404848d27/rnd/0/url/https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1261%2F&gdpr=1&gdpr_consent=
https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1261%2F&gdpr=1&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=445&dpuuid=90ac8d94-bbc4-4327-8b2c-5fa404848d27?redir=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1262&gdpr=1&gdpr_consent=
https://sync.tidaltv.com/genericusersync.ashx?dpid=1262
https://tags.bluekai.com/site/5379?id=90ac8d94-bbc4-4327-8b2c-5fa404848d27&redir=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1263&gdpr=1&gdpr_consent=
https://sync.tidaltv.com/genericusersync.ashx?dpid=1263
https://loadm.exelator.com/load/?p=204&g=281&buid=90ac8d94-bbc4-4327-8b2c-5fa404848d27&j=0&ru=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1265&gdpr=1&gdpr_consent=

0
324 B

20ms
20ms

Image
text/plain

18.198.69.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=281&buid=90ac8d94-bbc4-4327-8b2c-5fa404848d27&j=0&ru=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1265&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:37 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

pragma: no-cache
date: Thu, 20 May 2021 11:47:37 GMT
server: Apache-Coyote/1.1
location: https://loadm.exelator.com/load/?p=204&g=281&buid=90ac8d94-bbc4-4327-8b2c-5fa404848d27&j=0&ru=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1265&gdpr=1&gdpr_consent=
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

GET
H2

200

cs
cs.lkqd.net/ Frame CAFF
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/aUTuBPNf?redir=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D52%26partnerUserId%3D%24%7BUSER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/aUTuBPNf?redir=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D52%26partnerUserId%3D%24%7BUSER_ID%7D&_test=YKZMWAABHKrXbwAC
https://cs.lkqd.net/cs?partnerId=52&partnerUserId=YKZMWAABHKrXbwAC&_test=YKZMWAABHKrXbwAC

43 B
389 B

108ms
108ms

Image
image/gif

146.20.132.67
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=52&partnerUserId=YKZMWAABHKrXbwAC&_test=YKZMWAABHKrXbwAC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:36 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

pragma: no-cache
date: Thu, 20 May 2021 11:47:36 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1621511257.721191,VS0,VE0
x-served-by: cache-fra19138-FRA
x-cache: HIT
location: https://cs.lkqd.net/cs?partnerId=52&partnerUserId=YKZMWAABHKrXbwAC&_test=YKZMWAABHKrXbwAC
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 p-E357uSpKxfQzx.gif
cms.quantserve.com/pixel/ Frame CAFF 35 B
210 B 74ms
72ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/pixel/p-E357uSpKxfQzx.gif?idmatch=0

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 May 2021 11:47:36 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200
OK lkq
match.prod.bidr.io/cookie-sync/ Frame CAFF 43 B
430 B 44ms
42ms Image
image/gif 52.19.106.86
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/lkq

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.19.106.86 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
Date: Thu, 20 May 2021 11:47:36 GMT
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
content-type: image/gif
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK cm
p.rfihub.com/ Frame CAFF 42 B
612 B 36ms
34ms Image
image/gif 193.0.160.129
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.rfihub.com/cm?pub=35678&in=1
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 193.0.160.129 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 11:47:36 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Type: image/gif
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

cs
cs.lkqd.net/ Frame CAFF
Redirect Chain

https://nxd.adhaven.com/bid-engine/cs/2e288610711ad6050acd86a3fc72a6c3/v1?rd=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D90%26partnerUserId%3D%24UID
https://cs.lkqd.net/cs?partnerId=90&partnerUserId=4c_04961437-bf94-43c8-89f5-f05aa4f6042b

43 B
404 B

176ms
176ms

Image
image/gif

146.20.132.67
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=90&partnerUserId=4c_04961437-bf94-43c8-89f5-f05aa4f6042b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:36 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=90&partnerUserId=4c_04961437-bf94-43c8-89f5-f05aa4f6042b
date: Thu, 20 May 2021 11:47:36 GMT
via: 1.1 google
server: WildFly/10
x-powered-by: Undertow/1
alt-svc: clear
content-length: 0

GET
H2

200

cs
cs.lkqd.net/ Frame CAFF
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=161
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=jYFajdLdRKZKulquD7JoSSV4iZQ

43 B
398 B

108ms
108ms

Image
image/gif

146.20.132.67
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=jYFajdLdRKZKulquD7JoSSV4iZQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:36 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

Location: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=jYFajdLdRKZKulquD7JoSSV4iZQ
Date: Thu, 20 May 2021 11:47:36 GMT
Connection: keep-alive
Content-Length: 104
Content-Type: text/html; charset=utf-8

GET
H2

200

cs
cs.lkqd.net/ Frame CAFF
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2674282077460420961

43 B
389 B

108ms
107ms

Image
image/gif

146.20.132.67
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2674282077460420961
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:36 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2674282077460420961
pragma: no-cache
date: Thu, 20 May 2021 11:47:36 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1 200
OK CookieSyncLKQD
rtb.adentifi.com/ Frame CAFF 0
88 B 109ms
109ms Image
text/plain 52.45.128.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adentifi.com/CookieSyncLKQD
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.128.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0
Content-Type: text/plain

GET
H2 451 464986.gif
idsync.rlcdn.com/ Frame CAFF 0
42 B 25ms
25ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/464986.gif?partner_uid=KX9DgKThe44
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:36 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

GET
H2

200

cs
cs.lkqd.net/ Frame CAFF
Redirect Chain

https://a.tribalfusion.com/i.match?p=b30&u=KX9DgKThe44&redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D85%26partnerUserId%3D%24TF_USER_ID_ENC%24
https://s.tribalfusion.com/z/i.match?p=b30&u=KX9DgKThe44&redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D85%26partnerUserId%3D%24TF_USER_ID_ENC%24
https://cs.lkqd.net/cs?partnerId=85&partnerUserId=18072662185289981210

43 B
390 B

108ms
107ms

Image
image/gif

146.20.132.67
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=85&partnerUserId=18072662185289981210
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:37 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

pragma: no-cache
date: Thu, 20 May 2021 11:47:37 GMT
cf-cache-status: DYNAMIC
x-function: 209
server: cloudflare
x-reuse-index: 17
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 652554cbd98c2c4e-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://cs.lkqd.net/cs?partnerId=85&partnerUserId=18072662185289981210
cache-control: no-cache, private
content-type: text/html
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b33536900002c4e33174000000001
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 NXST
c.deployads.com/cs/ Frame CAFF 43 B
284 B 37ms
36ms Image
image/gif 52.30.95.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.deployads.com/cs/NXST?b=KX9DgKThe44
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.95.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-95-9.eu-west-1.compute.amazonaws.com
Software: SortableCactus/1.0 /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 May 2021 11:47:36 GMT
cache-control: no-cache
server: SortableCactus/1.0
content-type: image/gif
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

cs
cs.lkqd.net/ Frame CAFF
Redirect Chain

https://cs.krushmedia.com/cd607442bfdf172cfcec45014a5f4ece.gif?puid=KX9DgKThe44&redir=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D102%26partnerUserId%3D%5BUID%5D
https://cs.lkqd.net/cs?partnerId=102&partnerUserId=84799288-0a85-48e9-9860-8d426cd39b72

43 B
402 B

108ms
108ms

Image
image/gif

146.20.132.67
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=102&partnerUserId=84799288-0a85-48e9-9860-8d426cd39b72
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:36 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

Pragma: no-cache
Date: Thu, 20 May 2021 11:47:36 GMT
Server: nginx
Transfer-Encoding: chunked
Location: https://cs.lkqd.net/cs?partnerId=102&partnerUserId=84799288-0a85-48e9-9860-8d426cd39b72
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H2 400 lkqd
event.clientgear.com/cookie/ Frame CAFF 0
0 838ms
837ms Image
text/html 47.252.78.131
CNNIC-ALIBABA-US-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://event.clientgear.com/cookie/lkqd?partner=lkqd&cookieid=KX9DgKThe44&uid={ymcookie}
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.252.78.131 , United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 / Show response
adx.adform.net/adx/ 65 B
654 B 138ms
137ms XHR
text/xml 37.157.2.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?mid=970530&t=2&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:36 GMT
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 173
pragma: no-cache
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: text/xml; charset=utf-8
access-control-allow-origin: https://www.eotimedopovo.com.br
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H/1.1 200
OK 218947 Show response
search.spotxchange.com/vast/2.0/ 67 B
1 KB 52ms
51ms XHR
text/xml 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.0/218947?VPAID=JS&content_page_url=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&cb=1201962537&player_width=400&player_height=225&media_transcoding=low&ip_addr=37.120.137.148&device[ua]=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&regs[gdpr]=&user[consent]=&device[geo][lat]=47.3925&device[geo][lon]=8.4546&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C4638139404716091032873193840%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 11:47:36 GMT
Content-Encoding: gzip
X-SpotX-Timing-Transform: 0.000338
X-SpotX-Timing-SpotMarket: 0.017914
X-SpotX-Timing-Page-Mux: 0.001592
X-SpotX-Timing-Page-Require: 0.000536
X-fe: 051
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000042
Content-Length: 77
X-SpotX-Timing-Page: 0.025492
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000467
Last-Modified: Thu, 20 May 2021 11:47:36 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Vary: Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary: 0.017914
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.eotimedopovo.com.br
X-SpotX-Timing-Page-Misc: 0.004588
X-SpotX-Timing-Page-Exception: 0.000002
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000013
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 tag Show response
4cywq-eqnre.ads.tremorhub.com/ad/ 119 B
462 B 208ms
208ms XHR
text/xml 2600:1f18:612b:4200:dadf:a359:f0cd:5654
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://4cywq-eqnre.ads.tremorhub.com/ad/tag?adCode=4cywq-7ivfu&playerWidth=400&playerHeight=225&srcPageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C231680734638139404716091032%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4200:dadf:a359:f0cd:5654 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 5616a6e1823b43919f7d1a33817cccfa1d9f30c9f10f2deb00d9c3671f91d5f0

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 May 2021 11:47:36 GMT
content-encoding: gzip
server: Apache-Coyote/1.1
vary: accept-encoding
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin: https://www.eotimedopovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-tremorvideo-status: NO_AD
content-type: text/xml;charset=UTF-8

GET

pixel
cm.g.doubleclick.net/
Redirect Chain

https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&cb=1212400236&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C463813940471609103...
https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&cb=1212400236&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C4638139404716...
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MTQ2Mjc2MzktNWQxZS02NTcxLTdmMWItNjczOWE0MGFkODc1

0
0

GET
H/1.1

200
OK

88k_nHSg_6XSp1263gyM+iSSVC+nZNMH Show response
ads-eu.v.ssp.yahoo.com/a/h/
Redirect Chain

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=857592839&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&pi.width=400&pi.height=225&pi.viewable=1&scpid=...
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=857592839&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&pi.width=400&pi.height=225&pi.viewable=1&scpid=5656...

249 B
1 KB

495ms
434ms

XHR
text/xml

18.185.202.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=857592839&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&eov=eov&hp=1&a.y_rid=800f3c21-1722-42a7-95a8-e296c2155c72&a.is_yahoo=3&redirect_y=dHM9MTYyMTUxMTI1NjYyNC4xMTU0Nzk6dXVpZD0iOTA5MzMzNzk2MTQ5Njk4MTgxNV9fVElNRV9fMjAyMS0wNS0yMCswNCUzQTQ3JTNBMzQiOmFwaWQ9VVAyYWU1OWZmZS1iOTYxLTExZWItYWYyNS0wMjg1NWZjMzkwMDA6cmVxdWVzdF9pZD04MDBmM2MyMS0xNzIyLTQyYTctOTVhOC1lMjk2YzIxNTVjNzI=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.202.111 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: ATS/7.1.2.128 /
Resource Hash: 6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
Date: Thu, 20 May 2021 11:47:37 GMT
content-encoding: gzip
server: ATS/7.1.2.128
Age: 1
content-type: text/xml
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

Redirect headers

strict-transport-security: max-age=31536000
server: adaptv/1.0
access-control-allow-origin: https://www.eotimedopovo.com.br
content-type: text/plain
location: https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=857592839&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&eov=eov&hp=1&a.y_rid=800f3c21-1722-42a7-95a8-e296c2155c72&a.is_yahoo=3&redirect_y=dHM9MTYyMTUxMTI1NjYyNC4xMTU0Nzk6dXVpZD0iOTA5MzMzNzk2MTQ5Njk4MTgxNV9fVElNRV9fMjAyMS0wNS0yMCswNCUzQTQ3JTNBMzQiOmFwaWQ9VVAyYWU1OWZmZS1iOTYxLTExZWItYWYyNS0wMjg1NWZjMzkwMDA6cmVxdWVzdF9pZD04MDBmM2MyMS0xNzIyLTQyYTctOTVhOC1lMjk2YzIxNTVjNzI=
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

88k_nHSg_6XSp1263gyM+iSSVC+nZNMH Show response
ads-eu.v.ssp.yahoo.com/a/h/
Redirect Chain

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=565605590&gdpr=&gdpr_consent=&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225...
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=565605590&gdpr=&gdpr_consent=&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi....

249 B
1 KB

254ms
196ms

XHR
text/xml

18.185.202.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=565605590&gdpr=&gdpr_consent=&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1&a.y_rid=5bb8cd93-3355-4b42-8f65-e213ccdf76d0&a.is_yahoo=3&redirect_y=dHM9MTYyMTUxMTI1NjYyMS4xNTM1NjQ6dXVpZD0iOTA5MzMzNzk2MTQ5Njk4MTgxNV9fVElNRV9fMjAyMS0wNS0yMCswNCUzQTQ3JTNBMzQiOmFwaWQ9VVAyYWU1OWZmZS1iOTYxLTExZWItYWYyNS0wMjg1NWZjMzkwMDA6cmVxdWVzdF9pZD01YmI4Y2Q5My0zMzU1LTRiNDItOGY2NS1lMjEzY2NkZjc2ZDA=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.202.111 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: ATS/7.1.2.128 /
Resource Hash: 6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
Date: Thu, 20 May 2021 11:47:36 GMT
content-encoding: gzip
server: ATS/7.1.2.128
Age: 0
content-type: text/xml
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

Redirect headers

strict-transport-security: max-age=31536000
server: adaptv/1.0
access-control-allow-origin: https://www.eotimedopovo.com.br
content-type: text/plain
location: https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=565605590&gdpr=&gdpr_consent=&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1&a.y_rid=5bb8cd93-3355-4b42-8f65-e213ccdf76d0&a.is_yahoo=3&redirect_y=dHM9MTYyMTUxMTI1NjYyMS4xNTM1NjQ6dXVpZD0iOTA5MzMzNzk2MTQ5Njk4MTgxNV9fVElNRV9fMjAyMS0wNS0yMCswNCUzQTQ3JTNBMzQiOmFwaWQ9VVAyYWU1OWZmZS1iOTYxLTExZWItYWYyNS0wMjg1NWZjMzkwMDA6cmVxdWVzdF9pZD01YmI4Y2Q5My0zMzU1LTRiNDItOGY2NS1lMjEzY2NkZjc2ZDA=
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM= Show response
ads-eu.v.ssp.yahoo.com/a/h/
Redirect Chain

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=1905427685&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&p...
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=1905427685&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.wi...

249 B
1 KB

421ms
358ms

XHR
text/xml

18.185.202.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=1905427685&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1&a.y_rid=d8fd4f99-b4ce-43dc-8521-e512f3507706&a.is_yahoo=3&redirect_y=dHM9MTYyMTUxMTI1NjYyNC43MzgwMzc6dXVpZD0iOTA5MzMzNzk2MTQ5Njk4MTgxNV9fVElNRV9fMjAyMS0wNS0yMCswNCUzQTQ3JTNBMzQiOmFwaWQ9VVAyYWU1OWZmZS1iOTYxLTExZWItYWYyNS0wMjg1NWZjMzkwMDA6cmVxdWVzdF9pZD1kOGZkNGY5OS1iNGNlLTQzZGMtODUyMS1lNTEyZjM1MDc3MDY=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.202.111 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: ATS/7.1.2.128 /
Resource Hash: 6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
Date: Thu, 20 May 2021 11:47:37 GMT
content-encoding: gzip
server: ATS/7.1.2.128
Age: 1
content-type: text/xml
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

Redirect headers

strict-transport-security: max-age=31536000
server: adaptv/1.0
access-control-allow-origin: https://www.eotimedopovo.com.br
content-type: text/plain
location: https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=1905427685&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1&a.y_rid=d8fd4f99-b4ce-43dc-8521-e512f3507706&a.is_yahoo=3&redirect_y=dHM9MTYyMTUxMTI1NjYyNC43MzgwMzc6dXVpZD0iOTA5MzMzNzk2MTQ5Njk4MTgxNV9fVElNRV9fMjAyMS0wNS0yMCswNCUzQTQ3JTNBMzQiOmFwaWQ9VVAyYWU1OWZmZS1iOTYxLTExZWItYWYyNS0wMjg1NWZjMzkwMDA6cmVxdWVzdF9pZD1kOGZkNGY5OS1iNGNlLTQzZGMtODUyMS1lNTEyZjM1MDc3MDY=
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

88k_nHSg_6XSp1263gyM+iSSVC+nZNMH Show response
ads-eu.v.ssp.yahoo.com/a/h/
Redirect Chain

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=589468053&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=...
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=589468053&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&sc...

249 B
1 KB

415ms
361ms

XHR
text/xml

18.185.202.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=589468053&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1&a.y_rid=aa9dae42-188b-45dd-875f-561c3f98b96c&a.is_yahoo=3&redirect_y=dHM9MTYyMTUxMTI1NjYzNi42MDEwNzQ6dXVpZD0iOTA5MzMzNzk2MTQ5Njk4MTgxNV9fVElNRV9fMjAyMS0wNS0yMCswNCUzQTQ3JTNBMzQiOmFwaWQ9VVAyYWU1OWZmZS1iOTYxLTExZWItYWYyNS0wMjg1NWZjMzkwMDA6cmVxdWVzdF9pZD1hYTlkYWU0Mi0xODhiLTQ1ZGQtODc1Zi01NjFjM2Y5OGI5NmM=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.202.111 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: ATS/7.1.2.128 /
Resource Hash: 6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
Date: Thu, 20 May 2021 11:47:37 GMT
content-encoding: gzip
server: ATS/7.1.2.128
Age: 1
content-type: text/xml
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

Redirect headers

strict-transport-security: max-age=31536000
server: adaptv/1.0
access-control-allow-origin: https://www.eotimedopovo.com.br
content-type: text/plain
location: https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=589468053&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1&a.y_rid=aa9dae42-188b-45dd-875f-561c3f98b96c&a.is_yahoo=3&redirect_y=dHM9MTYyMTUxMTI1NjYzNi42MDEwNzQ6dXVpZD0iOTA5MzMzNzk2MTQ5Njk4MTgxNV9fVElNRV9fMjAyMS0wNS0yMCswNCUzQTQ3JTNBMzQiOmFwaWQ9VVAyYWU1OWZmZS1iOTYxLTExZWItYWYyNS0wMjg1NWZjMzkwMDA6cmVxdWVzdF9pZD1hYTlkYWU0Mi0xODhiLTQ1ZGQtODc1Zi01NjFjM2Y5OGI5NmM=
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

88k_nHSg_6XSp1263gyM+iSSVC+nZNMH Show response
ads-eu.v.ssp.yahoo.com/a/h/
Redirect Chain

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=581784682&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&p...
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=581784682&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.he...

249 B
1 KB

281ms
225ms

XHR
text/xml

18.185.202.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=581784682&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1&a.y_rid=77c7e5ae-a8a0-4306-af14-cd24262d0906&a.is_yahoo=3&redirect_y=dHM9MTYyMTUxMTI1NjYyMi41Njk4MjQ6dXVpZD0iOTA5MzMzNzk2MTQ5Njk4MTgxNV9fVElNRV9fMjAyMS0wNS0yMCswNCUzQTQ3JTNBMzQiOmFwaWQ9VVAyYWU1OWZmZS1iOTYxLTExZWItYWYyNS0wMjg1NWZjMzkwMDA6cmVxdWVzdF9pZD03N2M3ZTVhZS1hOGEwLTQzMDYtYWYxNC1jZDI0MjYyZDA5MDY=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.202.111 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: ATS/7.1.2.128 /
Resource Hash: 6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
Date: Thu, 20 May 2021 11:47:36 GMT
content-encoding: gzip
server: ATS/7.1.2.128
Age: 0
content-type: text/xml
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

Redirect headers

strict-transport-security: max-age=31536000
server: adaptv/1.0
access-control-allow-origin: https://www.eotimedopovo.com.br
content-type: text/plain
location: https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=581784682&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1&a.y_rid=77c7e5ae-a8a0-4306-af14-cd24262d0906&a.is_yahoo=3&redirect_y=dHM9MTYyMTUxMTI1NjYyMi41Njk4MjQ6dXVpZD0iOTA5MzMzNzk2MTQ5Njk4MTgxNV9fVElNRV9fMjAyMS0wNS0yMCswNCUzQTQ3JTNBMzQiOmFwaWQ9VVAyYWU1OWZmZS1iOTYxLTExZWItYWYyNS0wMjg1NWZjMzkwMDA6cmVxdWVzdF9pZD03N2M3ZTVhZS1hOGEwLTQzMDYtYWYxNC1jZDI0MjYyZDA5MDY=
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK vtag Show response
vast.emxdgt.com/ 27 B
339 B 131ms
131ms XHR
application/xml 18.235.138.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://vast.emxdgt.com/vtag?tagid=97333&site.page=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&maxduration=119&skip=0&site.domain=eotimedopovo.com.br&device.ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&device.type=2&device.make=Google&device.model=Chrome%20-%20Windows&w=400&h=225&mimes=video%2Fmp4%2Cvideo%2Fweb%2Cvideo%2Fx-ms-wmv%2Capplication%2Fjavascript&protocols=2%2C3%2C5%2C6&placement=1&linearity=1&minduration=2&minbitrate=200&maxbitrate=10000&playbackmethod=1&maxextend=-1&boxingallowed=0&publisher.name=0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.235.138.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-235-138-170.compute-1.amazonaws.com
Software: /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 11:47:35 GMT
Content-Type: application/xml
Access-Control-Allow-Origin: https://www.eotimedopovo.com.br
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Access-Control-Allow-Headers: security, Content-Type
Content-Length: 27

GET
H2

200

av Show response
vidoomy-d.openx.net/v/1.0/
Redirect Chain

https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&cb=1212400236&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C463813940471609103...
https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&cb=1212400236&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C4638139404716...

48 B
248 B

134ms
134ms

XHR
text/xml

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&cb=1212400236&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C46381394047160910329289270,,
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.207.0 /
Resource Hash: a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 May 2021 11:47:36 GMT
content-encoding: gzip
server: OXGW/16.207.0
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.eotimedopovo.com.br
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: text/xml
alt-svc: clear
content-length: 56
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Thu, 20 May 2021 11:47:36 GMT
via: 1.1 google
server: OXGW/16.207.0
location: https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&cb=1212400236&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C46381394047160910329289270,,
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.eotimedopovo.com.br
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 108ms
108ms Preflight
text/plain 146.20.132.134
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.eotimedopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Thu, 20 May 2021 11:47:37 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.eotimedopovo.com.br

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 114ms
114ms Preflight
text/plain 146.20.132.134
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.eotimedopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Thu, 20 May 2021 11:47:37 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.eotimedopovo.com.br

POST
H2 200 t Show response
t.lkqd.net/ Frame A516 0
170 B 127ms
127ms XHR
text/plain 146.20.132.134
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.eotimedopovo.com.br
date: Thu, 20 May 2021 11:47:37 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

POST
H2 200 t Show response
t.lkqd.net/ Frame A516 0
170 B 125ms
124ms XHR
text/plain 146.20.132.134
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.eotimedopovo.com.br
date: Thu, 20 May 2021 11:47:37 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 ad Show response
v.lkqd.net/ Frame 5292 2 KB
2 KB 113ms
113ms XHR
application/xml 146.20.132.205
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1092910&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56560%2C1%2C&c4=&c5=&c6=56560&rnd=28151795&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.205 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: aa6f64afe08c79f1b8b57e3c12351ae44d505eecee4eb5ebc3b4e73b53335868

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:37 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://www.eotimedopovo.com.br
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 1378

GET
H2 200 vpaid.js Show response
ad.lkqd.net/vpaid/ Frame 7CF8 230 KB
61 KB 22ms
22ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: ef50960ff4008e29ce90d5fbf828aafc92f1df70f59fb672fa3884fdd2017a5f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:37 GMT
content-encoding: gzip
last-modified: Mon, 10 May 2021 16:09:54 GMT
etag: "18431b5d583ab7507824ab63424fc76a"
x-hw: 1621511257.cds151.fr8.hn,1621511257.cds107.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 62012

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame 38DD 4 KB
2 KB 21ms
20ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: f1b84287f024bbd570be1f1bc70c321931025ffacde7b25210dcc1ccc0575591

Request headers

:method: GET
:authority: ad.lkqd.net
:scheme: https
:path: /cookie-sync/usync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: sr59=1|CAESEIh8jtyiYSZaUoCM3oS8lv4|1621511254; sr53=1|us9CBzzLQIEp|1621511254; sr7=1|RX-261af8de-00e1-4558-9b65-88de8b3d81fb-003|1621511254; lkqdidts=1621511254; sr39=1|2556487421951403526|1621511254; sr97=1|017cec76-58f2-47c3-a24c-2b627210aaa1-60a64c53-4348|1621511254; lkqdid=KX9DgKThe44; sr55=1||1621511256; sr99=1||1621511256; sr6=1||1621511256; sr23=1||1621511256; sr45=1||1621511256; sr76=1||1621511256; sr80=1||1621511256; sr86=1||1621511256; sr103=1||1621511256; sr102=1|84799288-0a85-48e9-9860-8d426cd39b72|1621511256; sr94=1|2674282077460420961|1621511256; sr25=1|03030002_60a64c5896aa5|1621511256; sr22=1|4203a61f-17c1-4123-90ed-fad94a8f46c0|1621511256; sr93=1|jYFajdLdRKZKulquD7JoSSV4iZQ|1621511256; sr52=1|YKZMWAABHKrXbwAC|1621511256; sr12=1|f98e543a-ae98-4dc8-a7d6-e0042bc122b7|1621511256; sr90=1|4c_04961437-bf94-43c8-89f5-f05aa4f6042b|1621511256; sr43=1|f98e543a-ae98-4dc8-a7d6-e0042bc122b7|1621511256; sr46=1|f98e543a-ae98-4dc8-a7d6-e0042bc122b7|1621511257; sr85=1|18072662185289981210|1621511257
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:37 GMT
content-encoding: gzip
content-length: 1828
content-type: text/html
last-modified: Mon, 12 Apr 2021 19:06:23 GMT
accept-ranges: bytes
etag: "27034f886617b8db418f17a7a29a7e50"
cache-control: public, max-age=1209600
x-hw: 1621511257.cds151.fr8.hn,1621511257.cds226.fr8.c
access-control-allow-origin: *

POST
H2 200 ad Show response
v.lkqd.net/ Frame 7CF8 79 KB
6 KB 136ms
136ms XHR
application/json 146.20.132.205
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1092910&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56560%2C1%2C&c4=&c5=&c6=56560&rnd=28151795&m=&rtv=1&thost=www.eotimedopovo.com.br
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.205 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 3dd811a61d53070b2f1f915e3105cb4b3d1ee6b46353924818580f884b4640c2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 20 May 2021 11:47:37 GMT
content-encoding: gzip
server: nginx
content-type: application/json
access-control-allow-origin: https://www.eotimedopovo.com.br
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 5449

OPTIONS
H2 200 ad
v.lkqd.net/ Frame 0
0 107ms
107ms Preflight 146.20.132.205
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1092910&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56560%2C1%2C&c4=&c5=&c6=56560&rnd=28151795&m=&rtv=1&thost=www.eotimedopovo.com.br
Protocol: H2
Server: 146.20.132.205 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.eotimedopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Thu, 20 May 2021 11:47:37 GMT
content-length: 0
access-control-allow-origin: https://www.eotimedopovo.com.br
access-control-max-age: 300
cache-control: max-age=300
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-credentials: true

POST
H2 200 t Show response
t.lkqd.net/ Frame 9586 0
170 B 112ms
112ms XHR
text/plain 146.20.132.134
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.eotimedopovo.com.br
date: Thu, 20 May 2021 11:47:38 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 107ms
107ms Preflight
text/plain 146.20.132.134
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.eotimedopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Thu, 20 May 2021 11:47:38 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.eotimedopovo.com.br

GET
H2 200 / Show response
adx.adform.net/adx/ 65 B
654 B 116ms
116ms XHR
text/xml 37.157.2.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?mid=970530&t=2&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:38 GMT
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 173
pragma: no-cache
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: text/xml; charset=utf-8
access-control-allow-origin: https://www.eotimedopovo.com.br
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H/1.1 200
OK 218947 Show response
search.spotxchange.com/vast/2.0/ 67 B
1 KB 43ms
42ms XHR
text/xml 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.0/218947?VPAID=JS&content_page_url=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&cb=37653961&player_width=400&player_height=225&media_transcoding=low&ip_addr=37.120.137.148&device[ua]=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&regs[gdpr]=&user[consent]=&device[geo][lat]=47.3925&device[geo][lon]=8.4546&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C21484519608588025171528253436%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 11:47:38 GMT
Content-Encoding: gzip
X-SpotX-Timing-Transform: 0.001364
X-SpotX-Timing-SpotMarket: 0.010165
X-SpotX-Timing-Page-Mux: 0.001095
X-SpotX-Timing-Page-Require: 0.000290
X-fe: 123
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000030
Content-Length: 77
X-SpotX-Timing-Page: 0.016668
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000269
Last-Modified: Thu, 20 May 2021 11:47:38 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Vary: Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary: 0.010165
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.eotimedopovo.com.br
X-SpotX-Timing-Page-Misc: 0.003444
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000010
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 av Show response
vidoomy-d.openx.net/v/1.0/ 48 B
250 B 92ms
92ms XHR
text/xml 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&cb=1038563470&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C2148451960858802517740586325,,
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.207.0 /
Resource Hash: a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 May 2021 11:47:38 GMT
content-encoding: gzip
server: OXGW/16.207.0
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.eotimedopovo.com.br
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: text/xml
alt-svc: clear
content-length: 56
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

88k_nHSg_6XSp1263gyM+iSSVC+nZNMH Show response
ads-eu.v.ssp.yahoo.com/a/h/
Redirect Chain

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1239684411&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&pi.width=400&pi.height=225&pi.viewable=1&scpid...
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1239684411&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&pi.width=400&pi.height=225&pi.viewable=1&scpid=565...

249 B
1 KB

196ms
196ms

XHR
text/xml

18.185.202.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1239684411&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&eov=eov&hp=1&a.y_rid=3f9eca53-76c4-4715-a999-e27c0abb5baf&a.is_yahoo=3&redirect_y=dHM9MTYyMTUxMTI1ODA1Ny43MTUwODg6dXVpZD0iOTA5MzMzNzk2MTQ5Njk4MTgxNV9fVElNRV9fMjAyMS0wNS0yMCswNCUzQTQ3JTNBMzQiOmFwaWQ9VVAyYWU1OWZmZS1iOTYxLTExZWItYWYyNS0wMjg1NWZjMzkwMDA6bWlncmF0ZWQyeT0iMSI6cmVxdWVzdF9pZD0zZjllY2E1My03NmM0LTQ3MTUtYTk5OS1lMjdjMGFiYjViYWY=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.202.111 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: ATS/7.1.2.128 /
Resource Hash: 6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
Date: Thu, 20 May 2021 11:47:38 GMT
content-encoding: gzip
server: ATS/7.1.2.128
Age: 0
content-type: text/xml
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

Redirect headers

strict-transport-security: max-age=31536000
server: adaptv/1.0
access-control-allow-origin: https://www.eotimedopovo.com.br
content-type: text/plain
location: https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1239684411&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&eov=eov&hp=1&a.y_rid=3f9eca53-76c4-4715-a999-e27c0abb5baf&a.is_yahoo=3&redirect_y=dHM9MTYyMTUxMTI1ODA1Ny43MTUwODg6dXVpZD0iOTA5MzMzNzk2MTQ5Njk4MTgxNV9fVElNRV9fMjAyMS0wNS0yMCswNCUzQTQ3JTNBMzQiOmFwaWQ9VVAyYWU1OWZmZS1iOTYxLTExZWItYWYyNS0wMjg1NWZjMzkwMDA6bWlncmF0ZWQyeT0iMSI6cmVxdWVzdF9pZD0zZjllY2E1My03NmM0LTQ3MTUtYTk5OS1lMjdjMGFiYjViYWY=
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs= Show response
ads-eu.v.ssp.yahoo.com/a/h/
Redirect Chain

https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=800901527&gdpr=&gdpr_consent=&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&a.ip=37.120.137.148&a....
https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=800901527&gdpr=&gdpr_consent=&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&a.ip=37.120.137.148&a.ua=M...

249 B
1 KB

431ms
431ms

XHR
text/xml

18.185.202.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=800901527&gdpr=&gdpr_consent=&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&a.ip=37.120.137.148&a.ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&lat=47.3925&lon=8.4546&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1&a.y_rid=14844eec-449e-48ad-9713-266f8f7de0e1&a.is_yahoo=3&redirect_y=dHM9MTYyMTUxMTI1ODA2Mi43MTcyODU6dXVpZD0iOTA5MzMzNzk2MTQ5Njk4MTgxNV9fVElNRV9fMjAyMS0wNS0yMCswNCUzQTQ3JTNBMzQiOmFwaWQ9VVAyYWU1OWZmZS1iOTYxLTExZWItYWYyNS0wMjg1NWZjMzkwMDA6bWlncmF0ZWQyeT0iMSI6cmVxdWVzdF9pZD0xNDg0NGVlYy00NDllLTQ4YWQtOTcxMy0yNjZmOGY3ZGUwZTE=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.202.111 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: ATS/7.1.2.128 /
Resource Hash: 6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
Date: Thu, 20 May 2021 11:47:38 GMT
content-encoding: gzip
server: ATS/7.1.2.128
Age: 0
content-type: text/xml
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

Redirect headers

strict-transport-security: max-age=31536000
server: adaptv/1.0
access-control-allow-origin: https://www.eotimedopovo.com.br
content-type: text/plain
location: https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=800901527&gdpr=&gdpr_consent=&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&a.ip=37.120.137.148&a.ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&lat=47.3925&lon=8.4546&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1&a.y_rid=14844eec-449e-48ad-9713-266f8f7de0e1&a.is_yahoo=3&redirect_y=dHM9MTYyMTUxMTI1ODA2Mi43MTcyODU6dXVpZD0iOTA5MzMzNzk2MTQ5Njk4MTgxNV9fVElNRV9fMjAyMS0wNS0yMCswNCUzQTQ3JTNBMzQiOmFwaWQ9VVAyYWU1OWZmZS1iOTYxLTExZWItYWYyNS0wMjg1NWZjMzkwMDA6bWlncmF0ZWQyeT0iMSI6cmVxdWVzdF9pZD0xNDg0NGVlYy00NDllLTQ4YWQtOTcxMy0yNjZmOGY3ZGUwZTE=
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

88k_nHSg_6XSp1263gyM+iSSVC+nZNMH Show response
ads-eu.v.ssp.yahoo.com/a/h/
Redirect Chain

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1017839592&gdpr=&gdpr_consent=&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=22...
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1017839592&gdpr=&gdpr_consent=&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi...

249 B
1 KB

199ms
198ms

XHR
text/xml

18.185.202.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1017839592&gdpr=&gdpr_consent=&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1&a.y_rid=76452fdb-73ef-4cfb-9c96-15a8c21f91ad&a.is_yahoo=3&redirect_y=dHM9MTYyMTUxMTI1ODA2Mi43MDE5MDQ6dXVpZD0iOTA5MzMzNzk2MTQ5Njk4MTgxNV9fVElNRV9fMjAyMS0wNS0yMCswNCUzQTQ3JTNBMzQiOmFwaWQ9VVAyYWU1OWZmZS1iOTYxLTExZWItYWYyNS0wMjg1NWZjMzkwMDA6bWlncmF0ZWQyeT0iMSI6cmVxdWVzdF9pZD03NjQ1MmZkYi03M2VmLTRjZmItOWM5Ni0xNWE4YzIxZjkxYWQ=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.202.111 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: ATS/7.1.2.128 /
Resource Hash: 6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
Date: Thu, 20 May 2021 11:47:38 GMT
content-encoding: gzip
server: ATS/7.1.2.128
Age: 0
content-type: text/xml
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

Redirect headers

strict-transport-security: max-age=31536000
server: adaptv/1.0
access-control-allow-origin: https://www.eotimedopovo.com.br
content-type: text/plain
location: https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1017839592&gdpr=&gdpr_consent=&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1&a.y_rid=76452fdb-73ef-4cfb-9c96-15a8c21f91ad&a.is_yahoo=3&redirect_y=dHM9MTYyMTUxMTI1ODA2Mi43MDE5MDQ6dXVpZD0iOTA5MzMzNzk2MTQ5Njk4MTgxNV9fVElNRV9fMjAyMS0wNS0yMCswNCUzQTQ3JTNBMzQiOmFwaWQ9VVAyYWU1OWZmZS1iOTYxLTExZWItYWYyNS0wMjg1NWZjMzkwMDA6bWlncmF0ZWQyeT0iMSI6cmVxdWVzdF9pZD03NjQ1MmZkYi03M2VmLTRjZmItOWM5Ni0xNWE4YzIxZjkxYWQ=
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM= Show response
ads-eu.v.ssp.yahoo.com/a/h/
Redirect Chain

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=2047840621&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&p...
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=2047840621&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.wi...

249 B
1 KB

366ms
365ms

XHR
text/xml

18.185.202.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=2047840621&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1&a.y_rid=9e673e5c-d769-4e5e-952a-836288fe129e&a.is_yahoo=3&redirect_y=dHM9MTYyMTUxMTI1ODA2MS41MjE0ODQ6dXVpZD0iOTA5MzMzNzk2MTQ5Njk4MTgxNV9fVElNRV9fMjAyMS0wNS0yMCswNCUzQTQ3JTNBMzQiOmFwaWQ9VVAyYWU1OWZmZS1iOTYxLTExZWItYWYyNS0wMjg1NWZjMzkwMDA6bWlncmF0ZWQyeT0iMSI6cmVxdWVzdF9pZD05ZTY3M2U1Yy1kNzY5LTRlNWUtOTUyYS04MzYyODhmZTEyOWU=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.202.111 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: ATS/7.1.2.128 /
Resource Hash: 6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
Date: Thu, 20 May 2021 11:47:38 GMT
content-encoding: gzip
server: ATS/7.1.2.128
Age: 0
content-type: text/xml
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

Redirect headers

strict-transport-security: max-age=31536000
server: adaptv/1.0
access-control-allow-origin: https://www.eotimedopovo.com.br
content-type: text/plain
location: https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=2047840621&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1&a.y_rid=9e673e5c-d769-4e5e-952a-836288fe129e&a.is_yahoo=3&redirect_y=dHM9MTYyMTUxMTI1ODA2MS41MjE0ODQ6dXVpZD0iOTA5MzMzNzk2MTQ5Njk4MTgxNV9fVElNRV9fMjAyMS0wNS0yMCswNCUzQTQ3JTNBMzQiOmFwaWQ9VVAyYWU1OWZmZS1iOTYxLTExZWItYWYyNS0wMjg1NWZjMzkwMDA6bWlncmF0ZWQyeT0iMSI6cmVxdWVzdF9pZD05ZTY3M2U1Yy1kNzY5LTRlNWUtOTUyYS04MzYyODhmZTEyOWU=
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

88k_nHSg_6XSp1263gyM+iSSVC+nZNMH Show response
ads-eu.v.ssp.yahoo.com/a/h/
Redirect Chain

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=617487797&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=...
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=617487797&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&sc...

249 B
1 KB

361ms
361ms

XHR
text/xml

18.185.202.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=617487797&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1&a.y_rid=01882c66-8d5a-46a8-98b9-922f12883a3f&a.is_yahoo=3&redirect_y=dHM9MTYyMTUxMTI1ODA3MC43MTk3Mjc6dXVpZD0iOTA5MzMzNzk2MTQ5Njk4MTgxNV9fVElNRV9fMjAyMS0wNS0yMCswNCUzQTQ3JTNBMzQiOmFwaWQ9VVAyYWU1OWZmZS1iOTYxLTExZWItYWYyNS0wMjg1NWZjMzkwMDA6bWlncmF0ZWQyeT0iMSI6cmVxdWVzdF9pZD0wMTg4MmM2Ni04ZDVhLTQ2YTgtOThiOS05MjJmMTI4ODNhM2Y=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.202.111 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: ATS/7.1.2.128 /
Resource Hash: 6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
Date: Thu, 20 May 2021 11:47:38 GMT
content-encoding: gzip
server: ATS/7.1.2.128
Age: 0
content-type: text/xml
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

Redirect headers

strict-transport-security: max-age=31536000
server: adaptv/1.0
access-control-allow-origin: https://www.eotimedopovo.com.br
content-type: text/plain
location: https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=617487797&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1&a.y_rid=01882c66-8d5a-46a8-98b9-922f12883a3f&a.is_yahoo=3&redirect_y=dHM9MTYyMTUxMTI1ODA3MC43MTk3Mjc6dXVpZD0iOTA5MzMzNzk2MTQ5Njk4MTgxNV9fVElNRV9fMjAyMS0wNS0yMCswNCUzQTQ3JTNBMzQiOmFwaWQ9VVAyYWU1OWZmZS1iOTYxLTExZWItYWYyNS0wMjg1NWZjMzkwMDA6bWlncmF0ZWQyeT0iMSI6cmVxdWVzdF9pZD0wMTg4MmM2Ni04ZDVhLTQ2YTgtOThiOS05MjJmMTI4ODNhM2Y=
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

88k_nHSg_6XSp1263gyM+iSSVC+nZNMH Show response
ads-eu.v.ssp.yahoo.com/a/h/
Redirect Chain

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=711589997&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&p...
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=711589997&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.he...

249 B
1 KB

237ms
197ms

XHR
text/xml

18.185.202.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=711589997&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1&a.y_rid=ade734dc-d3fb-4e26-96db-f57189cc804b&a.is_yahoo=3&redirect_y=dHM9MTYyMTUxMTI1ODA3Ni43OTE3NDg6dXVpZD0iOTA5MzMzNzk2MTQ5Njk4MTgxNV9fVElNRV9fMjAyMS0wNS0yMCswNCUzQTQ3JTNBMzQiOmFwaWQ9VVAyYWU1OWZmZS1iOTYxLTExZWItYWYyNS0wMjg1NWZjMzkwMDA6bWlncmF0ZWQyeT0iMSI6cmVxdWVzdF9pZD1hZGU3MzRkYy1kM2ZiLTRlMjYtOTZkYi1mNTcxODljYzgwNGI=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.202.111 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: ATS/7.1.2.128 /
Resource Hash: 6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
Date: Thu, 20 May 2021 11:47:38 GMT
content-encoding: gzip
server: ATS/7.1.2.128
Age: 0
content-type: text/xml
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

Redirect headers

strict-transport-security: max-age=31536000
server: adaptv/1.0
access-control-allow-origin: https://www.eotimedopovo.com.br
content-type: text/plain
location: https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=711589997&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1&a.y_rid=ade734dc-d3fb-4e26-96db-f57189cc804b&a.is_yahoo=3&redirect_y=dHM9MTYyMTUxMTI1ODA3Ni43OTE3NDg6dXVpZD0iOTA5MzMzNzk2MTQ5Njk4MTgxNV9fVElNRV9fMjAyMS0wNS0yMCswNCUzQTQ3JTNBMzQiOmFwaWQ9VVAyYWU1OWZmZS1iOTYxLTExZWItYWYyNS0wMjg1NWZjMzkwMDA6bWlncmF0ZWQyeT0iMSI6cmVxdWVzdF9pZD1hZGU3MzRkYy1kM2ZiLTRlMjYtOTZkYi1mNTcxODljYzgwNGI=
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK vtag Show response
vast.emxdgt.com/ 27 B
339 B 152ms
152ms XHR
application/xml 18.235.138.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://vast.emxdgt.com/vtag?tagid=97333&site.page=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&maxduration=119&skip=0&site.domain=eotimedopovo.com.br&device.ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&device.type=2&device.make=Google&device.model=Chrome%20-%20Windows&w=400&h=225&mimes=video%2Fmp4%2Cvideo%2Fweb%2Cvideo%2Fx-ms-wmv%2Capplication%2Fjavascript&protocols=2%2C3%2C5%2C6&placement=1&linearity=1&minduration=2&minbitrate=200&maxbitrate=10000&playbackmethod=1&maxextend=-1&boxingallowed=0&publisher.name=0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.235.138.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-235-138-170.compute-1.amazonaws.com
Software: /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 11:47:37 GMT
Content-Type: application/xml
Access-Control-Allow-Origin: https://www.eotimedopovo.com.br
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Access-Control-Allow-Headers: security, Content-Type
Content-Length: 27

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 107ms
107ms Preflight
text/plain 146.20.132.134
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.eotimedopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Thu, 20 May 2021 11:47:38 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.eotimedopovo.com.br

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 107ms
107ms Preflight
text/plain 146.20.132.134
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.eotimedopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Thu, 20 May 2021 11:47:38 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.eotimedopovo.com.br

POST
H2 200 t Show response
t.lkqd.net/ Frame 9586 0
170 B 126ms
126ms XHR
text/plain 146.20.132.134
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.eotimedopovo.com.br
date: Thu, 20 May 2021 11:47:38 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

POST
H2 200 t Show response
t.lkqd.net/ Frame 9586 0
170 B 130ms
129ms XHR
text/plain 146.20.132.134
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.eotimedopovo.com.br
date: Thu, 20 May 2021 11:47:38 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 ad Show response
v.lkqd.net/ Frame 5292 2 KB
2 KB 226ms
225ms XHR
application/xml 146.20.132.205
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1092910&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56560%2C1%2C&c4=&c5=&c6=56560&rnd=51054748&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.205 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 7690360c1661172aa4163ffd8c0ab3d12e027eb7bdeb88c03f755061230cc2a3

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:39 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://www.eotimedopovo.com.br
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 1379

GET
H2 200 vpaid.js Show response
ad.lkqd.net/vpaid/ Frame 344F 230 KB
61 KB 21ms
21ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: ef50960ff4008e29ce90d5fbf828aafc92f1df70f59fb672fa3884fdd2017a5f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:39 GMT
content-encoding: gzip
last-modified: Mon, 10 May 2021 16:09:54 GMT
etag: "18431b5d583ab7507824ab63424fc76a"
x-hw: 1621511259.cds151.fr8.hn,1621511259.cds107.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 62012

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame E433 4 KB
2 KB 24ms
24ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: f1b84287f024bbd570be1f1bc70c321931025ffacde7b25210dcc1ccc0575591

Request headers

:method: GET
:authority: ad.lkqd.net
:scheme: https
:path: /cookie-sync/usync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: sr59=1|CAESEIh8jtyiYSZaUoCM3oS8lv4|1621511254; sr53=1|us9CBzzLQIEp|1621511254; sr7=1|RX-261af8de-00e1-4558-9b65-88de8b3d81fb-003|1621511254; lkqdidts=1621511254; sr39=1|2556487421951403526|1621511254; sr97=1|017cec76-58f2-47c3-a24c-2b627210aaa1-60a64c53-4348|1621511254; lkqdid=KX9DgKThe44; sr55=1||1621511256; sr99=1||1621511256; sr6=1||1621511256; sr23=1||1621511256; sr45=1||1621511256; sr76=1||1621511256; sr80=1||1621511256; sr86=1||1621511256; sr103=1||1621511256; sr102=1|84799288-0a85-48e9-9860-8d426cd39b72|1621511256; sr94=1|2674282077460420961|1621511256; sr25=1|03030002_60a64c5896aa5|1621511256; sr22=1|4203a61f-17c1-4123-90ed-fad94a8f46c0|1621511256; sr93=1|jYFajdLdRKZKulquD7JoSSV4iZQ|1621511256; sr52=1|YKZMWAABHKrXbwAC|1621511256; sr12=1|f98e543a-ae98-4dc8-a7d6-e0042bc122b7|1621511256; sr90=1|4c_04961437-bf94-43c8-89f5-f05aa4f6042b|1621511256; sr43=1|f98e543a-ae98-4dc8-a7d6-e0042bc122b7|1621511256; sr46=1|f98e543a-ae98-4dc8-a7d6-e0042bc122b7|1621511257; sr85=1|18072662185289981210|1621511257
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:39 GMT
content-encoding: gzip
content-length: 1828
content-type: text/html
last-modified: Mon, 12 Apr 2021 19:06:23 GMT
accept-ranges: bytes
etag: "27034f886617b8db418f17a7a29a7e50"
cache-control: public, max-age=1209600
x-hw: 1621511259.cds151.fr8.hn,1621511259.cds226.fr8.c
access-control-allow-origin: *

POST
H2 200 ad Show response
v.lkqd.net/ Frame 344F 51 KB
4 KB 144ms
143ms XHR
application/json 146.20.132.205
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1092910&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56560%2C1%2C&c4=&c5=&c6=56560&rnd=51054748&m=&rtv=1&thost=www.eotimedopovo.com.br
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.205 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: b85a4142ab2bf326b0e8ccfe83b5e99ca7b8a4289f63970038f95fb8277cbdfc

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 20 May 2021 11:47:39 GMT
content-encoding: gzip
server: nginx
content-type: application/json
access-control-allow-origin: https://www.eotimedopovo.com.br
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 4353

OPTIONS
H2 200 ad
v.lkqd.net/ Frame 0
0 107ms
107ms Preflight 146.20.132.205
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1092910&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56560%2C1%2C&c4=&c5=&c6=56560&rnd=51054748&m=&rtv=1&thost=www.eotimedopovo.com.br
Protocol: H2
Server: 146.20.132.205 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.eotimedopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Thu, 20 May 2021 11:47:39 GMT
content-length: 0
access-control-allow-origin: https://www.eotimedopovo.com.br
access-control-max-age: 300
cache-control: max-age=300
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-credentials: true

POST
H2 200 t Show response
t.lkqd.net/ Frame C07C 0
170 B 110ms
110ms XHR
text/plain 146.20.132.134
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.eotimedopovo.com.br
date: Thu, 20 May 2021 11:47:39 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 108ms
107ms Preflight
text/plain 146.20.132.134
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.eotimedopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Thu, 20 May 2021 11:47:39 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.eotimedopovo.com.br

GET
H/1.1 200
OK 218947 Show response
search.spotxchange.com/vast/2.0/ 67 B
1 KB 43ms
42ms XHR
text/xml 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.0/218947?VPAID=JS&content_page_url=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&cb=604314505&player_width=400&player_height=225&media_transcoding=low&ip_addr=37.120.137.148&device[ua]=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&regs[gdpr]=&user[consent]=&device[geo][lat]=47.3925&device[geo][lon]=8.4546&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C62401338516262171781867766067%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 11:47:39 GMT
Content-Encoding: gzip
X-SpotX-Timing-Transform: 0.000306
X-SpotX-Timing-SpotMarket: 0.009017
X-SpotX-Timing-Page-Mux: 0.001316
X-SpotX-Timing-Page-Require: 0.000491
X-fe: 103
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000032
Content-Length: 77
X-SpotX-Timing-Page: 0.016355
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000797
Last-Modified: Thu, 20 May 2021 11:47:39 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Vary: Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary: 0.009017
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.eotimedopovo.com.br
X-SpotX-Timing-Page-Misc: 0.004383
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000012
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 / Show response
adx.adform.net/adx/ 65 B
654 B 172ms
172ms XHR
text/xml 37.157.2.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?mid=970530&t=2&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:39 GMT
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 173
pragma: no-cache
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: text/xml; charset=utf-8
access-control-allow-origin: https://www.eotimedopovo.com.br
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H/1.1

200
OK

88k_nHSg_6XSp1263gyM+iSSVC+nZNMH Show response
ads-eu.v.ssp.yahoo.com/a/h/
Redirect Chain

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1238417684&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&pi.width=400&pi.height=225&pi.viewable=1&scpid...
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1238417684&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&pi.width=400&pi.height=225&pi.viewable=1&scpid=565...

249 B
1 KB

196ms
195ms

XHR
text/xml

18.185.202.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1238417684&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&eov=eov&hp=1&a.y_rid=511110ae-8b57-4187-95d7-3ac472df6806&a.is_yahoo=3&redirect_y=dHM9MTYyMTUxMTI1OTU3MC4xMjQwMjM6dXVpZD0iOTA5MzMzNzk2MTQ5Njk4MTgxNV9fVElNRV9fMjAyMS0wNS0yMCswNCUzQTQ3JTNBMzQiOmFwaWQ9VVAyYWU1OWZmZS1iOTYxLTExZWItYWYyNS0wMjg1NWZjMzkwMDA6bWlncmF0ZWQyeT0iMSI6cmVxdWVzdF9pZD01MTExMTBhZS04YjU3LTQxODctOTVkNy0zYWM0NzJkZjY4MDY=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.202.111 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: ATS/7.1.2.128 /
Resource Hash: 6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
Date: Thu, 20 May 2021 11:47:39 GMT
content-encoding: gzip
server: ATS/7.1.2.128
Age: 0
content-type: text/xml
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

Redirect headers

strict-transport-security: max-age=31536000
server: adaptv/1.0
access-control-allow-origin: https://www.eotimedopovo.com.br
content-type: text/plain
location: https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1238417684&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&eov=eov&hp=1&a.y_rid=511110ae-8b57-4187-95d7-3ac472df6806&a.is_yahoo=3&redirect_y=dHM9MTYyMTUxMTI1OTU3MC4xMjQwMjM6dXVpZD0iOTA5MzMzNzk2MTQ5Njk4MTgxNV9fVElNRV9fMjAyMS0wNS0yMCswNCUzQTQ3JTNBMzQiOmFwaWQ9VVAyYWU1OWZmZS1iOTYxLTExZWItYWYyNS0wMjg1NWZjMzkwMDA6bWlncmF0ZWQyeT0iMSI6cmVxdWVzdF9pZD01MTExMTBhZS04YjU3LTQxODctOTVkNy0zYWM0NzJkZjY4MDY=
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

88k_nHSg_6XSp1263gyM+iSSVC+nZNMH Show response
ads-eu.v.ssp.yahoo.com/a/h/
Redirect Chain

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1788611024&gdpr=&gdpr_consent=&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=22...
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1788611024&gdpr=&gdpr_consent=&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi...

249 B
1 KB

362ms
361ms

XHR
text/xml

18.185.202.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1788611024&gdpr=&gdpr_consent=&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1&a.y_rid=7b464323-dcee-4b84-bcad-eb9a01567a14&a.is_yahoo=3&redirect_y=dHM9MTYyMTUxMTI1OTU2OS42OTM4NDg6dXVpZD0iOTA5MzMzNzk2MTQ5Njk4MTgxNV9fVElNRV9fMjAyMS0wNS0yMCswNCUzQTQ3JTNBMzQiOmFwaWQ9VVAyYWU1OWZmZS1iOTYxLTExZWItYWYyNS0wMjg1NWZjMzkwMDA6bWlncmF0ZWQyeT0iMSI6cmVxdWVzdF9pZD03YjQ2NDMyMy1kY2VlLTRiODQtYmNhZC1lYjlhMDE1NjdhMTQ=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.202.111 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: ATS/7.1.2.128 /
Resource Hash: 6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
Date: Thu, 20 May 2021 11:47:39 GMT
content-encoding: gzip
server: ATS/7.1.2.128
Age: 0
content-type: text/xml
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

Redirect headers

strict-transport-security: max-age=31536000
server: adaptv/1.0
access-control-allow-origin: https://www.eotimedopovo.com.br
content-type: text/plain
location: https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1788611024&gdpr=&gdpr_consent=&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1&a.y_rid=7b464323-dcee-4b84-bcad-eb9a01567a14&a.is_yahoo=3&redirect_y=dHM9MTYyMTUxMTI1OTU2OS42OTM4NDg6dXVpZD0iOTA5MzMzNzk2MTQ5Njk4MTgxNV9fVElNRV9fMjAyMS0wNS0yMCswNCUzQTQ3JTNBMzQiOmFwaWQ9VVAyYWU1OWZmZS1iOTYxLTExZWItYWYyNS0wMjg1NWZjMzkwMDA6bWlncmF0ZWQyeT0iMSI6cmVxdWVzdF9pZD03YjQ2NDMyMy1kY2VlLTRiODQtYmNhZC1lYjlhMDE1NjdhMTQ=
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM= Show response
ads-eu.v.ssp.yahoo.com/a/h/
Redirect Chain

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=71895966&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi....
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=71895966&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.widt...

249 B
1 KB

206ms
205ms

XHR
text/xml

18.185.202.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=71895966&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1&a.y_rid=2ae32906-c64f-469a-a36b-7cb115cc4d48&a.is_yahoo=3&redirect_y=dHM9MTYyMTUxMTI1OTU3My41OTk2MDk6dXVpZD0iOTA5MzMzNzk2MTQ5Njk4MTgxNV9fVElNRV9fMjAyMS0wNS0yMCswNCUzQTQ3JTNBMzQiOmFwaWQ9VVAyYWU1OWZmZS1iOTYxLTExZWItYWYyNS0wMjg1NWZjMzkwMDA6bWlncmF0ZWQyeT0iMSI6cmVxdWVzdF9pZD0yYWUzMjkwNi1jNjRmLTQ2OWEtYTM2Yi03Y2IxMTVjYzRkNDg=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.202.111 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: ATS/7.1.2.128 /
Resource Hash: 6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
Date: Thu, 20 May 2021 11:47:39 GMT
content-encoding: gzip
server: ATS/7.1.2.128
Age: 0
content-type: text/xml
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

Redirect headers

strict-transport-security: max-age=31536000
server: adaptv/1.0
access-control-allow-origin: https://www.eotimedopovo.com.br
content-type: text/plain
location: https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=71895966&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1&a.y_rid=2ae32906-c64f-469a-a36b-7cb115cc4d48&a.is_yahoo=3&redirect_y=dHM9MTYyMTUxMTI1OTU3My41OTk2MDk6dXVpZD0iOTA5MzMzNzk2MTQ5Njk4MTgxNV9fVElNRV9fMjAyMS0wNS0yMCswNCUzQTQ3JTNBMzQiOmFwaWQ9VVAyYWU1OWZmZS1iOTYxLTExZWItYWYyNS0wMjg1NWZjMzkwMDA6bWlncmF0ZWQyeT0iMSI6cmVxdWVzdF9pZD0yYWUzMjkwNi1jNjRmLTQ2OWEtYTM2Yi03Y2IxMTVjYzRkNDg=
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

88k_nHSg_6XSp1263gyM+iSSVC+nZNMH Show response
ads-eu.v.ssp.yahoo.com/a/h/
Redirect Chain

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1322015747&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable...
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1322015747&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&s...

249 B
1 KB

201ms
201ms

XHR
text/xml

18.185.202.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1322015747&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1&a.y_rid=edfb58e0-1834-4dac-92d5-6fb35d63c4a6&a.is_yahoo=3&redirect_y=dHM9MTYyMTUxMTI1OTU3Ny4zNDk4NTQ6dXVpZD0iOTA5MzMzNzk2MTQ5Njk4MTgxNV9fVElNRV9fMjAyMS0wNS0yMCswNCUzQTQ3JTNBMzQiOmFwaWQ9VVAyYWU1OWZmZS1iOTYxLTExZWItYWYyNS0wMjg1NWZjMzkwMDA6bWlncmF0ZWQyeT0iMSI6cmVxdWVzdF9pZD1lZGZiNThlMC0xODM0LTRkYWMtOTJkNS02ZmIzNWQ2M2M0YTY=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.202.111 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: ATS/7.1.2.128 /
Resource Hash: 6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
Date: Thu, 20 May 2021 11:47:39 GMT
content-encoding: gzip
server: ATS/7.1.2.128
Age: 0
content-type: text/xml
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

Redirect headers

strict-transport-security: max-age=31536000
server: adaptv/1.0
access-control-allow-origin: https://www.eotimedopovo.com.br
content-type: text/plain
location: https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1322015747&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1&a.y_rid=edfb58e0-1834-4dac-92d5-6fb35d63c4a6&a.is_yahoo=3&redirect_y=dHM9MTYyMTUxMTI1OTU3Ny4zNDk4NTQ6dXVpZD0iOTA5MzMzNzk2MTQ5Njk4MTgxNV9fVElNRV9fMjAyMS0wNS0yMCswNCUzQTQ3JTNBMzQiOmFwaWQ9VVAyYWU1OWZmZS1iOTYxLTExZWItYWYyNS0wMjg1NWZjMzkwMDA6bWlncmF0ZWQyeT0iMSI6cmVxdWVzdF9pZD1lZGZiNThlMC0xODM0LTRkYWMtOTJkNS02ZmIzNWQ2M2M0YTY=
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK vtag Show response
vast.emxdgt.com/ 27 B
339 B 141ms
141ms XHR
application/xml 18.235.138.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://vast.emxdgt.com/vtag?tagid=97333&site.page=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&maxduration=119&skip=0&site.domain=eotimedopovo.com.br&device.ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&device.type=2&device.make=Google&device.model=Chrome%20-%20Windows&w=400&h=225&mimes=video%2Fmp4%2Cvideo%2Fweb%2Cvideo%2Fx-ms-wmv%2Capplication%2Fjavascript&protocols=2%2C3%2C5%2C6&placement=1&linearity=1&minduration=2&minbitrate=200&maxbitrate=10000&playbackmethod=1&maxextend=-1&boxingallowed=0&publisher.name=0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.235.138.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-235-138-170.compute-1.amazonaws.com
Software: /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 11:47:38 GMT
Content-Type: application/xml
Access-Control-Allow-Origin: https://www.eotimedopovo.com.br
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Access-Control-Allow-Headers: security, Content-Type
Content-Length: 27

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 108ms
107ms Preflight
text/plain 146.20.132.134
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.eotimedopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Thu, 20 May 2021 11:47:40 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.eotimedopovo.com.br

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 108ms
107ms Preflight
text/plain 146.20.132.134
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.eotimedopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Thu, 20 May 2021 11:47:40 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.eotimedopovo.com.br

POST
H2 200 t Show response
t.lkqd.net/ Frame C07C 0
170 B 119ms
119ms XHR
text/plain 146.20.132.134
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.eotimedopovo.com.br
date: Thu, 20 May 2021 11:47:40 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

POST
H2 200 t Show response
t.lkqd.net/ Frame C07C 0
170 B 124ms
124ms XHR
text/plain 146.20.132.134
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.eotimedopovo.com.br
date: Thu, 20 May 2021 11:47:40 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 ad Show response
v.lkqd.net/ Frame 5292 2 KB
2 KB 114ms
114ms XHR
application/xml 146.20.132.205
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1092910&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56560%2C1%2C&c4=&c5=&c6=56560&rnd=4000783&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.205 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: d8af8cf5de7aa87ec386df39ffca261d170b944c507c9f858361a08714aafed1

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:40 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://www.eotimedopovo.com.br
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 1376

GET
H2 200 vpaid.js Show response
ad.lkqd.net/vpaid/ Frame 06D8 230 KB
61 KB 20ms
20ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: ef50960ff4008e29ce90d5fbf828aafc92f1df70f59fb672fa3884fdd2017a5f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:40 GMT
content-encoding: gzip
last-modified: Mon, 10 May 2021 16:09:54 GMT
etag: "18431b5d583ab7507824ab63424fc76a"
x-hw: 1621511260.cds151.fr8.hn,1621511260.cds107.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 62012

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame BC26 4 KB
2 KB 19ms
19ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: f1b84287f024bbd570be1f1bc70c321931025ffacde7b25210dcc1ccc0575591

Request headers

:method: GET
:authority: ad.lkqd.net
:scheme: https
:path: /cookie-sync/usync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: sr59=1|CAESEIh8jtyiYSZaUoCM3oS8lv4|1621511254; sr53=1|us9CBzzLQIEp|1621511254; sr7=1|RX-261af8de-00e1-4558-9b65-88de8b3d81fb-003|1621511254; lkqdidts=1621511254; sr39=1|2556487421951403526|1621511254; sr97=1|017cec76-58f2-47c3-a24c-2b627210aaa1-60a64c53-4348|1621511254; lkqdid=KX9DgKThe44; sr55=1||1621511256; sr99=1||1621511256; sr6=1||1621511256; sr23=1||1621511256; sr45=1||1621511256; sr76=1||1621511256; sr80=1||1621511256; sr86=1||1621511256; sr103=1||1621511256; sr102=1|84799288-0a85-48e9-9860-8d426cd39b72|1621511256; sr94=1|2674282077460420961|1621511256; sr25=1|03030002_60a64c5896aa5|1621511256; sr22=1|4203a61f-17c1-4123-90ed-fad94a8f46c0|1621511256; sr93=1|jYFajdLdRKZKulquD7JoSSV4iZQ|1621511256; sr52=1|YKZMWAABHKrXbwAC|1621511256; sr12=1|f98e543a-ae98-4dc8-a7d6-e0042bc122b7|1621511256; sr90=1|4c_04961437-bf94-43c8-89f5-f05aa4f6042b|1621511256; sr43=1|f98e543a-ae98-4dc8-a7d6-e0042bc122b7|1621511256; sr46=1|f98e543a-ae98-4dc8-a7d6-e0042bc122b7|1621511257; sr85=1|18072662185289981210|1621511257
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:40 GMT
content-encoding: gzip
content-length: 1828
content-type: text/html
last-modified: Mon, 12 Apr 2021 19:06:23 GMT
accept-ranges: bytes
etag: "27034f886617b8db418f17a7a29a7e50"
cache-control: public, max-age=1209600
x-hw: 1621511260.cds151.fr8.hn,1621511260.cds226.fr8.c
access-control-allow-origin: *

OPTIONS
H2 200 ad
v.lkqd.net/ Frame 0
0 107ms
107ms Preflight 146.20.132.205
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1092910&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56560%2C1%2C&c4=&c5=&c6=56560&rnd=4000783&m=&rtv=1&thost=www.eotimedopovo.com.br
Protocol: H2
Server: 146.20.132.205 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.eotimedopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Thu, 20 May 2021 11:47:40 GMT
content-length: 0
access-control-allow-origin: https://www.eotimedopovo.com.br
access-control-max-age: 300
cache-control: max-age=300
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-credentials: true

POST
H2 200 ad Show response
v.lkqd.net/ Frame 06D8 25 KB
3 KB 136ms
136ms XHR
application/json 146.20.132.205
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1092910&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56560%2C1%2C&c4=&c5=&c6=56560&rnd=4000783&m=&rtv=1&thost=www.eotimedopovo.com.br
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.205 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 8a347e5d45a227945116befa8695aec5e8d8a93870aece9c86e0794f901a72e2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 20 May 2021 11:47:40 GMT
content-encoding: gzip
server: nginx
content-type: application/json
access-control-allow-origin: https://www.eotimedopovo.com.br
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 3232

POST
H2 200 t Show response
t.lkqd.net/ Frame 5E1D 0
170 B 110ms
109ms XHR
text/plain 146.20.132.134
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.eotimedopovo.com.br
date: Thu, 20 May 2021 11:47:40 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 107ms
107ms Preflight
text/plain 146.20.132.134
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.eotimedopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Thu, 20 May 2021 11:47:40 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.eotimedopovo.com.br

GET
H/1.1 200
OK 218947 Show response
search.spotxchange.com/vast/2.0/ 67 B
1 KB 50ms
50ms XHR
text/xml 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.0/218947?VPAID=JS&content_page_url=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&cb=1626096559&player_width=400&player_height=225&media_transcoding=low&ip_addr=37.120.137.148&device[ua]=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&regs[gdpr]=&user[consent]=&device[geo][lat]=47.3925&device[geo][lon]=8.4546&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C10544886103931270821372145268%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 11:47:40 GMT
Content-Encoding: gzip
X-SpotX-Timing-Transform: 0.000376
X-SpotX-Timing-SpotMarket: 0.014143
X-SpotX-Timing-Page-Mux: 0.001529
X-SpotX-Timing-Page-Require: 0.000482
X-fe: 011
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000036
Content-Length: 77
X-SpotX-Timing-Page: 0.024345
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000451
Last-Modified: Thu, 20 May 2021 11:47:40 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Vary: Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary: 0.014143
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.eotimedopovo.com.br
X-SpotX-Timing-Page-Misc: 0.007314
X-SpotX-Timing-Page-Exception: 0.000000
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000014
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 / Show response
adx.adform.net/adx/ 65 B
654 B 119ms
119ms XHR
text/xml 37.157.2.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?mid=970530&t=2&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:40 GMT
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 173
pragma: no-cache
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: text/xml; charset=utf-8
access-control-allow-origin: https://www.eotimedopovo.com.br
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H/1.1

200
OK

88k_nHSg_6XSp1263gyM+iSSVC+nZNMH Show response
ads-eu.v.ssp.yahoo.com/a/h/
Redirect Chain

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=950552447&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=...
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=950552447&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&sc...

249 B
1 KB

357ms
356ms

XHR
text/xml

18.185.202.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=950552447&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1&a.y_rid=65a6529b-f1e8-4f7d-9d6c-9f0a0c3b6822&a.is_yahoo=3&redirect_y=dHM9MTYyMTUxMTI2MDg3NS43OTY2MzE6dXVpZD0iOTA5MzMzNzk2MTQ5Njk4MTgxNV9fVElNRV9fMjAyMS0wNS0yMCswNCUzQTQ3JTNBMzQiOmFwaWQ9VVAyYWU1OWZmZS1iOTYxLTExZWItYWYyNS0wMjg1NWZjMzkwMDA6bWlncmF0ZWQyeT0iMSI6cmVxdWVzdF9pZD02NWE2NTI5Yi1mMWU4LTRmN2QtOWQ2Yy05ZjBhMGMzYjY4MjI=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.202.111 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: ATS/7.1.2.128 /
Resource Hash: 6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
Date: Thu, 20 May 2021 11:47:41 GMT
content-encoding: gzip
server: ATS/7.1.2.128
Age: 1
content-type: text/xml
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

Redirect headers

strict-transport-security: max-age=31536000
server: adaptv/1.0
access-control-allow-origin: https://www.eotimedopovo.com.br
content-type: text/plain
location: https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=950552447&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1&a.y_rid=65a6529b-f1e8-4f7d-9d6c-9f0a0c3b6822&a.is_yahoo=3&redirect_y=dHM9MTYyMTUxMTI2MDg3NS43OTY2MzE6dXVpZD0iOTA5MzMzNzk2MTQ5Njk4MTgxNV9fVElNRV9fMjAyMS0wNS0yMCswNCUzQTQ3JTNBMzQiOmFwaWQ9VVAyYWU1OWZmZS1iOTYxLTExZWItYWYyNS0wMjg1NWZjMzkwMDA6bWlncmF0ZWQyeT0iMSI6cmVxdWVzdF9pZD02NWE2NTI5Yi1mMWU4LTRmN2QtOWQ2Yy05ZjBhMGMzYjY4MjI=
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 0

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 107ms
107ms Preflight
text/plain 146.20.132.134
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.eotimedopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Thu, 20 May 2021 11:47:41 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.eotimedopovo.com.br

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 108ms
107ms Preflight
text/plain 146.20.132.134
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.eotimedopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Thu, 20 May 2021 11:47:41 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.eotimedopovo.com.br

POST
H2 200 t Show response
t.lkqd.net/ Frame 5E1D 0
170 B 112ms
112ms XHR
text/plain 146.20.132.134
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.eotimedopovo.com.br
date: Thu, 20 May 2021 11:47:41 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

POST
H2 200 t Show response
t.lkqd.net/ Frame 5E1D 0
170 B 115ms
115ms XHR
text/plain 146.20.132.134
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.eotimedopovo.com.br
date: Thu, 20 May 2021 11:47:41 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 ad Show response
v.lkqd.net/ Frame 5292 2 KB
2 KB 212ms
212ms XHR
application/xml 146.20.132.205
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1092910&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56560%2C1%2C&c4=&c5=&c6=56560&rnd=16271152&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.205 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 37b76e964cec51d12bebc368c87ef93aeaff4fa9f50e59c15d8c0c735858f644

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:41 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://www.eotimedopovo.com.br
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 1376

GET
H2 200 vpaid.js Show response
ad.lkqd.net/vpaid/ Frame 8E4B 230 KB
61 KB 22ms
22ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: ef50960ff4008e29ce90d5fbf828aafc92f1df70f59fb672fa3884fdd2017a5f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:41 GMT
content-encoding: gzip
last-modified: Mon, 10 May 2021 16:09:54 GMT
etag: "18431b5d583ab7507824ab63424fc76a"
x-hw: 1621511261.cds151.fr8.hn,1621511261.cds107.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 62012

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame 395C 4 KB
2 KB 21ms
20ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: f1b84287f024bbd570be1f1bc70c321931025ffacde7b25210dcc1ccc0575591

Request headers

:method: GET
:authority: ad.lkqd.net
:scheme: https
:path: /cookie-sync/usync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: sr59=1|CAESEIh8jtyiYSZaUoCM3oS8lv4|1621511254; sr53=1|us9CBzzLQIEp|1621511254; sr7=1|RX-261af8de-00e1-4558-9b65-88de8b3d81fb-003|1621511254; lkqdidts=1621511254; sr39=1|2556487421951403526|1621511254; sr97=1|017cec76-58f2-47c3-a24c-2b627210aaa1-60a64c53-4348|1621511254; lkqdid=KX9DgKThe44; sr55=1||1621511256; sr99=1||1621511256; sr6=1||1621511256; sr23=1||1621511256; sr45=1||1621511256; sr76=1||1621511256; sr80=1||1621511256; sr86=1||1621511256; sr103=1||1621511256; sr102=1|84799288-0a85-48e9-9860-8d426cd39b72|1621511256; sr94=1|2674282077460420961|1621511256; sr25=1|03030002_60a64c5896aa5|1621511256; sr22=1|4203a61f-17c1-4123-90ed-fad94a8f46c0|1621511256; sr93=1|jYFajdLdRKZKulquD7JoSSV4iZQ|1621511256; sr52=1|YKZMWAABHKrXbwAC|1621511256; sr12=1|f98e543a-ae98-4dc8-a7d6-e0042bc122b7|1621511256; sr90=1|4c_04961437-bf94-43c8-89f5-f05aa4f6042b|1621511256; sr43=1|f98e543a-ae98-4dc8-a7d6-e0042bc122b7|1621511256; sr46=1|f98e543a-ae98-4dc8-a7d6-e0042bc122b7|1621511257; sr85=1|18072662185289981210|1621511257
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:42 GMT
content-encoding: gzip
content-length: 1828
content-type: text/html
last-modified: Mon, 12 Apr 2021 19:06:23 GMT
accept-ranges: bytes
etag: "27034f886617b8db418f17a7a29a7e50"
cache-control: public, max-age=1209600
x-hw: 1621511262.cds151.fr8.hn,1621511262.cds226.fr8.c
access-control-allow-origin: *

POST
H2 200 ad Show response
v.lkqd.net/ Frame 8E4B 18 KB
3 KB 135ms
135ms XHR
application/json 146.20.132.205
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1092910&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56560%2C1%2C&c4=&c5=&c6=56560&rnd=16271152&m=&rtv=1&thost=www.eotimedopovo.com.br
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.205 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: bdbf705d2fc510c05e7eeade4be906d0ef13de78811377fa62ef433b943782cd

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 20 May 2021 11:47:42 GMT
content-encoding: gzip
server: nginx
content-type: application/json
access-control-allow-origin: https://www.eotimedopovo.com.br
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 2912

OPTIONS
H2 200 ad
v.lkqd.net/ Frame 0
0 295ms
295ms Preflight 146.20.132.205
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1092910&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56560%2C1%2C&c4=&c5=&c6=56560&rnd=16271152&m=&rtv=1&thost=www.eotimedopovo.com.br
Protocol: H2
Server: 146.20.132.205 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.eotimedopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Thu, 20 May 2021 11:47:42 GMT
content-length: 0
access-control-allow-origin: https://www.eotimedopovo.com.br
access-control-max-age: 300
cache-control: max-age=300
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-credentials: true

POST
H2 200 t Show response
t.lkqd.net/ Frame BEE6 0
170 B 111ms
111ms XHR
text/plain 146.20.132.134
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.eotimedopovo.com.br
date: Thu, 20 May 2021 11:47:42 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 107ms
107ms Preflight
text/plain 146.20.132.134
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.eotimedopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Thu, 20 May 2021 11:47:42 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.eotimedopovo.com.br

GET
H/1.1 200
OK 218947 Show response
search.spotxchange.com/vast/2.0/ 67 B
1 KB 44ms
43ms XHR
text/xml 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.0/218947?VPAID=JS&content_page_url=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&cb=184318378&player_width=400&player_height=225&media_transcoding=low&ip_addr=37.120.137.148&device[ua]=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&regs[gdpr]=&user[consent]=&device[geo][lat]=47.3925&device[geo][lon]=8.4546&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C3419170226246800673486320722%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 11:47:42 GMT
Content-Encoding: gzip
X-SpotX-Timing-Transform: 0.000548
X-SpotX-Timing-SpotMarket: 0.011793
X-SpotX-Timing-Page-Mux: 0.001131
X-SpotX-Timing-Page-Require: 0.000346
X-fe: 042
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000033
Content-Length: 77
X-SpotX-Timing-Page: 0.018175
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000293
Last-Modified: Thu, 20 May 2021 11:47:42 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Vary: Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary: 0.011793
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.eotimedopovo.com.br
X-SpotX-Timing-Page-Misc: 0.004011
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000019
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 / Show response
adx.adform.net/adx/ 65 B
654 B 109ms
108ms XHR
text/xml 37.157.2.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?mid=970530&t=2&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:42 GMT
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 173
pragma: no-cache
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: text/xml; charset=utf-8
access-control-allow-origin: https://www.eotimedopovo.com.br
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 108ms
107ms Preflight
text/plain 146.20.132.134
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.eotimedopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Thu, 20 May 2021 11:47:42 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.eotimedopovo.com.br

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 108ms
108ms Preflight
text/plain 146.20.132.134
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.eotimedopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Thu, 20 May 2021 11:47:42 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.eotimedopovo.com.br

POST
H2 200 t Show response
t.lkqd.net/ Frame BEE6 0
170 B 112ms
111ms XHR
text/plain 146.20.132.134
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.eotimedopovo.com.br
date: Thu, 20 May 2021 11:47:42 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

POST
H2 200 t Show response
t.lkqd.net/ Frame BEE6 0
170 B 114ms
114ms XHR
text/plain 146.20.132.134
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.eotimedopovo.com.br
date: Thu, 20 May 2021 11:47:42 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 ad Show response
v.lkqd.net/ Frame 5292 2 KB
2 KB 115ms
115ms XHR
application/xml 146.20.132.205
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1092910&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56560%2C1%2C&c4=&c5=&c6=56560&rnd=10607346&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.205 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 498ae2c15750f30c083088a20d5288cc7f87fdb7fbdc6d17cc7fec8a79ecacfd

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:43 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://www.eotimedopovo.com.br
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 1378

GET
H2 200 vpaid.js Show response
ad.lkqd.net/vpaid/ Frame 05C6 230 KB
61 KB 20ms
19ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: ef50960ff4008e29ce90d5fbf828aafc92f1df70f59fb672fa3884fdd2017a5f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:43 GMT
content-encoding: gzip
last-modified: Mon, 10 May 2021 16:09:54 GMT
etag: "18431b5d583ab7507824ab63424fc76a"
x-hw: 1621511263.cds151.fr8.hn,1621511263.cds107.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 62012

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame 2813 4 KB
2 KB 20ms
19ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: f1b84287f024bbd570be1f1bc70c321931025ffacde7b25210dcc1ccc0575591

Request headers

:method: GET
:authority: ad.lkqd.net
:scheme: https
:path: /cookie-sync/usync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: sr59=1|CAESEIh8jtyiYSZaUoCM3oS8lv4|1621511254; sr53=1|us9CBzzLQIEp|1621511254; sr7=1|RX-261af8de-00e1-4558-9b65-88de8b3d81fb-003|1621511254; lkqdidts=1621511254; sr39=1|2556487421951403526|1621511254; sr97=1|017cec76-58f2-47c3-a24c-2b627210aaa1-60a64c53-4348|1621511254; lkqdid=KX9DgKThe44; sr55=1||1621511256; sr99=1||1621511256; sr6=1||1621511256; sr23=1||1621511256; sr45=1||1621511256; sr76=1||1621511256; sr80=1||1621511256; sr86=1||1621511256; sr103=1||1621511256; sr102=1|84799288-0a85-48e9-9860-8d426cd39b72|1621511256; sr94=1|2674282077460420961|1621511256; sr25=1|03030002_60a64c5896aa5|1621511256; sr22=1|4203a61f-17c1-4123-90ed-fad94a8f46c0|1621511256; sr93=1|jYFajdLdRKZKulquD7JoSSV4iZQ|1621511256; sr52=1|YKZMWAABHKrXbwAC|1621511256; sr12=1|f98e543a-ae98-4dc8-a7d6-e0042bc122b7|1621511256; sr90=1|4c_04961437-bf94-43c8-89f5-f05aa4f6042b|1621511256; sr43=1|f98e543a-ae98-4dc8-a7d6-e0042bc122b7|1621511256; sr46=1|f98e543a-ae98-4dc8-a7d6-e0042bc122b7|1621511257; sr85=1|18072662185289981210|1621511257
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:43 GMT
content-encoding: gzip
content-length: 1828
content-type: text/html
last-modified: Mon, 12 Apr 2021 19:06:23 GMT
accept-ranges: bytes
etag: "27034f886617b8db418f17a7a29a7e50"
cache-control: public, max-age=1209600
x-hw: 1621511263.cds151.fr8.hn,1621511263.cds226.fr8.c
access-control-allow-origin: *

POST
H2 200 ad Show response
v.lkqd.net/ Frame 05C6 18 KB
3 KB 385ms
385ms XHR
application/json 146.20.132.205
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1092910&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56560%2C1%2C&c4=&c5=&c6=56560&rnd=10607346&m=&rtv=1&thost=www.eotimedopovo.com.br
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.205 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e948298f43a300fecc4ff459ac39d29c2185d2420b963322c80f24c31db3eb70

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 20 May 2021 11:47:43 GMT
content-encoding: gzip
server: nginx
content-type: application/json
access-control-allow-origin: https://www.eotimedopovo.com.br
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 2911

OPTIONS
H2 200 ad
v.lkqd.net/ Frame 0
0 108ms
108ms Preflight 146.20.132.205
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1092910&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56560%2C1%2C&c4=&c5=&c6=56560&rnd=10607346&m=&rtv=1&thost=www.eotimedopovo.com.br
Protocol: H2
Server: 146.20.132.205 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.eotimedopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Thu, 20 May 2021 11:47:43 GMT
content-length: 0
access-control-allow-origin: https://www.eotimedopovo.com.br
access-control-max-age: 300
cache-control: max-age=300
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-credentials: true

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 113ms
113ms Preflight
text/plain 146.20.132.134
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.eotimedopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Thu, 20 May 2021 11:47:43 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.eotimedopovo.com.br

POST
H2 200 t Show response
t.lkqd.net/ Frame D3E8 0
170 B 110ms
110ms XHR
text/plain 146.20.132.134
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.eotimedopovo.com.br
date: Thu, 20 May 2021 11:47:43 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H/1.1 200
OK 218947 Show response
search.spotxchange.com/vast/2.0/ 67 B
1 KB 44ms
44ms XHR
text/xml 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.0/218947?VPAID=JS&content_page_url=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&cb=1976774274&player_width=400&player_height=225&media_transcoding=low&ip_addr=37.120.137.148&device[ua]=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&regs[gdpr]=&user[consent]=&device[geo][lat]=47.3925&device[geo][lon]=8.4546&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C45262753317378079311719592964%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 11:47:43 GMT
Content-Encoding: gzip
X-SpotX-Timing-Transform: 0.001311
X-SpotX-Timing-SpotMarket: 0.008942
X-SpotX-Timing-Page-Mux: 0.001543
X-SpotX-Timing-Page-Require: 0.000322
X-fe: 106
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000032
Content-Length: 77
X-SpotX-Timing-Page: 0.017143
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000422
Last-Modified: Thu, 20 May 2021 11:47:43 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Vary: Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary: 0.008942
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.eotimedopovo.com.br
X-SpotX-Timing-Page-Misc: 0.004558
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000012
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 / Show response
adx.adform.net/adx/ 65 B
654 B 101ms
101ms XHR
text/xml 37.157.2.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?mid=970530&t=2&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:43 GMT
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 173
pragma: no-cache
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: text/xml; charset=utf-8
access-control-allow-origin: https://www.eotimedopovo.com.br
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 t Show response
t.lkqd.net/ Frame D3E8 0
170 B 113ms
112ms XHR
text/plain 146.20.132.134
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.eotimedopovo.com.br
date: Thu, 20 May 2021 11:47:43 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

POST
H2 200 t Show response
t.lkqd.net/ Frame D3E8 0
170 B 112ms
111ms XHR
text/plain 146.20.132.134
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.eotimedopovo.com.br
date: Thu, 20 May 2021 11:47:43 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 108ms
107ms Preflight
text/plain 146.20.132.134
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.eotimedopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Thu, 20 May 2021 11:47:43 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.eotimedopovo.com.br

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 108ms
108ms Preflight
text/plain 146.20.132.134
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.eotimedopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Thu, 20 May 2021 11:47:43 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.eotimedopovo.com.br

GET
H2 200 ad Show response
v.lkqd.net/ Frame 5292 2 KB
2 KB 116ms
115ms XHR
application/xml 146.20.132.205
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1092910&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56560%2C1%2C&c4=&c5=&c6=56560&rnd=28647539&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.205 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: cc790b61e027245b0291828bf1837696a7d9d80b13f4c64a4e7face29d33e4f1

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:44 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://www.eotimedopovo.com.br
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 1381

GET
H2 200 vpaid.js Show response
ad.lkqd.net/vpaid/ Frame B018 230 KB
61 KB 20ms
20ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: ef50960ff4008e29ce90d5fbf828aafc92f1df70f59fb672fa3884fdd2017a5f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:44 GMT
content-encoding: gzip
last-modified: Mon, 10 May 2021 16:09:54 GMT
etag: "18431b5d583ab7507824ab63424fc76a"
x-hw: 1621511264.cds151.fr8.hn,1621511264.cds107.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 62012

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame AEC1 4 KB
2 KB 20ms
19ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: f1b84287f024bbd570be1f1bc70c321931025ffacde7b25210dcc1ccc0575591

Request headers

:method: GET
:authority: ad.lkqd.net
:scheme: https
:path: /cookie-sync/usync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: sr59=1|CAESEIh8jtyiYSZaUoCM3oS8lv4|1621511254; sr53=1|us9CBzzLQIEp|1621511254; sr7=1|RX-261af8de-00e1-4558-9b65-88de8b3d81fb-003|1621511254; lkqdidts=1621511254; sr39=1|2556487421951403526|1621511254; sr97=1|017cec76-58f2-47c3-a24c-2b627210aaa1-60a64c53-4348|1621511254; lkqdid=KX9DgKThe44; sr55=1||1621511256; sr99=1||1621511256; sr6=1||1621511256; sr23=1||1621511256; sr45=1||1621511256; sr76=1||1621511256; sr80=1||1621511256; sr86=1||1621511256; sr103=1||1621511256; sr102=1|84799288-0a85-48e9-9860-8d426cd39b72|1621511256; sr94=1|2674282077460420961|1621511256; sr25=1|03030002_60a64c5896aa5|1621511256; sr22=1|4203a61f-17c1-4123-90ed-fad94a8f46c0|1621511256; sr93=1|jYFajdLdRKZKulquD7JoSSV4iZQ|1621511256; sr52=1|YKZMWAABHKrXbwAC|1621511256; sr12=1|f98e543a-ae98-4dc8-a7d6-e0042bc122b7|1621511256; sr90=1|4c_04961437-bf94-43c8-89f5-f05aa4f6042b|1621511256; sr43=1|f98e543a-ae98-4dc8-a7d6-e0042bc122b7|1621511256; sr46=1|f98e543a-ae98-4dc8-a7d6-e0042bc122b7|1621511257; sr85=1|18072662185289981210|1621511257
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:44 GMT
content-encoding: gzip
content-length: 1828
content-type: text/html
last-modified: Mon, 12 Apr 2021 19:06:23 GMT
accept-ranges: bytes
etag: "27034f886617b8db418f17a7a29a7e50"
cache-control: public, max-age=1209600
x-hw: 1621511264.cds151.fr8.hn,1621511264.cds226.fr8.c
access-control-allow-origin: *

OPTIONS
H2 200 ad
v.lkqd.net/ Frame 0
0 107ms
107ms Preflight 146.20.132.205
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1092910&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56560%2C1%2C&c4=&c5=&c6=56560&rnd=28647539&m=&rtv=1&thost=www.eotimedopovo.com.br
Protocol: H2
Server: 146.20.132.205 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.eotimedopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Thu, 20 May 2021 11:47:44 GMT
content-length: 0
access-control-allow-origin: https://www.eotimedopovo.com.br
access-control-max-age: 300
cache-control: max-age=300
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-credentials: true

POST
H2 200 ad Show response
v.lkqd.net/ Frame B018 25 KB
3 KB 199ms
198ms XHR
application/json 146.20.132.205
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1092910&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56560%2C1%2C&c4=&c5=&c6=56560&rnd=28647539&m=&rtv=1&thost=www.eotimedopovo.com.br
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.205 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 96a065c74ffed04f82d64b55126aaab408009f805847ada96deae585721b2d3f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 20 May 2021 11:47:44 GMT
content-encoding: gzip
server: nginx
content-type: application/json
access-control-allow-origin: https://www.eotimedopovo.com.br
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 3122

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 108ms
107ms Preflight
text/plain 146.20.132.134
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.eotimedopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Thu, 20 May 2021 11:47:44 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.eotimedopovo.com.br

POST
H2 200 t Show response
t.lkqd.net/ Frame 13C8 0
170 B 111ms
110ms XHR
text/plain 146.20.132.134
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.eotimedopovo.com.br
date: Thu, 20 May 2021 11:47:44 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H/1.1 200
OK 218947 Show response
search.spotxchange.com/vast/2.0/ 67 B
1 KB 45ms
45ms XHR
text/xml 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.0/218947?VPAID=JS&content_page_url=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&cb=1144764247&player_width=400&player_height=225&media_transcoding=low&ip_addr=37.120.137.148&device[ua]=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&regs[gdpr]=&user[consent]=&device[geo][lat]=47.3925&device[geo][lon]=8.4546&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C35648822330374690081167793414%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 11:47:44 GMT
Content-Encoding: gzip
X-SpotX-Timing-Transform: 0.000287
X-SpotX-Timing-SpotMarket: 0.008548
X-SpotX-Timing-Page-Mux: 0.001717
X-SpotX-Timing-Page-Require: 0.000286
X-fe: 123
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000023
Content-Length: 77
X-SpotX-Timing-Page: 0.019322
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000270
Last-Modified: Thu, 20 May 2021 11:47:44 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Vary: Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary: 0.008548
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.eotimedopovo.com.br
X-SpotX-Timing-Page-Misc: 0.008179
X-SpotX-Timing-Page-Exception: 0.000000
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000011
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 / Show response
adx.adform.net/adx/ 65 B
654 B 125ms
125ms XHR
text/xml 37.157.2.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?mid=970530&t=2&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:44 GMT
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 173
pragma: no-cache
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: text/xml; charset=utf-8
access-control-allow-origin: https://www.eotimedopovo.com.br
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H/1.1 200
OK 218945 Show response
search.spotxchange.com/vast/2.0/ 67 B
1 KB 85ms
40ms XHR
text/xml 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.0/218945?VPAID=JS&content_page_url=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&cb=875101867&player_width=400&player_height=225&ip_addr=37.120.137.148&device[ua]=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&regs[gdpr]=&user[consent]=&device[geo][lat]=47.3925&device[geo][lon]=8.4546&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C35648822330374690081441706256%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 11:47:44 GMT
Content-Encoding: gzip
X-SpotX-Timing-Transform: 0.000323
X-SpotX-Timing-SpotMarket: 0.009583
X-SpotX-Timing-Page-Mux: 0.001208
X-SpotX-Timing-Page-Require: 0.000344
X-fe: 103
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000031
Content-Length: 77
X-SpotX-Timing-Page: 0.014743
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000365
Last-Modified: Thu, 20 May 2021 11:47:44 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Vary: Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary: 0.009583
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.eotimedopovo.com.br
X-SpotX-Timing-Page-Misc: 0.002879
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000009
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 109ms
109ms Preflight
text/plain 146.20.132.134
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.eotimedopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Thu, 20 May 2021 11:47:44 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.eotimedopovo.com.br

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 107ms
107ms Preflight
text/plain 146.20.132.134
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.eotimedopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Thu, 20 May 2021 11:47:44 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.eotimedopovo.com.br

POST
H2 200 t Show response
t.lkqd.net/ Frame 13C8 0
170 B 112ms
111ms XHR
text/plain 146.20.132.134
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.eotimedopovo.com.br
date: Thu, 20 May 2021 11:47:45 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

POST
H2 200 t Show response
t.lkqd.net/ Frame 13C8 0
170 B 110ms
109ms XHR
text/plain 146.20.132.134
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.eotimedopovo.com.br
date: Thu, 20 May 2021 11:47:45 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 ad Show response
v.lkqd.net/ Frame 5292 2 KB
2 KB 114ms
113ms XHR
application/xml 146.20.132.205
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1092910&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56560%2C1%2C&c4=&c5=&c6=56560&rnd=46474034&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.205 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: c5f87c038dc33c1d1ab152590063685cfed5ba198786cb34ff6ec5c98a2c1a9c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:45 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://www.eotimedopovo.com.br
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 1375

GET
H2 200 vpaid.js Show response
ad.lkqd.net/vpaid/ Frame D51D 230 KB
61 KB 20ms
19ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: ef50960ff4008e29ce90d5fbf828aafc92f1df70f59fb672fa3884fdd2017a5f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:45 GMT
content-encoding: gzip
last-modified: Mon, 10 May 2021 16:09:54 GMT
etag: "18431b5d583ab7507824ab63424fc76a"
x-hw: 1621511265.cds151.fr8.hn,1621511265.cds107.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 62012

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame A0BB 4 KB
2 KB 19ms
19ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: f1b84287f024bbd570be1f1bc70c321931025ffacde7b25210dcc1ccc0575591

Request headers

:method: GET
:authority: ad.lkqd.net
:scheme: https
:path: /cookie-sync/usync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: lkqdidts=1621511265; lkqdid=j9KPKhZllhw
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:45 GMT
content-encoding: gzip
content-length: 1828
content-type: text/html
last-modified: Mon, 12 Apr 2021 19:06:23 GMT
accept-ranges: bytes
etag: "27034f886617b8db418f17a7a29a7e50"
cache-control: public, max-age=1209600
x-hw: 1621511265.cds151.fr8.hn,1621511265.cds226.fr8.c
access-control-allow-origin: *

OPTIONS
H2 200 ad
v.lkqd.net/ Frame 0
0 117ms
116ms Preflight 146.20.132.205
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1092910&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56560%2C1%2C&c4=&c5=&c6=56560&rnd=46474034&m=&rtv=1&thost=www.eotimedopovo.com.br
Protocol: H2
Server: 146.20.132.205 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.eotimedopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Thu, 20 May 2021 11:47:45 GMT
content-length: 0
access-control-allow-origin: https://www.eotimedopovo.com.br
access-control-max-age: 300
cache-control: max-age=300
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-credentials: true

POST
H2 200 ad Show response
v.lkqd.net/ Frame D51D 73 KB
6 KB 140ms
139ms XHR
application/json 146.20.132.205
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1092910&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56560%2C1%2C&c4=&c5=&c6=56560&rnd=46474034&m=&rtv=1&thost=www.eotimedopovo.com.br
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.205 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: ed517589dc87d6f2d729ed96b8ba953caa7b340e6b42ab8a8de33bb4334827ef

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 20 May 2021 11:47:45 GMT
content-encoding: gzip
server: nginx
content-type: application/json
access-control-allow-origin: https://www.eotimedopovo.com.br
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 5803

GET
H2

200

cs
cs.lkqd.net/ Frame A0BB
Redirect Chain

https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252...
https://cs.krushmedia.com/cd607442bfdf172cfcec45014a5f4ece.gif?puid=j9KPKhZllhw&redir=https://cs.lkqd.net/cs?partnerId%3D102%26partnerUserId%3D%5BUID%5D
https://cs.lkqd.net/cs?partnerId=102&partnerUserId=bcd1163a-d09a-4f6d-96ab-c286d37325f0

43 B
402 B

112ms
111ms

Image
image/gif

146.20.132.67
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=102&partnerUserId=bcd1163a-d09a-4f6d-96ab-c286d37325f0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:46 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

Pragma: no-cache
Date: Thu, 20 May 2021 11:47:46 GMT
Server: nginx
Transfer-Encoding: chunked
Location: https://cs.lkqd.net/cs?partnerId=102&partnerUserId=bcd1163a-d09a-4f6d-96ab-c286d37325f0
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H2

200

NXST
c.deployads.com/cs/ Frame A0BB
Redirect Chain

https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
https://c.deployads.com/cs/NXST?b=j9KPKhZllhw

43 B
285 B

37ms
36ms

Image
image/gif

52.30.95.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.deployads.com/cs/NXST?b=j9KPKhZllhw
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.95.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-95-9.eu-west-1.compute.amazonaws.com
Software: SortableCactus/1.0 /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 May 2021 11:47:45 GMT
cache-control: no-cache
server: SortableCactus/1.0
content-type: image/gif
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Thu, 20 May 2021 11:47:45 GMT
server: nginx
location: https://c.deployads.com/cs/NXST?b=j9KPKhZllhw
access-control-max-age: 0
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 0

GET
H2

200

cs
cs.lkqd.net/ Frame A0BB
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8712104939489290288

43 B
389 B

108ms
108ms

Image
image/gif

146.20.132.67
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8712104939489290288
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:45 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8712104939489290288
pragma: no-cache
date: Thu, 20 May 2021 11:47:45 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

cs
cs.lkqd.net/ Frame A0BB
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=161
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=ScPsOp4aQoBLCdONZ5txYCV4iZQ

43 B
398 B

108ms
108ms

Image
image/gif

146.20.132.67
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=ScPsOp4aQoBLCdONZ5txYCV4iZQ
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:46 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

Location: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=ScPsOp4aQoBLCdONZ5txYCV4iZQ
Date: Thu, 20 May 2021 11:47:45 GMT
Connection: keep-alive
Content-Length: 104
Content-Type: text/html; charset=utf-8

GET
H2

451

464986.gif
idsync.rlcdn.com/ Frame A0BB
Redirect Chain

https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if
https://idsync.rlcdn.com/464986.gif?partner_uid=j9KPKhZllhw

0
42 B

32ms
30ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/464986.gif?partner_uid=j9KPKhZllhw
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:45 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

Redirect headers

date: Thu, 20 May 2021 11:47:45 GMT
server: nginx
location: https://idsync.rlcdn.com/464986.gif?partner_uid=j9KPKhZllhw
access-control-max-age: 0
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 0

POST
H2 200 t Show response
t.lkqd.net/ Frame B326 0
170 B 110ms
109ms XHR
text/plain 146.20.132.134
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.eotimedopovo.com.br
date: Thu, 20 May 2021 11:47:45 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 108ms
107ms Preflight
text/plain 146.20.132.134
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.eotimedopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Thu, 20 May 2021 11:47:45 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.eotimedopovo.com.br

GET
H2

200

cs
cs.lkqd.net/ Frame D51D
Redirect Chain

https://sync.1rx.io/usersync2/lkqd
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8751100508
https://sync.1rx.io/usersync/tradedesk/15aa95cb-2071-42bd-bde1-4f9ee752e36d
https://sync.targeting.unrulymedia.com/csync/RX-c5874a6e-c7f3-4197-86d9-991956a03dff-003?redir=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D7%26partnerUserId%3DRX-c5874a6e-c7f3-4197-86d9-991956a03d...
https://cs.lkqd.net/cs?partnerId=7&partnerUserId=RX-c5874a6e-c7f3-4197-86d9-991956a03dff-003

43 B
407 B

114ms
107ms

Image
image/gif

146.20.132.67
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=7&partnerUserId=RX-c5874a6e-c7f3-4197-86d9-991956a03dff-003
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:46 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=7&partnerUserId=RX-c5874a6e-c7f3-4197-86d9-991956a03dff-003
date: Thu, 20 May 2021 11:47:46 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RXc5874a6ec7f3419786d9991956a03dff003
content-type: text/html

GET
H2

200

cs
cs.lkqd.net/ Frame D51D
Redirect Chain

https://x.bidswitch.net/sync?ssp=lkqd
https://x.bidswitch.net/ul_cb/sync?ssp=lkqd
https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=lkqd&bsw_custom_parameter=bbf65c79-5a3d-4c62-8b49-a15869f868fa
https://x.bidswitch.net/sync?dsp_id=257&user_id=mk6a7486a4-82f3-4148-a345-ed168036c463&expires=7&user_group=5&ssp=lkqd&bsw_param=bbf65c79-5a3d-4c62-8b49-a15869f868fa
https://cs.lkqd.net/cs?partnerId=12&partnerUserId=bbf65c79-5a3d-4c62-8b49-a15869f868fa&redirect=%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D43%26partnerUserId%3Dbbf65c79-5a3d-4c62-8b49-a15869f868fa%26redi...
https://cs.lkqd.net/cs?partnerId=43&partnerUserId=bbf65c79-5a3d-4c62-8b49-a15869f868fa&redirect=//cs.lkqd.net/cs?partnerId%3D46%26partnerUserId%3Dbbf65c79-5a3d-4c62-8b49-a15869f868fa
https://cs.lkqd.net/cs?partnerId=46&partnerUserId=bbf65c79-5a3d-4c62-8b49-a15869f868fa

43 B
402 B

116ms
115ms

Image
image/gif

146.20.132.67
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=46&partnerUserId=bbf65c79-5a3d-4c62-8b49-a15869f868fa
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:46 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

date: Thu, 20 May 2021 11:47:46 GMT
server: nginx
location: //cs.lkqd.net/cs?partnerId=46&partnerUserId=bbf65c79-5a3d-4c62-8b49-a15869f868fa
access-control-max-age: 0
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 0

GET
H2

200

cs
cs.lkqd.net/ Frame D51D
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=e0d6q5j&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=e0d6q5j&ttd_tpi=1
https://cs.lkqd.net/cs?partnerId=22&partnerUserId=15aa95cb-2071-42bd-bde1-4f9ee752e36d

43 B
401 B

109ms
109ms

Image
image/gif

146.20.132.67
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=22&partnerUserId=15aa95cb-2071-42bd-bde1-4f9ee752e36d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:46 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

pragma: no-cache
date: Thu, 20 May 2021 11:47:45 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cs.lkqd.net/cs?partnerId=22&partnerUserId=15aa95cb-2071-42bd-bde1-4f9ee752e36d
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 203

GET
H2

200

cs
cs.lkqd.net/ Frame D51D
Redirect Chain

https://sync.tidaltv.com/genericusersync.ashx?dpid=3162
https://sync.tidaltv.com/genericusersync.ashx?dpid=3162&s_h=1
https://cs.lkqd.net/cs?partnerId=23&partnerUserId=b467150e-e027-4f6b-a079-acaa6700cfac&gdpr=1&gdpr_consent=

43 B
308 B

119ms
119ms

Image
image/gif

146.20.132.67
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=23&partnerUserId=b467150e-e027-4f6b-a079-acaa6700cfac&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:46 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

pragma: no-cache
date: Thu, 20 May 2021 11:47:46 GMT
server: Apache-Coyote/1.1
location: https://cs.lkqd.net/cs?partnerId=23&partnerUserId=b467150e-e027-4f6b-a079-acaa6700cfac&gdpr=1&gdpr_consent=
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

GET
H2

200

cs
cs.lkqd.net/ Frame D51D
Redirect Chain

https://gu.dyntrk.com/adx/lkqd/us.php?dynk=l1k4q1d4&gdpr=&gdpr_consent=
https://gu.dyntrk.com/adx/lkqd/us.php?dynk=l1k4q1d4&gdpr=&gdpr_consent=&prevuid=03030003_60a64c61efdec&knw=0
https://cs.lkqd.net/cs?partnerId=25&partnerUserId=03030003_60a64c61efdec

43 B
391 B

109ms
109ms

Image
image/gif

146.20.132.67
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=25&partnerUserId=03030003_60a64c61efdec
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:46 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

date: Thu, 20 May 2021 11:47:46 GMT
server: nginx
access-control-allow-origin: *
transfer-encoding: chunked
access-control-allow-methods: POST, GET, OPTIONS
p3p: CP="NOI DEV OUR BUS UNI"
location: https://cs.lkqd.net/cs?partnerId=25&partnerUserId=03030003_60a64c61efdec
cache-control: no-cache
content-type: text/html; charset=UTF-8
access-control-allow-headers: Origin
keep-alive: timeout=10

GET
H2

200

cs
cs.lkqd.net/ Frame D51D
Redirect Chain

https://media.sabio.us/imp_pixel?invsrc=11&secure=1
https://cs.lkqd.net/cs?partnerId=39&partnerUserId=3519514776392745427

43 B
390 B

107ms
107ms

Image
image/gif

146.20.132.67
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=39&partnerUserId=3519514776392745427
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:46 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=39&partnerUserId=3519514776392745427
date: Thu, 20 May 2021 11:47:45 GMT
server: Apache/2.4.23 (Unix)
content-length: 257
content-type: text/html; charset=iso-8859-1

GET
H2

200

cs
cs.lkqd.net/ Frame D51D
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/aUTuBPNf?redir=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D52%26partnerUserId%3D%24%7BUSER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/aUTuBPNf?redir=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D52%26partnerUserId%3D%24%7BUSER_ID%7D&_test=YKZMYQABKiffdAA4
https://cs.lkqd.net/cs?partnerId=52&partnerUserId=YKZMYQABKiffdAA4&_test=YKZMYQABKiffdAA4

43 B
389 B

112ms
112ms

Image
image/gif

146.20.132.67
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=52&partnerUserId=YKZMYQABKiffdAA4&_test=YKZMYQABKiffdAA4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:46 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

pragma: no-cache
date: Thu, 20 May 2021 11:47:46 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1621511266.045173,VS0,VE0
x-served-by: cache-fra19138-FRA
x-cache: HIT
location: https://cs.lkqd.net/cs?partnerId=52&partnerUserId=YKZMYQABKiffdAA4&_test=YKZMYQABKiffdAA4
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

cs
cs.lkqd.net/ Frame D51D
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=561322&ev=1&rurl=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D53%26partnerUserId%3D%25%25VGUID%25%25
https://cs.lkqd.net/cs?partnerId=53&partnerUserId=v0OIbcn04veC&ev=1&pid=561322

43 B
385 B

109ms
108ms

Image
image/gif

146.20.132.67
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=53&partnerUserId=v0OIbcn04veC&ev=1&pid=561322
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:46 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
location: https://cs.lkqd.net/cs?partnerId=53&partnerUserId=v0OIbcn04veC&ev=1&pid=561322
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-686fd4fb4c-g94hc
expires: -1

GET
H2 200 p-E357uSpKxfQzx.gif
cms.quantserve.com/pixel/ Frame D51D 35 B
371 B 17ms
7ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/pixel/p-E357uSpKxfQzx.gif?idmatch=0

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 May 2021 11:47:45 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200
OK lkq
match.prod.bidr.io/cookie-sync/ Frame D51D 43 B
430 B 132ms
42ms Image
image/gif 52.19.106.86
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/lkq

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.19.106.86 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
Date: Thu, 20 May 2021 11:47:46 GMT
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
content-type: image/gif
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK cm
p.rfihub.com/ Frame D51D 42 B
614 B 125ms
32ms Image
image/gif 193.0.160.129
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.rfihub.com/cm?pub=35678&in=1
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 193.0.160.129 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 11:47:46 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Type: image/gif
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

cs
cs.lkqd.net/ Frame D51D
Redirect Chain

https://nxd.adhaven.com/bid-engine/cs/2e288610711ad6050acd86a3fc72a6c3/v1?rd=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D90%26partnerUserId%3D%24UID
https://cs.lkqd.net/cs?partnerId=90&partnerUserId=4c_2f13f168-5838-42f5-8ddd-fb3a8e07048b

43 B
404 B

109ms
107ms

Image
image/gif

146.20.132.67
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=90&partnerUserId=4c_2f13f168-5838-42f5-8ddd-fb3a8e07048b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:46 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=90&partnerUserId=4c_2f13f168-5838-42f5-8ddd-fb3a8e07048b
date: Thu, 20 May 2021 11:47:46 GMT
via: 1.1 google
server: WildFly/10
x-powered-by: Undertow/1
alt-svc: clear
content-length: 0

GET
H2

200

cs
cs.lkqd.net/ Frame D51D
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=161
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=ScPsOp4aQoBLCdONZ5txYCV4iZQ

43 B
398 B

109ms
108ms

Image
image/gif

146.20.132.67
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=ScPsOp4aQoBLCdONZ5txYCV4iZQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:46 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

Location: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=ScPsOp4aQoBLCdONZ5txYCV4iZQ
Date: Thu, 20 May 2021 11:47:46 GMT
Connection: keep-alive
Content-Length: 104
Content-Type: text/html; charset=utf-8

GET
H2

200

cs
cs.lkqd.net/ Frame D51D
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8712104939489290288

43 B
389 B

108ms
107ms

Image
image/gif

146.20.132.67
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8712104939489290288
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:46 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8712104939489290288
pragma: no-cache
date: Thu, 20 May 2021 11:47:45 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

cs
cs.lkqd.net/ Frame D51D
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=118
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=118
https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=928c58db-ba27-4e54-811d-e2ee97a93c7b-60a64c62-4348&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_i...
https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=928c58db-ba27-4e54-811d-e2ee97a93c7b-60a64c62-4348&partner_url=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D97%26partnerUser...
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=928c58db-ba27-4e54-811d-e2ee97a93c7b-60a64c62-4348&partner_url=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D97%26partn...
https://cs.lkqd.net/cs?partnerId=97&partnerUserId=928c58db-ba27-4e54-811d-e2ee97a93c7b-60a64c62-4348

43 B
411 B

109ms
108ms

Image
image/gif

146.20.132.67
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=97&partnerUserId=928c58db-ba27-4e54-811d-e2ee97a93c7b-60a64c62-4348
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:46 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

date: Thu, 20 May 2021 11:47:46 GMT
via: 1.1 google
server: Jetty(9.4.36.v20210114)
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://cs.lkqd.net/cs?partnerId=97&partnerUserId=928c58db-ba27-4e54-811d-e2ee97a93c7b-60a64c62-4348
alt-svc: clear
content-length: 0

GET
H/1.1 200
OK CookieSyncLKQD
rtb.adentifi.com/ Frame D51D 0
88 B 110ms
108ms Image
text/plain 52.45.128.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adentifi.com/CookieSyncLKQD
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.128.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0
Content-Type: text/plain

GET
H2

204

/
loadm.exelator.com/load/ Frame D51D
Redirect Chain

https://sync.tidaltv.com/genericusersync.ashx?dpid=lkqd
https://sb.scorecardresearch.com/p?c1=9&c2=5989497&cs_xi=b467150e-e027-4f6b-a079-acaa6700cfac&rn=TIMESTAMP&cs_xs=3315&r=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1266&gdpr=1&gd...
https://sb.scorecardresearch.com/p2?c1=9&c2=5989497&cs_xi=b467150e-e027-4f6b-a079-acaa6700cfac&rn=TIMESTAMP&cs_xs=3315&r=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1266&gdpr=1&g...
https://sync.tidaltv.com/genericusersync.ashx?dpid=1266
https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzMxODMxNDE0/mpuid/b467150e-e027-4f6b-a079-acaa6700cfac/rnd/0/url/https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1261%2F&gdpr=1&gdpr_consent=
https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1261%2F&gdpr=1&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=445&dpuuid=b467150e-e027-4f6b-a079-acaa6700cfac?redir=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1262&gdpr=1&gdpr_consent=
https://sync.tidaltv.com/genericusersync.ashx?dpid=1262
https://tags.bluekai.com/site/5379?id=b467150e-e027-4f6b-a079-acaa6700cfac&redir=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1263&gdpr=1&gdpr_consent=
https://sync.tidaltv.com/genericusersync.ashx?dpid=1263
https://loadm.exelator.com/load/?p=204&g=281&buid=b467150e-e027-4f6b-a079-acaa6700cfac&j=0&ru=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1265&gdpr=1&gdpr_consent=

0
324 B

20ms
20ms

Image
text/plain

18.198.69.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=281&buid=b467150e-e027-4f6b-a079-acaa6700cfac&j=0&ru=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1265&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:46 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

pragma: no-cache
date: Thu, 20 May 2021 11:47:46 GMT
server: Apache-Coyote/1.1
location: https://loadm.exelator.com/load/?p=204&g=281&buid=b467150e-e027-4f6b-a079-acaa6700cfac&j=0&ru=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1265&gdpr=1&gdpr_consent=
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

GET
H2 451 464986.gif
idsync.rlcdn.com/ Frame D51D 0
42 B 31ms
30ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/464986.gif?partner_uid=j9KPKhZllhw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:46 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

GET
H2

200

cs
cs.lkqd.net/ Frame D51D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm&google_hm=ajlLUEtoWmxsaHc
https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm=&google_hm=ajlLUEtoWmxsaHc&google_tc=
https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEKzEY9mwtzyJHJz6A6AXee4&google_cver=1

43 B
398 B

109ms
107ms

Image
image/gif

146.20.132.67
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEKzEY9mwtzyJHJz6A6AXee4&google_cver=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:46 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

pragma: no-cache
date: Thu, 20 May 2021 11:47:46 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEKzEY9mwtzyJHJz6A6AXee4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 296
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET

cs
cs.lkqd.net/ Frame D51D
Redirect Chain

https://a.tribalfusion.com/i.match?p=b30&u=j9KPKhZllhw&redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D85%26partnerUserId%3D%24TF_USER_ID_ENC%24
https://s.tribalfusion.com/z/i.match?p=b30&u=j9KPKhZllhw&redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D85%26partnerUserId%3D%24TF_USER_ID_ENC%24
https://cs.lkqd.net/cs?partnerId=85&partnerUserId=18072662185288781919

0
0

GET
H2 200 NXST
c.deployads.com/cs/ Frame D51D 43 B
285 B 43ms
41ms Image
image/gif 52.30.95.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.deployads.com/cs/NXST?b=j9KPKhZllhw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.95.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-95-9.eu-west-1.compute.amazonaws.com
Software: SortableCactus/1.0 /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 May 2021 11:47:46 GMT
cache-control: no-cache
server: SortableCactus/1.0
content-type: image/gif
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

cs
cs.lkqd.net/ Frame D51D
Redirect Chain

https://cs.krushmedia.com/cd607442bfdf172cfcec45014a5f4ece.gif?puid=j9KPKhZllhw&redir=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D102%26partnerUserId%3D%5BUID%5D
https://cs.lkqd.net/cs?partnerId=102&partnerUserId=bcd1163a-d09a-4f6d-96ab-c286d37325f0

43 B
402 B

112ms
112ms

Image
image/gif

146.20.132.67
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=102&partnerUserId=bcd1163a-d09a-4f6d-96ab-c286d37325f0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:46 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

Pragma: no-cache
Date: Thu, 20 May 2021 11:47:46 GMT
Server: nginx
Transfer-Encoding: chunked
Location: https://cs.lkqd.net/cs?partnerId=102&partnerUserId=bcd1163a-d09a-4f6d-96ab-c286d37325f0
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H2 400 lkqd
event.clientgear.com/cookie/ Frame D51D 0
0 505ms
504ms Image
text/html 47.252.78.131
CNNIC-ALIBABA-US-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://event.clientgear.com/cookie/lkqd?partner=lkqd&cookieid=j9KPKhZllhw&uid={ymcookie}
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.252.78.131 , United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 / Show response
adx.adform.net/adx/ 65 B
654 B 165ms
154ms XHR
text/xml 37.157.2.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?mid=970530&t=2&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:46 GMT
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 173
pragma: no-cache
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: text/xml; charset=utf-8
access-control-allow-origin: https://www.eotimedopovo.com.br
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H/1.1 200
OK 218947 Show response
search.spotxchange.com/vast/2.0/ 67 B
1 KB 46ms
42ms XHR
text/xml 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.0/218947?VPAID=JS&content_page_url=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&cb=821161003&player_width=400&player_height=225&media_transcoding=low&ip_addr=37.120.137.148&device[ua]=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&regs[gdpr]=&user[consent]=&device[geo][lat]=47.3925&device[geo][lon]=8.4546&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C40303338600159062081486371616%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 11:47:45 GMT
Content-Encoding: gzip
X-SpotX-Timing-Transform: 0.000292
X-SpotX-Timing-SpotMarket: 0.010329
X-SpotX-Timing-Page-Mux: 0.001781
X-SpotX-Timing-Page-Require: 0.000424
X-fe: 136
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000033
Content-Length: 77
X-SpotX-Timing-Page: 0.017036
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000332
Last-Modified: Thu, 20 May 2021 11:47:45 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Vary: Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary: 0.010329
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.eotimedopovo.com.br
X-SpotX-Timing-Page-Misc: 0.003834
X-SpotX-Timing-Page-Exception: 0.000000
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000011
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

sync Show response
ups.analytics.yahoo.com/ups/56465/
Redirect Chain

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=834358577&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&pi.width=400&pi.height=225&pi.viewable=1&scpid=...
https://pr-bh.ybp.yahoo.com/sync/adtech/VA3103bfc3-b961-11eb-b443-02b90c27b1e5?gdpr=1&gdpr_consent=&nsync=1
https://pixel.advertising.com/ups/56465/sync?uid=y-djjyqw5E2p7z1wy_egYQameTRnNjqBZF9wTo~A&_origin=0&nsync=1
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-djjyqw5E2p7z1wy_egYQameTRnNjqBZF9wTo~A&_origin=0&nsync=1&apid=VA307393dd-b961-11eb-8ad4-068489b665ff

227 B
1 KB

23ms
21ms

XHR
text/xml

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-djjyqw5E2p7z1wy_egYQameTRnNjqBZF9wTo~A&_origin=0&nsync=1&apid=VA307393dd-b961-11eb-8ad4-068489b665ff

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.128 /

Resource Hash

6b36889bd724c683ff092fa2b909a8752a9d505004410d3e404a308f2873b51e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 11:47:46 GMT
Strict-Transport-Security: max-age=31536000
Server: ATS/7.1.2.128
Age: 0
Vary: Origin
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Access-Control-Allow-Origin: null
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/xml;charset=UTF-8
Transfer-Encoding: chunked

Redirect headers

date: Thu, 20 May 2021 11:47:46 GMT
location: https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-djjyqw5E2p7z1wy_egYQameTRnNjqBZF9wTo~A&_origin=0&nsync=1&apid=VA307393dd-b961-11eb-8ad4-068489b665ff
vary: Origin
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin: null
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
content-length: 0

GET
H/1.1

200
OK

sync Show response
ups.analytics.yahoo.com/ups/56465/
Redirect Chain

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=2063845834&gdpr=&gdpr_consent=&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=22...
https://pr-bh.ybp.yahoo.com/sync/adtech/VA3112f192-b961-11eb-8099-06dba23ddddc?gdpr=1&gdpr_consent=&nsync=1
https://pixel.advertising.com/ups/56465/sync?uid=y-djjyqw5E2p7z1wy_egYQameTRnNjqBZF9wTo~A&_origin=0&nsync=1
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-djjyqw5E2p7z1wy_egYQameTRnNjqBZF9wTo~A&_origin=0&nsync=1&apid=VA3073c1c9-b961-11eb-b183-021cb587458c

227 B
1 KB

31ms
23ms

XHR
text/xml

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-djjyqw5E2p7z1wy_egYQameTRnNjqBZF9wTo~A&_origin=0&nsync=1&apid=VA3073c1c9-b961-11eb-b183-021cb587458c

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.128 /

Resource Hash

6b36889bd724c683ff092fa2b909a8752a9d505004410d3e404a308f2873b51e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 11:47:46 GMT
Strict-Transport-Security: max-age=31536000
Server: ATS/7.1.2.128
Age: 0
Vary: Origin
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Access-Control-Allow-Origin: null
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/xml;charset=UTF-8
Transfer-Encoding: chunked

Redirect headers

date: Thu, 20 May 2021 11:47:46 GMT
location: https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-djjyqw5E2p7z1wy_egYQameTRnNjqBZF9wTo~A&_origin=0&nsync=1&apid=VA3073c1c9-b961-11eb-b183-021cb587458c
vary: Origin
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin: null
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
content-length: 0

GET
H/1.1

200
OK

sync Show response
ups.analytics.yahoo.com/ups/56465/
Redirect Chain

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=1226889538&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&p...
https://pr-bh.ybp.yahoo.com/sync/adtech/VA307393dd-b961-11eb-8ad4-068489b665ff?gdpr=1&gdpr_consent=&nsync=1
https://pixel.advertising.com/ups/56465/sync?uid=y-djjyqw5E2p7z1wy_egYQameTRnNjqBZF9wTo~A&_origin=0&nsync=1
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-djjyqw5E2p7z1wy_egYQameTRnNjqBZF9wTo~A&_origin=0&nsync=1&apid=VA307393dd-b961-11eb-8ad4-068489b665ff

227 B
1 KB

21ms
20ms

XHR
text/xml

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-djjyqw5E2p7z1wy_egYQameTRnNjqBZF9wTo~A&_origin=0&nsync=1&apid=VA307393dd-b961-11eb-8ad4-068489b665ff

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.128 /

Resource Hash

6b36889bd724c683ff092fa2b909a8752a9d505004410d3e404a308f2873b51e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 11:47:46 GMT
Strict-Transport-Security: max-age=31536000
Server: ATS/7.1.2.128
Age: 0
Vary: Origin
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Access-Control-Allow-Origin: null
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/xml;charset=UTF-8
Transfer-Encoding: chunked

Redirect headers

date: Thu, 20 May 2021 11:47:46 GMT
location: https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-djjyqw5E2p7z1wy_egYQameTRnNjqBZF9wTo~A&_origin=0&nsync=1&apid=VA307393dd-b961-11eb-8ad4-068489b665ff
vary: Origin
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin: null
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
content-length: 0

GET
H/1.1

200
OK

sync Show response
ups.analytics.yahoo.com/ups/56465/
Redirect Chain

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=331234367&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=...
https://pr-bh.ybp.yahoo.com/sync/adtech/VA30879885-b961-11eb-a92c-0289a724f814?gdpr=1&gdpr_consent=&nsync=1
https://pixel.advertising.com/ups/56465/sync?uid=y-DyP1UklE2p5Ip3KGCQQunCdE7FSNhFYmZvTz~A&_origin=0&nsync=1
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-DyP1UklE2p5Ip3KGCQQunCdE7FSNhFYmZvTz~A&_origin=0&nsync=1&apid=VA3073c1c9-b961-11eb-b183-021cb587458c

227 B
1 KB

24ms
23ms

XHR
text/xml

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-DyP1UklE2p5Ip3KGCQQunCdE7FSNhFYmZvTz~A&_origin=0&nsync=1&apid=VA3073c1c9-b961-11eb-b183-021cb587458c

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.128 /

Resource Hash

6b36889bd724c683ff092fa2b909a8752a9d505004410d3e404a308f2873b51e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 11:47:46 GMT
Strict-Transport-Security: max-age=31536000
Server: ATS/7.1.2.128
Age: 0
Vary: Origin
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Access-Control-Allow-Origin: null
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/xml;charset=UTF-8
Transfer-Encoding: chunked

Redirect headers

date: Thu, 20 May 2021 11:47:46 GMT
location: https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-DyP1UklE2p5Ip3KGCQQunCdE7FSNhFYmZvTz~A&_origin=0&nsync=1&apid=VA3073c1c9-b961-11eb-b183-021cb587458c
vary: Origin
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin: null
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
content-length: 0

GET
H/1.1

200
OK

sync Show response
ups.analytics.yahoo.com/ups/56465/
Redirect Chain

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1701371096&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&...
https://pr-bh.ybp.yahoo.com/sync/adtech/VA3073c1c9-b961-11eb-b183-021cb587458c?gdpr=1&gdpr_consent=&nsync=1
https://pixel.advertising.com/ups/56465/sync?uid=y-dNauiaxE2p5w2T0gKm7C_AUUg.NAWju7gTb3~A&_origin=0&nsync=1
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-dNauiaxE2p5w2T0gKm7C_AUUg.NAWju7gTb3~A&_origin=0&nsync=1&apid=VA3103bfc3-b961-11eb-b443-02b90c27b1e5

227 B
1 KB

25ms
24ms

XHR
text/xml

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-dNauiaxE2p5w2T0gKm7C_AUUg.NAWju7gTb3~A&_origin=0&nsync=1&apid=VA3103bfc3-b961-11eb-b443-02b90c27b1e5

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.128 /

Resource Hash

6b36889bd724c683ff092fa2b909a8752a9d505004410d3e404a308f2873b51e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 11:47:46 GMT
Strict-Transport-Security: max-age=31536000
Server: ATS/7.1.2.128
Age: 0
Vary: Origin
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Access-Control-Allow-Origin: null
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/xml;charset=UTF-8
Transfer-Encoding: chunked

Redirect headers

date: Thu, 20 May 2021 11:47:46 GMT
location: https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-dNauiaxE2p5w2T0gKm7C_AUUg.NAWju7gTb3~A&_origin=0&nsync=1&apid=VA3103bfc3-b961-11eb-b443-02b90c27b1e5
vary: Origin
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin: null
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
content-length: 0

GET
H/1.1 200
OK vtag Show response
vast.emxdgt.com/ 27 B
339 B 136ms
132ms XHR
application/xml 18.235.138.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://vast.emxdgt.com/vtag?tagid=97333&site.page=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&maxduration=119&skip=0&site.domain=eotimedopovo.com.br&device.ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&device.type=2&device.make=Google&device.model=Chrome%20-%20Windows&w=400&h=225&mimes=video%2Fmp4%2Cvideo%2Fweb%2Cvideo%2Fx-ms-wmv%2Capplication%2Fjavascript&protocols=2%2C3%2C5%2C6&placement=1&linearity=1&minduration=2&minbitrate=200&maxbitrate=10000&playbackmethod=1&maxextend=-1&boxingallowed=0&publisher.name=0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.235.138.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-235-138-170.compute-1.amazonaws.com
Software: /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 11:47:45 GMT
Content-Type: application/xml
Access-Control-Allow-Origin: https://www.eotimedopovo.com.br
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Access-Control-Allow-Headers: security, Content-Type
Content-Length: 27

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ 1005 B
882 B 30ms
26ms XHR
application/xml 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C13909852044030333860015906208%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: f65905203f5b868c5c642ce5d3b792850a1514652ad1f3a41edacd9894d0a5ff

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 May 2021 11:47:45 GMT
content-encoding: gzip
server: Apache/2.2.15 (CentOS)
etag: "461ced-23ca-5b1869b8fc7b9"
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://www.eotimedopovo.com.br
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 617
expires: Thu, 20 May 2021 11:47:45 GMT

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 111ms
111ms Preflight
text/plain 146.20.132.134
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.eotimedopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Thu, 20 May 2021 11:47:46 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.eotimedopovo.com.br

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 108ms
107ms Preflight
text/plain 146.20.132.134
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.eotimedopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Thu, 20 May 2021 11:47:46 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.eotimedopovo.com.br

POST
H2 200 t Show response
t.lkqd.net/ Frame B326 0
170 B 132ms
131ms XHR
text/plain 146.20.132.134
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.eotimedopovo.com.br
date: Thu, 20 May 2021 11:47:46 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

POST
H2 200 t Show response
t.lkqd.net/ Frame B326 0
170 B 114ms
113ms XHR
text/plain 146.20.132.134
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.eotimedopovo.com.br
date: Thu, 20 May 2021 11:47:46 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 ad Show response
v.lkqd.net/ Frame 5292 2 KB
2 KB 113ms
113ms XHR
application/xml 146.20.132.205
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1092910&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56560%2C1%2C&c4=&c5=&c6=56560&rnd=75457478&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.205 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: 13e4449876829cd0bc3b62afd7a648d3fa9c520c805d1a5e7ac73c2dde588d76

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:46 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://www.eotimedopovo.com.br
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 1377

GET
H2 200 vpaid.js Show response
ad.lkqd.net/vpaid/ Frame F113 230 KB
61 KB 20ms
20ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: ef50960ff4008e29ce90d5fbf828aafc92f1df70f59fb672fa3884fdd2017a5f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:47 GMT
content-encoding: gzip
last-modified: Mon, 10 May 2021 16:09:54 GMT
etag: "18431b5d583ab7507824ab63424fc76a"
x-hw: 1621511267.cds151.fr8.hn,1621511267.cds107.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 62012

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame AF6B 4 KB
2 KB 20ms
20ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: f1b84287f024bbd570be1f1bc70c321931025ffacde7b25210dcc1ccc0575591

Request headers

:method: GET
:authority: ad.lkqd.net
:scheme: https
:path: /cookie-sync/usync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: lkqdidts=1621511265; lkqdid=j9KPKhZllhw; sr99=1||1621511265; sr55=1||1621511265; sr93=1|ScPsOp4aQoBLCdONZ5txYCV4iZQ|1621511266; sr94=1|8712104939489290288|1621511266; sr22=1|15aa95cb-2071-42bd-bde1-4f9ee752e36d|1621511266; sr25=1|03030003_60a64c61efdec|1621511266; sr39=1|3519514776392745427|1621511266; sr52=1|YKZMYQABKiffdAA4|1621511266; sr102=1|bcd1163a-d09a-4f6d-96ab-c286d37325f0|1621511266; sr12=1|bbf65c79-5a3d-4c62-8b49-a15869f868fa|1621511266; sr90=1|4c_2f13f168-5838-42f5-8ddd-fb3a8e07048b|1621511266; sr43=1|bbf65c79-5a3d-4c62-8b49-a15869f868fa|1621511266; sr7=1|RX-c5874a6e-c7f3-4197-86d9-991956a03dff-003|1621511266; sr59=1|CAESEKzEY9mwtzyJHJz6A6AXee4|1621511266; sr53=1|v0OIbcn04veC|1621511266; sr46=1|bbf65c79-5a3d-4c62-8b49-a15869f868fa|1621511266; sr97=1|928c58db-ba27-4e54-811d-e2ee97a93c7b-60a64c62-4348|1621511266
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:47 GMT
content-encoding: gzip
content-length: 1828
content-type: text/html
last-modified: Mon, 12 Apr 2021 19:06:23 GMT
accept-ranges: bytes
etag: "27034f886617b8db418f17a7a29a7e50"
cache-control: public, max-age=1209600
x-hw: 1621511267.cds151.fr8.hn,1621511267.cds226.fr8.c
access-control-allow-origin: *

POST
H2 200 ad Show response
v.lkqd.net/ Frame F113 72 KB
6 KB 254ms
253ms XHR
application/json 146.20.132.205
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1092910&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56560%2C1%2C&c4=&c5=&c6=56560&rnd=75457478&m=&rtv=1&thost=www.eotimedopovo.com.br
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.205 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: ddd67e1276896a79e0f299ee53639f1b3d8b25437431abe68f02e4f39dada1bc

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 20 May 2021 11:47:47 GMT
content-encoding: gzip
server: nginx
content-type: application/json
access-control-allow-origin: https://www.eotimedopovo.com.br
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 5132

OPTIONS
H2 200 ad
v.lkqd.net/ Frame 0
0 324ms
324ms Preflight 146.20.132.205
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1092910&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56560%2C1%2C&c4=&c5=&c6=56560&rnd=75457478&m=&rtv=1&thost=www.eotimedopovo.com.br
Protocol: H2
Server: 146.20.132.205 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.eotimedopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Thu, 20 May 2021 11:47:47 GMT
content-length: 0
access-control-allow-origin: https://www.eotimedopovo.com.br
access-control-max-age: 300
cache-control: max-age=300
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-credentials: true

GET
H/1.1 200
OK cm
p.rfihub.com/ Frame AF6B 42 B
614 B 37ms
33ms Image
image/gif 193.0.160.129
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.rfihub.com/cm?pub=35678&in=1
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 193.0.160.129 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 11:47:47 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Type: image/gif
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

400

cs
cs.lkqd.net/ Frame AF6B
Redirect Chain

https://cs.lkqd.net/cs?partnerId=85&redirect=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db30%26u%3D%24%24rawlkqduserid%24%24%26redirect%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%2...
https://a.tribalfusion.com/i.match?p=b30&u=j9KPKhZllhw&redirect=https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D$TF_USER_ID_ENC$
https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D18072662185288781919

0
237 B

108ms
107ms

Image
text/plain

146.20.132.67
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D18072662185288781919
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:47 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 0

Redirect headers

pragma: no-cache
date: Thu, 20 May 2021 11:47:47 GMT
cf-cache-status: DYNAMIC
x-function: 209
server: cloudflare
x-reuse-index: 173
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6525550c4ab84ab5-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D18072662185288781919
cache-control: no-cache, private
content-type: text/html
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b337bab00004ab54cbd8000000001
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK lkq
match.prod.bidr.io/cookie-sync/ Frame AF6B 43 B
430 B 43ms
42ms Image
image/gif 52.19.106.86
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/lkq

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.19.106.86 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
Date: Thu, 20 May 2021 11:47:47 GMT
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
content-type: image/gif
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 p-E357uSpKxfQzx.gif
cms.quantserve.com/pixel/ Frame AF6B 35 B
210 B 10ms
9ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/pixel/p-E357uSpKxfQzx.gif?idmatch=0

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 May 2021 11:47:47 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200
OK CookieSyncLKQD
rtb.adentifi.com/ Frame AF6B 0
88 B 113ms
112ms Image
text/plain 52.45.128.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adentifi.com/CookieSyncLKQD
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.128.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0
Content-Type: text/plain

POST
H2 200 t Show response
t.lkqd.net/ Frame 5290 0
170 B 110ms
110ms XHR
text/plain 146.20.132.134
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.eotimedopovo.com.br
date: Thu, 20 May 2021 11:47:47 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 108ms
108ms Preflight
text/plain 146.20.132.134
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.eotimedopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Thu, 20 May 2021 11:47:47 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.eotimedopovo.com.br

GET
H/1.1 200
OK CookieSyncLKQD
rtb.adentifi.com/ Frame F113 0
88 B 123ms
109ms Image
text/plain 52.45.128.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adentifi.com/CookieSyncLKQD
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.128.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0
Content-Type: text/plain

GET
H2

200

cs
cs.lkqd.net/ Frame F113
Redirect Chain

https://sync.tidaltv.com/genericusersync.ashx?dpid=3162
https://cs.lkqd.net/cs?partnerId=23&partnerUserId=b467150e-e027-4f6b-a079-acaa6700cfac&gdpr=1&gdpr_consent=

43 B
308 B

108ms
107ms

Image
image/gif

146.20.132.67
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=23&partnerUserId=b467150e-e027-4f6b-a079-acaa6700cfac&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:47 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

pragma: no-cache
date: Thu, 20 May 2021 11:47:47 GMT
server: Apache-Coyote/1.1
location: https://cs.lkqd.net/cs?partnerId=23&partnerUserId=b467150e-e027-4f6b-a079-acaa6700cfac&gdpr=1&gdpr_consent=
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

GET
H2

200

genericusersync.ashx
sync.tidaltv.com/ Frame F113
Redirect Chain

https://sync.tidaltv.com/genericusersync.ashx?dpid=lkqd
https://sb.scorecardresearch.com/p?c1=9&c2=5989497&cs_xi=b467150e-e027-4f6b-a079-acaa6700cfac&rn=TIMESTAMP&cs_xs=3315&r=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1266&gdpr=1&gd...
https://sb.scorecardresearch.com/p2?c1=9&c2=5989497&cs_xi=b467150e-e027-4f6b-a079-acaa6700cfac&rn=TIMESTAMP&cs_xs=3315&r=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1266&gdpr=1&g...
https://sync.tidaltv.com/genericusersync.ashx?dpid=1266

42 B
327 B

33ms
32ms

Image
image/gif

2a05:d018:24:b002:ebbe:4057:3491:6f67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.tidaltv.com/genericusersync.ashx?dpid=1266

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:24:b002:ebbe:4057:3491:6f67 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 May 2021 11:47:47 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
server: Apache-Coyote/1.1
content-type: image/gif
x-xss-protection: 1; mode=block
expires: 0

Redirect headers

date: Thu, 20 May 2021 11:47:47 GMT
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sync.tidaltv.com/genericusersync.ashx?dpid=1266
content-length: 77
x-amz-cf-id: _Ce2D1pgZpjbV1hUJM9_Q29n56N8OwMcb4X2Kfn3qTtZChf7Ph2ouQ==

GET
H2 200 p-E357uSpKxfQzx.gif
cms.quantserve.com/pixel/ Frame F113 35 B
210 B 17ms
7ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/pixel/p-E357uSpKxfQzx.gif?idmatch=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 May 2021 11:47:47 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200
OK lkq
match.prod.bidr.io/cookie-sync/ Frame F113 43 B
430 B 50ms
42ms Image
image/gif 52.19.106.86
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/lkq

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.19.106.86 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
Date: Thu, 20 May 2021 11:47:47 GMT
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
content-type: image/gif
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK cm
p.rfihub.com/ Frame F113 42 B
614 B 39ms
32ms Image
image/gif 193.0.160.129
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.rfihub.com/cm?pub=35678&in=1
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 193.0.160.129 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 11:47:47 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Type: image/gif
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 400 lkqd
event.clientgear.com/cookie/ Frame F113 0
0 112ms
102ms Image
text/html 47.252.78.131
CNNIC-ALIBABA-US-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://event.clientgear.com/cookie/lkqd?partner=lkqd&cookieid=j9KPKhZllhw&uid={ymcookie}
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.252.78.131 , United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 / Show response
adx.adform.net/adx/ 65 B
654 B 126ms
117ms XHR
text/xml 37.157.2.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?mid=970530&t=2&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:47 GMT
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 173
pragma: no-cache
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: text/xml; charset=utf-8
access-control-allow-origin: https://www.eotimedopovo.com.br
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H/1.1 200
OK 218947 Show response
search.spotxchange.com/vast/2.0/ 67 B
1 KB 63ms
56ms XHR
text/xml 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.0/218947?VPAID=JS&content_page_url=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&cb=915075832&player_width=400&player_height=225&media_transcoding=low&ip_addr=37.120.137.148&device[ua]=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&regs[gdpr]=&user[consent]=&device[geo][lat]=47.3925&device[geo][lon]=8.4546&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C3636710294731955763658832211%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 11:47:47 GMT
Content-Encoding: gzip
X-SpotX-Timing-Transform: 0.000744
X-SpotX-Timing-SpotMarket: 0.014408
X-SpotX-Timing-Page-Mux: 0.002549
X-SpotX-Timing-Page-Require: 0.000750
X-fe: 004
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000044
Content-Length: 77
X-SpotX-Timing-Page: 0.025706
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000681
Last-Modified: Thu, 20 May 2021 11:47:47 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Vary: Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary: 0.014408
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.eotimedopovo.com.br
X-SpotX-Timing-Page-Misc: 0.006514
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000015
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET

pixel
cm.g.doubleclick.net/
Redirect Chain

https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&cb=886236449&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C3636710294731955763...
https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&cb=886236449&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C36367102947319...
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OTg4YTgxYjQtYzkyMi02YTEwLTZkNmMtYmI5YzZkYjBhMjhj

0
0

GET
H/1.1

200
OK

sync Show response
ups.analytics.yahoo.com/ups/56465/
Redirect Chain

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=642947417&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&pi.width=400&pi.height=225&pi.viewable=1&scpid=...
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=642947417&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&pi.width=400&pi.height=225&pi.viewable=1&scpid=5656...
https://pr-bh.ybp.yahoo.com/sync/adtech/VA307393dd-b961-11eb-8ad4-068489b665ff?gdpr=1&gdpr_consent=&nsync=1
https://pixel.advertising.com/ups/56465/sync?uid=y-JhXAuiZE2p6tksXhIvNfziW1_PT4lOjjcTf1~A&_origin=0&nsync=1
https://pixel.advertising.com/ups/56465/sync?uid=y-JhXAuiZE2p6tksXhIvNfziW1_PT4lOjjcTf1~A&_origin=0&nsync=1&verify=true
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-JhXAuiZE2p6tksXhIvNfziW1_PT4lOjjcTf1~A&_origin=0&nsync=1&apid=UP32c305da-b961-11eb-bd50-0622eae3f606

227 B
1 KB

42ms
22ms

XHR
text/xml

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-JhXAuiZE2p6tksXhIvNfziW1_PT4lOjjcTf1~A&_origin=0&nsync=1&apid=UP32c305da-b961-11eb-bd50-0622eae3f606

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.128 /

Resource Hash

6b36889bd724c683ff092fa2b909a8752a9d505004410d3e404a308f2873b51e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 11:47:48 GMT
Strict-Transport-Security: max-age=31536000
Server: ATS/7.1.2.128
Age: 0
Vary: Origin
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Access-Control-Allow-Origin: null
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/xml;charset=UTF-8
Transfer-Encoding: chunked

Redirect headers

date: Thu, 20 May 2021 11:47:47 GMT
location: https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-JhXAuiZE2p6tksXhIvNfziW1_PT4lOjjcTf1~A&_origin=0&nsync=1&apid=UP32c305da-b961-11eb-bd50-0622eae3f606
vary: Origin
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin: null
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
content-length: 0

GET
H/1.1

200
OK

sync Show response
ups.analytics.yahoo.com/ups/56465/
Redirect Chain

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=2094912092&gdpr=&gdpr_consent=&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=22...
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=2094912092&gdpr=&gdpr_consent=&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi...
https://pr-bh.ybp.yahoo.com/sync/adtech/VA307393dd-b961-11eb-8ad4-068489b665ff?gdpr=1&gdpr_consent=&nsync=1
https://pixel.advertising.com/ups/56465/sync?uid=y-zCJMoIlE2p7YcgSkmNICXYRbKu.G1nUJrdcW~A&_origin=0&nsync=1
https://pixel.advertising.com/ups/56465/sync?uid=y-zCJMoIlE2p7YcgSkmNICXYRbKu.G1nUJrdcW~A&_origin=0&nsync=1&verify=true
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-zCJMoIlE2p7YcgSkmNICXYRbKu.G1nUJrdcW~A&_origin=0&nsync=1&apid=UP32c3c8fb-b961-11eb-af25-02855fc39000

227 B
1 KB

50ms
20ms

XHR
text/xml

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-zCJMoIlE2p7YcgSkmNICXYRbKu.G1nUJrdcW~A&_origin=0&nsync=1&apid=UP32c3c8fb-b961-11eb-af25-02855fc39000

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.128 /

Resource Hash

6b36889bd724c683ff092fa2b909a8752a9d505004410d3e404a308f2873b51e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 11:47:48 GMT
Strict-Transport-Security: max-age=31536000
Server: ATS/7.1.2.128
Age: 0
Vary: Origin
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Access-Control-Allow-Origin: null
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/xml;charset=UTF-8
Transfer-Encoding: chunked

Redirect headers

date: Thu, 20 May 2021 11:47:47 GMT
location: https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-zCJMoIlE2p7YcgSkmNICXYRbKu.G1nUJrdcW~A&_origin=0&nsync=1&apid=UP32c3c8fb-b961-11eb-af25-02855fc39000
vary: Origin
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin: null
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
content-length: 0

GET
H/1.1

200
OK

sync Show response
ups.analytics.yahoo.com/ups/56465/
Redirect Chain

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=342308393&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi...
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=342308393&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.wid...
https://pr-bh.ybp.yahoo.com/sync/adtech/VA307393dd-b961-11eb-8ad4-068489b665ff?gdpr=1&gdpr_consent=&nsync=1
https://pixel.advertising.com/ups/56465/sync?uid=y-m0OeXWVE2p4B7Zw1NYkGcczVhrVuxXtnSZ22~A&_origin=0&nsync=1
https://pixel.advertising.com/ups/56465/sync?uid=y-m0OeXWVE2p4B7Zw1NYkGcczVhrVuxXtnSZ22~A&_origin=0&nsync=1&verify=true
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-m0OeXWVE2p4B7Zw1NYkGcczVhrVuxXtnSZ22~A&_origin=0&nsync=1&apid=UP32c353bf-b961-11eb-bc4d-06ae1a11dd7e

227 B
1 KB

53ms
20ms

XHR
text/xml

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-m0OeXWVE2p4B7Zw1NYkGcczVhrVuxXtnSZ22~A&_origin=0&nsync=1&apid=UP32c353bf-b961-11eb-bc4d-06ae1a11dd7e

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.128 /

Resource Hash

6b36889bd724c683ff092fa2b909a8752a9d505004410d3e404a308f2873b51e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 11:47:48 GMT
Strict-Transport-Security: max-age=31536000
Server: ATS/7.1.2.128
Age: 0
Vary: Origin
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Access-Control-Allow-Origin: null
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/xml;charset=UTF-8
Transfer-Encoding: chunked

Redirect headers

date: Thu, 20 May 2021 11:47:47 GMT
location: https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-m0OeXWVE2p4B7Zw1NYkGcczVhrVuxXtnSZ22~A&_origin=0&nsync=1&apid=UP32c353bf-b961-11eb-bc4d-06ae1a11dd7e
vary: Origin
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin: null
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
content-length: 0

GET
H/1.1

200
OK

sync Show response
ups.analytics.yahoo.com/ups/56465/
Redirect Chain

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=898011742&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=...
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=898011742&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&sc...
https://pr-bh.ybp.yahoo.com/sync/adtech/VA307393dd-b961-11eb-8ad4-068489b665ff?gdpr=1&gdpr_consent=&nsync=1
https://pixel.advertising.com/ups/56465/sync?uid=y-URwyG5BE2p72MXpTc6ZQgD7Vi8f2LskGoTyY~A&_origin=0&nsync=1
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-URwyG5BE2p72MXpTc6ZQgD7Vi8f2LskGoTyY~A&_origin=0&nsync=1&apid=UP32c3c8fb-b961-11eb-af25-02855fc39000

227 B
1 KB

21ms
20ms

XHR
text/xml

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-URwyG5BE2p72MXpTc6ZQgD7Vi8f2LskGoTyY~A&_origin=0&nsync=1&apid=UP32c3c8fb-b961-11eb-af25-02855fc39000

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.128 /

Resource Hash

6b36889bd724c683ff092fa2b909a8752a9d505004410d3e404a308f2873b51e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 11:47:48 GMT
Strict-Transport-Security: max-age=31536000
Server: ATS/7.1.2.128
Age: 0
Vary: Origin
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Access-Control-Allow-Origin: null
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/xml;charset=UTF-8
Transfer-Encoding: chunked

Redirect headers

date: Thu, 20 May 2021 11:47:48 GMT
location: https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-URwyG5BE2p72MXpTc6ZQgD7Vi8f2LskGoTyY~A&_origin=0&nsync=1&apid=UP32c3c8fb-b961-11eb-af25-02855fc39000
vary: Origin
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin: null
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
content-length: 0

GET
H/1.1

200
OK

sync Show response
ups.analytics.yahoo.com/ups/56465/
Redirect Chain

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1081693236&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&...
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1081693236&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.h...
https://pr-bh.ybp.yahoo.com/sync/adtech/VA307393dd-b961-11eb-8ad4-068489b665ff?gdpr=1&gdpr_consent=&nsync=1
https://pixel.advertising.com/ups/56465/sync?uid=y-tWpQVStE2p47vjwsQDRKLY_3DFAo2DxL2EHB~A&_origin=0&nsync=1
https://pixel.advertising.com/ups/56465/sync?uid=y-tWpQVStE2p47vjwsQDRKLY_3DFAo2DxL2EHB~A&_origin=0&nsync=1&verify=true
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-tWpQVStE2p47vjwsQDRKLY_3DFAo2DxL2EHB~A&_origin=0&nsync=1&apid=UP32c2b769-b961-11eb-8fe6-06a224eca24a

227 B
1 KB

20ms
20ms

XHR
text/xml

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-tWpQVStE2p47vjwsQDRKLY_3DFAo2DxL2EHB~A&_origin=0&nsync=1&apid=UP32c2b769-b961-11eb-8fe6-06a224eca24a

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.128 /

Resource Hash

6b36889bd724c683ff092fa2b909a8752a9d505004410d3e404a308f2873b51e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 11:47:47 GMT
Strict-Transport-Security: max-age=31536000
Server: ATS/7.1.2.128
Age: 0
Vary: Origin
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Access-Control-Allow-Origin: null
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/xml;charset=UTF-8
Transfer-Encoding: chunked

Redirect headers

date: Thu, 20 May 2021 11:47:47 GMT
location: https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-tWpQVStE2p47vjwsQDRKLY_3DFAo2DxL2EHB~A&_origin=0&nsync=1&apid=UP32c2b769-b961-11eb-8fe6-06a224eca24a
vary: Origin
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin: null
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
content-length: 0

GET
H/1.1 200
OK vtag Show response
vast.emxdgt.com/ 27 B
339 B 140ms
133ms XHR
application/xml 18.235.138.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://vast.emxdgt.com/vtag?tagid=97333&site.page=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&maxduration=119&skip=0&site.domain=eotimedopovo.com.br&device.ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&device.type=2&device.make=Google&device.model=Chrome%20-%20Windows&w=400&h=225&mimes=video%2Fmp4%2Cvideo%2Fweb%2Cvideo%2Fx-ms-wmv%2Capplication%2Fjavascript&protocols=2%2C3%2C5%2C6&placement=1&linearity=1&minduration=2&minbitrate=200&maxbitrate=10000&playbackmethod=1&maxextend=-1&boxingallowed=0&publisher.name=0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.235.138.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-235-138-170.compute-1.amazonaws.com
Software: /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 11:47:46 GMT
Content-Type: application/xml
Access-Control-Allow-Origin: https://www.eotimedopovo.com.br
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Access-Control-Allow-Headers: security, Content-Type
Content-Length: 27

GET
H2

200

av Show response
vidoomy-d.openx.net/v/1.0/
Redirect Chain

https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&cb=886236449&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C3636710294731955763...
https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&cb=886236449&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C36367102947319...

48 B
248 B

86ms
86ms

XHR
text/xml

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&cb=886236449&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C3636710294731955763905944764,,
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.207.0 /
Resource Hash: a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 May 2021 11:47:47 GMT
content-encoding: gzip
server: OXGW/16.207.0
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.eotimedopovo.com.br
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: text/xml
alt-svc: clear
content-length: 56
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Thu, 20 May 2021 11:47:47 GMT
via: 1.1 google
server: OXGW/16.207.0
location: https://vidoomy-d.openx.net/v/1.0/av?cc=1&auid=540805079&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&cb=886236449&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C3636710294731955763905944764,,
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.eotimedopovo.com.br
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 107ms
107ms Preflight
text/plain 146.20.132.134
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.eotimedopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Thu, 20 May 2021 11:47:48 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.eotimedopovo.com.br

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 107ms
107ms Preflight
text/plain 146.20.132.134
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.eotimedopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Thu, 20 May 2021 11:47:48 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.eotimedopovo.com.br

POST
H2 200 t Show response
t.lkqd.net/ Frame 5290 0
272 B 120ms
120ms XHR
text/plain 146.20.132.134
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.eotimedopovo.com.br
date: Thu, 20 May 2021 11:47:48 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

POST
H2 200 t Show response
t.lkqd.net/ Frame 5290 0
272 B 123ms
123ms XHR
text/plain 146.20.132.134
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.eotimedopovo.com.br
date: Thu, 20 May 2021 11:47:48 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 ad Show response
v.lkqd.net/ Frame 5292 2 KB
2 KB 115ms
114ms XHR
application/xml 146.20.132.205
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1092910&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56560%2C1%2C&c4=&c5=&c6=56560&rnd=90665081&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.205 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: aee4c68670a53c7d36415fb89670deb3b81e76799e790ce564ee40bd53ae8580

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:48 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://www.eotimedopovo.com.br
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 1380

GET
H2 200 vpaid.js Show response
ad.lkqd.net/vpaid/ Frame E033 230 KB
61 KB 21ms
20ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: ef50960ff4008e29ce90d5fbf828aafc92f1df70f59fb672fa3884fdd2017a5f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:48 GMT
content-encoding: gzip
last-modified: Mon, 10 May 2021 16:09:54 GMT
etag: "18431b5d583ab7507824ab63424fc76a"
x-hw: 1621511268.cds151.fr8.hn,1621511268.cds107.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 62012

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame B916 4 KB
2 KB 20ms
20ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: f1b84287f024bbd570be1f1bc70c321931025ffacde7b25210dcc1ccc0575591

Request headers

:method: GET
:authority: ad.lkqd.net
:scheme: https
:path: /cookie-sync/usync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: lkqdidts=1621511268; lkqdid=qu_UChsShAo
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:48 GMT
content-encoding: gzip
content-length: 1828
content-type: text/html
last-modified: Mon, 12 Apr 2021 19:06:23 GMT
accept-ranges: bytes
etag: "27034f886617b8db418f17a7a29a7e50"
cache-control: public, max-age=1209600
x-hw: 1621511268.cds151.fr8.hn,1621511268.cds226.fr8.c
access-control-allow-origin: *

POST
H2 200 ad Show response
v.lkqd.net/ Frame E033 93 KB
7 KB 136ms
136ms XHR
application/json 146.20.132.205
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1092910&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56560%2C1%2C&c4=&c5=&c6=56560&rnd=90665081&m=&rtv=1&thost=www.eotimedopovo.com.br
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.205 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: b56ebee7acc9acccb9f8a7858a612a1a7120a7e5142bf22cd3d210cd4f7d8aca

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 20 May 2021 11:47:49 GMT
content-encoding: gzip
server: nginx
content-type: application/json
access-control-allow-origin: https://www.eotimedopovo.com.br
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 6723

OPTIONS
H2 200 ad
v.lkqd.net/ Frame 0
0 107ms
107ms Preflight 146.20.132.205
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1092910&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56560%2C1%2C&c4=&c5=&c6=56560&rnd=90665081&m=&rtv=1&thost=www.eotimedopovo.com.br
Protocol: H2
Server: 146.20.132.205 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.eotimedopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Thu, 20 May 2021 11:47:48 GMT
content-length: 0
access-control-allow-origin: https://www.eotimedopovo.com.br
access-control-max-age: 300
cache-control: max-age=300
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-credentials: true

GET
H2

451

464986.gif
idsync.rlcdn.com/ Frame B916
Redirect Chain

https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if
https://idsync.rlcdn.com/464986.gif?partner_uid=qu_UChsShAo

0
42 B

26ms
25ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/464986.gif?partner_uid=qu_UChsShAo
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:49 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

Redirect headers

date: Thu, 20 May 2021 11:47:48 GMT
server: nginx
location: https://idsync.rlcdn.com/464986.gif?partner_uid=qu_UChsShAo
access-control-max-age: 0
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 0

GET
H2

200

cs
cs.lkqd.net/ Frame B916
Redirect Chain

https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252...
https://cs.krushmedia.com/cd607442bfdf172cfcec45014a5f4ece.gif?puid=qu_UChsShAo&redir=https://cs.lkqd.net/cs?partnerId%3D102%26partnerUserId%3D%5BUID%5D
https://cs.lkqd.net/cs?partnerId=102&partnerUserId=0948d5c6-e961-4d18-943a-a59bb26a4fd0

43 B
402 B

108ms
107ms

Image
image/gif

146.20.132.67
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=102&partnerUserId=0948d5c6-e961-4d18-943a-a59bb26a4fd0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:49 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

Pragma: no-cache
Date: Thu, 20 May 2021 11:47:49 GMT
Server: nginx
Transfer-Encoding: chunked
Location: https://cs.lkqd.net/cs?partnerId=102&partnerUserId=0948d5c6-e961-4d18-943a-a59bb26a4fd0
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H2

200

NXST
c.deployads.com/cs/ Frame B916
Redirect Chain

https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
https://c.deployads.com/cs/NXST?b=qu_UChsShAo

43 B
284 B

37ms
37ms

Image
image/gif

52.30.95.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.deployads.com/cs/NXST?b=qu_UChsShAo
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.95.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-95-9.eu-west-1.compute.amazonaws.com
Software: SortableCactus/1.0 /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 May 2021 11:47:49 GMT
cache-control: no-cache
server: SortableCactus/1.0
content-type: image/gif
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Thu, 20 May 2021 11:47:48 GMT
server: nginx
location: https://c.deployads.com/cs/NXST?b=qu_UChsShAo
access-control-max-age: 0
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 0

GET
H2

200

cs
cs.lkqd.net/ Frame B916
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3163667999545583664

43 B
390 B

108ms
108ms

Image
image/gif

146.20.132.67
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3163667999545583664
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:48 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3163667999545583664
pragma: no-cache
date: Thu, 20 May 2021 11:47:48 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

cs
cs.lkqd.net/ Frame B916
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=161
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=eS7-UnPgQWRWj2qD77kZQiV4iZQ

43 B
398 B

108ms
108ms

Image
image/gif

146.20.132.67
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=eS7-UnPgQWRWj2qD77kZQiV4iZQ
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:49 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

Location: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=eS7-UnPgQWRWj2qD77kZQiV4iZQ
Date: Thu, 20 May 2021 11:47:48 GMT
Connection: keep-alive
Content-Length: 104
Content-Type: text/html; charset=utf-8

POST
H2 200 t Show response
t.lkqd.net/ Frame 1AA2 0
170 B 111ms
109ms XHR
text/plain 146.20.132.134
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.eotimedopovo.com.br
date: Thu, 20 May 2021 11:47:49 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 108ms
108ms Preflight
text/plain 146.20.132.134
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.eotimedopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Thu, 20 May 2021 11:47:49 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.eotimedopovo.com.br

GET
H2

200

cs
cs.lkqd.net/ Frame E033
Redirect Chain

https://sync.tidaltv.com/genericusersync.ashx?dpid=3162
https://cs.lkqd.net/cs?partnerId=23&partnerUserId=42145d48-f16a-4cf0-96a2-87ec9ed1cbee&gdpr=1&gdpr_consent=

43 B
308 B

107ms
107ms

Image
image/gif

146.20.132.67
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=23&partnerUserId=42145d48-f16a-4cf0-96a2-87ec9ed1cbee&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:49 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

pragma: no-cache
date: Thu, 20 May 2021 11:47:49 GMT
server: Apache-Coyote/1.1
location: https://cs.lkqd.net/cs?partnerId=23&partnerUserId=42145d48-f16a-4cf0-96a2-87ec9ed1cbee&gdpr=1&gdpr_consent=
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

GET
H2

204

/
loadm.exelator.com/load/ Frame E033
Redirect Chain

https://sync.tidaltv.com/genericusersync.ashx?dpid=lkqd
https://sb.scorecardresearch.com/p?c1=9&c2=5989497&cs_xi=42145d48-f16a-4cf0-96a2-87ec9ed1cbee&rn=TIMESTAMP&cs_xs=3315&r=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1266&gdpr=1&gd...
https://sync.tidaltv.com/genericusersync.ashx?dpid=1266
https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzMxODMxNDE0/mpuid/42145d48-f16a-4cf0-96a2-87ec9ed1cbee/rnd/0/url/https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1261%2F&gdpr=1&gdpr_consent=
https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1261%2F&gdpr=1&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=445&dpuuid=42145d48-f16a-4cf0-96a2-87ec9ed1cbee?redir=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1262&gdpr=1&gdpr_consent=
https://sync.tidaltv.com/genericusersync.ashx?dpid=1262
https://tags.bluekai.com/site/5379?id=42145d48-f16a-4cf0-96a2-87ec9ed1cbee&redir=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1263&gdpr=1&gdpr_consent=
https://sync.tidaltv.com/genericusersync.ashx?dpid=1263
https://loadm.exelator.com/load/?p=204&g=281&buid=42145d48-f16a-4cf0-96a2-87ec9ed1cbee&j=0&ru=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1265&gdpr=1&gdpr_consent=

0
324 B

22ms
22ms

Image
text/plain

18.198.69.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=281&buid=42145d48-f16a-4cf0-96a2-87ec9ed1cbee&j=0&ru=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1265&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:49 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

pragma: no-cache
date: Thu, 20 May 2021 11:47:49 GMT
server: Apache-Coyote/1.1
location: https://loadm.exelator.com/load/?p=204&g=281&buid=42145d48-f16a-4cf0-96a2-87ec9ed1cbee&j=0&ru=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1265&gdpr=1&gdpr_consent=
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

GET
H2 200 p-E357uSpKxfQzx.gif
cms.quantserve.com/pixel/ Frame E033 35 B
371 B 11ms
9ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/pixel/p-E357uSpKxfQzx.gif?idmatch=0

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 May 2021 11:47:49 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200
OK lkq
match.prod.bidr.io/cookie-sync/ Frame E033 43 B
430 B 46ms
45ms Image
image/gif 52.19.106.86
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/lkq

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.19.106.86 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
Date: Thu, 20 May 2021 11:47:49 GMT
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
content-type: image/gif
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK cm
p.rfihub.com/ Frame E033 42 B
614 B 35ms
34ms Image
image/gif 193.0.160.129
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.rfihub.com/cm?pub=35678&in=1
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 193.0.160.129 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 11:47:49 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Type: image/gif
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

cs
cs.lkqd.net/ Frame E033
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=161
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=eS7-UnPgQWRWj2qD77kZQiV4iZQ

43 B
398 B

111ms
110ms

Image
image/gif

146.20.132.67
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=eS7-UnPgQWRWj2qD77kZQiV4iZQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:49 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

Location: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=eS7-UnPgQWRWj2qD77kZQiV4iZQ
Date: Thu, 20 May 2021 11:47:49 GMT
Connection: keep-alive
Content-Length: 104
Content-Type: text/html; charset=utf-8

GET
H2

200

cs
cs.lkqd.net/ Frame E033
Redirect Chain

https://ad.turn.com/r/cs?pid=65
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3163667999545583664

43 B
390 B

108ms
108ms

Image
image/gif

146.20.132.67
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3163667999545583664
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:49 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3163667999545583664
pragma: no-cache
date: Thu, 20 May 2021 11:47:48 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1 200
OK CookieSyncLKQD
rtb.adentifi.com/ Frame E033 0
88 B 112ms
110ms Image
text/plain 52.45.128.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adentifi.com/CookieSyncLKQD
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.128.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0
Content-Type: text/plain

GET
H2

200

cs
cs.lkqd.net/ Frame E033
Redirect Chain

https://sync.1rx.io/usersync2/lkqd
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2969674725
https://sync.1rx.io/usersync/tradedesk/5512846e-bcba-4197-b122-7912e75eb50e
https://sync.targeting.unrulymedia.com/csync/RX-14285006-9f45-4d02-b5c4-d4ac3ea206ca-003?redir=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D7%26partnerUserId%3DRX-14285006-9f45-4d02-b5c4-d4ac3ea206...
https://cs.lkqd.net/cs?partnerId=7&partnerUserId=RX-14285006-9f45-4d02-b5c4-d4ac3ea206ca-003

43 B
406 B

108ms
107ms

Image
image/gif

146.20.132.67
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=7&partnerUserId=RX-14285006-9f45-4d02-b5c4-d4ac3ea206ca-003
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:49 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=7&partnerUserId=RX-14285006-9f45-4d02-b5c4-d4ac3ea206ca-003
date: Thu, 20 May 2021 11:47:49 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX142850069f454d02b5c4d4ac3ea206ca003
content-type: text/html

GET
H2

200

cs
cs.lkqd.net/ Frame E033
Redirect Chain

https://x.bidswitch.net/sync?ssp=lkqd
https://x.bidswitch.net/ul_cb/sync?ssp=lkqd
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dlkqd%26expires%3D30%26user_group%3D%24%7BU...
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dlkqd%26expires%3D30%26user_group%3D%24%7BU...
https://x.bidswitch.net/sync?dsp_id=429&user_id=a0b51c11-e555-518c-a123-c9ddc18585b8&ssp=lkqd&expires=30&user_group=1
https://cs.lkqd.net/cs?partnerId=12&partnerUserId=fe994ebe-b114-4f08-a346-1fe5094d61b2&redirect=%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D43%26partnerUserId%3Dfe994ebe-b114-4f08-a346-1fe5094d61b2%26redi...
https://cs.lkqd.net/cs?partnerId=43&partnerUserId=fe994ebe-b114-4f08-a346-1fe5094d61b2&redirect=//cs.lkqd.net/cs?partnerId%3D46%26partnerUserId%3Dfe994ebe-b114-4f08-a346-1fe5094d61b2
https://cs.lkqd.net/cs?partnerId=46&partnerUserId=fe994ebe-b114-4f08-a346-1fe5094d61b2

43 B
401 B

129ms
129ms

Image
image/gif

146.20.132.67
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=46&partnerUserId=fe994ebe-b114-4f08-a346-1fe5094d61b2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:49 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

date: Thu, 20 May 2021 11:47:49 GMT
server: nginx
location: //cs.lkqd.net/cs?partnerId=46&partnerUserId=fe994ebe-b114-4f08-a346-1fe5094d61b2
access-control-max-age: 0
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 0

GET
H2

200

cs
cs.lkqd.net/ Frame E033
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=e0d6q5j&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=e0d6q5j&ttd_tpi=1
https://cs.lkqd.net/cs?partnerId=22&partnerUserId=5512846e-bcba-4197-b122-7912e75eb50e

43 B
401 B

108ms
108ms

Image
image/gif

146.20.132.67
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=22&partnerUserId=5512846e-bcba-4197-b122-7912e75eb50e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:49 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

pragma: no-cache
date: Thu, 20 May 2021 11:47:49 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cs.lkqd.net/cs?partnerId=22&partnerUserId=5512846e-bcba-4197-b122-7912e75eb50e
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 203

GET
H2

200

cs
cs.lkqd.net/ Frame E033
Redirect Chain

https://gu.dyntrk.com/adx/lkqd/us.php?dynk=l1k4q1d4&gdpr=&gdpr_consent=
https://gu.dyntrk.com/adx/lkqd/us.php?dynk=l1k4q1d4&gdpr=&gdpr_consent=&prevuid=03030002_60a64c6528549&knw=0
https://cs.lkqd.net/cs?partnerId=25&partnerUserId=03030002_60a64c6528549

43 B
391 B

110ms
110ms

Image
image/gif

146.20.132.67
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=25&partnerUserId=03030002_60a64c6528549
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:49 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

date: Thu, 20 May 2021 11:47:49 GMT
server: nginx
access-control-allow-origin: *
transfer-encoding: chunked
access-control-allow-methods: POST, GET, OPTIONS
p3p: CP="NOI DEV OUR BUS UNI"
location: https://cs.lkqd.net/cs?partnerId=25&partnerUserId=03030002_60a64c6528549
cache-control: no-cache
content-type: text/html; charset=UTF-8
access-control-allow-headers: Origin
keep-alive: timeout=10

GET
H2

200

cs
cs.lkqd.net/ Frame E033
Redirect Chain

https://media.sabio.us/imp_pixel?invsrc=11&secure=1
https://cs.lkqd.net/cs?partnerId=39&partnerUserId=4506489259793383308

43 B
390 B

108ms
107ms

Image
image/gif

146.20.132.67
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=39&partnerUserId=4506489259793383308
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:49 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=39&partnerUserId=4506489259793383308
date: Thu, 20 May 2021 11:47:49 GMT
server: Apache/2.4.23 (Unix)
content-length: 257
content-type: text/html; charset=iso-8859-1

GET
H2

200

cs
cs.lkqd.net/ Frame E033
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/aUTuBPNf?redir=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D52%26partnerUserId%3D%24%7BUSER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/aUTuBPNf?redir=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D52%26partnerUserId%3D%24%7BUSER_ID%7D&_test=YKZMZQABKaARjgA4
https://cs.lkqd.net/cs?partnerId=52&partnerUserId=YKZMZQABKaARjgA4&_test=YKZMZQABKaARjgA4

43 B
389 B

108ms
107ms

Image
image/gif

146.20.132.67
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=52&partnerUserId=YKZMZQABKaARjgA4&_test=YKZMZQABKaARjgA4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:49 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

pragma: no-cache
date: Thu, 20 May 2021 11:47:49 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1621511269.345493,VS0,VE0
x-served-by: cache-fra19138-FRA
x-cache: HIT
location: https://cs.lkqd.net/cs?partnerId=52&partnerUserId=YKZMZQABKaARjgA4&_test=YKZMZQABKaARjgA4
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

cs
cs.lkqd.net/ Frame E033
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=561322&ev=1&rurl=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D53%26partnerUserId%3D%25%25VGUID%25%25
https://cs.lkqd.net/cs?partnerId=53&partnerUserId=QrSP8scRswXR&ev=1&pid=561322

43 B
386 B

109ms
109ms

Image
image/gif

146.20.132.67
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=53&partnerUserId=QrSP8scRswXR&ev=1&pid=561322
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:49 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
location: https://cs.lkqd.net/cs?partnerId=53&partnerUserId=QrSP8scRswXR&ev=1&pid=561322
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-686fd4fb4c-twtmv
expires: -1

GET
H2 451 464986.gif
idsync.rlcdn.com/ Frame E033 0
42 B 25ms
25ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/464986.gif?partner_uid=qu_UChsShAo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:49 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

GET
H2

200

cs
cs.lkqd.net/ Frame E033
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm&google_hm=cXVfVUNoc1NoQW8
https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESENSXdxoJp1uFzXPMCeTejgw&google_cver=1

43 B
398 B

111ms
109ms

Image
image/gif

146.20.132.67
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESENSXdxoJp1uFzXPMCeTejgw&google_cver=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:49 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

pragma: no-cache
date: Thu, 20 May 2021 11:47:49 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESENSXdxoJp1uFzXPMCeTejgw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 296
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET

i.match
s.tribalfusion.com/z/ Frame E033
Redirect Chain

https://a.tribalfusion.com/i.match?p=b30&u=qu_UChsShAo&redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D85%26partnerUserId%3D%24TF_USER_ID_ENC%24
https://s.tribalfusion.com/z/i.match?p=b30&u=qu_UChsShAo&redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D85%26partnerUserId%3D%24TF_USER_ID_ENC%24

0
0

GET
H2

200

cs
cs.lkqd.net/ Frame E033
Redirect Chain

https://nxd.adhaven.com/bid-engine/cs/2e288610711ad6050acd86a3fc72a6c3/v1?rd=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D90%26partnerUserId%3D%24UID
https://cs.lkqd.net/cs?partnerId=90&partnerUserId=4c_5abfd22e-e72c-4fcd-8e8b-6301405c84ca

43 B
403 B

109ms
108ms

Image
image/gif

146.20.132.67
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=90&partnerUserId=4c_5abfd22e-e72c-4fcd-8e8b-6301405c84ca
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:49 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

location: https://cs.lkqd.net/cs?partnerId=90&partnerUserId=4c_5abfd22e-e72c-4fcd-8e8b-6301405c84ca
date: Thu, 20 May 2021 11:47:49 GMT
via: 1.1 google
server: WildFly/10
x-powered-by: Undertow/1
alt-svc: clear
content-length: 0

GET
H2

200

cs
cs.lkqd.net/ Frame E033
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=118
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=118
https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=f6d2e308-ad07-4b59-810c-70feba95f015-60a64c65-4348&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_i...
https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=f6d2e308-ad07-4b59-810c-70feba95f015-60a64c65-4348&partner_url=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D97%26partnerUser...
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=f6d2e308-ad07-4b59-810c-70feba95f015-60a64c65-4348&partner_url=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D97%26partn...
https://cs.lkqd.net/cs?partnerId=97&partnerUserId=f6d2e308-ad07-4b59-810c-70feba95f015-60a64c65-4348

43 B
411 B

108ms
108ms

Image
image/gif

146.20.132.67
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=97&partnerUserId=f6d2e308-ad07-4b59-810c-70feba95f015-60a64c65-4348
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:49 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

date: Thu, 20 May 2021 11:47:49 GMT
via: 1.1 google
server: Jetty(9.4.36.v20210114)
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://cs.lkqd.net/cs?partnerId=97&partnerUserId=f6d2e308-ad07-4b59-810c-70feba95f015-60a64c65-4348
alt-svc: clear
content-length: 0

GET
H2 200 NXST
c.deployads.com/cs/ Frame E033 43 B
284 B 36ms
36ms Image
image/gif 52.30.95.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.deployads.com/cs/NXST?b=qu_UChsShAo
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.95.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-95-9.eu-west-1.compute.amazonaws.com
Software: SortableCactus/1.0 /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 May 2021 11:47:49 GMT
cache-control: no-cache
server: SortableCactus/1.0
content-type: image/gif
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

cs
cs.lkqd.net/ Frame E033
Redirect Chain

https://cs.krushmedia.com/cd607442bfdf172cfcec45014a5f4ece.gif?puid=qu_UChsShAo&redir=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D102%26partnerUserId%3D%5BUID%5D
https://cs.lkqd.net/cs?partnerId=102&partnerUserId=0948d5c6-e961-4d18-943a-a59bb26a4fd0

43 B
402 B

108ms
108ms

Image
image/gif

146.20.132.67
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=102&partnerUserId=0948d5c6-e961-4d18-943a-a59bb26a4fd0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:49 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

Pragma: no-cache
Date: Thu, 20 May 2021 11:47:49 GMT
Server: nginx
Transfer-Encoding: chunked
Location: https://cs.lkqd.net/cs?partnerId=102&partnerUserId=0948d5c6-e961-4d18-943a-a59bb26a4fd0
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

GET
H2 400 lkqd
event.clientgear.com/cookie/ Frame E033 0
0 202ms
202ms Image
text/html 47.252.78.131
CNNIC-ALIBABA-US-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://event.clientgear.com/cookie/lkqd?partner=lkqd&cookieid=qu_UChsShAo&uid={ymcookie}
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.252.78.131 , United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 / Show response
adx.adform.net/adx/ 65 B
654 B 125ms
119ms XHR
text/xml 37.157.2.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?mid=970530&t=2&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:49 GMT
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 173
pragma: no-cache
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: text/xml; charset=utf-8
access-control-allow-origin: https://www.eotimedopovo.com.br
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H/1.1 200
OK 218947 Show response
search.spotxchange.com/vast/2.0/ 67 B
1 KB 52ms
48ms XHR
text/xml 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.0/218947?VPAID=JS&content_page_url=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&cb=1426333600&player_width=400&player_height=225&media_transcoding=low&ip_addr=37.120.137.148&device[ua]=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&regs[gdpr]=&user[consent]=&device[geo][lat]=47.3925&device[geo][lon]=8.4546&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C83294327965832855251451566479%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 11:47:49 GMT
Content-Encoding: gzip
X-SpotX-Timing-Transform: 0.000312
X-SpotX-Timing-SpotMarket: 0.012472
X-SpotX-Timing-Page-Mux: 0.002437
X-SpotX-Timing-Page-Require: 0.000504
X-fe: 030
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000028
Content-Length: 77
X-SpotX-Timing-Page: 0.021060
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000576
Last-Modified: Thu, 20 May 2021 11:47:49 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Vary: Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary: 0.012472
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.eotimedopovo.com.br
X-SpotX-Timing-Page-Misc: 0.004716
X-SpotX-Timing-Page-Exception: 0.000000
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000015
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 tag Show response
4cywq-eqnre.ads.tremorhub.com/ad/ 119 B
463 B 415ms
220ms XHR
text/xml 2600:1f18:612b:4200:dadf:a359:f0cd:5654
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://4cywq-eqnre.ads.tremorhub.com/ad/tag?adCode=4cywq-7ivfu&playerWidth=400&playerHeight=225&srcPageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C17816318208329432796583285525%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4200:dadf:a359:f0cd:5654 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 5616a6e1823b43919f7d1a33817cccfa1d9f30c9f10f2deb00d9c3671f91d5f0

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 May 2021 11:47:49 GMT
content-encoding: gzip
server: Apache-Coyote/1.1
vary: accept-encoding
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin: https://www.eotimedopovo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-tremorvideo-status: NO_AD
content-type: text/xml;charset=UTF-8

GET
H2 200 av Show response
vidoomy-d.openx.net/v/1.0/ 48 B
248 B 118ms
111ms XHR
text/xml 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&cb=105370352&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C83294327965832855251622310996,,
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.207.0 /
Resource Hash: a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 May 2021 11:47:49 GMT
content-encoding: gzip
server: OXGW/16.207.0
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.eotimedopovo.com.br
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: text/xml
alt-svc: clear
content-length: 56
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

sync Show response
ups.analytics.yahoo.com/ups/56465/
Redirect Chain

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=674399562&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&pi.width=400&pi.height=225&pi.viewable=1&scpid=...
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=674399562&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&pi.width=400&pi.height=225&pi.viewable=1&scpid=5656...
https://pr-bh.ybp.yahoo.com/sync/adtech/UP32c3c8fb-b961-11eb-af25-02855fc39000?gdpr=1&gdpr_consent=&nsync=1
https://pixel.advertising.com/ups/56465/sync?uid=y-URwyG5BE2p72MXpTc6ZQgD7Vi8f2LskGoTyY~A&_origin=0&nsync=1
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-URwyG5BE2p72MXpTc6ZQgD7Vi8f2LskGoTyY~A&_origin=0&nsync=1&apid=UP32c3c8fb-b961-11eb-af25-02855fc39000

227 B
1 KB

56ms
55ms

XHR
text/xml

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-URwyG5BE2p72MXpTc6ZQgD7Vi8f2LskGoTyY~A&_origin=0&nsync=1&apid=UP32c3c8fb-b961-11eb-af25-02855fc39000

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.128 /

Resource Hash

6b36889bd724c683ff092fa2b909a8752a9d505004410d3e404a308f2873b51e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 11:47:49 GMT
Strict-Transport-Security: max-age=31536000
Server: ATS/7.1.2.128
Age: 0
Vary: Origin
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Access-Control-Allow-Origin: null
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/xml;charset=UTF-8
Transfer-Encoding: chunked

Redirect headers

date: Thu, 20 May 2021 11:47:49 GMT
location: https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-URwyG5BE2p72MXpTc6ZQgD7Vi8f2LskGoTyY~A&_origin=0&nsync=1&apid=UP32c3c8fb-b961-11eb-af25-02855fc39000
vary: Origin
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin: null
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
content-length: 0

GET
H/1.1

200
OK

sync Show response
ups.analytics.yahoo.com/ups/56465/
Redirect Chain

https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=1420329705&gdpr=&gdpr_consent=&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&a.ip=37.120.137.148&a...
https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHZZQf70KjSEs=?cb=1420329705&gdpr=&gdpr_consent=&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&a.ip=37.120.137.148&a.ua=...
https://pr-bh.ybp.yahoo.com/sync/adtech/UP32c3c8fb-b961-11eb-af25-02855fc39000?gdpr=1&gdpr_consent=&nsync=1
https://pixel.advertising.com/ups/56465/sync?uid=y-URwyG5BE2p72MXpTc6ZQgD7Vi8f2LskGoTyY~A&_origin=0&nsync=1
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-URwyG5BE2p72MXpTc6ZQgD7Vi8f2LskGoTyY~A&_origin=0&nsync=1&apid=UP32c3c8fb-b961-11eb-af25-02855fc39000

227 B
1 KB

66ms
66ms

XHR
text/xml

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-URwyG5BE2p72MXpTc6ZQgD7Vi8f2LskGoTyY~A&_origin=0&nsync=1&apid=UP32c3c8fb-b961-11eb-af25-02855fc39000

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.128 /

Resource Hash

6b36889bd724c683ff092fa2b909a8752a9d505004410d3e404a308f2873b51e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 11:47:49 GMT
Strict-Transport-Security: max-age=31536000
Server: ATS/7.1.2.128
Age: 0
Vary: Origin
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Access-Control-Allow-Origin: null
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/xml;charset=UTF-8
Transfer-Encoding: chunked

Redirect headers

date: Thu, 20 May 2021 11:47:49 GMT
location: https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-URwyG5BE2p72MXpTc6ZQgD7Vi8f2LskGoTyY~A&_origin=0&nsync=1&apid=UP32c3c8fb-b961-11eb-af25-02855fc39000
vary: Origin
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin: null
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
content-length: 0

GET
H/1.1

200
OK

sync Show response
ups.analytics.yahoo.com/ups/56465/
Redirect Chain

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1685083178&gdpr=&gdpr_consent=&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=22...
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1685083178&gdpr=&gdpr_consent=&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi...
https://pr-bh.ybp.yahoo.com/sync/adtech/UP32c3c8fb-b961-11eb-af25-02855fc39000?gdpr=1&gdpr_consent=&nsync=1
https://pixel.advertising.com/ups/56465/sync?uid=y-URwyG5BE2p72MXpTc6ZQgD7Vi8f2LskGoTyY~A&_origin=0&nsync=1
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-URwyG5BE2p72MXpTc6ZQgD7Vi8f2LskGoTyY~A&_origin=0&nsync=1&apid=UP32c3c8fb-b961-11eb-af25-02855fc39000

227 B
1 KB

26ms
25ms

XHR
text/xml

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-URwyG5BE2p72MXpTc6ZQgD7Vi8f2LskGoTyY~A&_origin=0&nsync=1&apid=UP32c3c8fb-b961-11eb-af25-02855fc39000

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.128 /

Resource Hash

6b36889bd724c683ff092fa2b909a8752a9d505004410d3e404a308f2873b51e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 11:47:49 GMT
Strict-Transport-Security: max-age=31536000
Server: ATS/7.1.2.128
Age: 0
Vary: Origin
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Access-Control-Allow-Origin: null
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/xml;charset=UTF-8
Transfer-Encoding: chunked

Redirect headers

date: Thu, 20 May 2021 11:47:49 GMT
location: https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-URwyG5BE2p72MXpTc6ZQgD7Vi8f2LskGoTyY~A&_origin=0&nsync=1&apid=UP32c3c8fb-b961-11eb-af25-02855fc39000
vary: Origin
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin: null
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
content-length: 0

GET
H/1.1

200
OK

sync Show response
ups.analytics.yahoo.com/ups/56465/
Redirect Chain

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=1717271722&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&p...
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=1717271722&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.wi...
https://pr-bh.ybp.yahoo.com/sync/adtech/UP32c3c8fb-b961-11eb-af25-02855fc39000?gdpr=1&gdpr_consent=&nsync=1
https://pixel.advertising.com/ups/56465/sync?uid=y-URwyG5BE2p72MXpTc6ZQgD7Vi8f2LskGoTyY~A&_origin=0&nsync=1
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-URwyG5BE2p72MXpTc6ZQgD7Vi8f2LskGoTyY~A&_origin=0&nsync=1&apid=UP32c3c8fb-b961-11eb-af25-02855fc39000

227 B
1 KB

38ms
20ms

XHR
text/xml

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-URwyG5BE2p72MXpTc6ZQgD7Vi8f2LskGoTyY~A&_origin=0&nsync=1&apid=UP32c3c8fb-b961-11eb-af25-02855fc39000

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.128 /

Resource Hash

6b36889bd724c683ff092fa2b909a8752a9d505004410d3e404a308f2873b51e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 11:47:49 GMT
Strict-Transport-Security: max-age=31536000
Server: ATS/7.1.2.128
Age: 0
Vary: Origin
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Access-Control-Allow-Origin: null
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/xml;charset=UTF-8
Transfer-Encoding: chunked

Redirect headers

date: Thu, 20 May 2021 11:47:49 GMT
location: https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-URwyG5BE2p72MXpTc6ZQgD7Vi8f2LskGoTyY~A&_origin=0&nsync=1&apid=UP32c3c8fb-b961-11eb-af25-02855fc39000
vary: Origin
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin: null
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
content-length: 0

GET
H/1.1

200
OK

sync Show response
ups.analytics.yahoo.com/ups/56465/
Redirect Chain

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1028276186&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable...
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1028276186&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&s...
https://pr-bh.ybp.yahoo.com/sync/adtech/UP32c3c8fb-b961-11eb-af25-02855fc39000?gdpr=1&gdpr_consent=&nsync=1
https://pixel.advertising.com/ups/56465/sync?uid=y-URwyG5BE2p72MXpTc6ZQgD7Vi8f2LskGoTyY~A&_origin=0&nsync=1
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-URwyG5BE2p72MXpTc6ZQgD7Vi8f2LskGoTyY~A&_origin=0&nsync=1&apid=UP32c3c8fb-b961-11eb-af25-02855fc39000

227 B
1 KB

22ms
22ms

XHR
text/xml

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-URwyG5BE2p72MXpTc6ZQgD7Vi8f2LskGoTyY~A&_origin=0&nsync=1&apid=UP32c3c8fb-b961-11eb-af25-02855fc39000

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.128 /

Resource Hash

6b36889bd724c683ff092fa2b909a8752a9d505004410d3e404a308f2873b51e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 11:47:49 GMT
Strict-Transport-Security: max-age=31536000
Server: ATS/7.1.2.128
Age: 0
Vary: Origin
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Access-Control-Allow-Origin: null
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/xml;charset=UTF-8
Transfer-Encoding: chunked

Redirect headers

date: Thu, 20 May 2021 11:47:49 GMT
location: https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-URwyG5BE2p72MXpTc6ZQgD7Vi8f2LskGoTyY~A&_origin=0&nsync=1&apid=UP32c3c8fb-b961-11eb-af25-02855fc39000
vary: Origin
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin: null
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
content-length: 0

GET
H/1.1

200
OK

sync Show response
ups.analytics.yahoo.com/ups/56465/
Redirect Chain

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=2038623958&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&...
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=2038623958&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.h...
https://pr-bh.ybp.yahoo.com/sync/adtech/UP32c3c8fb-b961-11eb-af25-02855fc39000?gdpr=1&gdpr_consent=&nsync=1
https://pixel.advertising.com/ups/56465/sync?uid=y-URwyG5BE2p72MXpTc6ZQgD7Vi8f2LskGoTyY~A&_origin=0&nsync=1
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-URwyG5BE2p72MXpTc6ZQgD7Vi8f2LskGoTyY~A&_origin=0&nsync=1&apid=UP32c3c8fb-b961-11eb-af25-02855fc39000

227 B
1 KB

22ms
22ms

XHR
text/xml

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-URwyG5BE2p72MXpTc6ZQgD7Vi8f2LskGoTyY~A&_origin=0&nsync=1&apid=UP32c3c8fb-b961-11eb-af25-02855fc39000

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.128 /

Resource Hash

6b36889bd724c683ff092fa2b909a8752a9d505004410d3e404a308f2873b51e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 11:47:49 GMT
Strict-Transport-Security: max-age=31536000
Server: ATS/7.1.2.128
Age: 0
Vary: Origin
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Access-Control-Allow-Origin: null
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/xml;charset=UTF-8
Transfer-Encoding: chunked

Redirect headers

date: Thu, 20 May 2021 11:47:49 GMT
location: https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-URwyG5BE2p72MXpTc6ZQgD7Vi8f2LskGoTyY~A&_origin=0&nsync=1&apid=UP32c3c8fb-b961-11eb-af25-02855fc39000
vary: Origin
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin: null
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
content-length: 0

GET
H/1.1 200
OK vtag Show response
vast.emxdgt.com/ 27 B
339 B 131ms
128ms XHR
application/xml 18.235.138.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://vast.emxdgt.com/vtag?tagid=97333&site.page=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&maxduration=119&skip=0&site.domain=eotimedopovo.com.br&device.ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&device.type=2&device.make=Google&device.model=Chrome%20-%20Windows&w=400&h=225&mimes=video%2Fmp4%2Cvideo%2Fweb%2Cvideo%2Fx-ms-wmv%2Capplication%2Fjavascript&protocols=2%2C3%2C5%2C6&placement=1&linearity=1&minduration=2&minbitrate=200&maxbitrate=10000&playbackmethod=1&maxextend=-1&boxingallowed=0&publisher.name=0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.235.138.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-235-138-170.compute-1.amazonaws.com
Software: /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 11:47:48 GMT
Content-Type: application/xml
Access-Control-Allow-Origin: https://www.eotimedopovo.com.br
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Access-Control-Allow-Headers: security, Content-Type
Content-Length: 27

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ 1004 B
882 B 39ms
36ms XHR
application/xml 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C8757556648329432796583285525%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ecfb1be121d04d3335b1d2acf4eb001bc83d1c7d303de803cd1cabd71075ef6d

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 May 2021 11:47:49 GMT
content-encoding: gzip
server: Apache/2.2.15 (CentOS)
etag: "461ced-23ca-5b1869b8fc7b9"
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://www.eotimedopovo.com.br
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 617
expires: Thu, 20 May 2021 11:47:49 GMT

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 109ms
108ms Preflight
text/plain 146.20.132.134
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.eotimedopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Thu, 20 May 2021 11:47:49 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.eotimedopovo.com.br

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 108ms
108ms Preflight
text/plain 146.20.132.134
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.eotimedopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Thu, 20 May 2021 11:47:49 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.eotimedopovo.com.br

POST
H2 200 t Show response
t.lkqd.net/ Frame 1AA2 0
170 B 133ms
133ms XHR
text/plain 146.20.132.134
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.eotimedopovo.com.br
date: Thu, 20 May 2021 11:47:49 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

POST
H2 200 t Show response
t.lkqd.net/ Frame 1AA2 0
170 B 137ms
137ms XHR
text/plain 146.20.132.134
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.eotimedopovo.com.br
date: Thu, 20 May 2021 11:47:49 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H2 200 ad Show response
v.lkqd.net/ Frame 5292 2 KB
2 KB 113ms
112ms XHR
application/xml 146.20.132.205
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1092910&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56560%2C1%2C&c4=&c5=&c6=56560&rnd=6138523&m=
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.205 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: d2efb605dfe04529464fb5a698c789daf60cc91425c5bacdfebc3bcd06114f9c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:50 GMT
content-encoding: gzip
server: nginx
content-type: application/xml; charset=UTF-8
access-control-allow-origin: https://www.eotimedopovo.com.br
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 1380

GET
H2 200 vpaid.js Show response
ad.lkqd.net/vpaid/ Frame 19C7 230 KB
61 KB 21ms
20ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: ef50960ff4008e29ce90d5fbf828aafc92f1df70f59fb672fa3884fdd2017a5f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:50 GMT
content-encoding: gzip
last-modified: Mon, 10 May 2021 16:09:54 GMT
etag: "18431b5d583ab7507824ab63424fc76a"
x-hw: 1621511270.cds151.fr8.hn,1621511270.cds107.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1209600
accept-ranges: bytes
content-length: 62012

GET
H2 200 usync.html Show response
ad.lkqd.net/cookie-sync/ Frame 141B 4 KB
2 KB 20ms
19ms Document
text/html 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.lkqd.net/cookie-sync/usync.html
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: f1b84287f024bbd570be1f1bc70c321931025ffacde7b25210dcc1ccc0575591

Request headers

:method: GET
:authority: ad.lkqd.net
:scheme: https
:path: /cookie-sync/usync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: lkqdidts=1621511268; lkqdid=qu_UChsShAo; sr55=1||1621511268; sr99=1||1621511268; sr93=1|eS7-UnPgQWRWj2qD77kZQiV4iZQ|1621511269; sr102=1|0948d5c6-e961-4d18-943a-a59bb26a4fd0|1621511269; sr94=1|3163667999545583664|1621511269; sr59=1|CAESENSXdxoJp1uFzXPMCeTejgw|1621511269; sr25=1|03030002_60a64c6528549|1621511269; sr22=1|5512846e-bcba-4197-b122-7912e75eb50e|1621511269; sr39=1|4506489259793383308|1621511269; sr52=1|YKZMZQABKaARjgA4|1621511269; sr53=1|QrSP8scRswXR|1621511269; sr7=1|RX-14285006-9f45-4d02-b5c4-d4ac3ea206ca-003|1621511269; sr90=1|4c_5abfd22e-e72c-4fcd-8e8b-6301405c84ca|1621511269; sr97=1|f6d2e308-ad07-4b59-810c-70feba95f015-60a64c65-4348|1621511269; sr12=1|fe994ebe-b114-4f08-a346-1fe5094d61b2|1621511269; sr43=1|fe994ebe-b114-4f08-a346-1fe5094d61b2|1621511269; sr46=1|fe994ebe-b114-4f08-a346-1fe5094d61b2|1621511269
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:50 GMT
content-encoding: gzip
content-length: 1828
content-type: text/html
last-modified: Mon, 12 Apr 2021 19:06:23 GMT
accept-ranges: bytes
etag: "27034f886617b8db418f17a7a29a7e50"
cache-control: public, max-age=1209600
x-hw: 1621511270.cds151.fr8.hn,1621511270.cds226.fr8.c
access-control-allow-origin: *

OPTIONS
H2 200 ad
v.lkqd.net/ Frame 0
0 107ms
107ms Preflight 146.20.132.205
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1092910&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56560%2C1%2C&c4=&c5=&c6=56560&rnd=6138523&m=&rtv=1&thost=www.eotimedopovo.com.br
Protocol: H2
Server: 146.20.132.205 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.eotimedopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Thu, 20 May 2021 11:47:50 GMT
content-length: 0
access-control-allow-origin: https://www.eotimedopovo.com.br
access-control-max-age: 300
cache-control: max-age=300
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-credentials: true

POST
H2 200 ad Show response
v.lkqd.net/ Frame 19C7 78 KB
6 KB 138ms
138ms XHR
application/json 146.20.132.205
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://v.lkqd.net/ad?pid=430&sid=1092910&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56560%2C1%2C&c4=&c5=&c6=56560&rnd=6138523&m=&rtv=1&thost=www.eotimedopovo.com.br
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.205 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: ddee04a42d1cb946104b06b16db3514a87d3ad6606eb5633907e28be5971769b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 20 May 2021 11:47:50 GMT
content-encoding: gzip
server: nginx
content-type: application/json
access-control-allow-origin: https://www.eotimedopovo.com.br
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 5568

GET
H/1.1 200
OK cm
p.rfihub.com/ Frame 141B 42 B
614 B 35ms
34ms Image
image/gif 193.0.160.129
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.rfihub.com/cm?pub=35678&in=1
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 193.0.160.129 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 11:47:50 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Type: image/gif
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK lkq
match.prod.bidr.io/cookie-sync/ Frame 141B 43 B
430 B 43ms
42ms Image
image/gif 52.19.106.86
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/lkq

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.19.106.86 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
Date: Thu, 20 May 2021 11:47:50 GMT
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
content-type: image/gif
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 p-E357uSpKxfQzx.gif
cms.quantserve.com/pixel/ Frame 141B 35 B
210 B 10ms
9ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/pixel/p-E357uSpKxfQzx.gif?idmatch=0

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 May 2021 11:47:50 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

400

cs
cs.lkqd.net/ Frame 141B
Redirect Chain

https://cs.lkqd.net/cs?partnerId=85&redirect=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db30%26u%3D%24%24rawlkqduserid%24%24%26redirect%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%2...
https://a.tribalfusion.com/i.match?p=b30&u=qu_UChsShAo&redirect=https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D$TF_USER_ID_ENC$
https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D18072662185288432215

0
237 B

109ms
108ms

Image
text/plain

146.20.132.67
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D18072662185288432215
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:50 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 0

Redirect headers

pragma: no-cache
date: Thu, 20 May 2021 11:47:50 GMT
cf-cache-status: DYNAMIC
x-function: 209
server: cloudflare
x-reuse-index: 50
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 65255520be604ab5-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D18072662185288432215
cache-control: no-cache, private
content-type: text/html
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b33887400004ab532851000000001
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK CookieSyncLKQD
rtb.adentifi.com/ Frame 141B 0
88 B 110ms
109ms Image
text/plain 52.45.128.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adentifi.com/CookieSyncLKQD
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.128.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ad.lkqd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0
Content-Type: text/plain

POST
H2 200 t Show response
t.lkqd.net/ Frame 71D4 0
170 B 110ms
110ms XHR
text/plain 146.20.132.134
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.eotimedopovo.com.br
date: Thu, 20 May 2021 11:47:50 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 108ms
108ms Preflight
text/plain 146.20.132.134
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.eotimedopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Thu, 20 May 2021 11:47:50 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.eotimedopovo.com.br

GET
H2

200

cs
cs.lkqd.net/ Frame 19C7
Redirect Chain

https://sync.tidaltv.com/genericusersync.ashx?dpid=3162
https://cs.lkqd.net/cs?partnerId=23&partnerUserId=42145d48-f16a-4cf0-96a2-87ec9ed1cbee&gdpr=1&gdpr_consent=

43 B
308 B

109ms
108ms

Image
image/gif

146.20.132.67
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=23&partnerUserId=42145d48-f16a-4cf0-96a2-87ec9ed1cbee&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:50 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

pragma: no-cache
date: Thu, 20 May 2021 11:47:50 GMT
server: Apache-Coyote/1.1
location: https://cs.lkqd.net/cs?partnerId=23&partnerUserId=42145d48-f16a-4cf0-96a2-87ec9ed1cbee&gdpr=1&gdpr_consent=
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

GET
H2 200 p-E357uSpKxfQzx.gif
cms.quantserve.com/pixel/ Frame 19C7 35 B
210 B 10ms
9ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/pixel/p-E357uSpKxfQzx.gif?idmatch=0

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 May 2021 11:47:50 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200
OK lkq
match.prod.bidr.io/cookie-sync/ Frame 19C7 43 B
430 B 43ms
42ms Image
image/gif 52.19.106.86
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/lkq

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.19.106.86 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
Date: Thu, 20 May 2021 11:47:50 GMT
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
content-type: image/gif
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK cm
p.rfihub.com/ Frame 19C7 42 B
614 B 33ms
32ms Image
image/gif 193.0.160.129
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.rfihub.com/cm?pub=35678&in=1
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 193.0.160.129 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 11:47:50 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Type: image/gif
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK CookieSyncLKQD
rtb.adentifi.com/ Frame 19C7 0
88 B 109ms
108ms Image
text/plain 52.45.128.104
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adentifi.com/CookieSyncLKQD
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.128.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0
Content-Type: text/plain

GET
H2

204

/
loadm.exelator.com/load/ Frame 19C7
Redirect Chain

https://sync.tidaltv.com/genericusersync.ashx?dpid=lkqd
https://sb.scorecardresearch.com/p?c1=9&c2=5989497&cs_xi=42145d48-f16a-4cf0-96a2-87ec9ed1cbee&rn=TIMESTAMP&cs_xs=3315&r=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1266&gdpr=1&gd...
https://sync.tidaltv.com/genericusersync.ashx?dpid=1266
https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzMxODMxNDE0/mpuid/42145d48-f16a-4cf0-96a2-87ec9ed1cbee/rnd/0/url/https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1261%2F&gdpr=1&gdpr_consent=
https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1261%2F&gdpr=1&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=445&dpuuid=42145d48-f16a-4cf0-96a2-87ec9ed1cbee?redir=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1262&gdpr=1&gdpr_consent=
https://sync.tidaltv.com/genericusersync.ashx?dpid=1262
https://tags.bluekai.com/site/5379?id=42145d48-f16a-4cf0-96a2-87ec9ed1cbee&redir=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1263&gdpr=1&gdpr_consent=
https://sync.tidaltv.com/genericusersync.ashx?dpid=1263
https://loadm.exelator.com/load/?p=204&g=281&buid=42145d48-f16a-4cf0-96a2-87ec9ed1cbee&j=0&ru=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1265&gdpr=1&gdpr_consent=

0
324 B

20ms
20ms

Image
text/plain

18.198.69.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=281&buid=42145d48-f16a-4cf0-96a2-87ec9ed1cbee&j=0&ru=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1265&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:51 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

pragma: no-cache
date: Thu, 20 May 2021 11:47:51 GMT
server: Apache-Coyote/1.1
location: https://loadm.exelator.com/load/?p=204&g=281&buid=42145d48-f16a-4cf0-96a2-87ec9ed1cbee&j=0&ru=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1265&gdpr=1&gdpr_consent=
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

GET
H2

200

cs
cs.lkqd.net/ Frame 19C7
Redirect Chain

https://a.tribalfusion.com/i.match?p=b30&u=qu_UChsShAo&redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D85%26partnerUserId%3D%24TF_USER_ID_ENC%24
https://cs.lkqd.net/cs?partnerId=85&partnerUserId=18072662185288432210

43 B
390 B

109ms
108ms

Image
image/gif

146.20.132.67
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=85&partnerUserId=18072662185288432210
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.67 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:50 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

Redirect headers

pragma: no-cache
date: Thu, 20 May 2021 11:47:50 GMT
cf-cache-status: DYNAMIC
x-function: 209
server: cloudflare
x-reuse-index: 223
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6525552188e64ab5-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://cs.lkqd.net/cs?partnerId=85&partnerUserId=18072662185288432210
cache-control: no-cache, private
content-type: text/html
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a2b3388f100004ab5e7aa0000000001
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 400 lkqd
event.clientgear.com/cookie/ Frame 19C7 0
0 105ms
105ms Image
text/html 47.252.78.131
CNNIC-ALIBABA-US-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://event.clientgear.com/cookie/lkqd?partner=lkqd&cookieid=qu_UChsShAo&uid={ymcookie}
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.252.78.131 , United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 / Show response
adx.adform.net/adx/ 65 B
654 B 115ms
114ms XHR
text/xml 37.157.2.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?mid=970530&t=2&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php

Requested by

Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 20 May 2021 11:47:50 GMT
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 173
pragma: no-cache
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: text/xml; charset=utf-8
access-control-allow-origin: https://www.eotimedopovo.com.br
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H/1.1 200
OK 218947 Show response
search.spotxchange.com/vast/2.0/ 67 B
1 KB 44ms
44ms XHR
text/xml 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.0/218947?VPAID=JS&content_page_url=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&cb=880785253&player_width=400&player_height=225&media_transcoding=low&ip_addr=37.120.137.148&device[ua]=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&regs[gdpr]=&user[consent]=&device[geo][lat]=47.3925&device[geo][lon]=8.4546&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C480721688700477806758246304%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 11:47:50 GMT
Content-Encoding: gzip
X-SpotX-Timing-Transform: 0.000356
X-SpotX-Timing-SpotMarket: 0.010917
X-SpotX-Timing-Page-Mux: 0.001493
X-SpotX-Timing-Page-Require: 0.000446
X-fe: 116
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000029
Content-Length: 77
X-SpotX-Timing-Page: 0.017669
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000494
Last-Modified: Thu, 20 May 2021 11:47:50 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Vary: Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary: 0.010917
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://www.eotimedopovo.com.br
X-SpotX-Timing-Page-Misc: 0.003920
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000013
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 av Show response
vidoomy-d.openx.net/v/1.0/ 48 B
248 B 83ms
82ms XHR
text/xml 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&cb=511828115&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C48072168870047780672046346648,,
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.207.0 /
Resource Hash: a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 May 2021 11:47:50 GMT
content-encoding: gzip
server: OXGW/16.207.0
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.eotimedopovo.com.br
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: text/xml
alt-svc: clear
content-length: 56
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

88k_nHSg_6XSp1263gyM+iSSVC+nZNMH Show response
ads-eu.v.ssp.yahoo.com/a/h/
Redirect Chain

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1602890011&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&pi.width=400&pi.height=225&pi.viewable=1&scpid...
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1602890011&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&pi.width=400&pi.height=225&pi.viewable=1&scpid=565...

249 B
1 KB

197ms
197ms

XHR
text/xml

18.185.202.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1602890011&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&eov=eov&hp=1&a.y_rid=2685b864-446b-4ce7-906e-91c93fc73409&a.is_yahoo=3&redirect_y=dHM9MTYyMTUxMTI3MDY1My42NTYyNTA6YXBpZD1VUDMyYzNjOGZiLWI5NjEtMTFlYi1hZjI1LTAyODU1ZmMzOTAwMDptaWdyYXRlZDJ5PSIxIjpyZXF1ZXN0X2lkPTI2ODViODY0LTQ0NmItNGNlNy05MDZlLTkxYzkzZmM3MzQwOQ==
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.202.111 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: ATS/7.1.2.128 /
Resource Hash: 6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
Date: Thu, 20 May 2021 11:47:50 GMT
content-encoding: gzip
server: ATS/7.1.2.128
Age: 0
content-type: text/xml
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

Redirect headers

strict-transport-security: max-age=31536000
server: adaptv/1.0
access-control-allow-origin: https://www.eotimedopovo.com.br
content-type: text/plain
location: https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1602890011&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&eov=eov&hp=1&a.y_rid=2685b864-446b-4ce7-906e-91c93fc73409&a.is_yahoo=3&redirect_y=dHM9MTYyMTUxMTI3MDY1My42NTYyNTA6YXBpZD1VUDMyYzNjOGZiLWI5NjEtMTFlYi1hZjI1LTAyODU1ZmMzOTAwMDptaWdyYXRlZDJ5PSIxIjpyZXF1ZXN0X2lkPTI2ODViODY0LTQ0NmItNGNlNy05MDZlLTkxYzkzZmM3MzQwOQ==
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

88k_nHSg_6XSp1263gyM+iSSVC+nZNMH Show response
ads-eu.v.ssp.yahoo.com/a/h/
Redirect Chain

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=374777289&gdpr=&gdpr_consent=&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225...
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=374777289&gdpr=&gdpr_consent=&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi....

249 B
1 KB

199ms
198ms

XHR
text/xml

18.185.202.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=374777289&gdpr=&gdpr_consent=&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1&a.y_rid=b77cdb3a-8f0d-4766-9da0-954f2e275471&a.is_yahoo=3&redirect_y=dHM9MTYyMTUxMTI3MDY1My44MjY0MTY6YXBpZD1VUDMyYzNjOGZiLWI5NjEtMTFlYi1hZjI1LTAyODU1ZmMzOTAwMDptaWdyYXRlZDJ5PSIxIjpyZXF1ZXN0X2lkPWI3N2NkYjNhLThmMGQtNDc2Ni05ZGEwLTk1NGYyZTI3NTQ3MQ==
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.202.111 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: ATS/7.1.2.128 /
Resource Hash: 6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
Date: Thu, 20 May 2021 11:47:50 GMT
content-encoding: gzip
server: ATS/7.1.2.128
Age: 0
content-type: text/xml
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

Redirect headers

strict-transport-security: max-age=31536000
server: adaptv/1.0
access-control-allow-origin: https://www.eotimedopovo.com.br
content-type: text/plain
location: https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=374777289&gdpr=&gdpr_consent=&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1&a.y_rid=b77cdb3a-8f0d-4766-9da0-954f2e275471&a.is_yahoo=3&redirect_y=dHM9MTYyMTUxMTI3MDY1My44MjY0MTY6YXBpZD1VUDMyYzNjOGZiLWI5NjEtMTFlYi1hZjI1LTAyODU1ZmMzOTAwMDptaWdyYXRlZDJ5PSIxIjpyZXF1ZXN0X2lkPWI3N2NkYjNhLThmMGQtNDc2Ni05ZGEwLTk1NGYyZTI3NTQ3MQ==
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM= Show response
ads-eu.v.ssp.yahoo.com/a/h/
Redirect Chain

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=2134638520&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&p...
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=2134638520&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.wi...

249 B
1 KB

208ms
208ms

XHR
text/xml

18.185.202.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=2134638520&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1&a.y_rid=237a712c-e794-4fbd-b541-1652ff72a8d1&a.is_yahoo=3&redirect_y=dHM9MTYyMTUxMTI3MDY1Mi4zODUyNTQ6YXBpZD1VUDMyYzNjOGZiLWI5NjEtMTFlYi1hZjI1LTAyODU1ZmMzOTAwMDptaWdyYXRlZDJ5PSIxIjpyZXF1ZXN0X2lkPTIzN2E3MTJjLWU3OTQtNGZiZC1iNTQxLTE2NTJmZjcyYThkMQ==
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.202.111 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: ATS/7.1.2.128 /
Resource Hash: 6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
Date: Thu, 20 May 2021 11:47:50 GMT
content-encoding: gzip
server: ATS/7.1.2.128
Age: 0
content-type: text/xml
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

Redirect headers

strict-transport-security: max-age=31536000
server: adaptv/1.0
access-control-allow-origin: https://www.eotimedopovo.com.br
content-type: text/plain
location: https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+rBJnqbGxDqsAEHMK88FGSM=?cb=2134638520&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1&a.y_rid=237a712c-e794-4fbd-b541-1652ff72a8d1&a.is_yahoo=3&redirect_y=dHM9MTYyMTUxMTI3MDY1Mi4zODUyNTQ6YXBpZD1VUDMyYzNjOGZiLWI5NjEtMTFlYi1hZjI1LTAyODU1ZmMzOTAwMDptaWdyYXRlZDJ5PSIxIjpyZXF1ZXN0X2lkPTIzN2E3MTJjLWU3OTQtNGZiZC1iNTQxLTE2NTJmZjcyYThkMQ==
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

88k_nHSg_6XSp1263gyM+iSSVC+nZNMH Show response
ads-eu.v.ssp.yahoo.com/a/h/
Redirect Chain

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=239700927&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=...
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=239700927&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&sc...

249 B
1 KB

198ms
197ms

XHR
text/xml

18.185.202.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=239700927&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1&a.y_rid=d17afaef-aaa4-4973-91e3-c6d0d1539e31&a.is_yahoo=3&redirect_y=dHM9MTYyMTUxMTI3MDY1My4xNzI4NTI6YXBpZD1VUDMyYzNjOGZiLWI5NjEtMTFlYi1hZjI1LTAyODU1ZmMzOTAwMDptaWdyYXRlZDJ5PSIxIjpyZXF1ZXN0X2lkPWQxN2FmYWVmLWFhYTQtNDk3My05MWUzLWM2ZDBkMTUzOWUzMQ==
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.202.111 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: ATS/7.1.2.128 /
Resource Hash: 6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
Date: Thu, 20 May 2021 11:47:50 GMT
content-encoding: gzip
server: ATS/7.1.2.128
Age: 0
content-type: text/xml
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

Redirect headers

strict-transport-security: max-age=31536000
server: adaptv/1.0
access-control-allow-origin: https://www.eotimedopovo.com.br
content-type: text/plain
location: https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=239700927&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1&a.y_rid=d17afaef-aaa4-4973-91e3-c6d0d1539e31&a.is_yahoo=3&redirect_y=dHM9MTYyMTUxMTI3MDY1My4xNzI4NTI6YXBpZD1VUDMyYzNjOGZiLWI5NjEtMTFlYi1hZjI1LTAyODU1ZmMzOTAwMDptaWdyYXRlZDJ5PSIxIjpyZXF1ZXN0X2lkPWQxN2FmYWVmLWFhYTQtNDk3My05MWUzLWM2ZDBkMTUzOWUzMQ==
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

88k_nHSg_6XSp1263gyM+iSSVC+nZNMH Show response
ads-eu.v.ssp.yahoo.com/a/h/
Redirect Chain

https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=34594151&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi...
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=34594151&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.hei...

249 B
1 KB

212ms
212ms

XHR
text/xml

18.185.202.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=34594151&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1&a.y_rid=8e45c2e5-2edb-4ed1-95fc-bfe28c66c65e&a.is_yahoo=3&redirect_y=dHM9MTYyMTUxMTI3MDY1Mi44Njk2Mjk6YXBpZD1VUDMyYzNjOGZiLWI5NjEtMTFlYi1hZjI1LTAyODU1ZmMzOTAwMDptaWdyYXRlZDJ5PSIxIjpyZXF1ZXN0X2lkPThlNDVjMmU1LTJlZGItNGVkMS05NWZjLWJmZTI4YzY2YzY1ZQ==
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.202.111 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: ATS/7.1.2.128 /
Resource Hash: 6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
Date: Thu, 20 May 2021 11:47:50 GMT
content-encoding: gzip
server: ATS/7.1.2.128
Age: 0
content-type: text/xml
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

Redirect headers

strict-transport-security: max-age=31536000
server: adaptv/1.0
access-control-allow-origin: https://www.eotimedopovo.com.br
content-type: text/plain
location: https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=34594151&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1&a.y_rid=8e45c2e5-2edb-4ed1-95fc-bfe28c66c65e&a.is_yahoo=3&redirect_y=dHM9MTYyMTUxMTI3MDY1Mi44Njk2Mjk6YXBpZD1VUDMyYzNjOGZiLWI5NjEtMTFlYi1hZjI1LTAyODU1ZmMzOTAwMDptaWdyYXRlZDJ5PSIxIjpyZXF1ZXN0X2lkPThlNDVjMmU1LTJlZGItNGVkMS05NWZjLWJmZTI4YzY2YzY1ZQ==
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK vtag Show response
vast.emxdgt.com/ 27 B
339 B 144ms
144ms XHR
application/xml 18.235.138.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://vast.emxdgt.com/vtag?tagid=97333&site.page=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&maxduration=119&skip=0&site.domain=eotimedopovo.com.br&device.ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&device.type=2&device.make=Google&device.model=Chrome%20-%20Windows&w=400&h=225&mimes=video%2Fmp4%2Cvideo%2Fweb%2Cvideo%2Fx-ms-wmv%2Capplication%2Fjavascript&protocols=2%2C3%2C5%2C6&placement=1&linearity=1&minduration=2&minbitrate=200&maxbitrate=10000&playbackmethod=1&maxextend=-1&boxingallowed=0&publisher.name=0
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.235.138.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-235-138-170.compute-1.amazonaws.com
Software: /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 20 May 2021 11:47:49 GMT
Content-Type: application/xml
Access-Control-Allow-Origin: https://www.eotimedopovo.com.br
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Access-Control-Allow-Headers: security, Content-Type
Content-Length: 27

GET
H2 200 vadtag.html Show response
vpaid.pubmatic.com/ads/video/ 1004 B
883 B 28ms
27ms XHR
application/xml 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.eotimedopovo.com.br%2Flogin.php&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C5813630924807216887004778067%2C%2C
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ff1f26d899fa47a7982bc2eb8bac0734c5b91f878fad00461e977d29b3a63ea0

Request headers

Referer: https://www.eotimedopovo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 May 2021 11:47:50 GMT
content-encoding: gzip
server: Apache/2.2.15 (CentOS)
etag: "461ced-23ca-5b1869b8fc7b9"
vary: Origin, Accept-Encoding
content-type: application/xml
access-control-allow-origin: https://www.eotimedopovo.com.br
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 618
expires: Thu, 20 May 2021 11:47:50 GMT

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 107ms
107ms Preflight
text/plain 146.20.132.134
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.eotimedopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Thu, 20 May 2021 11:47:50 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.eotimedopovo.com.br

OPTIONS
H2 200 t
t.lkqd.net/ Frame 0
0 107ms
107ms Preflight
text/plain 146.20.132.134
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Protocol: H2
Server: 146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.eotimedopovo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Thu, 20 May 2021 11:47:50 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS, POST
cache-control: max-age=300
access-control-max-age: 300
access-control-allow-origin: https://www.eotimedopovo.com.br

POST
H2 200 t Show response
t.lkqd.net/ Frame 71D4 0
170 B 169ms
169ms XHR
text/plain 146.20.132.134
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.eotimedopovo.com.br
date: Thu, 20 May 2021 11:47:51 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

POST
H2 200 t Show response
t.lkqd.net/ Frame 71D4 0
170 B 125ms
124ms XHR
text/plain 146.20.132.134
RACKSPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://t.lkqd.net/t
Requested by: Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.132.134 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.eotimedopovo.com.br
date: Thu, 20 May 2021 11:47:51 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain; charset=UTF-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s.po.st
URL: https://s.po.st/static/v4/post-widget.js

Domain: t.lkqd.net
URL: https://t.lkqd.net/t

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MTQ2Mjc2MzktNWQxZS02NTcxLTdmMWItNjczOWE0MGFkODc1

Domain: cs.lkqd.net
URL: https://cs.lkqd.net/cs?partnerId=85&partnerUserId=18072662185288781919

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OTg4YTgxYjQtYzkyMi02YTEwLTZkNmMtYmI5YzZkYjBhMjhj

Domain: s.tribalfusion.com
URL: https://s.tribalfusion.com/z/i.match?p=b30&u=qu_UChsShAo&redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D85%26partnerUserId%3D%24TF_USER_ID_ENC%24

Verdicts & Comments Add Verdict or Comment

207 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

36 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.lkqd.net/	1970-01-20 03:10:47	Name: sr102 Value: 1\|53527e69-d119-4164-8cbc-0aee8d6f033d\|1621511254
.lkqd.net/	1970-01-20 03:10:47	Name: sr90 Value: 1\|\|1621511252
.lkqd.net/	1970-01-20 03:10:47	Name: sr80 Value: 1\|\|1621511252
.lkqd.net/	1970-01-20 03:10:47	Name: sr76 Value: 1\|\|1621511252
.lkqd.net/	1970-01-20 03:10:47	Name: sr59 Value: 1\|\|1621511252
.lkqd.net/	1970-01-20 03:10:47	Name: sr53 Value: 1\|\|1621511252
.lkqd.net/	1970-01-20 03:10:47	Name: sr52 Value: 1\|\|1621511252
.lkqd.net/	1970-01-20 03:10:47	Name: sr45 Value: 1\|\|1621511252
.lkqd.net/	1970-01-20 03:10:47	Name: sr23 Value: 1\|\|1621511252
.lkqd.net/	1970-01-20 03:10:47	Name: sr93 Value: 1\|Z1MikquaSANsQQbyoLH5PSV4iZQ\|1621511254
.lkqd.net/	1970-01-20 03:10:47	Name: sr7 Value: 1\|\|1621511252
www.eotimedopovo.com.br/	1970-01-19 22:04:11	Name: hstpconfig Value: eyJJRCI6IjY3NDkyODY0dWk2MGE2NGM1MzEyMmZkIiwiQ1RSIjoiQ0giLCJSZWdpb24iOm51bGwsIkJyb3dzZXIiOiJDaHJvbWUiLCJQbGF0Zm9ybSI6IldpbmRvd3MiLCJNb2JpbGUiOjAsIkJvdCI6MCwicmVtb3RlX2FkZHIiOjYyODY1NjUzMiwiTGFzdFVwZGF0ZSI6MTYyMTUxMTI1MSwibm9jYWNoZSI6dHJ1ZX0%3D
.lkqd.net/	1970-01-20 03:10:47	Name: sr85 Value: 1\|\|1621511252
.lkqd.net/	1970-01-20 03:10:47	Name: sr103 Value: 1\|\|1621511252
.vidoomy.com/	1970-01-20 03:10:47	Name: Bidoomy-Cookie Value: 9149b271df391a2ac56cb7864105aed7::::c75114ef-7e43-4254-a1fd-f3076364f650
.lkqd.net/	1970-01-20 03:10:47	Name: sr25 Value: 1\|\|1621511252
.lkqd.net/	1970-01-20 03:10:47	Name: sr99 Value: 1\|\|1621511251
.lkqd.net/	1970-01-20 03:10:47	Name: sr86 Value: 1\|\|1621511252
.lkqd.net/	1970-01-20 03:10:47	Name: lkqdid Value: vmtdWv1uu2U
.lkqd.net/	1970-01-20 03:10:47	Name: sr22 Value: 1\|\|1621511252
.lkqd.net/	1970-01-20 03:10:47	Name: sr12 Value: 1\|\|1621511252
.lkqd.net/	1970-01-20 03:10:47	Name: lkqdidts Value: 1621511251
.doubleclick.net/	1970-01-20 03:46:47	Name: IDE Value: AHWqTUlwc-Fq0gqXoP48uXSUbqQZqTPIN1hLUW7zHb2zVwwICurProf9bJOiQc9Y
.vidoomy.com/	1970-01-20 03:10:47	Name: vidoomy-uids Value: eyJ1aWRzIjp7IkJTIjp7InVpZCI6ImM3NTExNGVmLTdlNDMtNDI1NC1hMWZkLWYzMDc2MzY0ZjY1MCIsImV4cGlyZXMiOjE2MjQxMDMyNTJ9LCJDRU4iOnsidWlkIjoiMDE3Y2VjNzYtNThmMi00N2MzLWEyNGMtMmI2MjcyMTBhYWExLTYwYTY0YzUzLTQzNDgiLCJleHBpcmVzIjoxNjI0MTAzMjUxfX19
.youtube.com/	1970-01-19 22:44:23	Name: VISITOR_INFO1_LIVE Value: zIz8dXeNzUo
.lkqd.net/	1970-01-20 03:10:47	Name: sr55 Value: 1\|\|1621511251
.lkqd.net/	1970-01-20 03:10:47	Name: sr97 Value: 1\|\|1621511252
.eotimedopovo.com.br/	1970-01-19 18:25:11	Name: _gat_blogger Value: 1
.lkqd.net/	1970-01-20 03:10:47	Name: sr39 Value: 1\|\|1621511252
.eotimedopovo.com.br/	1970-01-19 18:25:11	Name: _gat Value: 1
.eotimedopovo.com.br/	1970-01-19 18:26:37	Name: _gid Value: GA1.3.1934913654.1621511251
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: X1FdlN8QKhQ
.lkqd.net/	1970-01-20 03:10:47	Name: sr6 Value: 1\|\|1621511252
.lkqd.net/	1970-01-20 03:10:47	Name: sr94 Value: 1\|2457259372858366305\|1621511251
.eotimedopovo.com.br/	1970-01-20 03:46:47	Name: __gads Value: ID=5d6deb9d9a030f82-228d86a545c80006:T=1621511251:RT=1621511251:S=ALNI_MaAcxkesfVEpBLBkmSogk9QEj1ENA
.eotimedopovo.com.br/	1970-01-20 11:56:23	Name: _ga Value: GA1.3.1000485672.1621511251

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
2.bp.blogspot.com
4.bp.blogspot.com
4cywq-eqnre.ads.tremorhub.com
a.tribalfusion.com
a.vidoomy.com
ad.a-ads.com
ad.lkqd.net
ad.turn.com
ads-eu.v.ssp.yahoo.com
ads.adaptv.advertising.com
ads.betweendigital.com
ads.creative-serving.com
ads.stickyadstv.com
ads.vidoomy.com
adservice.google.com
adservice.google.de
adx.adform.net
ajax.googleapis.com
apis.google.com
bcp.crwdcntrl.net
bh.contextweb.com
c.deployads.com
cdn.simpleads.com.br
cdn.taboola.com
clevernt.com
cm.g.doubleclick.net
cms.quantserve.com
config.seedtag.com
connect.facebook.net
cs.krushmedia.com
cs.lkqd.net
d.t.tailtarget.com
d.tailtarget.com
d.turn.com
dpm.demdex.net
event.clientgear.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googledrive.com
gu.dyntrk.com
idsync.rlcdn.com
inv-nets.admixer.net
lh4.googleusercontent.com
loadm.exelator.com
match.adsrvr.org
match.prod.bidr.io
media.sabio.us
netdna.bootstrapcdn.com
nxd.adhaven.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.tapad.com
pr-bh.ybp.yahoo.com
resources.blogblog.com
rtb.adentifi.com
rtb.vidoomy.com
s.po.st
s.tribalfusion.com
sb.scorecardresearch.com
search.spotxchange.com
securepubads.g.doubleclick.net
static.doubleclick.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.mathtag.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.tidaltv.com
t.lkqd.net
tags.bluekai.com
tpc.googlesyndication.com
ui.clevernt.com
ups.analytics.yahoo.com
v.lkqd.net
v3.denakop.com
vast.emxdgt.com
vidoomy-d.openx.net
vpaid.pubmatic.com
www.blogger.com
www.eotimedopovo.com.br
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.gstatic.com
www.youtube.com
x.bidswitch.net
cm.g.doubleclick.net
cs.lkqd.net
s.po.st
s.tribalfusion.com
t.lkqd.net
104.18.135.145
13.248.242.197
142.250.186.98
143.204.202.38
146.0.227.107
146.20.132.134
146.20.132.205
146.20.132.67
148.69.64.109
151.101.14.49
151.139.128.11
172.217.23.98
176.9.125.108
18.185.202.111
18.195.105.17
18.198.69.109
18.235.138.170
184.30.21.112
185.29.135.227
185.94.180.123
193.0.160.129
198.148.27.140
199.232.137.44
2.18.233.180
2001:678:cb4:bbbb::11
2001:678:cb4:bbbb::13
213.19.147.45
23.111.200.118
23.45.99.241
2600:1f18:612b:4200:dadf:a359:f0cd:5654
2606:4700:10::6816:5a5
2606:4700:20::681a:a75
2606:4700::6812:acf
2606:4700::6812:c05
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1288:110:c305::8000
2a00:1450:4001:801::2002
2a00:1450:4001:802::2001
2a00:1450:4001:802::2003
2a00:1450:4001:802::2004
2a00:1450:4001:809::2009
2a00:1450:4001:809::200e
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:827::2001
2a00:1450:4001:827::2002
2a00:1450:4001:827::200a
2a00:1450:4001:828::2001
2a00:1450:4001:828::2006
2a00:1450:4001:829::2003
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2002
2a00:1450:4001:831::2001
2a00:1450:4001:831::200e
2a00:1450:4001:831::2013
2a00:1450:400c:c04::9a
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a05:d018:24:b002:ebbe:4057:3491:6f67
2a0b:4d07:102::1
3.126.56.137
3.129.250.65
3.222.79.98
3.64.28.223
34.102.185.99
34.107.184.81
34.98.64.218
35.201.123.184
35.227.248.159
35.244.174.68
37.157.2.236
47.252.78.131
51.178.20.140
52.19.106.86
52.208.103.128
52.26.62.110
52.28.189.33
52.30.95.9
52.45.128.104
52.59.28.101
54.175.198.118
54.93.84.136
63.33.31.50
66.155.71.149
8.2.110.134
0141af952b84b4739c59140b52dd7786e24cd2f5bfe642f55f29423bbe38a011
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
03c88eb5696a03dcaefb0b43e22fbdd56dffc0d53532c7974b21f49a23871d86
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
08136efb9006ad2902c3aa4929c29505257d51ba3b1b539fbb548a9b8622d52a
0938d24970f9a46f8846edf91d9a35b993b52c2c818bf075dab439563fc0f0f5
096abd9dd93ed6879a4454b0e7e80392462e97bbeeff715de8ea45a0577470d3
09b0a6bbfe4ca9d3cbb83b7c9131eac0e206a1ccf5677a2a2b60cb40552dd0b8
0c09a6e064d23cf9cf4a9cbbb412fdaa78af9ff0d454ece8d90edb5b6b50e889
0d62cdd589152a75cfb03d4a25e56f01f6567c4191b05841f4e8a3119cb51d3c
0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1
13e4449876829cd0bc3b62afd7a648d3fa9c520c805d1a5e7ac73c2dde588d76
1748aa0a0c5f30609118298e5e606f8cefb1a7be1452688311ff3e723f234c06
17802de0e3b1f61a23b67667f91e5eafe7440c4f4bff0d53b40dee5c2e1c4156
187b2130cdd7857365f314352097dd414d0bea425b98dfb3d0423d7d184d6197
1dad6cb9a0903898a8f82f89c0d10ee6e94f8459228530fa5df3078100c9f650
22ca5e3dcd26fa66a4af4b4a5d47a6a3a17f4cb9abdd03707901758b28f5c1d6
28e7c5883213aac2724862e788fa2c79bcebc5708d2bbccc44ee0206bd54d484
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2d903176d4df72e36c554fe65598e07df6e8b0b920cd9e37ee91d96389a44791
32fb46e37490028d33d014af2fa2446ddbab6ecbf50318e488483b3b9aa59ad0
3450c74da5ae4511f7ad644c413d288a58004e65feec48af3f557c5529697069
37b76e964cec51d12bebc368c87ef93aeaff4fa9f50e59c15d8c0c735858f644
3cb805e1452f05907100e71730097c349d5b0d81a4043a28fe634402dd504445
3dd811a61d53070b2f1f915e3105cb4b3d1ee6b46353924818580f884b4640c2
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
424bb50312a7bda2ea46dae4fdfa96d7da5aaf8ed4ff67f6f9dad505adafcf41
43d8848280c9ee08ea34ab6cfde5f048815bcfa9249b2eb7f1f2cf3f9effb930
45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
498ae2c15750f30c083088a20d5288cc7f87fdb7fbdc6d17cc7fec8a79ecacfd
4a8ae4813a8c879c93419b0c36e3c48a12df46b3a90e4f1dfa438d6058b4919f
4c42d25b217d0238ad491d1174be0b4e0ee1305e71185e817c0d4ec11a18685d
51b3c9d9127d7428daf3ca21e9144df48a301a63b5f71c64814bb2a1889926ec
51ec8a9af07a659ee548048f63d5a8124be94c229f42c9c689c625229b52da06
5366b35dd9b34d83a67c49c44700cba3261bd6464fdf9858076d9ebd2b5b11e4
5367b985d0e7260be2ad1a7dcf0578da95c507ba93b57f0facb134374fd4da4f
53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5616a6e1823b43919f7d1a33817cccfa1d9f30c9f10f2deb00d9c3671f91d5f0
580a1f41879a53e50cce789d9d9a00d031e95092e309fa6fd515bac787ac3dc3
5905f0efb119491a6d8f8b0c16404bfd13cc2a0e503cd3d59adb2fccbd7497ac
5f814e8fa453efc6c00d80a117bc0a62e9d59e1f4672931ffcd93662a5aae9be
6356dab2c76e9e8b9b9fe33f36effc4b58d2268854e1f4d2609204c4752a765a
63f01adeb450e4b95d0cf41a7bbbffe8f2d89e74b96d3cd962e1a73faa4c0cbf
656178f80f84a0d02f39eb8389c3a4fed4368b97f4fce6e99d05d856c9e89ff9
65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b
66692834201188242d64623d532248275efe2ba80101490c96bdce4160b78188
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
69d5bc71bfcac17012ba397dfded0ecfdc21ceeb32d4186291e4cb43b8e4351b
6ac5dc61ad3c547afd1e7eb3594daecd75ab2eda5e53a15c5fb52bb2c60ddd13
6b36889bd724c683ff092fa2b909a8752a9d505004410d3e404a308f2873b51e
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
7690360c1661172aa4163ffd8c0ab3d12e027eb7bdeb88c03f755061230cc2a3
769f2d03ab40735029ce1999b9e4cecd25c7b761e720abebd1e9eebe67e933fe
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d
7a05de7c3de0c9029a963830574fff9cc4a44e93f985d2f1aa2e680f211220af
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5
7fcb7fab78b1002ea0d6a251db92a8547846d27aaa5462d51c363e0c9e5929dc
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
82c7eaa6c0baa8b047f2102792953ea321dccfd5fec703a73b74109b6a9c613d
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
841c0859b5572d958f433f18a584bc19eac3563e0dcf59f063c989a2c0038fc4
84b8f881c32a27e38a867f814dcbed62b53cba436db5af8f6e6996a7dbc72129
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
8a347e5d45a227945116befa8695aec5e8d8a93870aece9c86e0794f901a72e2
92cf2b47b93102ba83fdda9833ad4f08c94d6ab43a530b66cf1f33f3d019fe22
93ea87740a629b311148b644cb72d376ef82344939bc4d47acff4aa0719ad668
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
96a065c74ffed04f82d64b55126aaab408009f805847ada96deae585721b2d3f
97d812da07c2319e0e64c4137b33a5d3ccfb4c06fa5ab4444f522959e27a9ed0
986007c6e5ee35ac075b04c5eb0a766f9d5d744acb8f9e55122fd5aec690d94c
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99f3cfb4284c9ec32399e76f66a59f6b3f933a7ca3c82186ba1c9ff94f29f93b
9b740fc33c320c32f37ac69c8a49e3c8822ce660678814520069a3e7923c00e3
9eb8abd21cd55dccbf594f924fc021a47ad55572e0f621d5cb3fd587e9f668f8
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa6f64afe08c79f1b8b57e3c12351ae44d505eecee4eb5ebc3b4e73b53335868
ab227ebdf30bbd3a5675a22cd849325c19c009cb3d5c821495440126697530bd
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aee4c68670a53c7d36415fb89670deb3b81e76799e790ce564ee40bd53ae8580
af50123da38c80e4e0737f8316c4bcd4d68e0cbd2530f1e6fbbce7d4f78c32ea
b06bd7068003e4ef13d5a5b05cae66e683bcb6ed0d4353cd007c512d515ae70a
b56ebee7acc9acccb9f8a7858a612a1a7120a7e5142bf22cd3d210cd4f7d8aca
b5de679f41d5e07318bf721f4877d6320d3e351d6cfd58a00471854e2503d48c
b85a4142ab2bf326b0e8ccfe83b5e99ca7b8a4289f63970038f95fb8277cbdfc
bdbf705d2fc510c05e7eeade4be906d0ef13de78811377fa62ef433b943782cd
c14f735c3df6fdabd8141db6e874b741a3d20a4a803c04e33b83d7c7968c99de
c16739b2471c717348631363c3a7fe6a49c381d846696168e6945a0f96781df4
c20f4e658ca4e7fae8204a198a8c770d19b8eb3e13cca4ddab9769f108173f88
c5f87c038dc33c1d1ab152590063685cfed5ba198786cb34ff6ec5c98a2c1a9c
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c8370a2d050359e9d505acc411e6f457a49b21360a21e6cbc9229bad3a767899
cb5555c8a50b04289f393b2e30e222a650de72d3904705884870ff3713d9ed4b
cc790b61e027245b0291828bf1837696a7d9d80b13f4c64a4e7face29d33e4f1
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
d02db114f4715fed03653bb222f980b53b4ac200bc8586973fa80c465a4f812f
d0e2aef40f6bad59a3c810e359295939c29be74da740770efebed27e8c999e3c
d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b
d2efb605dfe04529464fb5a698c789daf60cc91425c5bacdfebc3bcd06114f9c
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d8af8cf5de7aa87ec386df39ffca261d170b944c507c9f858361a08714aafed1
dbe61ec8a3efdcd039ec02f99bf9a0a66e1c2ef4831a8e45d12cb4c736709a8d
dc22f6861c419b751b500e95107c786cbf5cb2bfffd160707cb269fe4c22521d
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dcfb44cae0148f8bdd3d5aeddd31810857710ba248d1205bb1e45e4d69e0d063
ddb17b35aa0a1e43ca7fe01c87acdeba4a316699d65d87e5f9a08fe0bae69fc3
ddd67e1276896a79e0f299ee53639f1b3d8b25437431abe68f02e4f39dada1bc
ddee04a42d1cb946104b06b16db3514a87d3ad6606eb5633907e28be5971769b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
def6ab8798ab5146c8aa3a2329aa19a8b1246f1248173c11a58538ce0054c5fa
df7364a2023a3a39a1a85b0d626a358be73a6b0d4fe3267df12d560ada39d12d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e563dbcbc7c21b60675a5e8c70be5f359867cbc648b39ab952740244b23dae1b
e581acc738cba51dead610202c58d80a9ab824bbda760b8764d82d0cd5949015
e593d32d2b3c25b54c4632fc55d4c55cce4154e0bfaeb75883da07b742e762dc
e930e2b6d8e6e7ea71a7ffe12a463062681a29bf2dee558836678be5b9c86a4c
e948298f43a300fecc4ff459ac39d29c2185d2420b963322c80f24c31db3eb70
ecfb1be121d04d3335b1d2acf4eb001bc83d1c7d303de803cd1cabd71075ef6d
ed517589dc87d6f2d729ed96b8ba953caa7b340e6b42ab8a8de33bb4334827ef
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef50960ff4008e29ce90d5fbf828aafc92f1df70f59fb672fa3884fdd2017a5f
f0b65a3f0a7c8cbd05cba77ad8879bd37a50113379a4e8d87c8c89c68a084186
f1b84287f024bbd570be1f1bc70c321931025ffacde7b25210dcc1ccc0575591
f51c09f7389cdc5cfdbd249cc66f95f51480041e42da46e5adf088e7bea9a686
f65905203f5b868c5c642ce5d3b792850a1514652ad1f3a41edacd9894d0a5ff
f7d30cf07998d5d7873869f69199d740f49e01fb0e1a1cf1976c7809913b3a1a
fb150bc6490c6ce800e6320e8ca958dd709e038a66aee125f2a768cca1d24436
fc184f96dd18794e204c41075a00923be7e8e568744231d74f2fdf8921f78d29
ff1f26d899fa47a7982bc2eb8bac0734c5b91f878fad00461e977d29b3a63ea0

www.eotimedopovo.com.br Open in urlscan Pro 2a00:1450:4001:831::2013 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

492 Requests

99 %HTTPS

41 %IPv6

70 Domains

94 Subdomains

62 IPs

11 Countries

3955 kBTransfer

12349 kBSize

36 Cookies

6 Outgoing links

Redirected requests

492 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.eotimedopovo.com.br Open in urlscan Pro
2a00:1450:4001:831::2013 Public Scan

Screenshot
Live screenshot

Full Image

492
Requests

99 %
HTTPS

41 %
IPv6

70
Domains

94
Subdomains

62
IPs

11
Countries

3955 kB
Transfer

12349 kB
Size

36
Cookies

492 HTTP transactions
1 data transactions