urlscan.io logo urlscan.io
SecurityTrails logo

www.eotimedopovo.com.br Open in urlscan Pro
2a00:1450:4001:831::2013  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.eotimedopovo.com.br/
Submission Tags: krdtest
Submission: On May 20 via api from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 89 IPs in 11 countries across 88 domains to perform 463 HTTP transactions. The main IP is 2a00:1450:4001:831::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is www.eotimedopovo.com.br.
TLS certificate: Issued by GTS CA 1D4 on May 18th 2021. Valid for: 3 months.
This is the only time www.eotimedopovo.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
40 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 199.232.137.44 54113 (FASTLY)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a03:2880:f02... 32934 (FACEBOOK)
4 2a00:1450:400... 15169 (GOOGLE)
2 5.9.10.165 24940 (HETZNER-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 3.129.250.65 16509 (AMAZON-02)
8 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a0b:4d07:102::1 44239 (PROINITY ...)
3 2a00:1450:400... 15169 (GOOGLE)
3 172.217.23.98 15169 (GOOGLE)
1 35.201.123.184 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f12... 32934 (FACEBOOK)
2 8 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
7 11 143.204.202.85 16509 (AMAZON-02)
1 34.102.185.99 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
15 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 104.18.131.145 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
12 151.139.128.11 20446 (HIGHWINDS3)
7 184.30.21.112 16625 (AKAMAI-AS)
3 2a00:1450:400... 15169 (GOOGLE)
7 7 66.155.71.150 13768 (COGECO-PEER1)
3 7 18.198.69.109 16509 (AMAZON-02)
6 6 35.227.248.159 15169 (GOOGLE)
2 54.93.84.136 16509 (AMAZON-02)
11 11 52.58.102.227 16509 (AMAZON-02)
10 10 142.250.186.66 15169 (GOOGLE)
1 1 50.112.11.19 16509 (AMAZON-02)
1 148.69.64.109 12353 (VODAFONE-...)
4 2a00:1450:400... 15169 (GOOGLE)
11 146.20.128.54 27357 (RACKSPACE)
15 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 1 148.69.64.76 12353 (VODAFONE-...)
14 2606:4700:20:... 13335 (CLOUDFLAR...)
17 66 146.20.128.47 27357 (RACKSPACE)
6 35.244.174.68 15169 (GOOGLE)
6 6 8.2.110.134 46636 (NATCOWEB)
6 52.30.95.9 16509 (AMAZON-02)
7 7 2001:678:cb4:... 56396 (TURN)
6 6 3.225.15.51 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
28 146.20.132.202 27357 (RACKSPACE)
3 2a00:1450:400... 15169 (GOOGLE)
1 24 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 3 34.107.184.81 15169 (GOOGLE)
5 193.0.160.129 54312 (ROCKETFUEL)
6 7 2606:4700::68... 13335 (CLOUDFLAR...)
8 8 52.49.40.147 16509 (AMAZON-02)
1 6 2620:116:800d... 16509 (AMAZON-02)
1 81.94.208.229 34587 (HLM2-AS)
4 52.207.62.93 14618 (AMAZON-AES)
3 3 213.19.147.45 3356 (LEVEL3)
2 2 35.210.53.219 19527 (GOOGLE-2)
5 5 13.248.242.197 16509 (AMAZON-02)
27 27 2a05:d018:24:... 16509 (AMAZON-02)
4 4 51.178.20.139 16276 (OVH)
2 2 3.233.119.20 14618 (AMAZON-AES)
4 4 2001:678:cb4:... 56396 (TURN)
4 4 18.203.106.177 16509 (AMAZON-02)
4 4 23.45.99.241 16625 (AKAMAI-AS)
5 5 151.101.14.49 54113 (FASTLY)
3 3 198.148.27.139 19189 (PULSEPOINT)
1 4 47.252.78.131 45102 (CNNIC-ALI...)
3 2600:1f18:612... 14618 (AMAZON-AES)
9 185.94.180.123 35220 (SPOTX-AMS)
15 15 52.59.160.25 16509 (AMAZON-02)
10 11 2a00:1288:110... 34010 (YAHOO-IRD)
10 10 52.28.254.214 16509 (AMAZON-02)
1 11 18.156.0.31 16509 (AMAZON-02)
9 162.55.3.20 24940 (HETZNER-AS)
3 54.236.141.192 14618 (AMAZON-AES)
3 35.186.236.204 15169 (GOOGLE)
6 2.18.233.180 16625 (AKAMAI-AS)
1 185.64.189.115 62713 (AS-PUBMATIC)
3 4 37.157.4.29 198622 (ADFORM)
2 2 213.155.156.166 1299 (TELIANET ...)
20 185.64.190.80 62713 (AS-PUBMATIC)
1 178.250.2.151 44788 (ASN-CRITE...)
1 185.86.137.131 201081 (SMARTADSE...)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
1 72.251.241.206 29791 (VOXEL-DOT...)
1 1 162.55.6.213 24940 (HETZNER-AS)
1 1 87.98.242.60 16276 (OVH)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 169.197.150.7 398989 (DEEPINTENT)
2 2 185.29.135.226 30419 (MEDIAMATH...)
2 185.64.190.81 62713 (AS-PUBMATIC)
1 169.50.137.190 36351 (SOFTLAYER)
2 2 37.252.173.27 29990 (ASN-APPNEX)
2 2 18.159.17.140 16509 (AMAZON-02)
1 1 159.65.196.12 14061 (DIGITALOC...)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 34.98.107.212 15169 (GOOGLE)
1 1 37.252.172.249 29990 (ASN-APPNEX)
1 1 54.77.47.243 16509 (AMAZON-02)
1 185.64.190.75 62713 (AS-PUBMATIC)
5 3.123.55.203 16509 (AMAZON-02)
463 89
3    2a00:1450:4001:831::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.eotimedopovo.com.br
2    2a00:1450:4001:831::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.blogger.com
2    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    2a00:1450:4001:809::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.blogger.com
resources.blogblog.com
1    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
netdna.bootstrapcdn.com
3    2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googledrive.com
40    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
1.bp.blogspot.com
2.bp.blogspot.com
4.bp.blogspot.com
2    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
lh4.googleusercontent.com
2    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    199.232.137.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
cdn.taboola.com
3    2606:4700:10::6816:4a5 (United States)

ASN13335 (CLOUDFLARENET, US)
v3.denakop.com
1    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
4    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    5.9.10.165 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.165.10.9.5.clients.your-server.de
ad.a-ads.com
1    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
netdna.bootstrapcdn.com
1    2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
lh6.googleusercontent.com
1    3.129.250.65 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-129-250-65.us-east-2.compute.amazonaws.com
ads.vidoomy.com
8    2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
encrypted-tbn2.gstatic.com
2    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2a0b:4d07:102::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)
cdn.simpleads.com.br
3    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net
securepubads.g.doubleclick.net
partner.googleadservices.com
1    35.201.123.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.123.201.35.bc.googleusercontent.com
d.tailtarget.com
2    2a00:1450:400c:c07::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
8    2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
11    143.204.202.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-202-85.fra53.r.cloudfront.net
sb.scorecardresearch.com
1    34.102.185.99 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 99.185.102.34.bc.googleusercontent.com
d.t.tailtarget.com
8    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
4    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
6    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
adservice.google.com
15    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
4    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    104.18.131.145 (United States)

ASN13335 (CLOUDFLARENET, US)
config.seedtag.com
1    2606:4700:20::681a:b75 (United States)

ASN13335 (CLOUDFLARENET, US)
clevernt.com
12    151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)
ad.lkqd.net
7    184.30.21.112 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-21-112.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
3    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
7    66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
7    18.198.69.109 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
loadm.exelator.com
6    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
pixel.tapad.com
2    54.93.84.136 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-84-136.eu-central-1.compute.amazonaws.com
a.vidoomy.com
11    52.58.102.227 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-102-227.eu-central-1.compute.amazonaws.com
x.bidswitch.net
10    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
cm.g.doubleclick.net
1    50.112.11.19 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-50-112-11-19.us-west-2.compute.amazonaws.com
rtb.vidoomy.com
1    148.69.64.109 (Porto, Portugal)

ASN12353 (VODAFONE-PT Vodafone Portugal, PT)
PTR: host-109.clevernetwork.pt
ui.clevernt.com
4    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
11    146.20.128.54 (United States)

ASN27357 (RACKSPACE, US)
v.lkqd.net
15    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
4    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    148.69.64.76 (Porto, Portugal)

ASN12353 (VODAFONE-PT Vodafone Portugal, PT)
PTR: are.clevernt.com
sender.clevernt.com
14    2606:4700:20::681a:af8 (United States)

ASN13335 (CLOUDFLARENET, US)
lp.clevernetwork.pt
66    146.20.128.47 (United States)

ASN27357 (RACKSPACE, US)
cs.lkqd.net
6    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
6    8.2.110.134 (United States)

ASN46636 (NATCOWEB, US)
cs.krushmedia.com
6    52.30.95.9 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-95-9.eu-west-1.compute.amazonaws.com
c.deployads.com
7    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (TURN, GB)
ad.turn.com
6    3.225.15.51 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.srv.stackadapt.com
1    2a00:1450:4001:809::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
1    2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
28    146.20.132.202 (United States)

ASN27357 (RACKSPACE, US)
t.lkqd.net
3    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn3.gstatic.com
24    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
2    2a00:1450:4001:82f::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
1    2606:4700::6810:a723 (United States)

ASN13335 (CLOUDFLARENET, US)
ajax.cloudflare.com
3    34.107.184.81 (Kansas City, United States)

ASN15169 (GOOGLE, US)
nxd.adhaven.com
5    193.0.160.129 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
7    2606:4700::6812:d05 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
8    52.49.40.147 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
match.prod.bidr.io
6    2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
pixel.quantserve.com
1    81.94.208.229 (Stoke-on-Trent, United Kingdom)

ASN34587 (HLM2-AS, GB)
members.bet365.de
4    52.207.62.93 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rtb.adentifi.com
3    213.19.147.45 (United Kingdom)

ASN3356 (LEVEL3, US)
sync.1rx.io
2    35.210.53.219 (Brussels, Belgium)

ASN19527 (GOOGLE-2, US)
pool.admedo.com
5    13.248.242.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org
27    2a05:d018:24:b002:ebbe:4057:3491:6f67 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.tidaltv.com
4    51.178.20.139 (France)

ASN16276 (OVH, FR)
PTR: ns31193669.ip-51-178-20.eu
gu.dyntrk.com
2    3.233.119.20 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
media.sabio.us
4    2001:678:cb4:bbbb::13 (United Kingdom)

ASN56396 (TURN, GB)
d.turn.com
4    18.203.106.177 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
dpm.demdex.net
4    23.45.99.241 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-99-241.deploy.static.akamaitechnologies.com
tags.bluekai.com
5    151.101.14.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
3    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
4    47.252.78.131 (United States)

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN)
event.clientgear.com
3    2600:1f18:612b:4216:6713:fa1a:2031:cf35 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
4cywq-eqnre.ads.tremorhub.com
9    185.94.180.123 (United States)

ASN35220 (SPOTX-AMS, US)
search.spotxchange.com
15    52.59.160.25 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ads.adaptv.advertising.com
11    2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
10    52.28.254.214 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
pixel.advertising.com
11    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
9    162.55.3.20 (Germany)

ASN24940 (HETZNER-AS, DE)
loopme.me
3    54.236.141.192 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
vast.emxdgt.com
3    35.186.236.204 (Kansas City, United States)

ASN15169 (GOOGLE, US)
x.vindicosuite.com
6    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
vpaid.pubmatic.com
ads.pubmatic.com
aktrack.pubmatic.com
1    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
4    37.157.4.29 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    213.155.156.166 (Sweden)

ASN1299 (TELIANET Telia Carrier, SE)
d5p.de17a.com
20    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
1    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    185.86.137.131 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    85.114.159.118 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
1    72.251.241.206 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
1    162.55.6.213 (Germany)

ASN24940 (HETZNER-AS, DE)
csync.loopme.me
1    87.98.242.60 (Saarbrücken, Germany)

ASN16276 (OVH, FR)
PTR: ip60.ip-87-98-242.eu
green.erne.co
1    2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
1    169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
2    185.29.135.226 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
1    169.50.137.190 (United States)

ASN36351 (SOFTLAYER, US)
PTR: be.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
2    37.252.173.27 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
2    18.159.17.140 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
a.sportradarserving.com
1    159.65.196.12 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    2a02:fa8:8806:20::2010 (United States)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
1    34.98.107.212 (Kansas City, United States)

ASN15169 (GOOGLE, US)
ads.playground.xyz
1    37.252.172.249 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
1    54.77.47.243 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
rtb.gumgum.com
1    185.64.190.75 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
vid.pubmatic.com
5    3.123.55.203 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ads-eu.v.ssp.yahoo.com
Apex Domain
Subdomains		 Transfer
117 lkqd.net
ad.lkqd.net
v.lkqd.net
cs.lkqd.net
t.lkqd.net Failed
381 KB
40 blogspot.com
1.bp.blogspot.com
2.bp.blogspot.com
4.bp.blogspot.com
881 KB
34 googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
386 KB
33 doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
static.doubleclick.net
219 KB
30 pubmatic.com
vpaid.pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
image2.pubmatic.com
simage2.pubmatic.com
image4.pubmatic.com
vid.pubmatic.com
aktrack.pubmatic.com
84 KB
27 yahoo.com
pr-bh.ybp.yahoo.com
ups.analytics.yahoo.com
ads-eu.v.ssp.yahoo.com
24 KB
27 tidaltv.com
sync.tidaltv.com
9 KB
25 advertising.com
ads.adaptv.advertising.com
pixel.advertising.com
16 KB
18 youtube.com
www.youtube.com
1 MB
18 gstatic.com
fonts.gstatic.com
www.gstatic.com
encrypted-tbn3.gstatic.com
encrypted-tbn2.gstatic.com
354 KB
17 google.com
apis.google.com
www.google.com
adservice.google.com
185 KB
14 clevernetwork.pt
lp.clevernetwork.pt
427 KB
11 turn.com
ad.turn.com
d.turn.com
5 KB
11 bidswitch.net
x.bidswitch.net
4 KB
11 scorecardresearch.com
sb.scorecardresearch.com
6 KB
10 loopme.me
loopme.me
csync.loopme.me
2 KB
10 googleapis.com
fonts.googleapis.com
ajax.googleapis.com
126 KB
9 spotxchange.com
search.spotxchange.com
10 KB
8 bidr.io
match.prod.bidr.io
4 KB
7 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
4 KB
7 exelator.com
loadm.exelator.com
3 KB
7 sitescout.com
pixel-sync.sitescout.com
4 KB
7 stickyadstv.com
ads.stickyadstv.com
4 KB
6 quantserve.com
cms.quantserve.com
pixel.quantserve.com
2 KB
6 stackadapt.com
sync.srv.stackadapt.com
3 KB
6 deployads.com
c.deployads.com
2 KB
6 krushmedia.com
cs.krushmedia.com
3 KB
6 rlcdn.com
idsync.rlcdn.com
276 B
6 tapad.com
pixel.tapad.com
2 KB
6 google.de
www.google.de
adservice.google.de
1 KB
6 blogger.com
www.blogger.com
218 KB
5 everesttech.net
sync-tm.everesttech.net
1 KB
5 adsrvr.org
match.adsrvr.org
2 KB
5 rfihub.com
p.rfihub.com
3 KB
4 adform.net
c1.adform.net
2 KB
4 clientgear.com
event.clientgear.com
260 B
4 bluekai.com
tags.bluekai.com
3 KB
4 demdex.net
dpm.demdex.net
2 KB
4 dyntrk.com
gu.dyntrk.com
2 KB
4 adentifi.com
rtb.adentifi.com
352 B
4 googletagservices.com
www.googletagservices.com
136 KB
4 vidoomy.com
ads.vidoomy.com
a.vidoomy.com
rtb.vidoomy.com
6 KB
4 google-analytics.com
www.google-analytics.com
19 KB
3 adnxs.com
ib.adnxs.com
secure.adnxs.com
3 KB
3 vindicosuite.com
x.vindicosuite.com
2 KB
3 emxdgt.com
vast.emxdgt.com
1017 B
3 tremorhub.com
4cywq-eqnre.ads.tremorhub.com
1 KB
3 contextweb.com
bh.contextweb.com
1 KB
3 1rx.io
sync.1rx.io
617 B
3 adhaven.com
nxd.adhaven.com
627 B
3 clevernt.com
clevernt.com
ui.clevernt.com
sender.clevernt.com
50 KB
3 facebook.net
connect.facebook.net
67 KB
3 denakop.com
v3.denakop.com
74 KB
3 taboola.com
cdn.taboola.com
141 KB
3 googleusercontent.com
lh4.googleusercontent.com
lh6.googleusercontent.com
3 eotimedopovo.com.br
www.eotimedopovo.com.br
71 KB
2 sportradarserving.com
a.sportradarserving.com
1 KB
2 mathtag.com
sync.mathtag.com
1 KB
2 de17a.com
d5p.de17a.com
637 B
2 sabio.us
media.sabio.us
468 B
2 admedo.com
pool.admedo.com
715 B
2 ytimg.com
i.ytimg.com
59 KB
2 ggpht.com
yt3.ggpht.com
8 KB
2 tailtarget.com
d.tailtarget.com
d.t.tailtarget.com
6 KB
2 a-ads.com
ad.a-ads.com
5 KB
2 googledrive.com
googledrive.com
2 bootstrapcdn.com
netdna.bootstrapcdn.com
69 KB
1 gumgum.com
rtb.gumgum.com
337 B
1 playground.xyz
ads.playground.xyz
485 B
1 dotomi.com
pubmatic-match.dotomi.com
104 B
1 bidtheatre.com
match.adsby.bidtheatre.com
550 B
1 simpli.fi
um.simpli.fi
609 B
1 deepintent.com
match.deepintent.com
44 B
1 ad4m.at
ad4m.at
992 B
1 erne.co
green.erne.co
326 B
1 adgrx.com
cm.adgrx.com
408 B
1 adition.com
dsp.adfarm1.adition.com
501 B
1 smartadserver.com
rtb-csync.smartadserver.com
163 B
1 criteo.com
dis.criteo.com
325 B
1 bet365.de
members.bet365.de
715 B
1 cloudflare.com
ajax.cloudflare.com
4 KB
1 seedtag.com
config.seedtag.com
12 KB
1 googleadservices.com
partner.googleadservices.com
443 B
1 facebook.com
www.facebook.com
1 simpleads.com.br
cdn.simpleads.com.br
3 KB
1 blogblog.com
resources.blogblog.com
537 B
0 onaudience.com Failed
pixel.onaudience.com Failed
0 po.st Failed
s.po.st Failed
463 88
Domain Requested by
66 cs.lkqd.net 17 redirects ad.lkqd.net
38 1.bp.blogspot.com www.eotimedopovo.com.br
28 t.lkqd.net ad.lkqd.net
27 sync.tidaltv.com 27 redirects
24 tpc.googlesyndication.com 1 redirects googleads.g.doubleclick.net
tpc.googlesyndication.com
pagead2.googlesyndication.com
18 www.youtube.com www.eotimedopovo.com.br
www.youtube.com
17 googleads.g.doubleclick.net pagead2.googlesyndication.com
www.youtube.com
googleads.g.doubleclick.net
15 ads.adaptv.advertising.com 15 redirects
14 lp.clevernetwork.pt www.eotimedopovo.com.br
lp.clevernetwork.pt
ajax.cloudflare.com
13 simage2.pubmatic.com ads.pubmatic.com
12 ad.lkqd.net www.eotimedopovo.com.br
ad.lkqd.net
11 ups.analytics.yahoo.com 1 redirects
11 pr-bh.ybp.yahoo.com 10 redirects ads.pubmatic.com
11 v.lkqd.net ad.lkqd.net
11 x.bidswitch.net 11 redirects
11 sb.scorecardresearch.com 7 redirects cdn.taboola.com
www.eotimedopovo.com.br
10 pixel.advertising.com 10 redirects
10 cm.g.doubleclick.net 10 redirects
10 pagead2.googlesyndication.com www.eotimedopovo.com.br
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
9 loopme.me ad.lkqd.net
9 search.spotxchange.com ad.lkqd.net
8 match.prod.bidr.io 8 redirects
8 www.google.com 2 redirects www.eotimedopovo.com.br
googleads.g.doubleclick.net
www.youtube.com
tpc.googlesyndication.com
8 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
7 image2.pubmatic.com ads.pubmatic.com
7 ad.turn.com 7 redirects
7 loadm.exelator.com 3 redirects ad.lkqd.net
7 pixel-sync.sitescout.com 7 redirects
7 ads.stickyadstv.com www.eotimedopovo.com.br
ad.lkqd.net
6 sync.srv.stackadapt.com 6 redirects
6 c.deployads.com ad.lkqd.net
6 cs.krushmedia.com 6 redirects
6 idsync.rlcdn.com ad.lkqd.net
6 pixel.tapad.com 6 redirects
6 www.blogger.com www.eotimedopovo.com.br
apis.google.com
5 ads-eu.v.ssp.yahoo.com
5 sync-tm.everesttech.net 5 redirects
5 match.adsrvr.org 5 redirects
5 cms.quantserve.com ad.lkqd.net
5 p.rfihub.com ad.lkqd.net
5 apis.google.com www.eotimedopovo.com.br
apis.google.com
www.blogger.com
5 ajax.googleapis.com www.eotimedopovo.com.br
5 fonts.googleapis.com www.eotimedopovo.com.br
ajax.googleapis.com
googleads.g.doubleclick.net
lp.clevernetwork.pt
tpc.googlesyndication.com
4 c1.adform.net 3 redirects ads.pubmatic.com
4 event.clientgear.com 1 redirects
4 tags.bluekai.com 4 redirects
4 dpm.demdex.net 4 redirects
4 d.turn.com 4 redirects
4 gu.dyntrk.com 4 redirects
4 rtb.adentifi.com ad.lkqd.net
4 a.tribalfusion.com 3 redirects ads.pubmatic.com
4 www.gstatic.com apis.google.com
googleads.g.doubleclick.net
www.youtube.com
4 www.googletagservices.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
4 adservice.google.com pagead2.googlesyndication.com
4 adservice.google.de pagead2.googlesyndication.com
4 www.google-analytics.com www.eotimedopovo.com.br
www.google-analytics.com
3 ads.pubmatic.com vpaid.pubmatic.com
ads.pubmatic.com
3 x.vindicosuite.com ad.lkqd.net
3 vast.emxdgt.com ad.lkqd.net
3 4cywq-eqnre.ads.tremorhub.com ad.lkqd.net
3 bh.contextweb.com 3 redirects
3 sync.1rx.io 3 redirects
3 s.tribalfusion.com 3 redirects
3 nxd.adhaven.com 3 redirects
3 encrypted-tbn2.gstatic.com googleads.g.doubleclick.net
3 encrypted-tbn3.gstatic.com googleads.g.doubleclick.net
3 connect.facebook.net www.eotimedopovo.com.br
connect.facebook.net
3 v3.denakop.com www.eotimedopovo.com.br
v3.denakop.com
3 cdn.taboola.com www.eotimedopovo.com.br
cdn.taboola.com
3 www.eotimedopovo.com.br www.eotimedopovo.com.br
2 a.sportradarserving.com 2 redirects
2 ib.adnxs.com 2 redirects
2 image4.pubmatic.com ads.pubmatic.com
2 sync.mathtag.com 2 redirects
2 d5p.de17a.com 2 redirects
2 vpaid.pubmatic.com ad.lkqd.net
2 media.sabio.us 2 redirects
2 pool.admedo.com 2 redirects
2 i.ytimg.com www.youtube.com
2 yt3.ggpht.com www.youtube.com
2 static.doubleclick.net www.youtube.com
2 a.vidoomy.com www.eotimedopovo.com.br
2 www.google.de www.eotimedopovo.com.br
2 stats.g.doubleclick.net www.google-analytics.com
2 securepubads.g.doubleclick.net v3.denakop.com
securepubads.g.doubleclick.net
2 ad.a-ads.com www.eotimedopovo.com.br
2 lh4.googleusercontent.com www.eotimedopovo.com.br
2 googledrive.com www.eotimedopovo.com.br
2 netdna.bootstrapcdn.com www.eotimedopovo.com.br
netdna.bootstrapcdn.com
1 aktrack.pubmatic.com
1 vid.pubmatic.com vpaid.pubmatic.com
1 rtb.gumgum.com 1 redirects
1 secure.adnxs.com 1 redirects
1 ads.playground.xyz 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 match.adsby.bidtheatre.com 1 redirects
1 pixel.quantserve.com 1 redirects
1 um.simpli.fi ads.pubmatic.com
1 match.deepintent.com ads.pubmatic.com
1 ad4m.at ads.pubmatic.com
1 green.erne.co 1 redirects
1 csync.loopme.me 1 redirects
1 cm.adgrx.com ads.pubmatic.com
1 dsp.adfarm1.adition.com 1 redirects
1 rtb-csync.smartadserver.com ads.pubmatic.com
1 dis.criteo.com ads.pubmatic.com
1 image6.pubmatic.com ads.pubmatic.com
1 members.bet365.de lp.clevernetwork.pt
1 ajax.cloudflare.com lp.clevernetwork.pt
1 sender.clevernt.com 1 redirects
1 ui.clevernt.com www.eotimedopovo.com.br
1 rtb.vidoomy.com 1 redirects
1 clevernt.com www.eotimedopovo.com.br
1 config.seedtag.com www.eotimedopovo.com.br
1 partner.googleadservices.com pagead2.googlesyndication.com
1 d.t.tailtarget.com d.tailtarget.com
1 www.facebook.com connect.facebook.net
1 d.tailtarget.com v3.denakop.com
1 cdn.simpleads.com.br www.eotimedopovo.com.br
1 4.bp.blogspot.com www.eotimedopovo.com.br
1 2.bp.blogspot.com www.eotimedopovo.com.br
1 ads.vidoomy.com www.eotimedopovo.com.br
1 lh6.googleusercontent.com www.eotimedopovo.com.br
1 resources.blogblog.com www.eotimedopovo.com.br
0 pixel.onaudience.com Failed ads.pubmatic.com
0 s.po.st Failed www.eotimedopovo.com.br
463 126
Subject Issuer Validity Valid
www.eotimedopovo.com.br
GTS CA 1D4		 2021-05-18 -
2021-08-16		 3 months crt.sh
*.blogger.com
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-04-13 -
2021-07-06		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-03-01 -
2022-02-28		 a year crt.sh
*.googleusercontent.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
misc-sni.blogspot.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
denakop.com
Cloudflare Inc ECC CA-3		 2021-01-14 -
2022-01-13		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-04-06 -
2021-07-03		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.a-ads.com
Sectigo ECC Domain Validation Secure Server CA		 2020-12-02 -
2022-01-02		 a year crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA		 2020-08-13 -
2021-08-13		 a year crt.sh
*.apis.google.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
cdn.simpleads.com.br
Sectigo RSA Domain Validation Secure Server CA		 2020-04-27 -
2022-07-26		 2 years crt.sh
*.tailtarget.com
Sectigo RSA Domain Validation Secure Server CA		 2020-05-30 -
2021-05-30		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
ad.lkqd.net
R3		 2021-03-27 -
2021-06-25		 3 months crt.sh
ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-13 -
2021-11-17		 a year crt.sh
*.clevernt.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-23 -
2022-02-23		 a year crt.sh
*.lkqd.net
Go Daddy Secure Certificate Authority - G2		 2019-05-13 -
2021-07-12		 2 years crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
*.deployads.com
Sectigo RSA Domain Validation Secure Server CA		 2019-07-04 -
2021-07-03		 2 years crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
ajax.cloudflare.com
DigiCert ECC Secure Server CA		 2020-08-11 -
2022-08-16		 2 years crt.sh
*.rfihub.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-18 -
2022-06-18		 2 years crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2020-10-02 -
2021-10-07		 a year crt.sh
*.bet365.de
Thawte RSA CA 2018		 2020-09-22 -
2021-09-27		 a year crt.sh
adentifi.com
Amazon		 2020-10-02 -
2021-11-02		 a year crt.sh
*.exelator.com
Go Daddy Secure Certificate Authority - G2		 2019-05-17 -
2021-06-25		 2 years crt.sh
*.clientgear.com
Go Daddy Secure Certificate Authority - G2		 2020-12-24 -
2022-01-25		 a year crt.sh
*.tremorhub.com
Amazon		 2020-07-25 -
2021-08-25		 a year crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018		 2021-03-10 -
2022-03-29		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-22 -
2021-09-15		 6 months crt.sh
loopme.me
R3		 2021-05-12 -
2021-08-10		 3 months crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2		 2020-05-18 -
2021-07-17		 a year crt.sh
mpp.vindicosuite.com
GTS CA 1D4		 2021-05-01 -
2021-07-30		 3 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-04-14 -
2021-07-12		 3 months crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-24 -
2022-03-26		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-29 -
2021-09-22		 6 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2019-06-19 -
2021-08-31		 2 years crt.sh
*.v.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2020-12-26 -
2021-06-22		 6 months crt.sh

This page contains 58 frames:

Primary Page: https://www.eotimedopovo.com.br/
Frame ID: D2FA91817955C7E270B1BF025868DD57
Requests: 174 HTTP requests in this frame

Frame: https://ad.a-ads.com/1347217?size=728x90
Frame ID: D4F1BDBF2CFC9366441B5B1D7C2F6FDB
Requests: 2 HTTP requests in this frame

Frame: https://d.tailtarget.com/profiles.js
Frame ID: 949E9431EB787B75F14BCC13A244CB4B
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210517/r20190131/zrt_lookup.html
Frame ID: 37C69F63993C196CEFFCC1B8677111FB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-6682610916885114&output=html&h=175&slotname=1352342218&adk=3182713956&adf=3320137906&pi=t.ma~as.1352342218&w=697&fwrn=4&lmt=1621511102&rafmt=11&psa=0&format=697x175&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621511235178&bpp=15&bdt=511&idt=72&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=4651854520349&frm=20&pv=2&ga_vid=1391234738.1621511235&ga_sid=1621511235&ga_hid=1232767995&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=285&ady=4720&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060957&oid=3&pvsid=2036474664545921&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=FCtjL8JZ6a&p=https%3A//www.eotimedopovo.com.br&dtd=89
Frame ID: 6A690AD055E9B9004F1795F21227EF97
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-6682610916885114&output=html&h=600&slotname=7847638580&adk=2545567975&adf=2877706049&pi=t.ma~as.7847638580&w=288&fwrn=4&fwrnh=100&lmt=1621511102&rafmt=1&psa=0&format=288x600&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621511235701&bpp=3&bdt=1034&idt=3&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D512d2c852bd3847e-22c17cbf44c80033%3AT%3D1621511235%3ART%3D1621511235%3AS%3DALNI_Ma80Ywafa22oRJfYRWhySusi3yswQ&prev_fmts=697x175&correlator=4651854520349&frm=20&pv=1&ga_vid=1391234738.1621511235&ga_sid=1621511235&ga_hid=1232767995&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1027&ady=907&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060957&oid=3&pvsid=2036474664545921&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3ncaUd3z0W&p=https%3A//www.eotimedopovo.com.br&dtd=9
Frame ID: 459213A6FB2E9237813A8886E4C9E0C1
Requests: 19 HTTP requests in this frame

Frame: https://ad.a-ads.com/831975?size=300x250
Frame ID: 3C324DF77FB8BEFC76BA3E59255EEEA3
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-6682610916885114&output=html&adk=1812271804&adf=3025194257&lmt=1621511102&plat=1%3A16809992%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621511235732&bpp=1&bdt=1064&idt=1&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D512d2c852bd3847e-22c17cbf44c80033%3AT%3D1621511235%3ART%3D1621511235%3AS%3DALNI_Ma80Ywafa22oRJfYRWhySusi3yswQ&prev_fmts=697x175%2C288x600&nras=1&correlator=4651854520349&frm=20&pv=1&ga_vid=1391234738.1621511235&ga_sid=1621511235&ga_hid=1232767995&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060957&oid=3&pvsid=2036474664545921&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=12
Frame ID: 4BB397330AF0B2E23417E8A62E900799
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: 4F19C7A4CDD2DF61BF9DC2457911BD1F
Requests: 5 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: 83D1C7BE5100A4FFD3C358071E2C0527
Requests: 2 HTTP requests in this frame

Frame: https://www.youtube.com/embed/HiZ8OQj6u20?autoplay=0&origin=http://example.com
Frame ID: E317C2292FD010E0F2FFDE29A0042C05
Requests: 17 HTTP requests in this frame

Frame: https://www.youtube.com/embed/PqJe0OuJSMI?autoplay=0&origin=http://example.com
Frame ID: 3703F1577A6C8ED3CBE1D7C16B03C776
Requests: 17 HTTP requests in this frame

Frame: https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=c31d739d-6c70-4317-b66e-17e9bcf6ae9a-60a64c43-5553
Frame ID: 8D321B2EFB10ABB31DC0D88FED0D2503
Requests: 1 HTTP requests in this frame

Frame: https://www.blogger.com/navbar.g?targetBlogID=1596090506057536954&blogName=%C3%89+o+Time+do+Povo+-+Not%C3%ADcias+do+Corint...&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://www.eotimedopovo.com.br/search&blogLocale=pt_BR&v=2&homepageUrl=https://www.eotimedopovo.com.br/&vt=6403506931286267602&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.p7L79FLXQCw.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g%2Fm%3D__features__
Frame ID: D754C28F7067645A5FCE3CFA7684B654
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 50C0F7448A6958B9CAB23E1F0C60C1E2
Requests: 6 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 26A482B079D465F56148D78CAF936847
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-6682610916885114&output=html&h=600&adk=2566266563&adf=1269499400&pi=t.aa~a.2379756499~rp.4&w=288&fwrn=4&fwrnh=100&lmt=1621511102&rafmt=1&to=qs&pwprc=5515570950&psa=0&format=288x600&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621511236063&bpp=1&bdt=1395&idt=-M&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=697x175%2C288x600%2C0x0&nras=2&correlator=4651854520349&frm=20&pv=1&ga_vid=1391234738.1621511235&ga_sid=1621511235&ga_hid=1232767995&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1027&ady=2567&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060957&oid=3&pvsid=2036474664545921&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=oNFQIxBvyq&p=https%3A//www.eotimedopovo.com.br&dtd=37
Frame ID: 2CB08F1EC2C58FC38AFAC17A66EDCF70
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-6682610916885114&output=html&h=240&adk=4233806101&adf=3090203552&pi=t.aa~a.3687731992~rp.4&w=288&fwrn=4&fwrnh=100&lmt=1621511102&rafmt=1&to=qs&pwprc=5515570950&psa=0&format=288x240&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621511236063&bpp=1&bdt=1395&idt=-M&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=697x175%2C288x600%2C0x0%2C288x600&nras=3&correlator=4651854520349&frm=20&pv=1&ga_vid=1391234738.1621511235&ga_sid=1621511235&ga_hid=1232767995&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1027&ady=3447&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060957&oid=3&pvsid=2036474664545921&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=oYuZx0WN2s&p=https%3A//www.eotimedopovo.com.br&dtd=44
Frame ID: EA151182979BCBDE92E38B7C333046E1
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-6682610916885114&output=html&h=90&adk=408567819&adf=1855375045&pi=t.aa~a.2506067586~rp.1&w=1100&fwrn=4&fwrnh=100&lmt=1621511102&rafmt=1&to=qs&pwprc=5515570950&psa=0&format=1100x90&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621511236063&bpp=2&bdt=1396&idt=2&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=697x175%2C288x600%2C0x0%2C288x600%2C288x240&nras=4&correlator=4651854520349&frm=20&pv=1&ga_vid=1391234738.1621511235&ga_sid=1621511235&ga_hid=1232767995&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=250&ady=4740&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060957&oid=3&pvsid=2036474664545921&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=8zBcPSMgcR&p=https%3A//www.eotimedopovo.com.br&dtd=54
Frame ID: D7435F820C660DD1C651E9EDFC1260C4
Requests: 1 HTTP requests in this frame

Frame: https://lp.clevernetwork.pt/bet365/geo/de/grp1/?affiliate=365_00974178
Frame ID: 443E37FB3E1B16B77AFA73CF3BC92900
Requests: 18 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 95F4B2301540E7F304BB6D2FB11AB2FC
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 23C38AD40CDF8170A99611A4B7A37027
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: AFCC1D03CB082003398FDA6FF09B3AE3
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/167177126177049833/Walbusch_TV-Banner_300x250/index.html
Frame ID: 5B15FB7AE7CD03E95D4E34CE8D1922EF
Requests: 11 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: EB2A997B3BC466029598D6DEFAEDA9B5
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-6682610916885114&output=html&h=90&adk=147768277&adf=2663560246&pi=t.aa~a.1726328726~rp.1&w=1100&fwrn=4&fwrnh=100&lmt=1621511102&rafmt=1&to=qs&pwprc=5515570950&psa=0&format=1100x90&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621511236068&bpp=1&bdt=1401&idt=1&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=697x175%2C288x600%2C0x0%2C288x600%2C288x240%2C1100x90&nras=5&correlator=4651854520349&frm=20&pv=1&ga_vid=1391234738.1621511235&ga_sid=1621511235&ga_hid=1232767995&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=250&ady=4780&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060957&oid=3&psts=AGkb-H8BN-VBVjvWx8TrD5N5_LVn6-O_RsuC-rLHvNpW7Ys0ps5U5oHoze73ZBL5Kcqtn6Gzaz_gi_lfho2acA&pvsid=2036474664545921&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=vRoWyS0cZD&p=https%3A//www.eotimedopovo.com.br&dtd=805
Frame ID: DC7E0C0617C93636078A70364D2077D3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: E6EA3D60351107019605EC59C1A36E97
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/0eWRs9v2owYuE6yDy88utlgh72O1yDgkHmBZb7_hHjI.js
Frame ID: 4DFB1211C019757246F7B6039F9ACC85
Requests: 1 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 07B7B3A6AC75C1D3D9BE269A0155AA4D
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 34023D092F66F487467D61F75E1136AD
Requests: 2 HTTP requests in this frame

Frame: https://members.bet365.de/Members/Helpers/DefaultAff.aspx?affiliate=365_00974178
Frame ID: 616CCC9D39776857AA7224C8E9FB768E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/0eWRs9v2owYuE6yDy88utlgh72O1yDgkHmBZb7_hHjI.js
Frame ID: D34C83984F4845D0E5B230A4DBFE070A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 11395C32DBB73FEB633ABFA952FCA74A
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B67B4275B671F38490799C100EB55E5E
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: F61D2521D611DD822D7644BF00A53985
Requests: 25 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: C7FDA18498E19DEF313BBF803C7FDED9
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: A98BD979F3B3888BE6930D33E7B10BC1
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 6C3583320E0EF382519E6DAE3DADB6A1
Requests: 25 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 733847FF470390427AB3E841195D13DF
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 52C1687605E2ACB5A31C767D4149FD51
Requests: 4 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C8342771726711280624758472128%2C%2C
Frame ID: 726EE96D631DEF6490475C9CBDA7AEE9
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 4FABA5CBBCC55AEAF283484D9E91B850
Requests: 23 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=8309037D-9209-40CB-BECA-3D8C775CA7D3
Frame ID: 5515A40AB990471A05915DF2FD28D4D1
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2973727836766397276
Frame ID: 5A964A336854F7123B22C0F785066899
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: DC7B8A3E3DA81B86AAF5211A4AF4CFB3
Requests: 1 HTTP requests in this frame

Frame: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAB9CE7BTJkAAC2MHnvtLA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID
Frame ID: D05FEEB6B237A0A99D3816A4281F207E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6964337771673680022
Frame ID: 6C53A688C11AF55AA3AC9BC366529D3D
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 7635DDBB7C97B0A8AE92EAB07A260646
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Frame ID: BB7F99475030982D57E2A3D66DBCB9B2
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
Frame ID: 3EDE8F9257112365544CDC80FC7109D7
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=rd42mVgVHdTx85jvHN8kW1nj
Frame ID: 5F235CD1816C6FD1DBDBA7E6B017D892
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: D0CDDA0160D6BF6B992FCEA9E88A291C
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 0238ED22D5433DEB9BB8B80AC938EB27
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=swrnV0zZ635z&pid=557219
Frame ID: 5DB9773E1CAB4234A6A05A16F039C51B
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
Frame ID: 1202E144FB87C1185C903B52C46BCCC3
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: A1660E9A1EA76A755C0C17F82D82560C
Requests: 8 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: FFE99277ED61ECE0E71301677D85D622
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 9A058BF33C031B2B21D09DB475653C9A
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /GSE/i
Overall confidence: 100%
Detected patterns
  • headers server /GSE/i

Page Statistics

463
Requests

98 %
HTTPS

42 %
IPv6

88
Domains

126
Subdomains

89
IPs

11
Countries

5312 kB
Transfer

13330 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 81
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1621511235162&ns_c=UTF-8&cv=3.5&c8=%C3%89%20o%20Time%20do%20Povo%20-%20Not%C3%ADcias%20do%20Corinthians&c7=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1621511235162&ns_c=UTF-8&cv=3.5&c8=%C3%89%20o%20Time%20do%20Povo%20-%20Not%C3%ADcias%20do%20Corinthians&c7=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&c9=
Request Chain 116
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=c31d739d-6c70-4317-b66e-17e9bcf6ae9a-60a64c43-5553&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Dc31d739d-6c70-4317-b66e-17e9bcf6ae9a-60a64c43-5553%26partner_url%3Dhttps%253A%252F%252Fa.vidoomy.com%252Fapi%252Frtbserver%252Fcookie%253Fi%253DCEN%2526uid%253Dc31d739d-6c70-4317-b66e-17e9bcf6ae9a-60a64c43-5553 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=c31d739d-6c70-4317-b66e-17e9bcf6ae9a-60a64c43-5553&partner_url=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3Dc31d739d-6c70-4317-b66e-17e9bcf6ae9a-60a64c43-5553 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=c31d739d-6c70-4317-b66e-17e9bcf6ae9a-60a64c43-5553&partner_url=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3Dc31d739d-6c70-4317-b66e-17e9bcf6ae9a-60a64c43-5553 HTTP 302
  • https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=c31d739d-6c70-4317-b66e-17e9bcf6ae9a-60a64c43-5553
Request Chain 117
  • https://x.bidswitch.net/sync?ssp=vidoomy&user_id=383711447.884112361523462441.00203145 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=383711447.884112361523462441.00203145 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=vidoomy&bsw_param=f9dd432e-8774-4dc1-819e-1cd51365f18f&google_hm=ZjlkZDQzMmUtODc3NC00ZGMxLTgxOWUtMWNkNTEzNjVmMThm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm=&google_sc=&ssp=vidoomy&bsw_param=f9dd432e-8774-4dc1-819e-1cd51365f18f&google_hm=ZjlkZDQzMmUtODc3NC00ZGMxLTgxOWUtMWNkNTEzNjVmMThm&google_tc= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEAkRHQFJ13uOS1P9R_uwcLo&google_cver=1&ssp=vidoomy&bsw_param=f9dd432e-8774-4dc1-819e-1cd51365f18f HTTP 302
  • https://rtb.vidoomy.com/cookie/?exchange_cookie=f9dd432e-8774-4dc1-819e-1cd51365f18f&exchange_name=BSW HTTP 302
  • https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=f9dd432e-8774-4dc1-819e-1cd51365f18f
Request Chain 147
  • https://sender.clevernt.com/transporter/42518.php?ppuc=1&ppu=0&id=443924&ref=aHR0cHM6Ly93d3cuZW90aW1lZG9wb3ZvLmNvbS5ici8%3D&ruri=&r=558937434&tok=85229512005211592258&iv=-1&ctr=DE&sz=1200&wn=&res=1600x1200&landing=1&hei=360&ts=0.438 HTTP 302
  • https://lp.clevernetwork.pt/bet365/geo/de/grp1/?affiliate=365_00974178
Request Chain 150
  • https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if HTTP 302
  • https://idsync.rlcdn.com/464986.gif?partner_uid=ZyFkoJI3-vI
Request Chain 151
  • https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if HTTP 302
  • https://cs.krushmedia.com/cd607442bfdf172cfcec45014a5f4ece.gif?puid=ZyFkoJI3-vI&redir=https://cs.lkqd.net/cs?partnerId%3D102%26partnerUserId%3D%5BUID%5D HTTP 302
  • https://cs.lkqd.net/cs?partnerId=102&partnerUserId=bd7e2e0c-72d5-413c-8d88-fa50f9116bf6
Request Chain 152
  • https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if HTTP 302
  • https://c.deployads.com/cs/NXST?b=ZyFkoJI3-vI
Request Chain 153
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8810514527564741566
Request Chain 154
  • https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=mwFOrBmtRaV2MW3pWUrhDJ8wNwY
Request Chain 171
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr64iePBCwCRiwCTIINoIjV4alR1E HTTP 301
  • https://tpc.googlesyndication.com/simgad/12292211746583241485
Request Chain 188
  • https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if HTTP 302
  • https://idsync.rlcdn.com/464986.gif?partner_uid=ZyFkoJI3-vI
Request Chain 189
  • https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if HTTP 302
  • https://cs.krushmedia.com/cd607442bfdf172cfcec45014a5f4ece.gif?puid=ZyFkoJI3-vI&redir=https://cs.lkqd.net/cs?partnerId%3D102%26partnerUserId%3D%5BUID%5D HTTP 302
  • https://cs.lkqd.net/cs?partnerId=102&partnerUserId=fd429497-9ac1-4d6b-a251-2f627354c564
Request Chain 190
  • https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if HTTP 302
  • https://c.deployads.com/cs/NXST?b=ZyFkoJI3-vI
Request Chain 191
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8810514527564741566
Request Chain 192
  • https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=VZjMczHaSBhsoFM90uHxq58wNwY
Request Chain 253
  • https://nxd.adhaven.com/bid-engine/cs/2e288610711ad6050acd86a3fc72a6c3/v1?rd=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D90%26partnerUserId%3D%24UID HTTP 302
  • https://cs.lkqd.net/cs?partnerId=90&partnerUserId=4c_20f5b36a-5fb8-45e4-aaaf-3f772a11b95e
Request Chain 255
  • https://cs.lkqd.net/cs?partnerId=85&redirect=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db30%26u%3D%24%24rawlkqduserid%24%24%26redirect%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D85%2526partnerUserId%253D%2524TF_USER_ID_ENC%2524&r=if HTTP 302
  • https://a.tribalfusion.com/i.match?p=b30&u=ZyFkoJI3-vI&redirect=https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D$TF_USER_ID_ENC$ HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b30&u=ZyFkoJI3-vI&redirect=https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D$TF_USER_ID_ENC$ HTTP 302
  • https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D18072662185290124034
Request Chain 256
  • https://match.prod.bidr.io/cookie-sync/lkq HTTP 303
  • https://match.prod.bidr.io/cookie-sync/lkq?_bee_ppp=1 HTTP 303
  • https://cs.lkqd.net/cs?partnerId=80&partnerUserId=AACBqE7BTJkAACzldKpdXw
Request Chain 261
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 262
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 275
  • https://sb.scorecardresearch.com/p?c1=2&c2=34403499&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=510823&ns_st_ec=1&ns_st_cn=1&ns_st_ev=end&ns_st_ct=va&ns_st_cl=0&ns_st_pt=0&c3=vidoomynet&c4=&c6=&ns_ts=1621511240 HTTP 302
  • https://sb.scorecardresearch.com/p2?c1=2&c2=34403499&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=510823&ns_st_ec=1&ns_st_cn=1&ns_st_ev=end&ns_st_ct=va&ns_st_cl=0&ns_st_pt=0&c3=vidoomynet&c4=&c6=&ns_ts=1621511240
Request Chain 283
  • https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if HTTP 302
  • https://cs.krushmedia.com/cd607442bfdf172cfcec45014a5f4ece.gif?puid=2e0TeCbexw8&redir=https://cs.lkqd.net/cs?partnerId%3D102%26partnerUserId%3D%5BUID%5D HTTP 302
  • https://cs.lkqd.net/cs?partnerId=102&partnerUserId=6e97a66d-bcc9-4c5e-a464-ad088bdf4ce7
Request Chain 284
  • https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if HTTP 302
  • https://c.deployads.com/cs/NXST?b=2e0TeCbexw8
Request Chain 285
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=9026173850633255870
Request Chain 286
  • https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=3PH7CN0BRstdilnK1j7LNZ8wNwY
Request Chain 287
  • https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if HTTP 302
  • https://idsync.rlcdn.com/464986.gif?partner_uid=2e0TeCbexw8
Request Chain 291
  • https://match.prod.bidr.io/cookie-sync/lkq HTTP 303
  • https://match.prod.bidr.io/cookie-sync/lkq?_bee_ppp=1 HTTP 303
  • https://cs.lkqd.net/cs?partnerId=80&partnerUserId=AACK1U7BTJkAAC0CUzkixw
Request Chain 293
  • https://nxd.adhaven.com/bid-engine/cs/2e288610711ad6050acd86a3fc72a6c3/v1?rd=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D90%26partnerUserId%3D%24UID HTTP 302
  • https://cs.lkqd.net/cs?partnerId=90&partnerUserId=4c_abece38b-0648-4662-8747-b97df839f4f7
Request Chain 294
  • https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=YwI4ITf3R31uYGxR9VDIXJ8wNwY
Request Chain 295
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=9026173850633255870
Request Chain 297
  • https://sync.1rx.io/usersync2/lkqd HTTP 302
  • https://cs.lkqd.net/cs?partnerId=7&partnerUserId=OPTOUT
Request Chain 298
  • https://x.bidswitch.net/sync?ssp=lkqd HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=lkqd HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=lkqd&bsw_custom_parameter=af876d83-d96d-4a64-97ba-39b233f31be3 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=lkqd&bsw_custom_parameter=af876d83-d96d-4a64-97ba-39b233f31be3 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=8e334e04-404f-4cfa-914e-598717938ba8&user_group=1&ssp=lkqd&bsw_param=af876d83-d96d-4a64-97ba-39b233f31be3 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=12&partnerUserId=af876d83-d96d-4a64-97ba-39b233f31be3&redirect=%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D43%26partnerUserId%3Daf876d83-d96d-4a64-97ba-39b233f31be3%26redirect%3D%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D46%2526partnerUserId%253Daf876d83-d96d-4a64-97ba-39b233f31be3 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=43&partnerUserId=af876d83-d96d-4a64-97ba-39b233f31be3&redirect=//cs.lkqd.net/cs?partnerId%3D46%26partnerUserId%3Daf876d83-d96d-4a64-97ba-39b233f31be3 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=46&partnerUserId=af876d83-d96d-4a64-97ba-39b233f31be3
Request Chain 299
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=e0d6q5j&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=e0d6q5j&ttd_tpi=1 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=22&partnerUserId=4b3077bb-e76c-4eab-a92c-ad7cd4cb34de
Request Chain 300
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3162 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3162&s_h=1 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=23&partnerUserId=3aa2bcd3-d11a-4e6e-b941-75cb7e9561ef&gdpr=1&gdpr_consent=
Request Chain 301
  • https://gu.dyntrk.com/adx/lkqd/us.php?dynk=l1k4q1d4&gdpr=&gdpr_consent= HTTP 302
  • https://gu.dyntrk.com/adx/lkqd/us.php?dynk=l1k4q1d4&gdpr=&gdpr_consent=&prevuid=03030003_60a64c4b55307&knw=0 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=25&partnerUserId=03030003_60a64c4b55307
Request Chain 302
  • https://media.sabio.us/imp_pixel?invsrc=11&secure=1 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=39&partnerUserId=5310115102122377342
Request Chain 303
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=lkqd HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=lkqd&s_h=1 HTTP 302
  • https://sb.scorecardresearch.com/p?c1=9&c2=5989497&cs_xi=87f4f7de-dfe1-4fd3-9608-42885adecb9a&rn=TIMESTAMP&cs_xs=3315&r=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1266&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1266 HTTP 302
  • https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzMxODMxNDE0/mpuid/87f4f7de-dfe1-4fd3-9608-42885adecb9a/rnd/0/url/https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1261%2F&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1261%2F&gdpr=1&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=445&dpuuid=87f4f7de-dfe1-4fd3-9608-42885adecb9a?redir=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1262&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1262 HTTP 302
  • https://tags.bluekai.com/site/5379?id=87f4f7de-dfe1-4fd3-9608-42885adecb9a&redir=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1263&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1263 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=281&buid=87f4f7de-dfe1-4fd3-9608-42885adecb9a&j=0&ru=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1265&gdpr=1&gdpr_consent=
Request Chain 304
  • https://sync-tm.everesttech.net/upi/pid/aUTuBPNf?redir=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D52%26partnerUserId%3D%24%7BUSER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/aUTuBPNf?redir=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D52%26partnerUserId%3D%24%7BUSER_ID%7D&_test=YKZMSwABKf2HtQA4 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=52&partnerUserId=YKZMSwABKf2HtQA4&_test=YKZMSwABKf2HtQA4
Request Chain 305
  • https://bh.contextweb.com/bh/rtset?pid=561322&ev=1&rurl=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D53%26partnerUserId%3D%25%25VGUID%25%25 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=53&partnerUserId=H8SMAv3KZ9NK&ev=1&pid=561322
Request Chain 307
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm&google_hm=MmUwVGVDYmV4dzg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm=&google_hm=MmUwVGVDYmV4dzg&google_tc= HTTP 302
  • https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEAIj7NNJMC2NPRyhqslGDow&google_cver=1
Request Chain 308
  • https://a.tribalfusion.com/i.match?p=b30&u=2e0TeCbexw8&redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D85%26partnerUserId%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b30&u=2e0TeCbexw8&redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D85%26partnerUserId%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=85&partnerUserId=18072662185290101814
Request Chain 309
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=118 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=118 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=1a81839a-646c-45aa-98bd-99caa0dfc787-60a64c4b-5553&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D1a81839a-646c-45aa-98bd-99caa0dfc787-60a64c4b-5553%26partner_url%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D97%2526partnerUserId%253D1a81839a-646c-45aa-98bd-99caa0dfc787-60a64c4b-5553 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=1a81839a-646c-45aa-98bd-99caa0dfc787-60a64c4b-5553&partner_url=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D97%26partnerUserId%3D1a81839a-646c-45aa-98bd-99caa0dfc787-60a64c4b-5553 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=1a81839a-646c-45aa-98bd-99caa0dfc787-60a64c4b-5553&partner_url=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D97%26partnerUserId%3D1a81839a-646c-45aa-98bd-99caa0dfc787-60a64c4b-5553 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=97&partnerUserId=1a81839a-646c-45aa-98bd-99caa0dfc787-60a64c4b-5553
Request Chain 311
  • https://cs.krushmedia.com/cd607442bfdf172cfcec45014a5f4ece.gif?puid=2e0TeCbexw8&redir=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D102%26partnerUserId%3D%5BUID%5D HTTP 302
  • https://cs.lkqd.net/cs?partnerId=102&partnerUserId=6e97a66d-bcc9-4c5e-a464-ad088bdf4ce7
Request Chain 317
  • https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=812037901&gdpr=&gdpr_consent=&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/adtech/VA234bd9d6-b961-11eb-b62a-02474a157ceb?gdpr=1&gdpr_consent=&nsync=1 HTTP 302
  • https://pixel.advertising.com/ups/56465/sync?uid=y-g_t4YbtE2p6hsUMG2cb9R_IsdHpXh1RgpDCh~A&_origin=0&nsync=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-g_t4YbtE2p6hsUMG2cb9R_IsdHpXh1RgpDCh~A&_origin=0&nsync=1&apid=VA23ede28a-b961-11eb-a929-0289a724f814
Request Chain 319
  • https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1238354047&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/adtech/VA23ede28a-b961-11eb-a929-0289a724f814?gdpr=1&gdpr_consent=&nsync=1 HTTP 302
  • https://pixel.advertising.com/ups/56465/sync?uid=y-gT67jnxE2p4x0htb3hTbwxR1cpQtBlaPDUY5~A&_origin=0&nsync=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-gT67jnxE2p4x0htb3hTbwxR1cpQtBlaPDUY5~A&_origin=0&nsync=1&apid=VA23ede28a-b961-11eb-a929-0289a724f814
Request Chain 320
  • https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=640814678&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&eov=eov&hp=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/adtech/VA23f71e40-b961-11eb-9a99-02effca90522?gdpr=1&gdpr_consent=&nsync=1 HTTP 302
  • https://pixel.advertising.com/ups/56465/sync?uid=y-lc7AufNE2p4bJETi.RiB2R4Az81RfjVHt5Ce~A&_origin=0&nsync=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-lc7AufNE2p4bJETi.RiB2R4Az81RfjVHt5Ce~A&_origin=0&nsync=1&apid=VA23ede28a-b961-11eb-a929-0289a724f814
Request Chain 322
  • https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=514978811&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/adtech/VA23e5ce5d-b961-11eb-b440-02b90c27b1e5?gdpr=1&gdpr_consent=&nsync=1 HTTP 302
  • https://pixel.advertising.com/ups/56465/sync?uid=y-gT67jnxE2p4x0htb3hTbwxR1cpQtBlaPDUY5~A&_origin=0&nsync=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-gT67jnxE2p4x0htb3hTbwxR1cpQtBlaPDUY5~A&_origin=0&nsync=1&apid=VA23ede28a-b961-11eb-a929-0289a724f814
Request Chain 323
  • https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHuEXTfdKx9AY=?cb=343681360&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&duration=&id=&title=&url=&pi.width=400&pi.height=225&pi.viewable=1&eov=eov&scpid=56560&hp=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/adtech/VA2352aa5e-b961-11eb-9277-06bffd7af2ce?gdpr=1&gdpr_consent=&nsync=1 HTTP 302
  • https://pixel.advertising.com/ups/56465/sync?uid=y-gT67jnxE2p4x0htb3hTbwxR1cpQtBlaPDUY5~A&_origin=0&nsync=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-gT67jnxE2p4x0htb3hTbwxR1cpQtBlaPDUY5~A&_origin=0&nsync=1&apid=VA23ede28a-b961-11eb-a929-0289a724f814
Request Chain 338
  • https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if HTTP 302
  • https://cs.krushmedia.com/cd607442bfdf172cfcec45014a5f4ece.gif?puid=dJI9MkIgkIM&redir=https://cs.lkqd.net/cs?partnerId%3D102%26partnerUserId%3D%5BUID%5D HTTP 302
  • https://cs.lkqd.net/cs?partnerId=102&partnerUserId=3657051d-8229-43c6-ac99-6cd8e78f3f6c
Request Chain 339
  • https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if HTTP 302
  • https://c.deployads.com/cs/NXST?b=dJI9MkIgkIM
Request Chain 340
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=9170013061290539966
Request Chain 341
  • https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=beTRRgD1TVtr2u1UOqlVgp8wNwY
Request Chain 342
  • https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if HTTP 302
  • https://idsync.rlcdn.com/464986.gif?partner_uid=dJI9MkIgkIM
Request Chain 345
  • https://sync.1rx.io/usersync2/lkqd HTTP 302
  • https://cs.lkqd.net/cs?partnerId=7&partnerUserId=OPTOUT
Request Chain 346
  • https://x.bidswitch.net/sync?ssp=lkqd HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=lkqd HTTP 302
  • https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=lkqd&bsw_custom_parameter=88f8fd6b-4ad7-4991-92c2-4f60f86ff418 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=257&user_id=mk1ee16558-b17c-4ccb-864b-34d4c77d6875&expires=7&user_group=5&ssp=lkqd&bsw_param=88f8fd6b-4ad7-4991-92c2-4f60f86ff418 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=12&partnerUserId=88f8fd6b-4ad7-4991-92c2-4f60f86ff418&redirect=%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D43%26partnerUserId%3D88f8fd6b-4ad7-4991-92c2-4f60f86ff418%26redirect%3D%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D46%2526partnerUserId%253D88f8fd6b-4ad7-4991-92c2-4f60f86ff418 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=43&partnerUserId=88f8fd6b-4ad7-4991-92c2-4f60f86ff418&redirect=//cs.lkqd.net/cs?partnerId%3D46%26partnerUserId%3D88f8fd6b-4ad7-4991-92c2-4f60f86ff418 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=46&partnerUserId=88f8fd6b-4ad7-4991-92c2-4f60f86ff418
Request Chain 347
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=e0d6q5j&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=e0d6q5j&ttd_tpi=1 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=22&partnerUserId=c9ccb9af-a70f-45ff-be55-319f633672db
Request Chain 348
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3162 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3162&s_h=1 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=23&partnerUserId=7535f873-a17b-451d-ac9b-1d46678ee5a2&gdpr=1&gdpr_consent=
Request Chain 349
  • https://gu.dyntrk.com/adx/lkqd/us.php?dynk=l1k4q1d4&gdpr=&gdpr_consent= HTTP 302
  • https://gu.dyntrk.com/adx/lkqd/us.php?dynk=l1k4q1d4&gdpr=&gdpr_consent=&prevuid=03030001_60a64c4d96097&knw=0 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=25&partnerUserId=03030001_60a64c4d96097
Request Chain 350
  • https://media.sabio.us/imp_pixel?invsrc=11&secure=1 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=39&partnerUserId=6971069978502825217
Request Chain 351
  • https://sync-tm.everesttech.net/upi/pid/aUTuBPNf?redir=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D52%26partnerUserId%3D%24%7BUSER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/aUTuBPNf?redir=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D52%26partnerUserId%3D%24%7BUSER_ID%7D&_test=YKZMTQABKhWn4wA4 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=52&partnerUserId=YKZMTQABKhWn4wA4&_test=YKZMTQABKhWn4wA4
Request Chain 352
  • https://bh.contextweb.com/bh/rtset?pid=561322&ev=1&rurl=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D53%26partnerUserId%3D%25%25VGUID%25%25 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=53&partnerUserId=aelCeicc16KF&ev=1&pid=561322
Request Chain 354
  • https://match.prod.bidr.io/cookie-sync/lkq HTTP 303
  • https://match.prod.bidr.io/cookie-sync/lkq?_bee_ppp=1 HTTP 303
  • https://cs.lkqd.net/cs?partnerId=80&partnerUserId=AAB9CE7BTJkAAC2MHnvtLA
Request Chain 356
  • https://nxd.adhaven.com/bid-engine/cs/2e288610711ad6050acd86a3fc72a6c3/v1?rd=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D90%26partnerUserId%3D%24UID HTTP 302
  • https://cs.lkqd.net/cs?partnerId=90&partnerUserId=4c_07fe6ccc-b0ef-4c5a-a5ff-6bda062000fb
Request Chain 357
  • https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=beTRRgD1TVtr2u1UOqlVgp8wNwY
Request Chain 358
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=9170013061290539966
Request Chain 359
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=118 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=118 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=1441b97e-9105-40b1-be81-cffa4f2b730c-60a64c4d-5553&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D1441b97e-9105-40b1-be81-cffa4f2b730c-60a64c4d-5553%26partner_url%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D97%2526partnerUserId%253D1441b97e-9105-40b1-be81-cffa4f2b730c-60a64c4d-5553 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=1441b97e-9105-40b1-be81-cffa4f2b730c-60a64c4d-5553&partner_url=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D97%26partnerUserId%3D1441b97e-9105-40b1-be81-cffa4f2b730c-60a64c4d-5553 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=1441b97e-9105-40b1-be81-cffa4f2b730c-60a64c4d-5553&partner_url=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D97%26partnerUserId%3D1441b97e-9105-40b1-be81-cffa4f2b730c-60a64c4d-5553 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=97&partnerUserId=1441b97e-9105-40b1-be81-cffa4f2b730c-60a64c4d-5553
Request Chain 361
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=lkqd HTTP 302
  • https://sb.scorecardresearch.com/p?c1=9&c2=5989497&cs_xi=7535f873-a17b-451d-ac9b-1d46678ee5a2&rn=TIMESTAMP&cs_xs=3315&r=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1266&gdpr=1&gdpr_consent= HTTP 302
  • https://sb.scorecardresearch.com/p2?c1=9&c2=5989497&cs_xi=7535f873-a17b-451d-ac9b-1d46678ee5a2&rn=TIMESTAMP&cs_xs=3315&r=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1266&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1266 HTTP 302
  • https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzMxODMxNDE0/mpuid/7535f873-a17b-451d-ac9b-1d46678ee5a2/rnd/0/url/https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1261%2F&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1261%2F&gdpr=1&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=445&dpuuid=7535f873-a17b-451d-ac9b-1d46678ee5a2?redir=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1262&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1262 HTTP 302
  • https://tags.bluekai.com/site/5379?id=7535f873-a17b-451d-ac9b-1d46678ee5a2&redir=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1263&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1263 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=281&buid=7535f873-a17b-451d-ac9b-1d46678ee5a2&j=0&ru=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1265&gdpr=1&gdpr_consent=
Request Chain 363
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm&google_hm=ZEpJOU1rSWdrSU0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm=&google_hm=ZEpJOU1rSWdrSU0&google_tc= HTTP 302
  • https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEFTSrzWLGW-fk3KTD3wPKtw&google_cver=1
Request Chain 364
  • https://a.tribalfusion.com/i.match?p=b30&u=dJI9MkIgkIM&redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D85%26partnerUserId%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b30&u=dJI9MkIgkIM&redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D85%26partnerUserId%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=85&partnerUserId=18072662185290008119
Request Chain 366
  • https://cs.krushmedia.com/cd607442bfdf172cfcec45014a5f4ece.gif?puid=dJI9MkIgkIM&redir=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D102%26partnerUserId%3D%5BUID%5D HTTP 302
  • https://cs.lkqd.net/cs?partnerId=102&partnerUserId=3657051d-8229-43c6-ac99-6cd8e78f3f6c
Request Chain 372
  • https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=2046402306&gdpr=&gdpr_consent=&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/adtech/VA25189834-b961-11eb-9d64-02b2dcd60a54?gdpr=1&gdpr_consent=&nsync=1 HTTP 302
  • https://pixel.advertising.com/ups/56465/sync?uid=y-xTdBAt9E2p7XS4CccYmizLBhNVb5vz6_JX8O~A&_origin=0&nsync=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-xTdBAt9E2p7XS4CccYmizLBhNVb5vz6_JX8O~A&_origin=0&nsync=1&apid=VA251b466c-b961-11eb-ae91-06fca2a61b2f
Request Chain 374
  • https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=557797387&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/adtech/VA247d3231-b961-11eb-bd3e-06b7ef6fbdac?gdpr=1&gdpr_consent=&nsync=1 HTTP 302
  • https://pixel.advertising.com/ups/56465/sync?uid=y-SJ4FY5BE2p7o1Kf3L.vq0bew5kpqFe6H7RrT~A&_origin=0&nsync=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-SJ4FY5BE2p7o1Kf3L.vq0bew5kpqFe6H7RrT~A&_origin=0&nsync=1&apid=VA247d3231-b961-11eb-bd3e-06b7ef6fbdac
Request Chain 375
  • https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=265401901&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&eov=eov&hp=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/adtech/VA247e65fe-b961-11eb-8805-025d80eddc4f?gdpr=1&gdpr_consent=&nsync=1 HTTP 302
  • https://pixel.advertising.com/ups/56465/sync?uid=y-efjj8fdE2p6fqXomf_amCbaY4v0GfW2fXr4p~A&_origin=0&nsync=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-efjj8fdE2p6fqXomf_amCbaY4v0GfW2fXr4p~A&_origin=0&nsync=1&apid=VA251b466c-b961-11eb-ae91-06fca2a61b2f
Request Chain 377
  • https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=2057969521&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/adtech/VA251b466c-b961-11eb-ae91-06fca2a61b2f?gdpr=1&gdpr_consent=&nsync=1 HTTP 302
  • https://pixel.advertising.com/ups/56465/sync?uid=y-SJ4FY5BE2p7o1Kf3L.vq0bew5kpqFe6H7RrT~A&_origin=0&nsync=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-SJ4FY5BE2p7o1Kf3L.vq0bew5kpqFe6H7RrT~A&_origin=0&nsync=1&apid=VA251b466c-b961-11eb-ae91-06fca2a61b2f
Request Chain 378
  • https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHuEXTfdKx9AY=?cb=2034075904&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&duration=&id=&title=&url=&pi.width=400&pi.height=225&pi.viewable=1&eov=eov&scpid=56560&hp=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/adtech/VA247d87c6-b961-11eb-ac12-024edf18e430?gdpr=1&gdpr_consent=&nsync=1 HTTP 302
  • https://pixel.advertising.com/ups/56465/sync?uid=y-SJ4FY5BE2p7o1Kf3L.vq0bew5kpqFe6H7RrT~A&_origin=0&nsync=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-SJ4FY5BE2p7o1Kf3L.vq0bew5kpqFe6H7RrT~A&_origin=0&nsync=1&apid=VA247d3231-b961-11eb-bd3e-06b7ef6fbdac
Request Chain 394
  • https://c1.adform.net/serving/cookie/match?party=14&cid=8309037D-9209-40CB-BECA-3D8C775CA7D3 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=8309037D-9209-40CB-BECA-3D8C775CA7D3
Request Chain 395
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2973727836766397276
Request Chain 397
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCOUNFN0JUSmtBQUMyTUhudnRMQQ&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAB9CE7BTJkAAC2MHnvtLA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID
Request Chain 398
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6964337771673680022
Request Chain 400
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Request Chain 401
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
Request Chain 402
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=rd42mVgVHdTx85jvHN8kW1nj
Request Chain 405
  • https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%% HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=swrnV0zZ635z&pid=557219
Request Chain 407
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=gwkDfZIJQMu-yj2Md1yn0w%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 408
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=8fb460a6-4c4e-4900-96a0-cd4859d85419
Request Chain 410
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODMwOTAzN0QtOTIwOS00MENCLUJFQ0EtM0Q4Qzc3NUNBN0Qz&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 411
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAqQJTNK_ruxC-omp1MCGqw&google_cver=1
Request Chain 413
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:f36660a6-4c4e-4100-b9c4-8caa4e22e447&gdpr=0&gdpr_consent=
Request Chain 414
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2628600493596977084
Request Chain 415
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=c9ccb9af-a70f-45ff-be55-319f633672db
Request Chain 416
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5428298658445004436&gdpr=0&gdpr_consent=
Request Chain 418
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=8309037D-9209-40CB-BECA-3D8C775CA7D3&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-8sWJ9IZE2uXZ4YcygUdfvin2nJjPUlg-~A&gdpr=0&gdpr_consent=
Request Chain 419
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=FKfJmBb0nMoPrpzMEKaFzBrxn8oP85-YQ66Rm0eG
Request Chain 420
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=f334734d-b862-4a79-affe-6e0cfa72720d&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=88f8fd6b-4ad7-4991-92c2-4f60f86ff418&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 421
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=9170013061290539966&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 422
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YKZMTQABKhWn4wA4&gdpr=0&gdpr_consent=
Request Chain 423
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:1f54240d-16a8-4c25-9d0a-400704047e7f&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 425
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=1441b97e-9105-40b1-be81-cffa4f2b730c-60a64c4d-5553&gdpr=0&gdpr_consent=
Request Chain 426
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5428298658445004436
Request Chain 427
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_2ba0267a-c1f7-4844-87fb-c989e5727dbf
Request Chain 439
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3162 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=23&partnerUserId=7535f873-a17b-451d-ac9b-1d46678ee5a2&gdpr=1&gdpr_consent=
Request Chain 441
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=lkqd HTTP 302
  • https://sb.scorecardresearch.com/p?c1=9&c2=5989497&cs_xi=7535f873-a17b-451d-ac9b-1d46678ee5a2&rn=TIMESTAMP&cs_xs=3315&r=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1266&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1266 HTTP 302
  • https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzMxODMxNDE0/mpuid/7535f873-a17b-451d-ac9b-1d46678ee5a2/rnd/0/url/https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1261%2F&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1261%2F&gdpr=1&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=445&dpuuid=7535f873-a17b-451d-ac9b-1d46678ee5a2?redir=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1262&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1262 HTTP 302
  • https://tags.bluekai.com/site/5379?id=7535f873-a17b-451d-ac9b-1d46678ee5a2&redir=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1263&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1263 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=281&buid=7535f873-a17b-451d-ac9b-1d46678ee5a2&j=0&ru=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1265&gdpr=1&gdpr_consent=
Request Chain 444
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3162 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=23&partnerUserId=7535f873-a17b-451d-ac9b-1d46678ee5a2&gdpr=1&gdpr_consent=
Request Chain 445
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=lkqd HTTP 302
  • https://sb.scorecardresearch.com/p?c1=9&c2=5989497&cs_xi=7535f873-a17b-451d-ac9b-1d46678ee5a2&rn=TIMESTAMP&cs_xs=3315&r=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1266&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1266 HTTP 302
  • https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzMxODMxNDE0/mpuid/7535f873-a17b-451d-ac9b-1d46678ee5a2/rnd/0/url/https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1261%2F&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1261%2F&gdpr=1&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=445&dpuuid=7535f873-a17b-451d-ac9b-1d46678ee5a2?redir=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1262&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1262 HTTP 302
  • https://tags.bluekai.com/site/5379?id=7535f873-a17b-451d-ac9b-1d46678ee5a2&redir=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1263&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1263 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=281&buid=7535f873-a17b-451d-ac9b-1d46678ee5a2&j=0&ru=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1265&gdpr=1&gdpr_consent=
Request Chain 454
  • https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1487255231&gdpr=&gdpr_consent=&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1 HTTP 302
  • https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1487255231&gdpr=&gdpr_consent=&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1&a.y_rid=91a2bcd4-c326-44e8-9825-78fc4b5ee87a&a.is_yahoo=3&redirect_y=dHM9MTYyMTUxMTI0NzcwMy43Mzc3OTM6dXVpZD0iNzUxNjM3Mzg2NjkwNjk0OTY4X19USU1FX18yMDIxLTA1LTIwKzA0JTNBNDclM0EyNSI6YXBpZD1WQTI0N2QzMjMxLWI5NjEtMTFlYi1iZDNlLTA2YjdlZjZmYmRhYzpyZXF1ZXN0X2lkPTkxYTJiY2Q0LWMzMjYtNDRlOC05ODI1LTc4ZmM0YjVlZTg3YQ==
Request Chain 456
  • https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=564862145&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1 HTTP 302
  • https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=564862145&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1&a.y_rid=76147bde-439f-40c3-812a-d1b77898bcd2&a.is_yahoo=3&redirect_y=dHM9MTYyMTUxMTI0NzcwOC4zNzkxNTA6dXVpZD0iNzUxNjM3Mzg2NjkwNjk0OTY4X19USU1FX18yMDIxLTA1LTIwKzA0JTNBNDclM0EyNSI6YXBpZD1WQTI0N2QzMjMxLWI5NjEtMTFlYi1iZDNlLTA2YjdlZjZmYmRhYzpyZXF1ZXN0X2lkPTc2MTQ3YmRlLTQzOWYtNDBjMy04MTJhLWQxYjc3ODk4YmNkMg==
Request Chain 457
  • https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=57170301&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&eov=eov&hp=1 HTTP 302
  • https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=57170301&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&eov=eov&hp=1&a.y_rid=e06e820c-6893-4e36-88bc-d7bc0e7cc113&a.is_yahoo=3&redirect_y=dHM9MTYyMTUxMTI0NzcwOS42ODMxMDU6dXVpZD0iNzUxNjM3Mzg2NjkwNjk0OTY4X19USU1FX18yMDIxLTA1LTIwKzA0JTNBNDclM0EyNSI6YXBpZD1WQTI0N2QzMjMxLWI5NjEtMTFlYi1iZDNlLTA2YjdlZjZmYmRhYzpyZXF1ZXN0X2lkPWUwNmU4MjBjLTY4OTMtNGUzNi04OGJjLWQ3YmMwZTdjYzExMw==
Request Chain 459
  • https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=476694999&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1 HTTP 302
  • https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=476694999&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1&a.y_rid=dab35156-9044-4cd0-8fec-27299c9f3b6b&a.is_yahoo=3&redirect_y=dHM9MTYyMTUxMTI0NzcwOC45MTY1MDQ6dXVpZD0iNzUxNjM3Mzg2NjkwNjk0OTY4X19USU1FX18yMDIxLTA1LTIwKzA0JTNBNDclM0EyNSI6YXBpZD1WQTI0N2QzMjMxLWI5NjEtMTFlYi1iZDNlLTA2YjdlZjZmYmRhYzpyZXF1ZXN0X2lkPWRhYjM1MTU2LTkwNDQtNGNkMC04ZmVjLTI3Mjk5YzlmM2I2Yg==
Request Chain 460
  • https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHuEXTfdKx9AY=?cb=1440394888&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&duration=&id=&title=&url=&pi.width=400&pi.height=225&pi.viewable=1&eov=eov&scpid=56560&hp=1 HTTP 302
  • https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHuEXTfdKx9AY=?cb=1440394888&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&duration=&id=&title=&url=&pi.width=400&pi.height=225&pi.viewable=1&eov=eov&scpid=56560&hp=1&a.y_rid=662441dc-d2c6-4a6a-84e5-f08b8576e492&a.is_yahoo=3&redirect_y=dHM9MTYyMTUxMTI0NzcwOC45NjE2NzA6dXVpZD0iNzUxNjM3Mzg2NjkwNjk0OTY4X19USU1FX18yMDIxLTA1LTIwKzA0JTNBNDclM0EyNSI6YXBpZD1WQTI0N2QzMjMxLWI5NjEtMTFlYi1iZDNlLTA2YjdlZjZmYmRhYzpyZXF1ZXN0X2lkPTY2MjQ0MWRjLWQyYzYtNGE2YS04NGU1LWYwOGI4NTc2ZTQ5Mg==

463 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.eotimedopovo.com.br/ 		179 KB
39 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.eotimedopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
38451901f3954dcc957d3b6d5fa519b9aec2c489b24b62006257dbecf18308c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.eotimedopovo.com.br
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
expires
Thu, 20 May 2021 11:47:14 GMT
date
Thu, 20 May 2021 11:47:14 GMT
cache-control
private, max-age=0
last-modified
Thu, 20 May 2021 11:45:02 GMT
etag
W/"d94d4762b064111e77bebba526f6afc943449526c20616275752f85b2bc2d86c"
x-robots-tag
all
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
39734
server
GSE
115981500-css_bundle_v2.css
www.blogger.com/static/v1/widgets/ 		36 KB
36 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/115981500-css_bundle_v2.css
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
22ca5e3dcd26fa66a4af4b4a5d47a6a3a17f4cb9abdd03707901758b28f5c1d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 14 May 2021 23:27:25 GMT
x-content-type-options
nosniff
last-modified
Fri, 14 May 2021 18:28:49 GMT
server
sffe
age
476389
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36990
x-xss-protection
0
expires
Sat, 14 May 2022 23:27:25 GMT
css
fonts.googleapis.com/ 		2 KB
658 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f51c09f7389cdc5cfdbd249cc66f95f51480041e42da46e5adf088e7bea9a686
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 20 May 2021 11:15:28 GMT
server
ESF
date
Thu, 20 May 2021 11:47:14 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 20 May 2021 11:47:14 GMT
1535467126-widget_css_2_bundle.css
www.blogger.com/static/v1/widgets/ 		34 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/1535467126-widget_css_2_bundle.css
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2d903176d4df72e36c554fe65598e07df6e8b0b920cd9e37ee91d96389a44791
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 14 May 2021 16:53:31 GMT
x-content-type-options
nosniff
last-modified
Tue, 25 Nov 2014 14:03:24 GMT
server
sffe
age
500023
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35063
x-xss-protection
0
expires
Sat, 14 May 2022 16:53:31 GMT
font-awesome.min.css
netdna.bootstrapcdn.com/font-awesome/4.2.0/css/ 		21 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://netdna.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
601, 718
age
5050319
cdn-cachedat
2021-03-11 11:57:57
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a2b32fcf0000006251d13f000000001
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:53 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
3b35cfc40f6e2fec33602eb5ba4a8889
cf-ray
652554418f4c0625-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.3.2/ 		56 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8370a2d050359e9d505acc411e6f457a49b21360a21e6cbc9229bad3a767899
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 17 May 2021 07:20:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
275186
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19926
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 May 2022 07:20:48 GMT
0ByoCwyjwB1aDTXhnVVlxcTBadVk
googledrive.com/host/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://googledrive.com/host/0ByoCwyjwB1aDTXhnVVlxcTBadVk
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 19:17:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
59382
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33434
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 May 2022 19:17:32 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.8.1/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.8.1/jquery.min.js
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fc184f96dd18794e204c41075a00923be7e8e568744231d74f2fdf8921f78d29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 07:51:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
100540
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33396
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 May 2022 07:51:34 GMT
Street_sport_970x90%2B%25282%2529.gif
1.bp.blogspot.com/-Zi1v9rluYSY/YImET4g51bI/AAAAAAAB9nM/iCqSIHjYXLUpHOf1z0_qgO3cgRMYo21AwCLcBGAsYHQ/s16000/ 		156 KB
157 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-Zi1v9rluYSY/YImET4g51bI/AAAAAAAB9nM/iCqSIHjYXLUpHOf1z0_qgO3cgRMYo21AwCLcBGAsYHQ/s16000/Street_sport_970x90%2B%25282%2529.gif
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
ab227ebdf30bbd3a5675a22cd849325c19c009cb3d5c821495440126697530bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:42:46 GMT
x-content-type-options
nosniff
age
268
content-disposition
inline;filename="Street_sport_970x90 (2).gif"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
160199
x-xss-protection
0
server
fife
etag
"v1f676"
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Fri, 14 May 2021 21:04:11 GMT
icon18_wrench_allbkg.png
resources.blogblog.com/img/ 		475 B
537 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resources.blogblog.com/img/icon18_wrench_allbkg.png
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 05:47:31 GMT
x-content-type-options
nosniff
last-modified
Fri, 14 May 2021 12:12:59 GMT
server
sffe
age
453583
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
475
x-xss-protection
0
expires
Sat, 22 May 2021 05:47:31 GMT
%25C3%2589%2BO%2BTIME%2BDO%2BPOVO.png
1.bp.blogspot.com/-ONKkXrrD2Kg/XuzKz9QDBEI/AAAAAAAB3R8/I858HcYJkK0mhBzZnFiBuV5bT6LuErIjACK4BGAsYHg/s1600/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-ONKkXrrD2Kg/XuzKz9QDBEI/AAAAAAAB3R8/I858HcYJkK0mhBzZnFiBuV5bT6LuErIjACK4BGAsYHg/s1600/%25C3%2589%2BO%2BTIME%2BDO%2BPOVO.png
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
0c09a6e064d23cf9cf4a9cbbb412fdaa78af9ff0d454ece8d90edb5b6b50e889
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:42:46 GMT
x-content-type-options
nosniff
age
268
content-disposition
inline;filename="_ O TIME DO POVO.png";filename*=UTF-8''%C3%89%20O%20TIME%20DO%20POVO.png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54986
x-xss-protection
0
server
fife
etag
"v1dd21"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 08 May 2021 07:11:04 GMT
cats.png
1.bp.blogspot.com/-edc_MOizaMQ/YJRZN7onriI/AAAAAAAB92A/TJCmqjZvpDQLwwhGPs3sPCJ2NyYNuPmgQCLcBGAsYHQ/s16000/ 		271 KB
271 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-edc_MOizaMQ/YJRZN7onriI/AAAAAAAB92A/TJCmqjZvpDQLwwhGPs3sPCJ2NyYNuPmgQCLcBGAsYHQ/s16000/cats.png
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
7119729c08a3599e1a213fdbd7ca42c51fcb6ee585794c934913037aabced2ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:42:46 GMT
x-content-type-options
nosniff
age
268
content-disposition
inline;filename="cats.png"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
277522
x-xss-protection
0
server
fife
etag
"v1f761"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Fri, 07 May 2021 21:20:04 GMT
EGzdj_SIyVVQzdHc_RDUIHuOdwGTnT-XQmetoABhO8l6-8M_fWs5JW2y7AesNRkWio2y2XffIpihgc8e4E-h4wqtnuLwgBzjV290U_FpZt4P7SAeJx3UQfAG6KS0EsQj6_rkTy3HQZLZIpcfOQ=s0-d
lh4.googleusercontent.com/proxy/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://lh4.googleusercontent.com/proxy/EGzdj_SIyVVQzdHc_RDUIHuOdwGTnT-XQmetoABhO8l6-8M_fWs5JW2y7AesNRkWio2y2XffIpihgc8e4E-h4wqtnuLwgBzjV290U_FpZt4P7SAeJx3UQfAG6KS0EsQj6_rkTy3HQZLZIpcfOQ=s0-d
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.eotimedopovo.com.br
Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:14 GMT
x-content-type-options
nosniff
server
fife
vary
Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1718
x-xss-protection
0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		132 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
66692834201188242d64623d532248275efe2ba80101490c96bdce4160b78188
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47950
x-xss-protection
0
server
cafe
etag
4501822382306722350
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 20 May 2021 11:47:14 GMT
loader.js
cdn.taboola.com/libtrc/timaodopovo/ 		256 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/timaodopovo/loader.js
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
obaker.93.1.2-11.49.3 /
Resource Hash
67b918f6a6f9afac9d50a4d5b5cac435f0ea4dffc2ed56c25555f198b60eefa8

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
DRkjvbgqHSqPFfrCjmu7PifTkpl7Yik_
content-encoding
gzip
etag
"274804efac4d31de1a9826432e5438d433dedebc"
age
0
via
1.1 varnish
x-cache
MISS
content-length
27855
x-amz-id-2
RbA9lz4YIluLQ4e7oRekEyslzyNJ4tE8M/85lqTUNow+NfRmYZVC58UASRXG2+u+QI65vxOYw4M=
x-served-by
cache-hhn11555-HHN
last-modified
Thu, 20 May 2021 11:47:14 UTC
server
obaker.93.1.2-11.49.3
x-timer
S1621511235.882306,VS0,VE120
date
Thu, 20 May 2021 11:47:15 GMT
vary
Accept-Encoding, Accept-Encoding
x-amz-request-id
BA1BA48YNX2SR1M6
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
18
x-cache-hits
0
post-widget.js
s.po.st/static/v4/ 		0
0
0ByoCwyjwB1aDTXhnVVlxcTBadVk
googledrive.com/host/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://googledrive.com/host/0ByoCwyjwB1aDTXhnVVlxcTBadVk
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
denakop.js
v3.denakop.com/ 		51 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v3.denakop.com/denakop.js
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a05de7c3de0c9029a963830574fff9cc4a44e93f985d2f1aa2e680f211220af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
1510
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a2b32fd3b00004d84b5313000000001
last-modified
Wed, 28 Apr 2021 18:55:39 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"6089afab-cdf3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
65255441fc124d84-FRA
cf-bgj
minify
authorization.css
www.blogger.com/dyn-css/ 		1 B
43 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=1596090506057536954&zx=26c89e52-bd65-402f-9c1c-913328e71acd
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 20 May 2021 11:47:14 GMT
server
GSE
date
Thu, 20 May 2021 11:47:14 GMT
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-type
text/css; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
1038
date
Thu, 20 May 2021 11:29:56 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Thu, 20 May 2021 13:29:56 GMT
all.js
connect.facebook.net/pt_BR/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/pt_BR/all.js
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
af50123da38c80e4e0737f8316c4bcd4d68e0cbd2530f1e6fbbce7d4f78c32ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
VHrxxrpWKRKOIdD9AD+IOQ==
cross-origin-resource-policy
cross-origin
expires
Thu, 20 May 2021 12:01:03 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1777
x-fb-rlafr
0
x-fb-debug
j5YB5NRckd+uFkpc0+59NCWAbHJJmcsWRJycAZ7Kpi9od7rdMQohaOWqIJQMjRbWSNX6X6+YzUwx2+Sso3BkSg==
x-fb-trip-id
917726464
x-fb-content-md5
cb85bfd57f14ab3da06d18ef90abc4ba
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Thu, 20 May 2021 11:47:14 GMT
x-frame-options
DENY
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"d0742cefd70a11be2df92b4d9a9c2e5b"
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v19/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v19/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.eotimedopovo.com.br
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 22:46:40 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:08:56 GMT
server
sffe
age
565234
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15720
x-xss-protection
0
expires
Fri, 13 May 2022 22:46:40 GMT
1347217
ad.a-ads.com/ Frame D4F1 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/1347217?size=728x90
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.9.10.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.165.10.9.5.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) / Phusion Passenger(R)
Resource Hash
fa45f092c064a83a00c0f0de65558123699296d8e7c051968357a8a16fa9fb53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.eotimedopovo.com.br/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.eotimedopovo.com.br/

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Thu, 20 May 2021 11:47:14 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger(R)
X-Original-Referer
https://www.eotimedopovo.com.br/
Content-Encoding
gzip
close_2.png
1.bp.blogspot.com/-Aldk_qrAHzA/YF4Tp9MHPKI/AAAAAAAB8_U/FWp5ECXBtM0_pL-bMxrzZ4kPifgC_NXJwCLcBGAsYHQ/s20/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-Aldk_qrAHzA/YF4Tp9MHPKI/AAAAAAAB8_U/FWp5ECXBtM0_pL-bMxrzZ4kPifgC_NXJwCLcBGAsYHQ/s20/close_2.png
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
22f0916640cd89ec85a9bf93dd593810eef00c292b6ce823d2d0f21c329a68e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:42:46 GMT
x-content-type-options
nosniff
age
268
content-disposition
inline;filename="close_2.png"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1183
x-xss-protection
0
server
fife
etag
"v1f3f6"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 11 May 2021 20:29:36 GMT
mEiwJX6h4c_4eBPotzVikXuDE37scqOwsfbrG2f-RTTCbYBUMh1xQO-XR92RPpABLze8Gt7QfbG2OKcbWEs3=s0-d
lh4.googleusercontent.com/proxy/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh4.googleusercontent.com/proxy/mEiwJX6h4c_4eBPotzVikXuDE37scqOwsfbrG2f-RTTCbYBUMh1xQO-XR92RPpABLze8Gt7QfbG2OKcbWEs3=s0-d
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
fontawesome-webfont.woff
netdna.bootstrapcdn.com/font-awesome/4.2.0/fonts/ 		64 KB
65 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://netdna.bootstrapcdn.com/font-awesome/4.2.0/fonts/fontawesome-webfont.woff?v=4.2.0
Requested by
Host: netdna.bootstrapcdn.com
URL: https://netdna.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
https://www.eotimedopovo.com.br
Referer
https://netdna.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:14 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
722, 617, 617
age
2355512
cdn-cachedat
2021-04-23 06:43:12
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
65452
cf-request-id
0a2b32fd4d00004e315109a000000001
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:53 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
font/woff
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
423226d6dc8b545f631275cf206278bf
accept-ranges
bytes
cf-ray
652554421b934e31-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
Renato.jpg
1.bp.blogspot.com/-vR1WktU-Z3o/YKZKdRYycAI/AAAAAAAB-TU/FfcYrK8rFoIkwHv9BhNjAjxeo-d8YaFCACLcBGAsYHQ/w220-h170-c/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-vR1WktU-Z3o/YKZKdRYycAI/AAAAAAAB-TU/FfcYrK8rFoIkwHv9BhNjAjxeo-d8YaFCACLcBGAsYHQ/w220-h170-c/Renato.jpg
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
0ca65061d816e09a31321514c704eed960f991ea794dad1ab01b51238aa8bb84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:15 GMT
x-content-type-options
nosniff
server
fife
etag
"v1f936"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Renato.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12590
x-xss-protection
0
expires
Fri, 21 May 2021 11:47:15 GMT
Le13gAGfiQE0ftav-9XhhYC9mRo9TUKEWfFl8W7o3xu501j9CVWsBKD7bNvVSJ3ViptKO6i2SHNbCRFAJDXuBU-pqKsQ4Xd9dzbMKm-ZjKktR3Hy6dKwDqAtNOOpHscLja_IZDd9ctM=s0-d
lh6.googleusercontent.com/proxy/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://lh6.googleusercontent.com/proxy/Le13gAGfiQE0ftav-9XhhYC9mRo9TUKEWfFl8W7o3xu501j9CVWsBKD7bNvVSJ3ViptKO6i2SHNbCRFAJDXuBU-pqKsQ4Xd9dzbMKm-ZjKktR3Hy6dKwDqAtNOOpHscLja_IZDd9ctM=s0-d
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.eotimedopovo.com.br
Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:14 GMT
x-content-type-options
nosniff
server
fife
vary
Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1711
x-xss-protection
0
/
www.eotimedopovo.com.br//feeds/posts/default/ 		239 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.eotimedopovo.com.br//feeds/posts/default/?orderby=published&alt=json-in-script&callback=showrecentpostswiththumbs
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
blogger-renderd /
Resource Hash
dc22f6861c419b751b500e95107c786cbf5cb2bfffd160707cb269fe4c22521d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

:path
//feeds/posts/default/?orderby=published&alt=json-in-script&callback=showrecentpostswiththumbs
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.eotimedopovo.com.br
referer
https://www.eotimedopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 20 May 2021 11:45:02 GMT
server
blogger-renderd
etag
W/"ffd8d4da9fbb9a887a2157b829ac0479f4cfc719eb3577195e57cb8cd3cb78c1"
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy
cross-origin
content-length
30268
x-xss-protection
0
expires
Thu, 20 May 2021 11:47:16 GMT
cats.jpg
1.bp.blogspot.com/-Ss6LDMQGD_I/YKKC2pWUcKI/AAAAAAAB-Nw/P0xkvVLQfGYBX5e1qCVlAItCTZ1zKH0-QCLcBGAsYHQ/s72-c/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-Ss6LDMQGD_I/YKKC2pWUcKI/AAAAAAAB-Nw/P0xkvVLQfGYBX5e1qCVlAItCTZ1zKH0-QCLcBGAsYHQ/s72-c/cats.jpg
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
09b0a6bbfe4ca9d3cbb83b7c9131eac0e206a1ccf5677a2a2b60cb40552dd0b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:42:46 GMT
x-content-type-options
nosniff
age
268
content-disposition
inline;filename="cats.jpg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3156
x-xss-protection
0
server
fife
etag
"v1f8dd"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 18 May 2021 15:25:39 GMT
cats.jpg
1.bp.blogspot.com/-xL12UjMyWqs/YKAxgqgWVuI/AAAAAAAB9_0/PWx34vsuT-UbXKyNDJCcCE9h21-E0k1fgCLcBGAsYHQ/s72-c/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-xL12UjMyWqs/YKAxgqgWVuI/AAAAAAAB9_0/PWx34vsuT-UbXKyNDJCcCE9h21-E0k1fgCLcBGAsYHQ/s72-c/cats.jpg
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
43d8848280c9ee08ea34ab6cfde5f048815bcfa9249b2eb7f1f2cf3f9effb930
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:42:46 GMT
x-content-type-options
nosniff
age
268
content-disposition
inline;filename="cats.jpg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3294
x-xss-protection
0
server
fife
etag
"v1f7fe"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 16 May 2021 21:08:32 GMT
Renato%2BGa%25C3%25BAcho%2BCorinthians.jpg
1.bp.blogspot.com/-YQ-VeSjV23g/YKRGRyUBayI/AAAAAAAB-QY/aBghA8ZRJl43hFF99_Y9DfOY2x3RxHDtACLcBGAsYHQ/s72-c/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-YQ-VeSjV23g/YKRGRyUBayI/AAAAAAAB-QY/aBghA8ZRJl43hFF99_Y9DfOY2x3RxHDtACLcBGAsYHQ/s72-c/Renato%2BGa%25C3%25BAcho%2BCorinthians.jpg
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
580a1f41879a53e50cce789d9d9a00d031e95092e309fa6fd515bac787ac3dc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:42:46 GMT
x-content-type-options
nosniff
age
268
content-disposition
inline;filename="Renato Ga_cho Corinthians.jpg";filename*=UTF-8''Renato%20Ga%C3%BAcho%20Corinthians.jpg
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3362
x-xss-protection
0
server
fife
etag
"v1f907"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 19 May 2021 23:20:06 GMT
cats.jpg
1.bp.blogspot.com/-nspbew62EWc/YKUYP7RKgtI/AAAAAAAB-Rs/oGTX4ZZNlAgNXRJ0acJpLUwJR6zA6kOJQCLcBGAsYHQ/s72-c/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-nspbew62EWc/YKUYP7RKgtI/AAAAAAAB-Rs/oGTX4ZZNlAgNXRJ0acJpLUwJR6zA6kOJQCLcBGAsYHQ/s72-c/cats.jpg
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
5f814e8fa453efc6c00d80a117bc0a62e9d59e1f4672931ffcd93662a5aae9be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:42:46 GMT
x-content-type-options
nosniff
age
268
content-disposition
inline;filename="cats.jpg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3096
x-xss-protection
0
server
fife
etag
"v1f91d"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 20 May 2021 14:16:25 GMT
cats.jpg
1.bp.blogspot.com/-9XDUudB7Occ/YKKd9B5m5AI/AAAAAAAB-OA/l93snO6cJC8y8ld9T2GFYN_aqQgUDWtuwCLcBGAsYHQ/s72-c/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-9XDUudB7Occ/YKKd9B5m5AI/AAAAAAAB-OA/l93snO6cJC8y8ld9T2GFYN_aqQgUDWtuwCLcBGAsYHQ/s72-c/cats.jpg
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
769f2d03ab40735029ce1999b9e4cecd25c7b761e720abebd1e9eebe67e933fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:42:46 GMT
x-content-type-options
nosniff
age
268
content-disposition
inline;filename="cats.jpg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3563
x-xss-protection
0
server
fife
etag
"v1f8e1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 18 May 2021 17:31:24 GMT
cats.jpg
1.bp.blogspot.com/-ANa0QH9TgSM/YKT7lPHSfQI/AAAAAAAB-RY/jRuwpqzFilQsHA9MdUGAt6dmIR3EQXtfgCLcBGAsYHQ/s72-c/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-ANa0QH9TgSM/YKT7lPHSfQI/AAAAAAAB-RY/jRuwpqzFilQsHA9MdUGAt6dmIR3EQXtfgCLcBGAsYHQ/s72-c/cats.jpg
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
51ec8a9af07a659ee548048f63d5a8124be94c229f42c9c689c625229b52da06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:42:46 GMT
x-content-type-options
nosniff
age
268
content-disposition
inline;filename="cats.jpg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3496
x-xss-protection
0
server
fife
etag
"v1f917"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 20 May 2021 12:09:02 GMT
cats.jpg
1.bp.blogspot.com/-WAQNf158jdo/YKWkZYiazwI/AAAAAAAB-S0/ObHOlhci61oBKf1htnjx0-9-Twvkfiv9ACLcBGAsYHQ/s72-c/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-WAQNf158jdo/YKWkZYiazwI/AAAAAAAB-S0/ObHOlhci61oBKf1htnjx0-9-Twvkfiv9ACLcBGAsYHQ/s72-c/cats.jpg
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
4a8ae4813a8c879c93419b0c36e3c48a12df46b3a90e4f1dfa438d6058b4919f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:42:46 GMT
x-content-type-options
nosniff
age
268
content-disposition
inline;filename="cats.jpg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3050
x-xss-protection
0
server
fife
etag
"v1f92e"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Fri, 21 May 2021 00:02:05 GMT
cats.jpg
1.bp.blogspot.com/-Y_M2vCLkGP0/YKRcUbi3orI/AAAAAAAB-Qw/pKzszjX3Vn4_ZKPI-VxET5SP_6nmbWxxgCLcBGAsYHQ/s72-c/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-Y_M2vCLkGP0/YKRcUbi3orI/AAAAAAAB-Qw/pKzszjX3Vn4_ZKPI-VxET5SP_6nmbWxxgCLcBGAsYHQ/s72-c/cats.jpg
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
def6ab8798ab5146c8aa3a2329aa19a8b1246f1248173c11a58538ce0054c5fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:42:46 GMT
x-content-type-options
nosniff
age
268
content-disposition
inline;filename="cats.jpg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2491
x-xss-protection
0
server
fife
etag
"v1f90d"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 20 May 2021 01:23:27 GMT
Ez5vd5CXEAQ9OjE.jpg
1.bp.blogspot.com/-kIImIaXJ2WE/YKQLWdrm8NI/AAAAAAAB-Pw/k5lhuwZlGQgkcccKe84t9TfAMPOHdDMsACLcBGAsYHQ/s72-c/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-kIImIaXJ2WE/YKQLWdrm8NI/AAAAAAAB-Pw/k5lhuwZlGQgkcccKe84t9TfAMPOHdDMsACLcBGAsYHQ/s72-c/Ez5vd5CXEAQ9OjE.jpg
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
0d62cdd589152a75cfb03d4a25e56f01f6567c4191b05841f4e8a3119cb51d3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:42:46 GMT
x-content-type-options
nosniff
age
268
content-disposition
inline;filename="Ez5vd5CXEAQ9OjE.jpg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2914
x-xss-protection
0
server
fife
etag
"v1f8fd"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 19 May 2021 18:57:24 GMT
WhatsApp-Image-2021-05-17-at-7.44.01-PM.jpeg
1.bp.blogspot.com/-a_dR5tUz9Bo/YKPUGdpqg7I/AAAAAAAB-PY/qnrQgBtmpHoXpAQ3OQDgagy8YUgBiwvzgCLcBGAsYHQ/s72-c/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-a_dR5tUz9Bo/YKPUGdpqg7I/AAAAAAAB-PY/qnrQgBtmpHoXpAQ3OQDgagy8YUgBiwvzgCLcBGAsYHQ/s72-c/WhatsApp-Image-2021-05-17-at-7.44.01-PM.jpeg
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
fb150bc6490c6ce800e6320e8ca958dd709e038a66aee125f2a768cca1d24436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:42:46 GMT
x-content-type-options
nosniff
age
268
content-disposition
inline;filename="WhatsApp-Image-2021-05-17-at-7.44.01-PM.jpeg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3138
x-xss-protection
0
server
fife
etag
"v1f8f7"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 19 May 2021 17:04:26 GMT
eotimedopovo_7488.js
ads.vidoomy.com/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.vidoomy.com/eotimedopovo_7488.js
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.129.250.65 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-129-250-65.us-east-2.compute.amazonaws.com
Software
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 / PHP/7.0.33
Resource Hash
8875aeef737c004d6176c0c8f4ac2e11a5bead37ff39e52dc6c4c7c848f41439

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 20 May 2021 11:47:15 GMT
Server
Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By
PHP/7.0.33
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection
Keep-Alive
Keep-Alive
timeout=2, max=300
Content-Length
5137
418251-0-instagram.pngg
1.bp.blogspot.com/-zpvGYH5ubhg/WRlhZI0NhnI/AAAAAAABKNU/1LnuD3090yAyVrOaK5TcMc3pyJZeMke1ACLcB/s1600/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-zpvGYH5ubhg/WRlhZI0NhnI/AAAAAAABKNU/1LnuD3090yAyVrOaK5TcMc3pyJZeMke1ACLcB/s1600/418251-0-instagram.pngg
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
ddb17b35aa0a1e43ca7fe01c87acdeba4a316699d65d87e5f9a08fe0bae69fc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:42:46 GMT
x-content-type-options
nosniff
age
268
content-disposition
inline;filename="418251-0-instagram.png"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4801
x-xss-protection
0
server
fife
etag
"v128d6"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 13 May 2021 22:29:20 GMT
facebook-preto-e-branco.png
2.bp.blogspot.com/-CSSkcgBasVM/WRlhYDL5fTI/AAAAAAABKNQ/_BqnirEvXxQz_hLJzMPYEr9DsMQP9RghwCLcB/s1600/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2.bp.blogspot.com/-CSSkcgBasVM/WRlhYDL5fTI/AAAAAAABKNQ/_BqnirEvXxQz_hLJzMPYEr9DsMQP9RghwCLcB/s1600/facebook-preto-e-branco.png
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
d02db114f4715fed03653bb222f980b53b4ac200bc8586973fa80c465a4f812f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:42:46 GMT
x-content-type-options
nosniff
age
268
content-disposition
inline;filename="facebook-preto-e-branco.png"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4277
x-xss-protection
0
server
fife
etag
"v128d6"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 11 May 2021 20:29:37 GMT
twitter-logo-round.png
1.bp.blogspot.com/-dtqcKDTMetk/WRlhYFCJCHI/AAAAAAABKNM/eMfUPO98NOwrqPg6oli4gH3PRVDE17ifwCLcB/s1600/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-dtqcKDTMetk/WRlhYFCJCHI/AAAAAAABKNM/eMfUPO98NOwrqPg6oli4gH3PRVDE17ifwCLcB/s1600/twitter-logo-round.png
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
63f01adeb450e4b95d0cf41a7bbbffe8f2d89e74b96d3cd962e1a73faa4c0cbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:13 GMT
x-content-type-options
nosniff
age
1
content-disposition
inline;filename="twitter-logo-round.png"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4186
x-xss-protection
0
server
fife
etag
"v128d6"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 11 May 2021 20:29:36 GMT
youtube.png
4.bp.blogspot.com/-nqV3Lss3r9Y/WRvrswVSuUI/AAAAAAABKSw/fVkMhcawai4KkEMTdecExsnsd7Pth_kRQCLcB/s1600/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4.bp.blogspot.com/-nqV3Lss3r9Y/WRvrswVSuUI/AAAAAAABKSw/fVkMhcawai4KkEMTdecExsnsd7Pth_kRQCLcB/s1600/youtube.png
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
e563dbcbc7c21b60675a5e8c70be5f359867cbc648b39ab952740244b23dae1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:13 GMT
x-content-type-options
nosniff
age
1
content-disposition
inline;filename="youtube.png"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4783
x-xss-protection
0
server
fife
etag
"v1292d"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 13 May 2021 22:29:20 GMT
1.png
1.bp.blogspot.com/-DocStZuzRQo/XuzEAO8e_VI/AAAAAAAB3Q0/VB4ol4f9lrkrbgequSNUaOtNzhh8d9CfACK4BGAsYHg/s300/ 		100 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-DocStZuzRQo/XuzEAO8e_VI/AAAAAAAB3Q0/VB4ol4f9lrkrbgequSNUaOtNzhh8d9CfACK4BGAsYHg/s300/1.png
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
3450c74da5ae4511f7ad644c413d288a58004e65feec48af3f557c5529697069
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:42:46 GMT
x-content-type-options
nosniff
age
268
content-disposition
inline;filename="1.png"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
102777
x-xss-protection
0
server
fife
etag
"v1dd0f"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 08 May 2021 07:11:05 GMT
plusone.js
apis.google.com/js/ 		54 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/plusone.js
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4d097a0116293da844fdeeaa11f41dd941e511e6df699ff2195e8499de8a42fd
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-bci53/iyRAVGi2EWlvReoQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
x-frame-options
SAMEORIGIN
etag
"920a6e51949cf2eec053a3396b28fac1"
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-bci53/iyRAVGi2EWlvReoQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
expires
Thu, 20 May 2021 11:47:14 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.7.1/ 		92 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 09:30:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
94604
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33333
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 May 2022 09:30:30 GMT
show.js
cdn.simpleads.com.br/v2/s372751/p1310549/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.simpleads.com.br/v2/s372751/p1310549/show.js
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine / Express
Resource Hash
0938d24970f9a46f8846edf91d9a35b993b52c2c818bf075dab439563fc0f0f5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-edge-location
defr
x-powered-by
Express
x-cache
HIT
x-shield
active
server
keycdn-engine
x-frame-options
DENY
etag
W/"25f4-bDJRdSCLury/BCh+iztIyP0AFds"
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
link
<https://tagservice.simpleads.com.br/v2/s372751/p1310549/show.js>; rel="canonical"
expires
Thu, 20 May 2021 12:47:14 GMT
cookienotice.js
www.eotimedopovo.com.br/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.eotimedopovo.com.br/js/cookienotice.js
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:path
/js/cookienotice.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.eotimedopovo.com.br
referer
https://www.eotimedopovo.com.br/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 20 May 2021 11:09:43 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
2026
x-xss-protection
0
expires
Thu, 27 May 2021 11:47:14 GMT
3464975383-widgets.js
www.blogger.com/static/v1/widgets/ 		145 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/3464975383-widgets.js
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69d5bc71bfcac17012ba397dfded0ecfdc21ceeb32d4186291e4cb43b8e4351b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 02:10:13 GMT
x-content-type-options
nosniff
last-modified
Tue, 18 May 2021 18:58:04 GMT
server
sffe
age
121021
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
148163
x-xss-protection
0
expires
Thu, 19 May 2022 02:10:13 GMT
page.jpg
1.bp.blogspot.com/-7cLz4gKaKbA/YKXJg3q20aI/AAAAAAAB-TE/GJ8SbjGbJ10EUsFG02T9oBXXTxDwxA0lQCLcBGAsYHQ/w220-h170-c/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-7cLz4gKaKbA/YKXJg3q20aI/AAAAAAAB-TE/GJ8SbjGbJ10EUsFG02T9oBXXTxDwxA0lQCLcBGAsYHQ/w220-h170-c/page.jpg
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
15921a11047f47138620aeac57d69cc2ce4e71c805fd54511f841e82ae2983ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:42:46 GMT
x-content-type-options
nosniff
age
268
content-disposition
inline;filename="page.jpg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17150
x-xss-protection
0
server
fife
etag
"v1f932"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Fri, 21 May 2021 02:48:59 GMT
all.js
connect.facebook.net/pt_BR/ 		215 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/pt_BR/all.js?hash=4a0d95594f6bee9cdee2ea3c6cbf7059&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/all.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
df7364a2023a3a39a1a85b0d626a358be73a6b0d4fe3267df12d560ada39d12d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://www.eotimedopovo.com.br
Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
ktXgJ41gz/veK9afs83GLQ==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
65061
x-fb-rlafr
0
x-fb-debug
AQk23Q++hzJIrdcV4qYRw0GXdSRRRhulm/LXXSjyOLPST5wwAZsyZ5k+5ckwHDKb+CPvaDuW6yymEOlFBRjILg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
d79bb826b13bec2816cc758c97adf594
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 20 May 2021 11:47:14 GMT
vary
Accept-Encoding
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"97b0ac8b0d032ec443d723bde5fa8f05"
timing-allow-origin
*
priority
u=3,i
expires
Fri, 20 May 2022 10:29:54 GMT
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1232767995&t=pageview&_s=1&dl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&ul=en-us&de=UTF-8&dt=%C3%89%20o%20Time%20do%20Povo%20-%20Not%C3%ADcias%20do%20Corinthians&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=950800688&gjid=1067688604&cid=1391234738.1621511235&tid=UA-37184521-1&_gid=1704321300.1621511235&_r=1&_slc=1&z=985335305
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 20 May 2021 11:47:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.eotimedopovo.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
Gil.jpg
1.bp.blogspot.com/-St4hv0Q_K-Y/YKWnCxeBmTI/AAAAAAAB-S8/cj1KtBDctCg39leqQLw7iVytStOtZf8mwCLcBGAsYHQ/w220-h170-c/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-St4hv0Q_K-Y/YKWnCxeBmTI/AAAAAAAB-S8/cj1KtBDctCg39leqQLw7iVytStOtZf8mwCLcBGAsYHQ/w220-h170-c/Gil.jpg
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
7ff87a9640536c9a8e2264a26090b2822f84c20808c0d974680928484d406ea1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:42:46 GMT
x-content-type-options
nosniff
age
268
content-disposition
inline;filename="Gil.jpg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14860
x-xss-protection
0
server
fife
etag
"v1f930"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Fri, 21 May 2021 01:18:03 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: v3.denakop.com
URL: https://v3.denakop.com/denakop.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
sffe /
Resource Hash
988a093acd61c060745afd46252dbf4dbced9adffeda3f27a0eaaeb397a163dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"877 / 503 of 1000 / last-modified: 1621509323"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21341
x-xss-protection
0
expires
Thu, 20 May 2021 11:47:15 GMT
prebid.js
v3.denakop.com/ 		193 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v3.denakop.com/prebid.js
Requested by
Host: v3.denakop.com
URL: https://v3.denakop.com/denakop.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:4a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c20f4e658ca4e7fae8204a198a8c770d19b8eb3e13cca4ddab9769f108173f88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
1639
cf-polished
origSize=197617
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a2b32fdc80000175267196000000001
last-modified
Wed, 12 May 2021 13:06:05 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"609bd2bd-303f1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
65255442dc9c1752-FRA
cf-bgj
minify
eotimedopovo.com.br
v3.denakop.com/ad-request/10491/desktop/ 		227 B
600 B 		Script
General
Check archive.org
Download Go to
Full URL
https://v3.denakop.com/ad-request/10491/desktop/eotimedopovo.com.br
Requested by
Host: v3.denakop.com
URL: https://v3.denakop.com/denakop.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:4a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
285bb5af7280c83d84d442b444aa0c09b059e8ed2da1471112e1daf7753aeee4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://www.eotimedopovo.com.br
Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://www.eotimedopovo.com.br
cache-control
private, max-age=1800
access-control-allow-credentials
true
cf-ray
65255442dca01752-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a2b32fdc8000017527e287000000001
profiles.js
d.tailtarget.com/ Frame 949E 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.tailtarget.com/profiles.js
Requested by
Host: v3.denakop.com
URL: https://v3.denakop.com/denakop.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b5de679f41d5e07318bf721f4877d6320d3e351d6cfd58a00471854e2503d48c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 14:57:45 GMT
content-encoding
gzip
age
74970
x-guploader-uploadid
ABg5-Uw15OZSG2VJhwAThSDOUHBAqYzv5kGRTqqdKeeZAIhqkGlfHowFaML5XgH9HwlpnA96DYHB6oLOSUptHx_yLoM
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
5285
last-modified
Mon, 19 Apr 2021 15:43:34 GMT
server
UploadServer
etag
"603f25fd36318626ab410174bd3e1cd3"
x-goog-hash
crc32c=QOm0Sg==, md5=YD8l/TYxhiarQQF0vT4c0w==
content-language
en
x-goog-generation
1618847014064238
cache-control
public, max-age=86400,no-transform
x-goog-stored-content-length
5285
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 20 May 2021 14:57:45 GMT
cats.jpg
1.bp.blogspot.com/-WAQNf158jdo/YKWkZYiazwI/AAAAAAAB-S0/ObHOlhci61oBKf1htnjx0-9-Twvkfiv9ACLcBGAsYHQ/w220-h170-c/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-WAQNf158jdo/YKWkZYiazwI/AAAAAAAB-S0/ObHOlhci61oBKf1htnjx0-9-Twvkfiv9ACLcBGAsYHQ/w220-h170-c/cats.jpg
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
9a32f0ac0146b1df81326bb8d809d7a9c54656df71a950cec47d85aea6b61981
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:42:46 GMT
x-content-type-options
nosniff
age
269
content-disposition
inline;filename="cats.jpg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14239
x-xss-protection
0
server
fife
etag
"v1f92e"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Fri, 21 May 2021 01:18:03 GMT
authorization.css
www.blogger.com/dyn-css/ 		1 B
43 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/dyn-css/authorization.css?targetBlogID=1596090506057536954&zx=26c89e52-bd65-402f-9c1c-913328e71acd
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 20 May 2021 11:47:15 GMT
server
GSE
date
Thu, 20 May 2021 11:47:15 GMT
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-type
text/css; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
35064a68d36ed2e2227fda24486e246f.jpg
1.bp.blogspot.com/-UnJa3OfvBLI/YKVa0K88xeI/AAAAAAAB-Ss/jnQerW7LKQg2Vbn9j-Qx8EXUchlID4KhgCLcBGAsYHQ/w220-h170-c/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-UnJa3OfvBLI/YKVa0K88xeI/AAAAAAAB-Ss/jnQerW7LKQg2Vbn9j-Qx8EXUchlID4KhgCLcBGAsYHQ/w220-h170-c/35064a68d36ed2e2227fda24486e246f.jpg
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
c11b8dcfa4c928d4389ea15e6aaee31f46fa6c23745f66f0afdd7213b2f59eea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:42:46 GMT
x-content-type-options
nosniff
age
269
content-disposition
inline;filename="35064a68d36ed2e2227fda24486e246f.jpg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14511
x-xss-protection
0
server
fife
etag
"v1f92c"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 20 May 2021 19:26:49 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-37184521-1&cid=1391234738.1621511235&jid=950800688&gjid=1067688604&_gid=1704321300.1621511235&_u=IEBAAEAAAAAAAC~&z=1698732740
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 20 May 2021 11:47:15 GMT
content-type
text/plain
access-control-allow-origin
https://www.eotimedopovo.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
cats.jpg
1.bp.blogspot.com/-azpAVO61Bfc/YKVK_mruM9I/AAAAAAAB-Sc/81TQyfqTiD4_Zgq4-9G3pojw82i4IOiGgCLcBGAsYHQ/w220-h170-c/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-azpAVO61Bfc/YKVK_mruM9I/AAAAAAAB-Sc/81TQyfqTiD4_Zgq4-9G3pojw82i4IOiGgCLcBGAsYHQ/w220-h170-c/cats.jpg
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
3d21821594dc52942caea119495b6b5a4ee09cb61f9a71b439132059a07e31f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:42:46 GMT
x-content-type-options
nosniff
age
269
content-disposition
inline;filename="cats.jpg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14847
x-xss-protection
0
server
fife
etag
"v1f928"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 20 May 2021 19:26:49 GMT
status
www.facebook.com/x/oauth/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?client_id=183907278420228&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&sdk=joey&wants_cookie_data=true
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/all.js?hash=4a0d95594f6bee9cdee2ea3c6cbf7059&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
Xe6sH8Cts9c0iFyFbxLZpjeIc2aNRA4WtgbCXb/LpmJ8aqEG9qdTiRlQEwtuZrWaS+HoLkMbZiPySO+tFIbk7A==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
fb-s
unknown
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 20 May 2021 11:47:15 GMT
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.eotimedopovo.com.br
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT
1621441632436db71e03605b5aea1e08078f29f7f2.jpg
1.bp.blogspot.com/-55CNTn1XHhk/YKVIdBqVnDI/AAAAAAAB-SU/E_muB5dNNjEZFkZKRg3pDLpFUti2KRbdACLcBGAsYHQ/w220-h170-c/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-55CNTn1XHhk/YKVIdBqVnDI/AAAAAAAB-SU/E_muB5dNNjEZFkZKRg3pDLpFUti2KRbdACLcBGAsYHQ/w220-h170-c/1621441632436db71e03605b5aea1e08078f29f7f2.jpg
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
946b2d12e21fc05feee3677deb90a314dfea1899c8a9faa5fe60859e1807c777
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:42:47 GMT
x-content-type-options
nosniff
age
268
content-disposition
inline;filename="1621441632436db71e03605b5aea1e08078f29f7f2.jpg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16087
x-xss-protection
0
server
fife
etag
"v1f926"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 20 May 2021 19:26:49 GMT
ga-audiences
www.google.com/ads/ 		42 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-37184521-1&cid=1391234738.1621511235&jid=950800688&_u=IEBAAEAAAAAAAC~&z=1372151830
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 11:47:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-37184521-1&cid=1391234738.1621511235&jid=950800688&_u=IEBAAEAAAAAAAC~&z=1372151830
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 11:47:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
whatsapp-image-2021-05-19-at-11.56.41.jpeg
1.bp.blogspot.com/-yuG4meQSo0c/YKVGM4kxPmI/AAAAAAAB-SM/k4qhb137cdcHAKulFWNjL_08oiHhcDaAACLcBGAsYHQ/w220-h170-c/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-yuG4meQSo0c/YKVGM4kxPmI/AAAAAAAB-SM/k4qhb137cdcHAKulFWNjL_08oiHhcDaAACLcBGAsYHQ/w220-h170-c/whatsapp-image-2021-05-19-at-11.56.41.jpeg
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
736b0ba18837307ec23656f5bf10b797ed1adb034d6c28edc3e6183aeaf3727a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:42:47 GMT
x-content-type-options
nosniff
age
268
content-disposition
inline;filename="whatsapp-image-2021-05-19-at-11.56.41.jpeg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12619
x-xss-protection
0
server
fife
etag
"v1f924"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 20 May 2021 19:26:48 GMT
impl.20210520-3-RELEASE.js
cdn.taboola.com/libtrc/ 		491 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20210520-3-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/timaodopovo/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
986007c6e5ee35ac075b04c5eb0a766f9d5d744acb8f9e55122fd5aec690d94c

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
nRv7kaSu.jFsYmfRc9Y0WguRov_K62vI
content-encoding
br
etag
"199965e0ca4e9a0d105c520257461a50"
age
11867
x-cache
HIT
content-length
114965
x-amz-id-2
MzJ9428KZkTpy7UFMhB5JoClgd6BrFLswE5uYMc523y7N39tEvgqYbL8CvuuPYWgsiIvbrURLKo=
x-served-by
cache-hhn11555-HHN
last-modified
Thu, 20 May 2021 08:28:07 GMT
server
AmazonS3-br
x-timer
S1621511235.069023,VS0,VE0
date
Thu, 20 May 2021 11:47:15 GMT
vary
Accept-Encoding
x-amz-request-id
Q4CTJ2XMJAB60X2D
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
36
x-cache-hits
36681
beacon.js
sb.scorecardresearch.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/timaodopovo/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.202.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-202-85.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:36:47 GMT
via
1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
etag
"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
628
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
1469
x-amz-cf-id
n3uRlcatx5qNNkfKbBP03nc7sLhyRqWurur5U_SqcAPmtCV3inoxMQ==
E1sclmkXEAAdROo.jpg
1.bp.blogspot.com/-Th1zKIiFrtE/YKUuKJtSgvI/AAAAAAAB-SE/gVACPSQcr98Mc3R8-oGtl8ZnjZWCj-uBQCLcBGAsYHQ/w220-h170-c/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-Th1zKIiFrtE/YKUuKJtSgvI/AAAAAAAB-SE/gVACPSQcr98Mc3R8-oGtl8ZnjZWCj-uBQCLcBGAsYHQ/w220-h170-c/E1sclmkXEAAdROo.jpg
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
a8000d9e41e0673d3faa1c4a06d107ab3ca75557a15e55ef70eee79edfa5b55d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:42:47 GMT
x-content-type-options
nosniff
age
268
content-disposition
inline;filename="E1sclmkXEAAdROo.jpg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13412
x-xss-protection
0
server
fife
etag
"v1f922"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 20 May 2021 19:26:48 GMT
truncated
/ Frame D4F1 		305 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
622_8a9fdc69-f788-36b2-b009-428e273eae29.jpg
1.bp.blogspot.com/-Hk_KYE5rsvQ/YKUcg7vi0rI/AAAAAAAB-R8/ZCBS8C7eXmoYqxzw-rN9EEq8XIttJoxrwCLcBGAsYHQ/w220-h170-c/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-Hk_KYE5rsvQ/YKUcg7vi0rI/AAAAAAAB-R8/ZCBS8C7eXmoYqxzw-rN9EEq8XIttJoxrwCLcBGAsYHQ/w220-h170-c/622_8a9fdc69-f788-36b2-b009-428e273eae29.jpg
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
134d0bccea21ff37dbabedb5ed1a167485df6a61326e818fdbf591812459b796
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:42:46 GMT
x-content-type-options
nosniff
age
269
content-disposition
inline;filename="622_8a9fdc69-f788-36b2-b009-428e273eae29.jpg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14203
x-xss-protection
0
server
fife
etag
"v1f920"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 20 May 2021 14:35:23 GMT
cats.jpg
1.bp.blogspot.com/-nspbew62EWc/YKUYP7RKgtI/AAAAAAAB-Rs/oGTX4ZZNlAgNXRJ0acJpLUwJR6zA6kOJQCLcBGAsYHQ/w220-h170-c/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-nspbew62EWc/YKUYP7RKgtI/AAAAAAAB-Rs/oGTX4ZZNlAgNXRJ0acJpLUwJR6zA6kOJQCLcBGAsYHQ/w220-h170-c/cats.jpg
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
cdd4eeeca2a2640b2fa20c90046b01f0ba18a28ccfece7037085297ff2e08daf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:42:46 GMT
x-content-type-options
nosniff
age
269
content-disposition
inline;filename="cats.jpg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13667
x-xss-protection
0
server
fife
etag
"v1f91d"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 20 May 2021 14:35:23 GMT
cats.jpg
1.bp.blogspot.com/-Jear5UwwiT4/YKT82yHzO6I/AAAAAAAB-Rg/61zv-sEEu_AsAk0owhPAnuO3ANR_OKlFACLcBGAsYHQ/w220-h170-c/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-Jear5UwwiT4/YKT82yHzO6I/AAAAAAAB-Rg/61zv-sEEu_AsAk0owhPAnuO3ANR_OKlFACLcBGAsYHQ/w220-h170-c/cats.jpg
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
54665451fd7f53c941c588a0f92dc24d2aa8642afe8cf0ead5bdae54f6cfb95e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:42:47 GMT
x-content-type-options
nosniff
age
268
content-disposition
inline;filename="cats.jpg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14929
x-xss-protection
0
server
fife
etag
"v1f919"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 20 May 2021 13:26:43 GMT
profile
d.t.tailtarget.com/ Frame 949E 		92 B
268 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d.t.tailtarget.com/profile
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/profiles.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
e593d32d2b3c25b54c4632fc55d4c55cce4154e0bfaeb75883da07b742e762dc

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:15 GMT
content-encoding
gzip
last-modified
Thu, 30 Jan 2020 20:26:00 GMT
server
nginx/1.17.8
etag
W/"5e333bd8-5c"
vary
Accept-Encoding, Accept-Encoding
content-type
application/x-javascript
via
1.1 google
cache-control
max-age=3600
alt-svc
clear
expires
Thu, 20 May 2021 12:47:15 GMT
pubads_impl_2021051901.js
securepubads.g.doubleclick.net/gpt/ 		310 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021051901.js?31061260
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
sffe /
Resource Hash
6ac5dc61ad3c547afd1e7eb3594daecd75ab2eda5e53a15c5fb52bb2c60ddd13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 19 May 2021 08:40:12 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
111403
x-xss-protection
0
expires
Thu, 20 May 2021 11:47:15 GMT
stories-vertical-ui.20210520-3-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		585 B
695 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/stories-vertical-ui.20210520-3-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/timaodopovo/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9eb8abd21cd55dccbf594f924fc021a47ad55572e0f621d5cb3fd587e9f668f8

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
h2LnXsN1MEUIgc.BGm.TF4zswzpOi_My
content-encoding
gzip
etag
"938a8cab946323c5b078805ed527becd"
age
2721
x-cache
HIT
x-amz-replication-status
PENDING
content-length
316
x-amz-id-2
SXoyK40cUUafPFOOId27Gc8qOCLBOKTMV+vTHIty5JZgbZvUV2qmKRjwMc6OgXhWyp7UZRUEoM4=
x-served-by
cache-hhn11555-HHN
last-modified
Thu, 20 May 2021 11:01:52 GMT
server
AmazonS3
x-timer
S1621511235.142713,VS0,VE0
date
Thu, 20 May 2021 11:47:15 GMT
vary
Accept-Encoding
x-amz-request-id
2DDXQ92MDFRK4PB5
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
36
x-cache-hits
39133
cats.jpg
1.bp.blogspot.com/-ANa0QH9TgSM/YKT7lPHSfQI/AAAAAAAB-RY/jRuwpqzFilQsHA9MdUGAt6dmIR3EQXtfgCLcBGAsYHQ/w220-h170-c/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-ANa0QH9TgSM/YKT7lPHSfQI/AAAAAAAB-RY/jRuwpqzFilQsHA9MdUGAt6dmIR3EQXtfgCLcBGAsYHQ/w220-h170-c/cats.jpg
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
b501f167531ccff291237798a31b3d54862273b5d153affa5b80fdf9e8f83211
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:42:47 GMT
x-content-type-options
nosniff
age
268
content-disposition
inline;filename="cats.jpg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12835
x-xss-protection
0
server
fife
etag
"v1f917"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 20 May 2021 13:26:43 GMT
cats.jpg
1.bp.blogspot.com/-GsoB0f7vOkY/YKSClPEeFKI/AAAAAAAB-RQ/hLPvymHhajIluh7--cFSWQD1G0-e2GieQCLcBGAsYHQ/w220-h170-c/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-GsoB0f7vOkY/YKSClPEeFKI/AAAAAAAB-RQ/hLPvymHhajIluh7--cFSWQD1G0-e2GieQCLcBGAsYHQ/w220-h170-c/cats.jpg
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
d2d95cc0fd079280d10acc99338c3373ba61ccade60d59cd7a1b6ac7bc25a76e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:42:47 GMT
x-content-type-options
nosniff
age
268
content-disposition
inline;filename="cats.jpg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16672
x-xss-protection
0
server
fife
etag
"v1f915"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 20 May 2021 10:41:21 GMT
Carol.jpg
1.bp.blogspot.com/-TobxqGk8pCM/YKRqYb9rv8I/AAAAAAAB-RA/v9gKgvio5ik6juyf-VjSYA_AiwEATKNvQCLcBGAsYHQ/w220-h170-c/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-TobxqGk8pCM/YKRqYb9rv8I/AAAAAAAB-RA/v9gKgvio5ik6juyf-VjSYA_AiwEATKNvQCLcBGAsYHQ/w220-h170-c/Carol.jpg
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
a1d3d178d986f78b59afeb8852053739a3aeb2da593ee37958949b071196be77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:42:47 GMT
x-content-type-options
nosniff
age
268
content-disposition
inline;filename="Carol.jpg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14677
x-xss-protection
0
server
fife
etag
"v1f911"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 20 May 2021 10:41:21 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1621511235162&ns_c=UTF-8&cv=3.5&c8=%C3%89%20o%20Time%20do%20Povo%20-%20Not%C3%ADcias%20do%20Corinthians&c7=https%3A%2F%2Fwww.eotimedop...
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1621511235162&ns_c=UTF-8&cv=3.5&c8=%C3%89%20o%20Time%20do%20Povo%20-%20Not%C3%ADcias%20do%20Corinthians&c7=https%3A%2F%2Fwww.eotimedo...
64 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1621511235162&ns_c=UTF-8&cv=3.5&c8=%C3%89%20o%20Time%20do%20Povo%20-%20Not%C3%ADcias%20do%20Corinthians&c7=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&c9=
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.202.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-202-85.fra53.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:15 GMT
via
1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
4UPHU_tp_qeplrnN26z30-NvoFgCawPvQvnNS5PdyC-H5Tv3Hru73Q==

Redirect headers

date
Thu, 20 May 2021 11:47:15 GMT
via
1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1621511235162&ns_c=UTF-8&cv=3.5&c8=%C3%89%20o%20Time%20do%20Povo%20-%20Not%C3%ADcias%20do%20Corinthians&c7=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&c9=
content-length
237
x-amz-cf-id
CwDuVZBTZSrgIkVv-Vg1AjNVneXQavXsmK74RqUHXkIH6BtSRYKFLw==
cats.jpg
1.bp.blogspot.com/-7YbwoQBvyyw/YKRmOUQsPlI/AAAAAAAB-Q4/2nkED_bZwp4wzR5zzvTg6tDm8g1pw7SrwCLcBGAsYHQ/w220-h170-c/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-7YbwoQBvyyw/YKRmOUQsPlI/AAAAAAAB-Q4/2nkED_bZwp4wzR5zzvTg6tDm8g1pw7SrwCLcBGAsYHQ/w220-h170-c/cats.jpg
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
41b81c70a8db61d17efde93327e8ff002420b764b7e15322073e258cb499bc81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:42:47 GMT
x-content-type-options
nosniff
age
268
content-disposition
inline;filename="cats.jpg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12680
x-xss-protection
0
server
fife
etag
"v1f90f"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 20 May 2021 10:41:21 GMT
cats.jpg
1.bp.blogspot.com/-Y_M2vCLkGP0/YKRcUbi3orI/AAAAAAAB-Qw/pKzszjX3Vn4_ZKPI-VxET5SP_6nmbWxxgCLcBGAsYHQ/w220-h170-c/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-Y_M2vCLkGP0/YKRcUbi3orI/AAAAAAAB-Qw/pKzszjX3Vn4_ZKPI-VxET5SP_6nmbWxxgCLcBGAsYHQ/w220-h170-c/cats.jpg
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
1e07ab27ebfeb07e7c503be5cd4efb35c821662bf6c1b566ed97baa2a765189c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:42:47 GMT
x-content-type-options
nosniff
age
268
content-disposition
inline;filename="cats.jpg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9516
x-xss-protection
0
server
fife
etag
"v1f90d"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 20 May 2021 10:41:21 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/ 		231 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6682610916885114&plah=www.eotimedopovo.com.br&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
93ea87740a629b311148b644cb72d376ef82344939bc4d47acff4aa0719ad668
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87252
x-xss-protection
0
server
cafe
etag
5322897297824761394
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 20 May 2021 11:47:15 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210517/r20190131/ Frame 37C6 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210517/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1dad6cb9a0903898a8f82f89c0d10ee6e94f8459228530fa5df3078100c9f650
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210517/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.eotimedopovo.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.eotimedopovo.com.br/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Wed, 19 May 2021 22:33:52 GMT
expires
Wed, 02 Jun 2021 22:33:52 GMT
content-type
text/html; charset=UTF-8
etag
15349191498103243965
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4506
x-xss-protection
0
age
47603
cache-control
public, max-age=1209600
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie.js
partner.googleadservices.com/gampad/ 		209 B
443 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.eotimedopovo.com.br&callback=_gfp_s_&client=ca-pub-6682610916885114
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6682610916885114&plah=www.eotimedopovo.com.br&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
63e0d92c004d0b69862e33a9be0e74836872de8844f372fd1c401b80527045fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
196
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.eotimedopovo.com.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6682610916885114&plah=www.eotimedopovo.com.br&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 20 May 2021 11:47:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
553 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.eotimedopovo.com.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6682610916885114&plah=www.eotimedopovo.com.br&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 20 May 2021 11:47:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 6A69 		405 B
228 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-6682610916885114&output=html&h=175&slotname=1352342218&adk=3182713956&adf=3320137906&pi=t.ma~as.1352342218&w=697&fwrn=4&lmt=1621511102&rafmt=11&psa=0&format=697x175&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621511235178&bpp=15&bdt=511&idt=72&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=4651854520349&frm=20&pv=2&ga_vid=1391234738.1621511235&ga_sid=1621511235&ga_hid=1232767995&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=285&ady=4720&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060957&oid=3&pvsid=2036474664545921&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=FCtjL8JZ6a&p=https%3A//www.eotimedopovo.com.br&dtd=89
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6682610916885114&plah=www.eotimedopovo.com.br&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4c05737d1cc4b6e27ededf08c7f05146e3d93f92284dab7d962d2d9c03500061
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?npa=1&client=ca-pub-6682610916885114&output=html&h=175&slotname=1352342218&adk=3182713956&adf=3320137906&pi=t.ma~as.1352342218&w=697&fwrn=4&lmt=1621511102&rafmt=11&psa=0&format=697x175&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621511235178&bpp=15&bdt=511&idt=72&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&correlator=4651854520349&frm=20&pv=2&ga_vid=1391234738.1621511235&ga_sid=1621511235&ga_hid=1232767995&ga_fc=0&rplot=4&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=285&ady=4720&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060957&oid=3&pvsid=2036474664545921&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=FCtjL8JZ6a&p=https%3A//www.eotimedopovo.com.br&dtd=89
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.eotimedopovo.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.eotimedopovo.com.br/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 20 May 2021 11:47:15 GMT
server
cafe
content-length
205
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Thu, 20-May-2021 12:02:15 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 20 May 2021 11:47:15 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6682610916885114&plah=www.eotimedopovo.com.br&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c42d25b217d0238ad491d1174be0b4e0ee1305e71185e817c0d4ec11a18685d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1621424113157718"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27995
x-xss-protection
0
expires
Thu, 20 May 2021 11:47:15 GMT
Renato.jpg
1.bp.blogspot.com/-vR1WktU-Z3o/YKZKdRYycAI/AAAAAAAB-TU/FfcYrK8rFoIkwHv9BhNjAjxeo-d8YaFCACLcBGAsYHQ/s72-c/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-vR1WktU-Z3o/YKZKdRYycAI/AAAAAAAB-TU/FfcYrK8rFoIkwHv9BhNjAjxeo-d8YaFCACLcBGAsYHQ/s72-c/Renato.jpg
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
f7d30cf07998d5d7873869f69199d740f49e01fb0e1a1cf1976c7809913b3a1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:15 GMT
x-content-type-options
nosniff
server
fife
etag
"v1f936"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Renato.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3383
x-xss-protection
0
expires
Fri, 21 May 2021 11:47:15 GMT
page.jpg
1.bp.blogspot.com/-7cLz4gKaKbA/YKXJg3q20aI/AAAAAAAB-TE/GJ8SbjGbJ10EUsFG02T9oBXXTxDwxA0lQCLcBGAsYHQ/s72-c/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-7cLz4gKaKbA/YKXJg3q20aI/AAAAAAAB-TE/GJ8SbjGbJ10EUsFG02T9oBXXTxDwxA0lQCLcBGAsYHQ/s72-c/page.jpg
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
51b3c9d9127d7428daf3ca21e9144df48a301a63b5f71c64814bb2a1889926ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:42:48 GMT
x-content-type-options
nosniff
age
267
content-disposition
inline;filename="page.jpg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3813
x-xss-protection
0
server
fife
etag
"v1f932"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Fri, 21 May 2021 02:48:59 GMT
Gil.jpg
1.bp.blogspot.com/-St4hv0Q_K-Y/YKWnCxeBmTI/AAAAAAAB-S8/cj1KtBDctCg39leqQLw7iVytStOtZf8mwCLcBGAsYHQ/s72-c/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-St4hv0Q_K-Y/YKWnCxeBmTI/AAAAAAAB-S8/cj1KtBDctCg39leqQLw7iVytStOtZf8mwCLcBGAsYHQ/s72-c/Gil.jpg
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
424bb50312a7bda2ea46dae4fdfa96d7da5aaf8ed4ff67f6f9dad505adafcf41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:42:48 GMT
x-content-type-options
nosniff
age
267
content-disposition
inline;filename="Gil.jpg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3235
x-xss-protection
0
server
fife
etag
"v1f930"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Fri, 21 May 2021 00:15:00 GMT
35064a68d36ed2e2227fda24486e246f.jpg
1.bp.blogspot.com/-UnJa3OfvBLI/YKVa0K88xeI/AAAAAAAB-Ss/jnQerW7LKQg2Vbn9j-Qx8EXUchlID4KhgCLcBGAsYHQ/s72-c/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1.bp.blogspot.com/-UnJa3OfvBLI/YKVa0K88xeI/AAAAAAAB-Ss/jnQerW7LKQg2Vbn9j-Qx8EXUchlID4KhgCLcBGAsYHQ/s72-c/35064a68d36ed2e2227fda24486e246f.jpg
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
9b740fc33c320c32f37ac69c8a49e3c8822ce660678814520069a3e7923c00e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:42:48 GMT
x-content-type-options
nosniff
age
267
content-disposition
inline;filename="35064a68d36ed2e2227fda24486e246f.jpg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3464
x-xss-protection
0
server
fife
etag
"v1f92c"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 20 May 2021 19:26:49 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.eotimedopovo.com.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6682610916885114&plah=www.eotimedopovo.com.br&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 20 May 2021 11:47:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.eotimedopovo.com.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6682610916885114&plah=www.eotimedopovo.com.br&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 20 May 2021 11:47:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 4592 		107 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-6682610916885114&output=html&h=600&slotname=7847638580&adk=2545567975&adf=2877706049&pi=t.ma~as.7847638580&w=288&fwrn=4&fwrnh=100&lmt=1621511102&rafmt=1&psa=0&format=288x600&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621511235701&bpp=3&bdt=1034&idt=3&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D512d2c852bd3847e-22c17cbf44c80033%3AT%3D1621511235%3ART%3D1621511235%3AS%3DALNI_Ma80Ywafa22oRJfYRWhySusi3yswQ&prev_fmts=697x175&correlator=4651854520349&frm=20&pv=1&ga_vid=1391234738.1621511235&ga_sid=1621511235&ga_hid=1232767995&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1027&ady=907&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060957&oid=3&pvsid=2036474664545921&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3ncaUd3z0W&p=https%3A//www.eotimedopovo.com.br&dtd=9
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6682610916885114&plah=www.eotimedopovo.com.br&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1fab2c293e616fa6ec3df8155b42eaaafdc4d9027fdfa5d9acebb0df8d1ba068
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?npa=1&client=ca-pub-6682610916885114&output=html&h=600&slotname=7847638580&adk=2545567975&adf=2877706049&pi=t.ma~as.7847638580&w=288&fwrn=4&fwrnh=100&lmt=1621511102&rafmt=1&psa=0&format=288x600&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621511235701&bpp=3&bdt=1034&idt=3&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D512d2c852bd3847e-22c17cbf44c80033%3AT%3D1621511235%3ART%3D1621511235%3AS%3DALNI_Ma80Ywafa22oRJfYRWhySusi3yswQ&prev_fmts=697x175&correlator=4651854520349&frm=20&pv=1&ga_vid=1391234738.1621511235&ga_sid=1621511235&ga_hid=1232767995&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1027&ady=907&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060957&oid=3&pvsid=2036474664545921&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3ncaUd3z0W&p=https%3A//www.eotimedopovo.com.br&dtd=9
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.eotimedopovo.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.eotimedopovo.com.br/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 20 May 2021 11:47:16 GMT
server
cafe
content-length
27223
x-xss-protection
0
set-cookie
IDE=AHWqTUkWb3txhZzdq-fhjhZtYC6QMaqoAUTnV3mBvaGNcos5ey7oH9XvgC2qyDu9Bqk; expires=Tue, 14-Jun-2022 11:47:15 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 20 May 2021 11:47:16 GMT
cache-control
private
831975
ad.a-ads.com/ Frame 3C32 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.a-ads.com/831975?size=300x250
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.9.10.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.165.10.9.5.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) / Phusion Passenger(R)
Resource Hash
84dc67a69f8be0b3c0613864e267001711f3de5d47e3fad8d24411d51025ed0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
ad.a-ads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.eotimedopovo.com.br/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.eotimedopovo.com.br/

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Thu, 20 May 2021 11:47:15 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Status
200 OK
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Powered-By
Phusion Passenger(R)
X-Original-Referer
https://www.eotimedopovo.com.br/
Content-Encoding
gzip
loader.js
config.seedtag.com/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://config.seedtag.com/loader.js?v=0.33929784528751483
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.131.145 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28e7c5883213aac2724862e788fa2c79bcebc5708d2bbccc44ee0206bd54d484

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:15 GMT
content-encoding
br
cf-cache-status
HIT
age
16306
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a2b3300c50000c85323b71000000001
last-modified
Wed, 19 May 2021 07:14:51 GMT
server
cloudflare
etag
W/"5aa24f8cf305e38e0d340b3cf5ba438f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=1200
access-control-allow-credentials
true
cf-ray
65255447afbdc853-AMS
expires
Thu, 20 May 2021 12:07:15 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&tn=DIV&id=ads-foda-fx&ign=false
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 11:47:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 4BB3 		25 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-6682610916885114&output=html&adk=1812271804&adf=3025194257&lmt=1621511102&plat=1%3A16809992%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621511235732&bpp=1&bdt=1064&idt=1&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D512d2c852bd3847e-22c17cbf44c80033%3AT%3D1621511235%3ART%3D1621511235%3AS%3DALNI_Ma80Ywafa22oRJfYRWhySusi3yswQ&prev_fmts=697x175%2C288x600&nras=1&correlator=4651854520349&frm=20&pv=1&ga_vid=1391234738.1621511235&ga_sid=1621511235&ga_hid=1232767995&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060957&oid=3&pvsid=2036474664545921&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=12
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6682610916885114&plah=www.eotimedopovo.com.br&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
30eca74cde3c0649a09fdb26376f9f41ff690ee916fd1221b5a29df7b7bdf86a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?npa=1&client=ca-pub-6682610916885114&output=html&adk=1812271804&adf=3025194257&lmt=1621511102&plat=1%3A16809992%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621511235732&bpp=1&bdt=1064&idt=1&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D512d2c852bd3847e-22c17cbf44c80033%3AT%3D1621511235%3ART%3D1621511235%3AS%3DALNI_Ma80Ywafa22oRJfYRWhySusi3yswQ&prev_fmts=697x175%2C288x600&nras=1&correlator=4651854520349&frm=20&pv=1&ga_vid=1391234738.1621511235&ga_sid=1621511235&ga_hid=1232767995&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060957&oid=3&pvsid=2036474664545921&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=12
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.eotimedopovo.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.eotimedopovo.com.br/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 20 May 2021 11:47:15 GMT
server
cafe
content-length
1436
x-xss-protection
0
set-cookie
IDE=AHWqTUmEYNKkf6NNR94h-VLj38wu00wEYHNE5UGg4m_tezyNRezez4CFQgxykcmbB2c; expires=Tue, 14-Jun-2022 11:47:15 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 20 May 2021 11:47:15 GMT
cache-control
private
66a78650063d5b194b4c717f4f0d420b.min.js
clevernt.com/scripts/ 		120 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clevernt.com/scripts/66a78650063d5b194b4c717f4f0d420b.min.js?20200512=1621511235747
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b75 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbe61ec8a3efdcd039ec02f99bf9a0a66e1c2ef4831a8e45d12cb4c736709a8d

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:15 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
43
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
YPJTW8JD0KSNRWQ3
x-amz-id-2
cLjH+hZdvqfnHeImPsEFvSsrMK0EdNCexAO6hvPZSXCw5ybcrk+HeMAw2NAaO72ybFHT9+VxujE=
last-modified
Thu, 20 May 2021 06:50:25 GMT
server
cloudflare
etag
W/"bba73e1d78477e2727d4be3d24a882dd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SOsgBtWL0Uqe0Gjhj4lSDAPZkBtSGimkUSooh4RXq0zQoacTGIIeG6kb7azE165CSMwvdgL%2FtUGbeAg0fA2rtx%2F8Z2JrMf05OGvU6igFKIx5Vwk4FzyDiMY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=1800
cf-request-id
0a2b3300b800004dbe678d6000000001
cf-ray
6525544789b24dbe-FRA
formats.js
ad.lkqd.net/vpaid/ Frame 4F19 		118 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/formats.js
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:15 GMT
content-encoding
gzip
last-modified
Fri, 11 Dec 2020 00:09:23 GMT
etag
"286704660baa2c113268f28385080796"
x-hw
1621511235.cds143.am5.hn,1621511235.cds264.am5.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
35765
formats.js
ad.lkqd.net/vpaid/ Frame 83D1 		118 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/formats.js
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:15 GMT
content-encoding
gzip
last-modified
Fri, 11 Dec 2020 00:09:23 GMT
etag
"286704660baa2c113268f28385080796"
x-hw
1621511235.cds143.am5.hn,1621511235.cds264.am5.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
35765
p
sb.scorecardresearch.com/ 		64 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=2&c2=34403499&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=727128&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va&ns_st_cl=0&ns_st_pt=0&c3=vidoomynet&c4=&c6=&ns_ts=1621511235
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.202.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-202-85.fra53.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:15 GMT
via
1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
gJQOyR6UATUCfpwaw5vNJ1WC76M3xSTFBfUR8osxVJ6BItc4kkg1UQ==
auto-user-sync
ads.stickyadstv.com/ 		43 B
598 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/auto-user-sync
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.21.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-112.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 20 May 2021 11:47:15 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1621511235792055-366
Expires
Thu, 20 May 2021 11:47:15 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j90&a=1232767995&t=pageview&_s=2&dl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&ul=en-us&de=UTF-8&dt=%C3%89%20o%20Time%20do%20Povo%20-%20Not%C3%ADcias%20do%20Corinthians&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEBAAEABAAAAAC~&jid=&gjid=&cid=1391234738.1621511235&tid=UA-37184521-1&_gid=1704321300.1621511235&z=1110297775
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 10:14:03 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
5592
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
HiZ8OQj6u20
www.youtube.com/embed/ Frame E317 		52 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/HiZ8OQj6u20?autoplay=0&origin=http://example.com
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d596666f7b9a5d90f9cb1e19cf50b7609e82e5e7aa24e662a835cb6f5b160f31
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/HiZ8OQj6u20?autoplay=0&origin=http://example.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.eotimedopovo.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.eotimedopovo.com.br/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Thu, 20 May 2021 11:47:15 GMT
strict-transport-security
max-age=31536000
permissions-policy
ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding
br
server
ESF
x-xss-protection
0
set-cookie
YSC=Cxvkun0KlJ8; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=kEjwokSTp2A; Domain=.youtube.com; Expires=Tue, 16-Nov-2021 11:47:15 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+803; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
PqJe0OuJSMI
www.youtube.com/embed/ Frame 3703 		51 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/PqJe0OuJSMI?autoplay=0&origin=http://example.com
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
374d8eef5fd489b376733ac0a35577a11e27e3b98b411232f5fe225efc17ef6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/PqJe0OuJSMI?autoplay=0&origin=http://example.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.eotimedopovo.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.eotimedopovo.com.br/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Thu, 20 May 2021 11:47:15 GMT
strict-transport-security
max-age=31536000
permissions-policy
ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding
br
server
ESF
x-xss-protection
0
set-cookie
YSC=vM5exza6sz4; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=_f3JNPu8lVY; Domain=.youtube.com; Expires=Tue, 16-Nov-2021 11:47:15 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+623; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.p7L79FLXQCw.O/m=plusone,profile/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g/ 		200 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.p7L79FLXQCw.O/m=plusone,profile/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
86da39d609467204bb0df4a7a85394cf09c82d9443cdfbf91b88932a8e1cbbf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 18:28:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 May 2021 20:19:21 GMT
server
sffe
age
580705
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
70259
x-xss-protection
0
expires
Fri, 13 May 2022 18:28:50 GMT
cb=gapi.loaded_1
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.p7L79FLXQCw.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone,profile/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.p7L79FLXQCw.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone,profile/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g/cb=gapi.loaded_1
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d87022effcf025352d5bd7c7de2d267422ccd35e6a83276dcb0d0f31e610f514
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 18:30:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 May 2021 20:19:21 GMT
server
sffe
age
580614
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6009
x-xss-protection
0
expires
Fri, 13 May 2022 18:30:21 GMT
google_top_exp.js
pagead2.googlesyndication.com/pagead/js/ 		47 B
93 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 10:03:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6217
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67
x-xss-protection
0
server
cafe
etag
13036835877489095579
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 03 Jun 2021 10:03:38 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1232767995&t=pageview&_s=1&dl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&ul=en-us&de=UTF-8&dt=%C3%89%20o%20Time%20do%20Povo%20-%20Not%C3%ADcias%20do%20Corinthians&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEDAAEABAAAAAC~&jid=974299060&gjid=350002664&cid=1391234738.1621511235&tid=UA-37184521-1&_gid=1704321300.1621511235&_r=1&z=2080708741
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 20 May 2021 11:47:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.eotimedopovo.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 08:06:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13251
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5437
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 20 May 2022 08:06:24 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
656178f80f84a0d02f39eb8389c3a4fed4368b97f4fce6e99d05d856c9e89ff9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
99R/7vMikKrgDnak8wfqDQ==
cross-origin-resource-policy
cross-origin
expires
Thu, 20 May 2021 11:50:21 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1779
x-fb-rlafr
0
x-fb-debug
L3jIPqhkOLXv5+u4HdvB5KIy56ZQtZbdfHwHsx/2Na860P4pXrYPwQHXpp/A3/1NDH1fgW2xVcSFsJlaipU6sA==
x-fb-content-md5
933f1b75809e84424c018f68a9cc965c
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 20 May 2021 11:47:15 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"6eacecd8f67c45dd1f1e44785f3e76d2"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
cookie
a.vidoomy.com/api/rtbserver/ Frame 8D32
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=c31d739d-6c70-4317-b66e-17e9bcf6ae9a-60a64c43-5553&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_i...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=c31d739d-6c70-4317-b66e-17e9bcf6ae9a-60a64c43-5553&partner_url=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3D...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=c31d739d-6c70-4317-b66e-17e9bcf6ae9a-60a64c43-5553&partner_url=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%...
  • https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=c31d739d-6c70-4317-b66e-17e9bcf6ae9a-60a64c43-5553
43 B
334 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=c31d739d-6c70-4317-b66e-17e9bcf6ae9a-60a64c43-5553
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.84.136 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-84-136.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

:method
GET
:authority
a.vidoomy.com
:scheme
https
:path
/api/rtbserver/cookie?i=CEN&uid=c31d739d-6c70-4317-b66e-17e9bcf6ae9a-60a64c43-5553
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.eotimedopovo.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.eotimedopovo.com.br/

Response headers

date
Thu, 20 May 2021 11:47:16 GMT
content-type
image/gif
content-length
43
content-encoding
none
set-cookie
vidoomy-uids=eyJ1aWRzIjp7IkNFTiI6eyJ1aWQiOiJjMzFkNzM5ZC02YzcwLTQzMTctYjY2ZS0xN2U5YmNmNmFlOWEtNjBhNjRjNDMtNTU1MyIsImV4cGlyZXMiOjE2MjQxMDMyMzZ9fX0=; Path=/; Domain=vidoomy.com; Expires=Fri, 20 May 2022 11:47:16 GMT; Secure; SameSite=None
vary
Origin

Redirect headers

date
Thu, 20 May 2021 11:47:16 GMT
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
set-cookie
TapAd_TS=1621511236156;Expires=Mon, 19 Jul 2021 11:47:16 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None TapAd_DID=908b6e88-4b7c-400f-a3ea-2eeeccb48bee;Expires=Mon, 19 Jul 2021 11:47:16 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None TapAd_3WAY_SYNCS=;Expires=Mon, 19 Jul 2021 11:47:16 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
location
https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=c31d739d-6c70-4317-b66e-17e9bcf6ae9a-60a64c43-5553
content-length
0
server
Jetty(9.4.36.v20210114)
via
1.1 google
alt-svc
clear
cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=vidoomy&user_id=383711447.884112361523462441.00203145
  • https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=383711447.884112361523462441.00203145
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=vidoomy&bsw_param=f9dd432e-8774-4dc1-819e-1cd51365f18f&google_hm=ZjlkZDQzMmUtODc3NC00ZGMxLTgxOWUtMWNkNTEzNjVmMThm
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm=&google_sc=&ssp=vidoomy&bsw_param=f9dd432e-8774-4dc1-819e-1cd51365f18f&google_hm=ZjlkZDQzMmUtODc3NC00ZGMxLTgxOWUtMWNkNTEzNjVmMT...
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEAkRHQFJ13uOS1P9R_uwcLo&google_cver=1&ssp=vidoomy&bsw_param=f9dd432e-8774-4dc1-819e-1cd51365f18f
  • https://rtb.vidoomy.com/cookie/?exchange_cookie=f9dd432e-8774-4dc1-819e-1cd51365f18f&exchange_name=BSW
  • https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=f9dd432e-8774-4dc1-819e-1cd51365f18f
43 B
414 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=f9dd432e-8774-4dc1-819e-1cd51365f18f
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.84.136 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-84-136.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:17 GMT
content-encoding
none
content-length
43
vary
Origin
content-type
image/gif

Redirect headers

location
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=f9dd432e-8774-4dc1-819e-1cd51365f18f
date
Thu, 20 May 2021 11:47:17 GMT
cache-control
no-cache, private
server
nginx/1.19.0
x-powered-by
PHP/7.4.5
content-type
text/html; charset=UTF-8
collect
stats.g.doubleclick.net/j/ 		4 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-37184521-1&cid=1391234738.1621511235&jid=974299060&gjid=350002664&_gid=1704321300.1621511235&_u=KEDAAEABAAAAAC~&z=1583242208
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 20 May 2021 11:47:15 GMT
content-type
text/plain
access-control-allow-origin
https://www.eotimedopovo.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
docallbackinfod7fa3c5b61a745178a04364afee3b5f7.js
ui.clevernt.com/ 		695 B
1019 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ui.clevernt.com/docallbackinfod7fa3c5b61a745178a04364afee3b5f7.js
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
148.69.64.109 Porto, Portugal, ASN12353 (VODAFONE-PT Vodafone Portugal, PT),
Reverse DNS
host-109.clevernetwork.pt
Software
nginx /
Resource Hash
25404c8aa13246396fe1fcc7de144a5ed73ab0543a65a77df79d0d72114b6fed
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
cache
date
Thu, 20 May 2021 11:47:16 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=3600
strict-transport-security
max-age=15768000
expires
Thu, 20 May 2021 12:47:16 GMT
lazy.min.js
www.gstatic.com/feedback/js/help/prod/service/ 		71 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.p7L79FLXQCw.O/m=plusone,profile/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g/cb=gapi.loaded_0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a561596c61c00e1177647bf16d9c3657311e60304cc4f13bae903c9e806e4c75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:06:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 18 May 2021 17:19:24 GMT
server
sffe
age
2425
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=3000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26290
x-xss-protection
0
expires
Thu, 20 May 2021 11:56:50 GMT
navbar.g
www.blogger.com/ Frame D754 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/navbar.g?targetBlogID=1596090506057536954&blogName=%C3%89+o+Time+do+Povo+-+Not%C3%ADcias+do+Corint...&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://www.eotimedopovo.com.br/search&blogLocale=pt_BR&v=2&homepageUrl=https://www.eotimedopovo.com.br/&vt=6403506931286267602&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.p7L79FLXQCw.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.p7L79FLXQCw.O/m=plusone,profile/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g/cb=gapi.loaded_0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8f119dba685412744632c6a30361b35c8b9607cab6a6aa0c59fceb0b3f99b740
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.blogger.com
:scheme
https
:path
/navbar.g?targetBlogID=1596090506057536954&blogName=%C3%89+o+Time+do+Povo+-+Not%C3%ADcias+do+Corint...&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://www.eotimedopovo.com.br/search&blogLocale=pt_BR&v=2&homepageUrl=https://www.eotimedopovo.com.br/&vt=6403506931286267602&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.p7L79FLXQCw.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g%2Fm%3D__features__
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.eotimedopovo.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.eotimedopovo.com.br/

Response headers

p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Thu, 20 May 2021 11:47:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
2618
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
css
fonts.googleapis.com/ 		2 KB
583 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Ubuntu:500&subset=latin
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c16739b2471c717348631363c3a7fe6a49c381d846696168e6945a0f96781df4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 20 May 2021 11:47:15 GMT
server
ESF
date
Thu, 20 May 2021 11:47:15 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 20 May 2021 11:47:15 GMT
usync.html
ad.lkqd.net/cookie-sync/ Frame 50C0 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
f1b84287f024bbd570be1f1bc70c321931025ffacde7b25210dcc1ccc0575591

Request headers

:method
GET
:authority
ad.lkqd.net
:scheme
https
:path
/cookie-sync/usync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:15 GMT
content-encoding
gzip
content-length
1828
content-type
text/html
last-modified
Mon, 12 Apr 2021 19:06:23 GMT
accept-ranges
bytes
etag
"27034f886617b8db418f17a7a29a7e50"
cache-control
public, max-age=1209600
x-hw
1621511235.cds143.am5.hn,1621511235.cds257.am5.c
access-control-allow-origin
*
ad
v.lkqd.net/ Frame 4F19 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1092910&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56560%2C1%2C&c4=&c5=&c6=56560&rnd=64733351&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.54 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
673428a5cfedba07da4750246d430dcf68958ddfe52e2f9528a797be23a67587

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:16 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://www.eotimedopovo.com.br
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1366
truncated
/ Frame 3C32 		305 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
ga-audiences
www.google.com/ads/ 		42 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-37184521-1&cid=1391234738.1621511235&jid=974299060&_u=KEDAAEABAAAAAC~&z=1348209461
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 11:47:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-37184521-1&cid=1391234738.1621511235&jid=974299060&_u=KEDAAEABAAAAAC~&z=1348209461
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 11:47:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.html
ad.lkqd.net/cookie-sync/ Frame 26A4 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
f1b84287f024bbd570be1f1bc70c321931025ffacde7b25210dcc1ccc0575591

Request headers

:method
GET
:authority
ad.lkqd.net
:scheme
https
:path
/cookie-sync/usync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:16 GMT
content-encoding
gzip
content-length
1828
content-type
text/html
last-modified
Mon, 12 Apr 2021 19:06:23 GMT
accept-ranges
bytes
etag
"27034f886617b8db418f17a7a29a7e50"
cache-control
public, max-age=1209600
x-hw
1621511236.cds143.am5.hn,1621511236.cds257.am5.c
access-control-allow-origin
*
ad
v.lkqd.net/ Frame 83D1 		180 B
498 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1092911&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56560%2C1%2C&c4=&c5=&c6=56560&rnd=28090683&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.54 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:16 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://www.eotimedopovo.com.br
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
150
www-player-webp.css
www.youtube.com/s/player/fba90263/ Frame E317 		359 KB
45 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/fba90263/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/HiZ8OQj6u20?autoplay=0&origin=http://example.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
32fb46e37490028d33d014af2fa2446ddbab6ecbf50318e488483b3b9aa59ad0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/HiZ8OQj6u20?autoplay=0&origin=http://example.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 02:55:14 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 19 May 2021 01:59:33 GMT
server
sffe
age
118322
vary
Accept-Encoding, Origin
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46235
x-xss-protection
0
expires
Thu, 19 May 2022 02:55:14 GMT
www-embed-player.js
www.youtube.com/s/player/fba90263/www-embed-player.vflset/ Frame E317 		191 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/fba90263/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/HiZ8OQj6u20?autoplay=0&origin=http://example.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e581acc738cba51dead610202c58d80a9ab824bbda760b8764d82d0cd5949015
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/HiZ8OQj6u20?autoplay=0&origin=http://example.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 02:48:42 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 19 May 2021 01:59:33 GMT
server
sffe
age
118714
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64431
x-xss-protection
0
expires
Thu, 19 May 2022 02:48:42 GMT
base.js
www.youtube.com/s/player/fba90263/player_ias.vflset/en_US/ Frame E317 		2 MB
465 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/fba90263/player_ias.vflset/en_US/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/HiZ8OQj6u20?autoplay=0&origin=http://example.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6356dab2c76e9e8b9b9fe33f36effc4b58d2268854e1f4d2609204c4752a765a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/HiZ8OQj6u20?autoplay=0&origin=http://example.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 02:50:14 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 19 May 2021 01:59:33 GMT
server
sffe
age
118622
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
476171
x-xss-protection
0
expires
Thu, 19 May 2022 02:50:14 GMT
fetch-polyfill.js
www.youtube.com/s/player/fba90263/fetch-polyfill.vflset/ Frame E317 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/fba90263/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/HiZ8OQj6u20?autoplay=0&origin=http://example.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/HiZ8OQj6u20?autoplay=0&origin=http://example.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 02:48:42 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 19 May 2021 01:59:33 GMT
server
sffe
age
118714
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2830
x-xss-protection
0
expires
Thu, 19 May 2022 02:48:42 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E317 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/HiZ8OQj6u20?autoplay=0&origin=http://example.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.youtube.com
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 21:46:00 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
age
136876
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
expires
Wed, 18 May 2022 21:46:00 GMT
www-player-webp.css
www.youtube.com/s/player/fba90263/ Frame 3703 		359 KB
45 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/fba90263/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/PqJe0OuJSMI?autoplay=0&origin=http://example.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
32fb46e37490028d33d014af2fa2446ddbab6ecbf50318e488483b3b9aa59ad0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/PqJe0OuJSMI?autoplay=0&origin=http://example.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 02:55:14 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 19 May 2021 01:59:33 GMT
server
sffe
age
118322
vary
Accept-Encoding, Origin
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46235
x-xss-protection
0
expires
Thu, 19 May 2022 02:55:14 GMT
www-embed-player.js
www.youtube.com/s/player/fba90263/www-embed-player.vflset/ Frame 3703 		191 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/fba90263/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/PqJe0OuJSMI?autoplay=0&origin=http://example.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e581acc738cba51dead610202c58d80a9ab824bbda760b8764d82d0cd5949015
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/PqJe0OuJSMI?autoplay=0&origin=http://example.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 02:48:42 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 19 May 2021 01:59:33 GMT
server
sffe
age
118714
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64431
x-xss-protection
0
expires
Thu, 19 May 2022 02:48:42 GMT
base.js
www.youtube.com/s/player/fba90263/player_ias.vflset/en_US/ Frame 3703 		2 MB
465 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/fba90263/player_ias.vflset/en_US/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/PqJe0OuJSMI?autoplay=0&origin=http://example.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6356dab2c76e9e8b9b9fe33f36effc4b58d2268854e1f4d2609204c4752a765a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/PqJe0OuJSMI?autoplay=0&origin=http://example.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 02:50:14 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 19 May 2021 01:59:33 GMT
server
sffe
age
118622
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
476171
x-xss-protection
0
expires
Thu, 19 May 2022 02:50:14 GMT
fetch-polyfill.js
www.youtube.com/s/player/fba90263/fetch-polyfill.vflset/ Frame 3703 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/fba90263/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/PqJe0OuJSMI?autoplay=0&origin=http://example.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/PqJe0OuJSMI?autoplay=0&origin=http://example.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 02:48:42 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 19 May 2021 01:59:33 GMT
server
sffe
age
118714
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2830
x-xss-protection
0
expires
Thu, 19 May 2022 02:48:42 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3703 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/PqJe0OuJSMI?autoplay=0&origin=http://example.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.youtube.com
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 21:46:00 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
age
136876
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
expires
Wed, 18 May 2022 21:46:00 GMT
4iCv6KVjbNBYlgoCjC3jsGyN.woff2
fonts.gstatic.com/s/ubuntu/v15/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v15/4iCv6KVjbNBYlgoCjC3jsGyN.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:500&subset=latin
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
97d812da07c2319e0e64c4137b33a5d3ccfb4c06fa5ab4444f522959e27a9ed0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.eotimedopovo.com.br
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 19:10:39 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Sep 2020 17:02:34 GMT
server
sffe
age
146197
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29864
x-xss-protection
0
expires
Wed, 18 May 2022 19:10:39 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.eotimedopovo.com.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6682610916885114&plah=www.eotimedopovo.com.br&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 20 May 2021 11:47:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.eotimedopovo.com.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6682610916885114&plah=www.eotimedopovo.com.br&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 20 May 2021 11:47:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 2CB0 		60 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-6682610916885114&output=html&h=600&adk=2566266563&adf=1269499400&pi=t.aa~a.2379756499~rp.4&w=288&fwrn=4&fwrnh=100&lmt=1621511102&rafmt=1&to=qs&pwprc=5515570950&psa=0&format=288x600&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621511236063&bpp=1&bdt=1395&idt=-M&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=697x175%2C288x600%2C0x0&nras=2&correlator=4651854520349&frm=20&pv=1&ga_vid=1391234738.1621511235&ga_sid=1621511235&ga_hid=1232767995&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1027&ady=2567&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060957&oid=3&pvsid=2036474664545921&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=oNFQIxBvyq&p=https%3A//www.eotimedopovo.com.br&dtd=37
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6682610916885114&plah=www.eotimedopovo.com.br&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7e16ea7c8a0aa74f90c2e41bd4e47b0ca2605022c84f6c0c0245e461774a994b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?npa=1&client=ca-pub-6682610916885114&output=html&h=600&adk=2566266563&adf=1269499400&pi=t.aa~a.2379756499~rp.4&w=288&fwrn=4&fwrnh=100&lmt=1621511102&rafmt=1&to=qs&pwprc=5515570950&psa=0&format=288x600&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621511236063&bpp=1&bdt=1395&idt=-M&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=697x175%2C288x600%2C0x0&nras=2&correlator=4651854520349&frm=20&pv=1&ga_vid=1391234738.1621511235&ga_sid=1621511235&ga_hid=1232767995&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1027&ady=2567&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060957&oid=3&pvsid=2036474664545921&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=oNFQIxBvyq&p=https%3A//www.eotimedopovo.com.br&dtd=37
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.eotimedopovo.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.eotimedopovo.com.br/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 20 May 2021 11:47:16 GMT
server
cafe
content-length
22654
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Thu, 20-May-2021 12:02:16 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 20 May 2021 11:47:16 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame EA15 		86 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-6682610916885114&output=html&h=240&adk=4233806101&adf=3090203552&pi=t.aa~a.3687731992~rp.4&w=288&fwrn=4&fwrnh=100&lmt=1621511102&rafmt=1&to=qs&pwprc=5515570950&psa=0&format=288x240&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621511236063&bpp=1&bdt=1395&idt=-M&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=697x175%2C288x600%2C0x0%2C288x600&nras=3&correlator=4651854520349&frm=20&pv=1&ga_vid=1391234738.1621511235&ga_sid=1621511235&ga_hid=1232767995&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1027&ady=3447&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060957&oid=3&pvsid=2036474664545921&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=oYuZx0WN2s&p=https%3A//www.eotimedopovo.com.br&dtd=44
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6682610916885114&plah=www.eotimedopovo.com.br&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1f58d6122bcc11fcb6dce0264db5faeb39a777f8ee43b65af9d0c903967aa126
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/167177126177049833/Walbusch_TV-Banner_300x250/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/167177126177049833/Walbusch_TV-Banner_300x250/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKOX6omY2PACFZWLdwodcTwNcw&gqi=REymYN2oB83G7_UPyKG8OA&layout=/sadbundle/%24csp%253Der3%24/167177126177049833/Walbusch_TV-Banner_300x250/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?npa=1&client=ca-pub-6682610916885114&output=html&h=240&adk=4233806101&adf=3090203552&pi=t.aa~a.3687731992~rp.4&w=288&fwrn=4&fwrnh=100&lmt=1621511102&rafmt=1&to=qs&pwprc=5515570950&psa=0&format=288x240&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621511236063&bpp=1&bdt=1395&idt=-M&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=697x175%2C288x600%2C0x0%2C288x600&nras=3&correlator=4651854520349&frm=20&pv=1&ga_vid=1391234738.1621511235&ga_sid=1621511235&ga_hid=1232767995&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1027&ady=3447&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060957&oid=3&pvsid=2036474664545921&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=oYuZx0WN2s&p=https%3A//www.eotimedopovo.com.br&dtd=44
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.eotimedopovo.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.eotimedopovo.com.br/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/167177126177049833/Walbusch_TV-Banner_300x250/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/167177126177049833/Walbusch_TV-Banner_300x250/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKOX6omY2PACFZWLdwodcTwNcw&gqi=REymYN2oB83G7_UPyKG8OA&layout=/sadbundle/%24csp%253Der3%24/167177126177049833/Walbusch_TV-Banner_300x250/index.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 20 May 2021 11:47:16 GMT
server
cafe
content-length
31230
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Thu, 20-May-2021 12:02:16 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 20 May 2021 11:47:16 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame D743 		405 B
407 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-6682610916885114&output=html&h=90&adk=408567819&adf=1855375045&pi=t.aa~a.2506067586~rp.1&w=1100&fwrn=4&fwrnh=100&lmt=1621511102&rafmt=1&to=qs&pwprc=5515570950&psa=0&format=1100x90&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621511236063&bpp=2&bdt=1396&idt=2&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=697x175%2C288x600%2C0x0%2C288x600%2C288x240&nras=4&correlator=4651854520349&frm=20&pv=1&ga_vid=1391234738.1621511235&ga_sid=1621511235&ga_hid=1232767995&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=250&ady=4740&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060957&oid=3&pvsid=2036474664545921&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=8zBcPSMgcR&p=https%3A//www.eotimedopovo.com.br&dtd=54
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6682610916885114&plah=www.eotimedopovo.com.br&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f4f2d342a59cde989b1a0f70604169cc17169011d6c9fc5a02e87920b0629f31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?npa=1&client=ca-pub-6682610916885114&output=html&h=90&adk=408567819&adf=1855375045&pi=t.aa~a.2506067586~rp.1&w=1100&fwrn=4&fwrnh=100&lmt=1621511102&rafmt=1&to=qs&pwprc=5515570950&psa=0&format=1100x90&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621511236063&bpp=2&bdt=1396&idt=2&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=697x175%2C288x600%2C0x0%2C288x600%2C288x240&nras=4&correlator=4651854520349&frm=20&pv=1&ga_vid=1391234738.1621511235&ga_sid=1621511235&ga_hid=1232767995&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=250&ady=4740&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060957&oid=3&pvsid=2036474664545921&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=8zBcPSMgcR&p=https%3A//www.eotimedopovo.com.br&dtd=54
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.eotimedopovo.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.eotimedopovo.com.br/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 20 May 2021 11:47:16 GMT
server
cafe
content-length
205
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Thu, 20-May-2021 12:02:16 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 20 May 2021 11:47:16 GMT
cache-control
private
css
fonts.googleapis.com/ Frame 4592 		2 KB
531 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-6682610916885114&output=html&h=600&slotname=7847638580&adk=2545567975&adf=2877706049&pi=t.ma~as.7847638580&w=288&fwrn=4&fwrnh=100&lmt=1621511102&rafmt=1&psa=0&format=288x600&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621511235701&bpp=3&bdt=1034&idt=3&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D512d2c852bd3847e-22c17cbf44c80033%3AT%3D1621511235%3ART%3D1621511235%3AS%3DALNI_Ma80Ywafa22oRJfYRWhySusi3yswQ&prev_fmts=697x175&correlator=4651854520349&frm=20&pv=1&ga_vid=1391234738.1621511235&ga_sid=1621511235&ga_hid=1232767995&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1027&ady=907&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060957&oid=3&pvsid=2036474664545921&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3ncaUd3z0W&p=https%3A//www.eotimedopovo.com.br&dtd=9
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 20 May 2021 11:20:05 GMT
server
ESF
date
Thu, 20 May 2021 11:47:16 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 20 May 2021 11:47:16 GMT
/
lp.clevernetwork.pt/bet365/geo/de/grp1/ Frame 443E
Redirect Chain
  • https://sender.clevernt.com/transporter/42518.php?ppuc=1&ppu=0&id=443924&ref=aHR0cHM6Ly93d3cuZW90aW1lZG9wb3ZvLmNvbS5ici8%3D&ruri=&r=558937434&tok=85229512005211592258&iv=-1&ctr=DE&sz=1200&wn=&res=1...
  • https://lp.clevernetwork.pt/bet365/geo/de/grp1/?affiliate=365_00974178
4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lp.clevernetwork.pt/bet365/geo/de/grp1/?affiliate=365_00974178
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:af8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12743a4d3c1792493fa6928d682e5685f80b3750199dd28aec652c4c0febdad0

Request headers

:method
GET
:authority
lp.clevernetwork.pt
:scheme
https
:path
/bet365/geo/de/grp1/?affiliate=365_00974178
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.eotimedopovo.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.eotimedopovo.com.br/

Response headers

date
Thu, 20 May 2021 11:47:16 GMT
content-type
text/html
x-amz-id-2
lNCi8va+BPArO3SQh90KdATRN/FB70Sill1ltybRbZoxYScDgwR+sKx91NOF/cpws97l//uJCbY=
x-amz-request-id
NB5GN2PRA9KBCQ72
last-modified
Thu, 22 Apr 2021 16:25:08 GMT
cache-control
max-age=1800
cf-cache-status
HIT
age
0
cf-request-id
0a2b3303d50000d6d935afd000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YBysEafxyxTk3fmnQ%2FlUUpqjKJSv46ioM6VBn63ZwQ5MAIsmqCsVLwAfdGQkKo%2FP68ZJJIH8uVue4Uqyab%2FoQd0EMFM%2BwBsWNVptfSQfUjL8YP6zJK5h2i6iHaMFA5nP"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6525544c8cbed6d9-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

server
nginx
date
Thu, 20 May 2021 11:47:16 GMT
content-type
text/html; charset=UTF-8
location
https://lp.clevernetwork.pt/bet365/geo/de/grp1/?affiliate=365_00974178
set-cookie
hstpv4user=eyJJRCI6IjgyNzUyODg4d2FuNjBhNjRjNDQ3MzM0ZSIsIkNUUiI6IkRFIiwiUmVnaW9uIjpudWxsLCJCcm93c2VyIjoiQ2hyb21lIiwiUGxhdGZvcm0iOiJXaW5kb3dzIiwiTW9iaWxlIjowLCJCb3QiOjAsInJlbW90ZV9hZGRyIjoiMjY3MDczNzE1OCIsIkxhc3RVcGRhdGUiOjE2MjE1MTEyMzZ9; expires=1653047236; path=/; domain=.clevernt.com; SameSite=None; Secure
expires
Fri, 27 Jun 1986 23:00:00 GMT
last-modified
Thu, 20 May 2021 11:47:16 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
pragma
no-cache
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f0275273984e78ca6824c6944f8d8bebcb3d7e441fbab8ee380508c3991ef347

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
464986.gif
idsync.rlcdn.com/ Frame 50C0
Redirect Chain
  • https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if
  • https://idsync.rlcdn.com/464986.gif?partner_uid=ZyFkoJI3-vI
0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/464986.gif?partner_uid=ZyFkoJI3-vI
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:16 GMT
via
1.1 google
alt-svc
clear
content-length
0

Redirect headers

date
Thu, 20 May 2021 11:47:16 GMT
server
nginx
location
https://idsync.rlcdn.com/464986.gif?partner_uid=ZyFkoJI3-vI
access-control-max-age
0
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
0
cs
cs.lkqd.net/ Frame 50C0
Redirect Chain
  • https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252...
  • https://cs.krushmedia.com/cd607442bfdf172cfcec45014a5f4ece.gif?puid=ZyFkoJI3-vI&redir=https://cs.lkqd.net/cs?partnerId%3D102%26partnerUserId%3D%5BUID%5D
  • https://cs.lkqd.net/cs?partnerId=102&partnerUserId=bd7e2e0c-72d5-413c-8d88-fa50f9116bf6
43 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&partnerUserId=bd7e2e0c-72d5-413c-8d88-fa50f9116bf6
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:17 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Pragma
no-cache
Date
Thu, 20 May 2021 11:47:17 GMT
Server
nginx
Transfer-Encoding
chunked
Location
https://cs.lkqd.net/cs?partnerId=102&partnerUserId=bd7e2e0c-72d5-413c-8d88-fa50f9116bf6
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
NXST
c.deployads.com/cs/ Frame 50C0
Redirect Chain
  • https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
  • https://c.deployads.com/cs/NXST?b=ZyFkoJI3-vI
43 B
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.deployads.com/cs/NXST?b=ZyFkoJI3-vI
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.95.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-95-9.eu-west-1.compute.amazonaws.com
Software
SortableCactus/1.0 /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 11:47:16 GMT
cache-control
no-cache
server
SortableCactus/1.0
content-type
image/gif
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Thu, 20 May 2021 11:47:16 GMT
server
nginx
location
https://c.deployads.com/cs/NXST?b=ZyFkoJI3-vI
access-control-max-age
0
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
0
cs
cs.lkqd.net/ Frame 50C0
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8810514527564741566
43 B
390 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8810514527564741566
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:16 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8810514527564741566
pragma
no-cache
date
Thu, 20 May 2021 11:47:15 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cs
cs.lkqd.net/ Frame 50C0
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=161
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=mwFOrBmtRaV2MW3pWUrhDJ8wNwY
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=mwFOrBmtRaV2MW3pWUrhDJ8wNwY
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:16 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Location
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=mwFOrBmtRaV2MW3pWUrhDJ8wNwY
Date
Thu, 20 May 2021 11:47:16 GMT
Connection
keep-alive
Content-Length
104
Content-Type
text/html; charset=utf-8
id
googleads.g.doubleclick.net/pagead/ Frame E317 		113 B
160 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/fba90263/www-embed-player.vflset/www-embed-player.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c0e2b85534746678d84586f3fcd8f214510990b44658d79e23c786b216f68ce9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame E317 		29 B
91 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/fba90263/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:41:04 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
age
372
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
expires
Thu, 20 May 2021 11:56:04 GMT
id
googleads.g.doubleclick.net/pagead/ Frame 3703 		113 B
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/fba90263/www-embed-player.vflset/www-embed-player.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
06ad8f0ae899224fe055e708d4e03b41514d6ecfa491753e44b208e6e3aaf7a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 3703 		29 B
52 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/fba90263/www-embed-player.vflset/www-embed-player.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:33:40 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
age
816
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
expires
Thu, 20 May 2021 11:48:40 GMT
t
t.lkqd.net/ Frame 95F4 		0
0
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.202 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.eotimedopovo.com.br
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Thu, 20 May 2021 11:47:16 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.eotimedopovo.com.br
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.202 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.eotimedopovo.com.br
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Thu, 20 May 2021 11:47:16 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.eotimedopovo.com.br
t
t.lkqd.net/ Frame 23C3 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.202 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.eotimedopovo.com.br
date
Thu, 20 May 2021 11:47:17 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
vpaid.js
ad.lkqd.net/vpaid/ Frame AFCC 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
ef50960ff4008e29ce90d5fbf828aafc92f1df70f59fb672fa3884fdd2017a5f

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:16 GMT
content-encoding
gzip
last-modified
Mon, 10 May 2021 16:09:54 GMT
etag
"18431b5d583ab7507824ab63424fc76a"
x-hw
1621511236.cds143.am5.hn,1621511236.cds300.am5.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62012
platform:gapi.iframes.style.common.js
apis.google.com/js/ Frame D754 		54 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/platform:gapi.iframes.style.common.js
Requested by
Host: www.blogger.com
URL: https://www.blogger.com/navbar.g?targetBlogID=1596090506057536954&blogName=%C3%89+o+Time+do+Povo+-+Not%C3%ADcias+do+Corint...&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://www.eotimedopovo.com.br/search&blogLocale=pt_BR&v=2&homepageUrl=https://www.eotimedopovo.com.br/&vt=6403506931286267602&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.p7L79FLXQCw.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g%2Fm%3D__features__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6478f543c220b0ae26c3536bed75fb9d7beaa9e234618e42ad3eaee5580ad9da
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-nMhBVjr+J8vjFOu0Vf6nVg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.blogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
x-frame-options
SAMEORIGIN
etag
"13652bab588021655d05af6f5b79901e"
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-nMhBVjr+J8vjFOu0Vf6nVg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
expires
Thu, 20 May 2021 11:47:16 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame 4592 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQg8eeuZ5lCuAqLLVFJ9e1yC-eJGTQPV7HwNviTzUkmv8SP46c&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-6682610916885114&output=html&h=600&slotname=7847638580&adk=2545567975&adf=2877706049&pi=t.ma~as.7847638580&w=288&fwrn=4&fwrnh=100&lmt=1621511102&rafmt=1&psa=0&format=288x600&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621511235701&bpp=3&bdt=1034&idt=3&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D512d2c852bd3847e-22c17cbf44c80033%3AT%3D1621511235%3ART%3D1621511235%3AS%3DALNI_Ma80Ywafa22oRJfYRWhySusi3yswQ&prev_fmts=697x175&correlator=4651854520349&frm=20&pv=1&ga_vid=1391234738.1621511235&ga_sid=1621511235&ga_hid=1232767995&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1027&ady=907&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060957&oid=3&pvsid=2036474664545921&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3ncaUd3z0W&p=https%3A//www.eotimedopovo.com.br&dtd=9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d2c6fd64b5e06203af55f4c7b0c35b98229a12158e60e3782c453f2e6ca6f3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 May 2021 14:40:46 GMT
x-content-type-options
nosniff
last-modified
Thu, 18 Feb 2021 01:52:20 GMT
server
sffe
age
335190
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51406
x-xss-protection
0
expires
Mon, 16 May 2022 14:40:46 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame 4592 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTSIyYPRcKcdjQyBiWxn2SPGb1ytoJeCGps-PXn3Ed4nS7U868&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-6682610916885114&output=html&h=600&slotname=7847638580&adk=2545567975&adf=2877706049&pi=t.ma~as.7847638580&w=288&fwrn=4&fwrnh=100&lmt=1621511102&rafmt=1&psa=0&format=288x600&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621511235701&bpp=3&bdt=1034&idt=3&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D512d2c852bd3847e-22c17cbf44c80033%3AT%3D1621511235%3ART%3D1621511235%3AS%3DALNI_Ma80Ywafa22oRJfYRWhySusi3yswQ&prev_fmts=697x175&correlator=4651854520349&frm=20&pv=1&ga_vid=1391234738.1621511235&ga_sid=1621511235&ga_hid=1232767995&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1027&ady=907&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060957&oid=3&pvsid=2036474664545921&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3ncaUd3z0W&p=https%3A//www.eotimedopovo.com.br&dtd=9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e5e013c8289698cbe69050a6bdb7de3ed90ae6d965b763dde8b8de9cd09df0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 17 May 2021 23:38:10 GMT
x-content-type-options
nosniff
last-modified
Thu, 29 Oct 2020 06:57:13 GMT
server
sffe
age
216546
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17311
x-xss-protection
0
expires
Tue, 17 May 2022 23:38:10 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame 4592 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcS40u3UUoJbuGOtdT4GI8bEam3CMdQ1fa4Bus1aqmD_bCpdKmgB&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-6682610916885114&output=html&h=600&slotname=7847638580&adk=2545567975&adf=2877706049&pi=t.ma~as.7847638580&w=288&fwrn=4&fwrnh=100&lmt=1621511102&rafmt=1&psa=0&format=288x600&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621511235701&bpp=3&bdt=1034&idt=3&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D512d2c852bd3847e-22c17cbf44c80033%3AT%3D1621511235%3ART%3D1621511235%3AS%3DALNI_Ma80Ywafa22oRJfYRWhySusi3yswQ&prev_fmts=697x175&correlator=4651854520349&frm=20&pv=1&ga_vid=1391234738.1621511235&ga_sid=1621511235&ga_hid=1232767995&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1027&ady=907&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060957&oid=3&pvsid=2036474664545921&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3ncaUd3z0W&p=https%3A//www.eotimedopovo.com.br&dtd=9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
add3c3293a54e99376009fc1786f0c6bf83615d25637f7f2b98f944f5972a5b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 14 May 2021 09:58:10 GMT
x-content-type-options
nosniff
last-modified
Fri, 16 Apr 2021 01:49:06 GMT
server
sffe
age
524946
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23174
x-xss-protection
0
expires
Sat, 14 May 2022 09:58:10 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame 4592 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTihcAGbTwDf-uLIV5DkuotryxqRlmeWYg5FdL6dGFjNPkFyTGs&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-6682610916885114&output=html&h=600&slotname=7847638580&adk=2545567975&adf=2877706049&pi=t.ma~as.7847638580&w=288&fwrn=4&fwrnh=100&lmt=1621511102&rafmt=1&psa=0&format=288x600&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621511235701&bpp=3&bdt=1034&idt=3&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D512d2c852bd3847e-22c17cbf44c80033%3AT%3D1621511235%3ART%3D1621511235%3AS%3DALNI_Ma80Ywafa22oRJfYRWhySusi3yswQ&prev_fmts=697x175&correlator=4651854520349&frm=20&pv=1&ga_vid=1391234738.1621511235&ga_sid=1621511235&ga_hid=1232767995&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1027&ady=907&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060957&oid=3&pvsid=2036474664545921&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3ncaUd3z0W&p=https%3A//www.eotimedopovo.com.br&dtd=9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af0b953fbbad22fc9d75012b31fb90ccb28c9dc583afdf89e6969d8737bc9175
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 17 May 2021 19:07:35 GMT
x-content-type-options
nosniff
last-modified
Fri, 12 Feb 2021 02:30:55 GMT
server
sffe
age
232781
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42173
x-xss-protection
0
expires
Tue, 17 May 2022 19:07:35 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame 4592 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSDJdqDCZPfWjxyoXFhafiLOIzT-79nSAT1QFeki02n_xxbtJvMY7HNm9KTBJ0&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-6682610916885114&output=html&h=600&slotname=7847638580&adk=2545567975&adf=2877706049&pi=t.ma~as.7847638580&w=288&fwrn=4&fwrnh=100&lmt=1621511102&rafmt=1&psa=0&format=288x600&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621511235701&bpp=3&bdt=1034&idt=3&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D512d2c852bd3847e-22c17cbf44c80033%3AT%3D1621511235%3ART%3D1621511235%3AS%3DALNI_Ma80Ywafa22oRJfYRWhySusi3yswQ&prev_fmts=697x175&correlator=4651854520349&frm=20&pv=1&ga_vid=1391234738.1621511235&ga_sid=1621511235&ga_hid=1232767995&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1027&ady=907&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060957&oid=3&pvsid=2036474664545921&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3ncaUd3z0W&p=https%3A//www.eotimedopovo.com.br&dtd=9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a4aec91290b3fe4a7a6a59ca89863a6c779375ab6807790b6e0bc1550859197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 17 May 2021 13:26:05 GMT
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 02:13:00 GMT
server
sffe
age
253271
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20870
x-xss-protection
0
expires
Tue, 17 May 2022 13:26:05 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame 4592 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRE4jGpIbUBSrBr72msYvLqYimoeiytIj5PDcXf80b8-gxBybqF2xV1WtW6PQ&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-6682610916885114&output=html&h=600&slotname=7847638580&adk=2545567975&adf=2877706049&pi=t.ma~as.7847638580&w=288&fwrn=4&fwrnh=100&lmt=1621511102&rafmt=1&psa=0&format=288x600&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621511235701&bpp=3&bdt=1034&idt=3&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D512d2c852bd3847e-22c17cbf44c80033%3AT%3D1621511235%3ART%3D1621511235%3AS%3DALNI_Ma80Ywafa22oRJfYRWhySusi3yswQ&prev_fmts=697x175&correlator=4651854520349&frm=20&pv=1&ga_vid=1391234738.1621511235&ga_sid=1621511235&ga_hid=1232767995&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1027&ady=907&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060957&oid=3&pvsid=2036474664545921&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3ncaUd3z0W&p=https%3A//www.eotimedopovo.com.br&dtd=9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0f905875d084d23746c5d70106f64990d22fd7bcaf9e967c3ec57b95e18b954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 04:15:07 GMT
x-content-type-options
nosniff
last-modified
Tue, 02 Mar 2021 03:27:39 GMT
server
sffe
age
199929
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23335
x-xss-protection
0
expires
Wed, 18 May 2022 04:15:07 GMT
12292211746583241485
tpc.googlesyndication.com/simgad/ Frame 4592
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr64iePBCwCRiwCTIINoIjV4alR1E
  • https://tpc.googlesyndication.com/simgad/12292211746583241485
30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/12292211746583241485
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-6682610916885114&output=html&h=600&slotname=7847638580&adk=2545567975&adf=2877706049&pi=t.ma~as.7847638580&w=288&fwrn=4&fwrnh=100&lmt=1621511102&rafmt=1&psa=0&format=288x600&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621511235701&bpp=3&bdt=1034&idt=3&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D512d2c852bd3847e-22c17cbf44c80033%3AT%3D1621511235%3ART%3D1621511235%3AS%3DALNI_Ma80Ywafa22oRJfYRWhySusi3yswQ&prev_fmts=697x175&correlator=4651854520349&frm=20&pv=1&ga_vid=1391234738.1621511235&ga_sid=1621511235&ga_hid=1232767995&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1027&ady=907&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060957&oid=3&pvsid=2036474664545921&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3ncaUd3z0W&p=https%3A//www.eotimedopovo.com.br&dtd=9
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
801ffc320183425aad8f1d94a5b76c6cadb00703f12ccd83dd997cd941c520cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 10:22:11 GMT
x-content-type-options
nosniff
age
5105
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30912
x-xss-protection
0
last-modified
Mon, 16 Sep 2019 23:08:24 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 20 May 2022 10:22:11 GMT

Redirect headers

timing-allow-origin
*
date
Thu, 20 May 2021 08:10:09 GMT
x-content-type-options
nosniff
server
cafe
age
13027
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/12292211746583241485
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 19 Jun 2021 08:10:09 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 4592 		1 KB
989 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-6682610916885114&output=html&h=600&slotname=7847638580&adk=2545567975&adf=2877706049&pi=t.ma~as.7847638580&w=288&fwrn=4&fwrnh=100&lmt=1621511102&rafmt=1&psa=0&format=288x600&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621511235701&bpp=3&bdt=1034&idt=3&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D512d2c852bd3847e-22c17cbf44c80033%3AT%3D1621511235%3ART%3D1621511235%3AS%3DALNI_Ma80Ywafa22oRJfYRWhySusi3yswQ&prev_fmts=697x175&correlator=4651854520349&frm=20&pv=1&ga_vid=1391234738.1621511235&ga_sid=1621511235&ga_hid=1232767995&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1027&ady=907&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060957&oid=3&pvsid=2036474664545921&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3ncaUd3z0W&p=https%3A//www.eotimedopovo.com.br&dtd=9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:45:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
88
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
882
x-xss-protection
0
server
cafe
etag
11243716317595354070
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 03 Jun 2021 11:45:48 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/ Frame 4592 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-6682610916885114&output=html&h=600&slotname=7847638580&adk=2545567975&adf=2877706049&pi=t.ma~as.7847638580&w=288&fwrn=4&fwrnh=100&lmt=1621511102&rafmt=1&psa=0&format=288x600&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621511235701&bpp=3&bdt=1034&idt=3&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D512d2c852bd3847e-22c17cbf44c80033%3AT%3D1621511235%3ART%3D1621511235%3AS%3DALNI_Ma80Ywafa22oRJfYRWhySusi3yswQ&prev_fmts=697x175&correlator=4651854520349&frm=20&pv=1&ga_vid=1391234738.1621511235&ga_sid=1621511235&ga_hid=1232767995&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1027&ady=907&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060957&oid=3&pvsid=2036474664545921&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3ncaUd3z0W&p=https%3A//www.eotimedopovo.com.br&dtd=9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ac13025dc609fbe2671ff553cec81ea6e640efa3413d7c8944e461b718d1782
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:45:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
117
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7009
x-xss-protection
0
server
cafe
etag
607056201285360291
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 03 Jun 2021 11:45:19 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 4592 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-6682610916885114&output=html&h=600&slotname=7847638580&adk=2545567975&adf=2877706049&pi=t.ma~as.7847638580&w=288&fwrn=4&fwrnh=100&lmt=1621511102&rafmt=1&psa=0&format=288x600&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621511235701&bpp=3&bdt=1034&idt=3&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D512d2c852bd3847e-22c17cbf44c80033%3AT%3D1621511235%3ART%3D1621511235%3AS%3DALNI_Ma80Ywafa22oRJfYRWhySusi3yswQ&prev_fmts=697x175&correlator=4651854520349&frm=20&pv=1&ga_vid=1391234738.1621511235&ga_sid=1621511235&ga_hid=1232767995&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1027&ady=907&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060957&oid=3&pvsid=2036474664545921&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3ncaUd3z0W&p=https%3A//www.eotimedopovo.com.br&dtd=9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:45:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
128
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 03 Jun 2021 11:45:08 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4592 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-6682610916885114&output=html&h=600&slotname=7847638580&adk=2545567975&adf=2877706049&pi=t.ma~as.7847638580&w=288&fwrn=4&fwrnh=100&lmt=1621511102&rafmt=1&psa=0&format=288x600&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621511235701&bpp=3&bdt=1034&idt=3&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D512d2c852bd3847e-22c17cbf44c80033%3AT%3D1621511235%3ART%3D1621511235%3AS%3DALNI_Ma80Ywafa22oRJfYRWhySusi3yswQ&prev_fmts=697x175&correlator=4651854520349&frm=20&pv=1&ga_vid=1391234738.1621511235&ga_sid=1621511235&ga_hid=1232767995&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1027&ady=907&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060957&oid=3&pvsid=2036474664545921&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3ncaUd3z0W&p=https%3A//www.eotimedopovo.com.br&dtd=9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1d253e967c986d216abdb99d19a6f4487d71d64e406b832a22361a29fb62dc55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1621424119306032"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36804
x-xss-protection
0
expires
Thu, 20 May 2021 11:47:16 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 4592 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-6682610916885114&output=html&h=600&slotname=7847638580&adk=2545567975&adf=2877706049&pi=t.ma~as.7847638580&w=288&fwrn=4&fwrnh=100&lmt=1621511102&rafmt=1&psa=0&format=288x600&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621511235701&bpp=3&bdt=1034&idt=3&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D512d2c852bd3847e-22c17cbf44c80033%3AT%3D1621511235%3ART%3D1621511235%3AS%3DALNI_Ma80Ywafa22oRJfYRWhySusi3yswQ&prev_fmts=697x175&correlator=4651854520349&frm=20&pv=1&ga_vid=1391234738.1621511235&ga_sid=1621511235&ga_hid=1232767995&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1027&ady=907&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060957&oid=3&pvsid=2036474664545921&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3ncaUd3z0W&p=https%3A//www.eotimedopovo.com.br&dtd=9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:40:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
385
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5621
x-xss-protection
0
server
cafe
etag
8169261014141303515
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 03 Jun 2021 11:40:51 GMT
l
www.google.com/ads/measurement/ Frame 4592 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRdt0wb_22ym-KWrDNJxxRRDgUGEY_NSoYU95CTwNzeaTiH98y4m1bkI0xbSJfxa8i2VjF3
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-6682610916885114&output=html&h=600&slotname=7847638580&adk=2545567975&adf=2877706049&pi=t.ma~as.7847638580&w=288&fwrn=4&fwrnh=100&lmt=1621511102&rafmt=1&psa=0&format=288x600&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621511235701&bpp=3&bdt=1034&idt=3&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D512d2c852bd3847e-22c17cbf44c80033%3AT%3D1621511235%3ART%3D1621511235%3AS%3DALNI_Ma80Ywafa22oRJfYRWhySusi3yswQ&prev_fmts=697x175&correlator=4651854520349&frm=20&pv=1&ga_vid=1391234738.1621511235&ga_sid=1621511235&ga_hid=1232767995&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1027&ady=907&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060957&oid=3&pvsid=2036474664545921&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3ncaUd3z0W&p=https%3A//www.eotimedopovo.com.br&dtd=9
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
6bd41964be010df5460da51c4a6824b5.js
www.gstatic.com/mysidia/ Frame 4592 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/6bd41964be010df5460da51c4a6824b5.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-6682610916885114&output=html&h=600&slotname=7847638580&adk=2545567975&adf=2877706049&pi=t.ma~as.7847638580&w=288&fwrn=4&fwrnh=100&lmt=1621511102&rafmt=1&psa=0&format=288x600&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621511235701&bpp=3&bdt=1034&idt=3&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D512d2c852bd3847e-22c17cbf44c80033%3AT%3D1621511235%3ART%3D1621511235%3AS%3DALNI_Ma80Ywafa22oRJfYRWhySusi3yswQ&prev_fmts=697x175&correlator=4651854520349&frm=20&pv=1&ga_vid=1391234738.1621511235&ga_sid=1621511235&ga_hid=1232767995&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1027&ady=907&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060957&oid=3&pvsid=2036474664545921&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3ncaUd3z0W&p=https%3A//www.eotimedopovo.com.br&dtd=9
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
00535b5b597302e2749d3c2671f53ac61d0ba3b3e1a6624e6235ce18811b514b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 12:30:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 14 May 2021 23:56:38 GMT
server
sffe
age
170212
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10390
x-xss-protection
0
expires
Mon, 16 Aug 2021 12:30:24 GMT
remote.js
www.youtube.com/s/player/fba90263/player_ias.vflset/en_US/ Frame E317 		98 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/fba90263/player_ias.vflset/en_US/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/fba90263/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
187b2130cdd7857365f314352097dd414d0bea425b98dfb3d0423d7d184d6197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/HiZ8OQj6u20?autoplay=0&origin=http://example.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 02:50:15 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 19 May 2021 01:59:33 GMT
server
sffe
age
118621
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30864
x-xss-protection
0
expires
Thu, 19 May 2022 02:50:15 GMT
HLG8T7_6jrm5gwCee85nqoZzVn5k6-x3RhaIxJGUkXo.js
www.google.com/js/th/ Frame E317 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/HLG8T7_6jrm5gwCee85nqoZzVn5k6-x3RhaIxJGUkXo.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/fba90263/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1cb1bc4fbffa8eb9b983009e7bce67aa8673567e64ebec77461688c49194917a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 10:15:59 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 03 May 2021 11:00:00 GMT
server
sffe
age
5477
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13280
x-xss-protection
0
expires
Fri, 20 May 2022 10:15:59 GMT
embed.js
www.youtube.com/s/player/fba90263/player_ias.vflset/en_US/ Frame E317 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/fba90263/player_ias.vflset/en_US/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/fba90263/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5367b985d0e7260be2ad1a7dcf0578da95c507ba93b57f0facb134374fd4da4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/HiZ8OQj6u20?autoplay=0&origin=http://example.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 02:50:15 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 19 May 2021 01:59:33 GMT
server
sffe
age
118621
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7452
x-xss-protection
0
expires
Thu, 19 May 2022 02:50:15 GMT
truncated
/ Frame E317 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
AAUvwng4iF63z5pkw-nwwT_xEVc6c7EyaI4gn6Q2p4zbKxg=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame E317 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AAUvwng4iF63z5pkw-nwwT_xEVc6c7EyaI4gn6Q2p4zbKxg=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/HiZ8OQj6u20?autoplay=0&origin=http://example.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
e7cd7469392be9dbe1eaeeab2225a4a50ee88909239b51e870a3f79d42e4e685
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:16 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4024
x-xss-protection
0
server
fife
etag
"v1c315"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 09 May 2021 00:31:40 GMT
sddefault.webp
i.ytimg.com/vi_webp/HiZ8OQj6u20/ Frame E317 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/HiZ8OQj6u20/sddefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/HiZ8OQj6u20?autoplay=0&origin=http://example.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8686abb6033571fa720501e82074d0f55db1eb166e601a045a7d99ce0b27a821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 10:21:39 GMT
x-content-type-options
nosniff
server
sffe
age
5137
etag
"1617754994"
vary
Origin
content-type
image/webp
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30584
x-xss-protection
0
expires
Thu, 20 May 2021 12:21:39 GMT
remote.js
www.youtube.com/s/player/fba90263/player_ias.vflset/en_US/ Frame 3703 		98 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/fba90263/player_ias.vflset/en_US/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/fba90263/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
187b2130cdd7857365f314352097dd414d0bea425b98dfb3d0423d7d184d6197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/PqJe0OuJSMI?autoplay=0&origin=http://example.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 02:50:15 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 19 May 2021 01:59:33 GMT
server
sffe
age
118621
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30864
x-xss-protection
0
expires
Thu, 19 May 2022 02:50:15 GMT
HLG8T7_6jrm5gwCee85nqoZzVn5k6-x3RhaIxJGUkXo.js
www.google.com/js/th/ Frame 3703 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/HLG8T7_6jrm5gwCee85nqoZzVn5k6-x3RhaIxJGUkXo.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/fba90263/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1cb1bc4fbffa8eb9b983009e7bce67aa8673567e64ebec77461688c49194917a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 10:15:59 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 03 May 2021 11:00:00 GMT
server
sffe
age
5477
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13280
x-xss-protection
0
expires
Fri, 20 May 2022 10:15:59 GMT
embed.js
www.youtube.com/s/player/fba90263/player_ias.vflset/en_US/ Frame 3703 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/fba90263/player_ias.vflset/en_US/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/fba90263/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5367b985d0e7260be2ad1a7dcf0578da95c507ba93b57f0facb134374fd4da4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/PqJe0OuJSMI?autoplay=0&origin=http://example.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 02:50:15 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 19 May 2021 01:59:33 GMT
server
sffe
age
118621
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7452
x-xss-protection
0
expires
Thu, 19 May 2022 02:50:15 GMT
464986.gif
idsync.rlcdn.com/ Frame 26A4
Redirect Chain
  • https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if
  • https://idsync.rlcdn.com/464986.gif?partner_uid=ZyFkoJI3-vI
0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/464986.gif?partner_uid=ZyFkoJI3-vI
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:16 GMT
via
1.1 google
alt-svc
clear
content-length
0

Redirect headers

date
Thu, 20 May 2021 11:47:16 GMT
server
nginx
location
https://idsync.rlcdn.com/464986.gif?partner_uid=ZyFkoJI3-vI
access-control-max-age
0
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
0
cs
cs.lkqd.net/ Frame 26A4
Redirect Chain
  • https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252...
  • https://cs.krushmedia.com/cd607442bfdf172cfcec45014a5f4ece.gif?puid=ZyFkoJI3-vI&redir=https://cs.lkqd.net/cs?partnerId%3D102%26partnerUserId%3D%5BUID%5D
  • https://cs.lkqd.net/cs?partnerId=102&partnerUserId=fd429497-9ac1-4d6b-a251-2f627354c564
43 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&partnerUserId=fd429497-9ac1-4d6b-a251-2f627354c564
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:17 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Pragma
no-cache
Date
Thu, 20 May 2021 11:47:17 GMT
Server
nginx
Transfer-Encoding
chunked
Location
https://cs.lkqd.net/cs?partnerId=102&partnerUserId=fd429497-9ac1-4d6b-a251-2f627354c564
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
NXST
c.deployads.com/cs/ Frame 26A4
Redirect Chain
  • https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
  • https://c.deployads.com/cs/NXST?b=ZyFkoJI3-vI
43 B
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.deployads.com/cs/NXST?b=ZyFkoJI3-vI
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.95.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-95-9.eu-west-1.compute.amazonaws.com
Software
SortableCactus/1.0 /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 11:47:16 GMT
cache-control
no-cache
server
SortableCactus/1.0
content-type
image/gif
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Thu, 20 May 2021 11:47:16 GMT
server
nginx
location
https://c.deployads.com/cs/NXST?b=ZyFkoJI3-vI
access-control-max-age
0
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
0
cs
cs.lkqd.net/ Frame 26A4
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8810514527564741566
43 B
390 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8810514527564741566
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:16 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=8810514527564741566
pragma
no-cache
date
Thu, 20 May 2021 11:47:16 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cs
cs.lkqd.net/ Frame 26A4
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=161
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=VZjMczHaSBhsoFM90uHxq58wNwY
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=VZjMczHaSBhsoFM90uHxq58wNwY
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:16 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Location
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=VZjMczHaSBhsoFM90uHxq58wNwY
Date
Thu, 20 May 2021 11:47:16 GMT
Connection
keep-alive
Content-Length
104
Content-Type
text/html; charset=utf-8
adview
googleads.g.doubleclick.net/pagead/ Frame 4592 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CPzzkQ0ymYPPALIrU3gO-o6yAB72Hp-lip-6bs8oN8Lu0mPsZEAEgh-HWOGCVAqABuf--7APIAQmpAjmvuxWkeLQ-qAMByAPLBKoExQFP0AFkaU08Kd1YHNw42RZUxlQEQgcsBZpuEAEW51aNvFLcCCWeQFuv2jxtE-uFFKHT-eBJpd9EiHVGoOhHuy72UF6Dd6hQE3jwkuCiENKj8G5Bd7UDHRKXECMAjnowWYAyJVwr7cy7ydSdjkoFJJYpQrfejZkaUOBdAA4qMfxdHbPMEPP4rD-eo3s2cchvf3nFUhPFNNgpk6SMUWwPbL0w5q-C5-_NAoW05aPrkJXACbYDdaE-6gmemox7O9x7lMa-q6Hy28AE3Mue0f4CkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB_qyhxaoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEIrxAdIICQiA4YBwEAEYH4AKAcgLAdgTC4gUA9AVAYAXAbIXGgoYCAASFHB1Yi02NjgyNjEwOTE2ODg1MTE0&sigh=89UrhvLIFNY&template_id=494
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-6682610916885114&output=html&h=600&slotname=7847638580&adk=2545567975&adf=2877706049&pi=t.ma~as.7847638580&w=288&fwrn=4&fwrnh=100&lmt=1621511102&rafmt=1&psa=0&format=288x600&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621511235701&bpp=3&bdt=1034&idt=3&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D512d2c852bd3847e-22c17cbf44c80033%3AT%3D1621511235%3ART%3D1621511235%3AS%3DALNI_Ma80Ywafa22oRJfYRWhySusi3yswQ&prev_fmts=697x175&correlator=4651854520349&frm=20&pv=1&ga_vid=1391234738.1621511235&ga_sid=1621511235&ga_hid=1232767995&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1027&ady=907&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060957&oid=3&pvsid=2036474664545921&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3ncaUd3z0W&p=https%3A//www.eotimedopovo.com.br&dtd=9
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-6682610916885114&output=html&h=600&slotname=7847638580&adk=2545567975&adf=2877706049&pi=t.ma~as.7847638580&w=288&fwrn=4&fwrnh=100&lmt=1621511102&rafmt=1&psa=0&format=288x600&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621511235701&bpp=3&bdt=1034&idt=3&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D512d2c852bd3847e-22c17cbf44c80033%3AT%3D1621511235%3ART%3D1621511235%3AS%3DALNI_Ma80Ywafa22oRJfYRWhySusi3yswQ&prev_fmts=697x175&correlator=4651854520349&frm=20&pv=1&ga_vid=1391234738.1621511235&ga_sid=1621511235&ga_hid=1232767995&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1027&ady=907&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060957&oid=3&pvsid=2036474664545921&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3ncaUd3z0W&p=https%3A//www.eotimedopovo.com.br&dtd=9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 20 May 2021 11:47:16 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
truncated
/ Frame 3703 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
AAUvwng4iF63z5pkw-nwwT_xEVc6c7EyaI4gn6Q2p4zbKxg=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 3703 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AAUvwng4iF63z5pkw-nwwT_xEVc6c7EyaI4gn6Q2p4zbKxg=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/PqJe0OuJSMI?autoplay=0&origin=http://example.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
e7cd7469392be9dbe1eaeeab2225a4a50ee88909239b51e870a3f79d42e4e685
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:16 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4024
x-xss-protection
0
server
fife
etag
"v1c315"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sun, 09 May 2021 00:31:40 GMT
sddefault.webp
i.ytimg.com/vi_webp/PqJe0OuJSMI/ Frame 3703 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/PqJe0OuJSMI/sddefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/PqJe0OuJSMI?autoplay=0&origin=http://example.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b0d666dfc4416a7841e781a81cadb22a7937539a64f2a14432453b536bc213ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 10:21:39 GMT
x-content-type-options
nosniff
server
sffe
age
5137
etag
"0"
vary
Origin
content-type
image/webp
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29390
x-xss-protection
0
expires
Thu, 20 May 2021 12:21:39 GMT
truncated
/ Frame 4592 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
db0c9785208fdea5b092fda05366e44b3d9d76d6137de8dd5d1e29bfcac55ad6

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/167177126177049833/Walbusch_TV-Banner_300x250/ Frame 5B15 		65 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/167177126177049833/Walbusch_TV-Banner_300x250/index.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-6682610916885114&output=html&h=240&adk=4233806101&adf=3090203552&pi=t.aa~a.3687731992~rp.4&w=288&fwrn=4&fwrnh=100&lmt=1621511102&rafmt=1&to=qs&pwprc=5515570950&psa=0&format=288x240&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621511236063&bpp=1&bdt=1395&idt=-M&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=697x175%2C288x600%2C0x0%2C288x600&nras=3&correlator=4651854520349&frm=20&pv=1&ga_vid=1391234738.1621511235&ga_sid=1621511235&ga_hid=1232767995&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1027&ady=3447&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060957&oid=3&pvsid=2036474664545921&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=oYuZx0WN2s&p=https%3A//www.eotimedopovo.com.br&dtd=44
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a92a9cd54fd072269ace6f56208502fac2fa2ceea167a09cd539f628b789d02c
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sadbundle/$csp%3Der3$/167177126177049833/Walbusch_TV-Banner_300x250/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
date
Thu, 13 May 2021 22:25:54 GMT
expires
Fri, 13 May 2022 22:25:54 GMT
last-modified
Thu, 04 Mar 2021 14:53:54 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
content-length
9621
age
566482
cache-control
public, max-age=31536000
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
googleads.g.doubleclick.net/pagead/ Frame EA15 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CoIUNREymYKPlB5WX3gPx-LSYB56d8oth-ana08ENv-EeEAEgh-HWOGCVAqABoqDv8wPIAQmpAgMANKBib7Q-qAMByANIqgTDAU_Q0Or8ex-_iKAXye5xrvL3ojdjrj16CSJ6Q-5RnpGLSVtnAsKhTfTKHGYL40ehigzN1MCzEV-7mIbrtn15nTsAIQBgmSgo1I_hXJdNs7GzElMqYBhs9ou4zGV3pYXioWcnzsHHtLXQk41nHiqB_VG3uvtzbRj_LIdooMaubJhpxVLl-MYLZW8Q_2fVhr19cojkd-HxJnL43kgSrADE39qYIyX2WyZkRxQXvilyxUGR_InQQjOudr4gKgCv6LSCiC8VusAEstqzyZECkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB8bfkAyoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwMQ913SCAkIgOGAcBABGB-ACgHICwHYEw3QFQGAFwGyFxoKGAgAEhRwdWItNjY4MjYxMDkxNjg4NTExNA&sigh=77WUupEQC_I&template_id=419
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-6682610916885114&output=html&h=240&adk=4233806101&adf=3090203552&pi=t.aa~a.3687731992~rp.4&w=288&fwrn=4&fwrnh=100&lmt=1621511102&rafmt=1&to=qs&pwprc=5515570950&psa=0&format=288x240&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621511236063&bpp=1&bdt=1395&idt=-M&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=697x175%2C288x600%2C0x0%2C288x600&nras=3&correlator=4651854520349&frm=20&pv=1&ga_vid=1391234738.1621511235&ga_sid=1621511235&ga_hid=1232767995&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1027&ady=3447&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060957&oid=3&pvsid=2036474664545921&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=oYuZx0WN2s&p=https%3A//www.eotimedopovo.com.br&dtd=44
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-6682610916885114&output=html&h=240&adk=4233806101&adf=3090203552&pi=t.aa~a.3687731992~rp.4&w=288&fwrn=4&fwrnh=100&lmt=1621511102&rafmt=1&to=qs&pwprc=5515570950&psa=0&format=288x240&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621511236063&bpp=1&bdt=1395&idt=-M&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=697x175%2C288x600%2C0x0%2C288x600&nras=3&correlator=4651854520349&frm=20&pv=1&ga_vid=1391234738.1621511235&ga_sid=1621511235&ga_hid=1232767995&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1027&ady=3447&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060957&oid=3&pvsid=2036474664545921&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=oYuZx0WN2s&p=https%3A//www.eotimedopovo.com.br&dtd=44
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 20 May 2021 11:47:16 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/ Frame EA15 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-6682610916885114&output=html&h=240&adk=4233806101&adf=3090203552&pi=t.aa~a.3687731992~rp.4&w=288&fwrn=4&fwrnh=100&lmt=1621511102&rafmt=1&to=qs&pwprc=5515570950&psa=0&format=288x240&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621511236063&bpp=1&bdt=1395&idt=-M&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=697x175%2C288x600%2C0x0%2C288x600&nras=3&correlator=4651854520349&frm=20&pv=1&ga_vid=1391234738.1621511235&ga_sid=1621511235&ga_hid=1232767995&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1027&ady=3447&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060957&oid=3&pvsid=2036474664545921&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=oYuZx0WN2s&p=https%3A//www.eotimedopovo.com.br&dtd=44
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ac13025dc609fbe2671ff553cec81ea6e640efa3413d7c8944e461b718d1782
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:45:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
117
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7009
x-xss-protection
0
server
cafe
etag
607056201285360291
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 03 Jun 2021 11:45:19 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame EA15 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-6682610916885114&output=html&h=240&adk=4233806101&adf=3090203552&pi=t.aa~a.3687731992~rp.4&w=288&fwrn=4&fwrnh=100&lmt=1621511102&rafmt=1&to=qs&pwprc=5515570950&psa=0&format=288x240&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621511236063&bpp=1&bdt=1395&idt=-M&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=697x175%2C288x600%2C0x0%2C288x600&nras=3&correlator=4651854520349&frm=20&pv=1&ga_vid=1391234738.1621511235&ga_sid=1621511235&ga_hid=1232767995&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1027&ady=3447&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060957&oid=3&pvsid=2036474664545921&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=oYuZx0WN2s&p=https%3A//www.eotimedopovo.com.br&dtd=44
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:45:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
128
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 03 Jun 2021 11:45:08 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EA15 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-6682610916885114&output=html&h=240&adk=4233806101&adf=3090203552&pi=t.aa~a.3687731992~rp.4&w=288&fwrn=4&fwrnh=100&lmt=1621511102&rafmt=1&to=qs&pwprc=5515570950&psa=0&format=288x240&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621511236063&bpp=1&bdt=1395&idt=-M&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=697x175%2C288x600%2C0x0%2C288x600&nras=3&correlator=4651854520349&frm=20&pv=1&ga_vid=1391234738.1621511235&ga_sid=1621511235&ga_hid=1232767995&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1027&ady=3447&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060957&oid=3&pvsid=2036474664545921&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=oYuZx0WN2s&p=https%3A//www.eotimedopovo.com.br&dtd=44
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1d253e967c986d216abdb99d19a6f4487d71d64e406b832a22361a29fb62dc55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1621424119306032"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36804
x-xss-protection
0
expires
Thu, 20 May 2021 11:47:16 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame EA15 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-6682610916885114&output=html&h=240&adk=4233806101&adf=3090203552&pi=t.aa~a.3687731992~rp.4&w=288&fwrn=4&fwrnh=100&lmt=1621511102&rafmt=1&to=qs&pwprc=5515570950&psa=0&format=288x240&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621511236063&bpp=1&bdt=1395&idt=-M&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=697x175%2C288x600%2C0x0%2C288x600&nras=3&correlator=4651854520349&frm=20&pv=1&ga_vid=1391234738.1621511235&ga_sid=1621511235&ga_hid=1232767995&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1027&ady=3447&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060957&oid=3&pvsid=2036474664545921&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=oYuZx0WN2s&p=https%3A//www.eotimedopovo.com.br&dtd=44
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:40:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
385
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5621
x-xss-protection
0
server
cafe
etag
8169261014141303515
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 03 Jun 2021 11:40:51 GMT
usync.html
ad.lkqd.net/cookie-sync/ Frame EB2A 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
f1b84287f024bbd570be1f1bc70c321931025ffacde7b25210dcc1ccc0575591

Request headers

:method
GET
:authority
ad.lkqd.net
:scheme
https
:path
/cookie-sync/usync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
lkqdidts=1621511236; lkqdid=ZyFkoJI3-vI; sr55=1||1621511236; sr102=1||1621511236; sr94=1|8810514527564741566|1621511236; sr99=1||1621511236
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:16 GMT
content-encoding
gzip
content-length
1828
content-type
text/html
last-modified
Mon, 12 Apr 2021 19:06:23 GMT
accept-ranges
bytes
etag
"27034f886617b8db418f17a7a29a7e50"
cache-control
public, max-age=1209600
x-hw
1621511236.cds143.am5.hn,1621511236.cds257.am5.c
access-control-allow-origin
*
ad
v.lkqd.net/ Frame 		0
0
ad
v.lkqd.net/ Frame AFCC 		0
0
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.p7L79FLXQCw.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g/ Frame D754 		120 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.p7L79FLXQCw.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO6hl1EejjzC-wrWbDdgTxPi0Gs8g/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform:gapi.iframes.style.common.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cdbb929d9ca1e2ce7b2b4227a6e752b820a215a1e4a7e6bc56f943887210e2d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.blogger.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 18:28:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 May 2021 20:19:21 GMT
server
sffe
age
580715
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41440
x-xss-protection
0
expires
Fri, 13 May 2022 18:28:41 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.eotimedopovo.com.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6682610916885114&plah=www.eotimedopovo.com.br&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 20 May 2021 11:47:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.eotimedopovo.com.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6682610916885114&plah=www.eotimedopovo.com.br&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 20 May 2021 11:47:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame DC7E 		405 B
225 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-6682610916885114&output=html&h=90&adk=147768277&adf=2663560246&pi=t.aa~a.1726328726~rp.1&w=1100&fwrn=4&fwrnh=100&lmt=1621511102&rafmt=1&to=qs&pwprc=5515570950&psa=0&format=1100x90&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621511236068&bpp=1&bdt=1401&idt=1&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=697x175%2C288x600%2C0x0%2C288x600%2C288x240%2C1100x90&nras=5&correlator=4651854520349&frm=20&pv=1&ga_vid=1391234738.1621511235&ga_sid=1621511235&ga_hid=1232767995&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=250&ady=4780&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060957&oid=3&psts=AGkb-H8BN-VBVjvWx8TrD5N5_LVn6-O_RsuC-rLHvNpW7Ys0ps5U5oHoze73ZBL5Kcqtn6Gzaz_gi_lfho2acA&pvsid=2036474664545921&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=vRoWyS0cZD&p=https%3A//www.eotimedopovo.com.br&dtd=805
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6682610916885114&plah=www.eotimedopovo.com.br&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a537d2bafd46996b3ca23da217a06e2c4dd9ac0c5f6d8b8010b0820df53890b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?npa=1&client=ca-pub-6682610916885114&output=html&h=90&adk=147768277&adf=2663560246&pi=t.aa~a.1726328726~rp.1&w=1100&fwrn=4&fwrnh=100&lmt=1621511102&rafmt=1&to=qs&pwprc=5515570950&psa=0&format=1100x90&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621511236068&bpp=1&bdt=1401&idt=1&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=697x175%2C288x600%2C0x0%2C288x600%2C288x240%2C1100x90&nras=5&correlator=4651854520349&frm=20&pv=1&ga_vid=1391234738.1621511235&ga_sid=1621511235&ga_hid=1232767995&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=250&ady=4780&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060957&oid=3&psts=AGkb-H8BN-VBVjvWx8TrD5N5_LVn6-O_RsuC-rLHvNpW7Ys0ps5U5oHoze73ZBL5Kcqtn6Gzaz_gi_lfho2acA&pvsid=2036474664545921&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=5&fsb=1&xpc=vRoWyS0cZD&p=https%3A//www.eotimedopovo.com.br&dtd=805
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.eotimedopovo.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkWb3txhZzdq-fhjhZtYC6QMaqoAUTnV3mBvaGNcos5ey7oH9XvgC2qyDu9Bqk; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.eotimedopovo.com.br/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 20 May 2021 11:47:16 GMT
server
cafe
content-length
205
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v15/ Frame 4592 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v15/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 14 May 2021 03:57:13 GMT
x-content-type-options
nosniff
last-modified
Mon, 19 Apr 2021 22:53:16 GMT
server
sffe
age
546603
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20900
x-xss-protection
0
expires
Sat, 14 May 2022 03:57:13 GMT
10866545336246603622
tpc.googlesyndication.com/simgad/ Frame 2CB0 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/10866545336246603622?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qm9Pt4Rsj5L6zTuqmglmwhWDcIRkg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-6682610916885114&output=html&h=600&adk=2566266563&adf=1269499400&pi=t.aa~a.2379756499~rp.4&w=288&fwrn=4&fwrnh=100&lmt=1621511102&rafmt=1&to=qs&pwprc=5515570950&psa=0&format=288x600&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621511236063&bpp=1&bdt=1395&idt=-M&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=697x175%2C288x600%2C0x0&nras=2&correlator=4651854520349&frm=20&pv=1&ga_vid=1391234738.1621511235&ga_sid=1621511235&ga_hid=1232767995&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1027&ady=2567&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060957&oid=3&pvsid=2036474664545921&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=oNFQIxBvyq&p=https%3A//www.eotimedopovo.com.br&dtd=37
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
67fbea157a5a4b567c7f5c5d3d7e49898b24886ef7918dab2a6cc43a301a4575
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 14 May 2021 07:08:48 GMT
x-content-type-options
nosniff
last-modified
Thu, 29 Apr 2021 06:29:42 GMT
server
sffe
age
535108
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55582
x-xss-protection
0
expires
Sat, 14 May 2022 07:08:48 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/ Frame 2CB0 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-6682610916885114&output=html&h=600&adk=2566266563&adf=1269499400&pi=t.aa~a.2379756499~rp.4&w=288&fwrn=4&fwrnh=100&lmt=1621511102&rafmt=1&to=qs&pwprc=5515570950&psa=0&format=288x600&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621511236063&bpp=1&bdt=1395&idt=-M&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=697x175%2C288x600%2C0x0&nras=2&correlator=4651854520349&frm=20&pv=1&ga_vid=1391234738.1621511235&ga_sid=1621511235&ga_hid=1232767995&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1027&ady=2567&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060957&oid=3&pvsid=2036474664545921&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=oNFQIxBvyq&p=https%3A//www.eotimedopovo.com.br&dtd=37
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ac13025dc609fbe2671ff553cec81ea6e640efa3413d7c8944e461b718d1782
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:45:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
117
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7009
x-xss-protection
0
server
cafe
etag
607056201285360291
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 03 Jun 2021 11:45:19 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 2CB0 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-6682610916885114&output=html&h=600&adk=2566266563&adf=1269499400&pi=t.aa~a.2379756499~rp.4&w=288&fwrn=4&fwrnh=100&lmt=1621511102&rafmt=1&to=qs&pwprc=5515570950&psa=0&format=288x600&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621511236063&bpp=1&bdt=1395&idt=-M&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=697x175%2C288x600%2C0x0&nras=2&correlator=4651854520349&frm=20&pv=1&ga_vid=1391234738.1621511235&ga_sid=1621511235&ga_hid=1232767995&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1027&ady=2567&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060957&oid=3&pvsid=2036474664545921&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=oNFQIxBvyq&p=https%3A//www.eotimedopovo.com.br&dtd=37
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:45:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
128
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 03 Jun 2021 11:45:08 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2CB0 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-6682610916885114&output=html&h=600&adk=2566266563&adf=1269499400&pi=t.aa~a.2379756499~rp.4&w=288&fwrn=4&fwrnh=100&lmt=1621511102&rafmt=1&to=qs&pwprc=5515570950&psa=0&format=288x600&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621511236063&bpp=1&bdt=1395&idt=-M&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=697x175%2C288x600%2C0x0&nras=2&correlator=4651854520349&frm=20&pv=1&ga_vid=1391234738.1621511235&ga_sid=1621511235&ga_hid=1232767995&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1027&ady=2567&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060957&oid=3&pvsid=2036474664545921&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=oNFQIxBvyq&p=https%3A//www.eotimedopovo.com.br&dtd=37
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1d253e967c986d216abdb99d19a6f4487d71d64e406b832a22361a29fb62dc55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1621424119306032"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36804
x-xss-protection
0
expires
Thu, 20 May 2021 11:47:16 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 2CB0 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-6682610916885114&output=html&h=600&adk=2566266563&adf=1269499400&pi=t.aa~a.2379756499~rp.4&w=288&fwrn=4&fwrnh=100&lmt=1621511102&rafmt=1&to=qs&pwprc=5515570950&psa=0&format=288x600&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621511236063&bpp=1&bdt=1395&idt=-M&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=697x175%2C288x600%2C0x0&nras=2&correlator=4651854520349&frm=20&pv=1&ga_vid=1391234738.1621511235&ga_sid=1621511235&ga_hid=1232767995&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1027&ady=2567&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060957&oid=3&pvsid=2036474664545921&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=oNFQIxBvyq&p=https%3A//www.eotimedopovo.com.br&dtd=37
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:40:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
385
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5621
x-xss-protection
0
server
cafe
etag
8169261014141303515
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 03 Jun 2021 11:40:51 GMT
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/ Frame 2CB0 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210517/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-6682610916885114&output=html&h=600&adk=2566266563&adf=1269499400&pi=t.aa~a.2379756499~rp.4&w=288&fwrn=4&fwrnh=100&lmt=1621511102&rafmt=1&to=qs&pwprc=5515570950&psa=0&format=288x600&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621511236063&bpp=1&bdt=1395&idt=-M&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=697x175%2C288x600%2C0x0&nras=2&correlator=4651854520349&frm=20&pv=1&ga_vid=1391234738.1621511235&ga_sid=1621511235&ga_hid=1232767995&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1027&ady=2567&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060957&oid=3&pvsid=2036474664545921&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=oNFQIxBvyq&p=https%3A//www.eotimedopovo.com.br&dtd=37
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05e695a8f4bd26c3a3092afbd08d40b873b39599d47ce15c281b1b526e934258
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:14:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1944
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10380
x-xss-protection
0
server
cafe
etag
16922886349488815302
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 03 Jun 2021 11:14:52 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 2CB0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CTlvJREymYJaqB4j23wOJ9LmIBP6LsMNip4796NwN2p_QlqEkEAEgh-HWOGCVAqAB-_PR9QLIAQKpAuMvIzG0b7Q-qAMByAPJBKoEwQFP0EbHJESkoD6PprB0PrelUN9BGt2IdcR5l5G3ezt2OqkqnW7_qy4OW0LGypje_mJvwo6NeBplok3jb0yhoKC8rqTO3TXOgMsNnpjQrxQwrPHTgasQpylfnT4okM_gQaadlv4IdJ5ytkAZCD56GQJXnJt2FZqGlzRrei_ZXvSYBJIf7crF1fYpELPgdplkq9vXDfCJRi8KfZ1qPyERHsP6FYBnRlDpJkQwB-ZFxnPv3TkrJ74Qf_AivpWrPE5x2rIqwASR0KXzwgOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAH7YuuigGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQrO4B0ggJCIDhgHAQARgfgAoByAsB2BMN0BUBgBcBshcaChgIABIUcHViLTY2ODI2MTA5MTY4ODUxMTQ&sigh=g_SV4UvcP2Q
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-6682610916885114&output=html&h=600&adk=2566266563&adf=1269499400&pi=t.aa~a.2379756499~rp.4&w=288&fwrn=4&fwrnh=100&lmt=1621511102&rafmt=1&to=qs&pwprc=5515570950&psa=0&format=288x600&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621511236063&bpp=1&bdt=1395&idt=-M&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=697x175%2C288x600%2C0x0&nras=2&correlator=4651854520349&frm=20&pv=1&ga_vid=1391234738.1621511235&ga_sid=1621511235&ga_hid=1232767995&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1027&ady=2567&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060957&oid=3&pvsid=2036474664545921&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=oNFQIxBvyq&p=https%3A//www.eotimedopovo.com.br&dtd=37
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-6682610916885114&output=html&h=600&adk=2566266563&adf=1269499400&pi=t.aa~a.2379756499~rp.4&w=288&fwrn=4&fwrnh=100&lmt=1621511102&rafmt=1&to=qs&pwprc=5515570950&psa=0&format=288x600&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621511236063&bpp=1&bdt=1395&idt=-M&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=697x175%2C288x600%2C0x0&nras=2&correlator=4651854520349&frm=20&pv=1&ga_vid=1391234738.1621511235&ga_sid=1621511235&ga_hid=1232767995&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1027&ady=2567&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060957&oid=3&pvsid=2036474664545921&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=oNFQIxBvyq&p=https%3A//www.eotimedopovo.com.br&dtd=37
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 20 May 2021 11:47:16 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
style.css
lp.clevernetwork.pt/bet365/geo/de/grp1/ Frame 443E 		13 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lp.clevernetwork.pt/bet365/geo/de/grp1/style.css?v=2
Requested by
Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/bet365/geo/de/grp1/?affiliate=365_00974178
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:af8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00fc655c4fbe724eb6a21f2eec916c44ce1063336946ab80c3245837eeee4a46

Request headers

Referer
https://lp.clevernetwork.pt/bet365/geo/de/grp1/?affiliate=365_00974178
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:16 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1666
cf-polished
origSize=13264
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
089J68RW87836QBT
x-amz-id-2
cnjJOlJrceGUcofGgd9kaLyV9IzUMPPOEqy8aFyDpCgw3P7k79sF2txtX6nqchvskGIqzvwSkhs=
last-modified
Thu, 25 Mar 2021 16:22:46 GMT
server
cloudflare
etag
W/"073b2a488822242d9939349f5e73737e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1%2BiKBgIYEs9%2BIfrIOcxliRigR%2BRzuPBU276JFSRl47a2OFsGWjb7qELvkxkAMmq5%2FtGRLxj5xbeMf98ep8VremTbwpYHQRYbUA5%2FzOyz15i01tr9BqV0QgNB83FKFPcK"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=1800
cf-request-id
0a2b33053e00004abca0028000000001
cf-ray
6525544ec8a14abc-FRA
cf-bgj
minify
ad.svg
lp.clevernetwork.pt/bet365/geo/de/grp1/imgs/ Frame 443E 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.clevernetwork.pt/bet365/geo/de/grp1/imgs/ad.svg?v=2
Requested by
Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/bet365/geo/de/grp1/?affiliate=365_00974178
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:af8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e751e48f4e7ea27901a50cce0a3e5b695ede7cab50058c4cc51c4a7435d02b7d

Request headers

Referer
https://lp.clevernetwork.pt/bet365/geo/de/grp1/?affiliate=365_00974178
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:16 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1660
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
26AZFKX33WR1B3X4
x-amz-id-2
g9wO4zZjB5HpxaXK0Iph3vcyCRBKq4ljNQiaPI6R0tPSaU9O7Q7QlOHipxFdJY+3g+zpsgPpz5E=
last-modified
Thu, 08 Apr 2021 16:03:25 GMT
server
cloudflare
etag
W/"479e7dbe9215ddc11cd4defff4f3eb85"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TRp4d%2FbJp29rz1ndCdOnYqQDBuaNLzJxBk%2BzPLg92f6Tolxd5Vg1%2BtjEX%2FiZM1%2FBlcEwwhG0ZlbSkylaZ%2FzsMtUkz2tYhtooU%2BcTJcekM8VrkA3JHOYoJI1W%2BU3AXDFb"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=1800
cf-request-id
0a2b33053e00004abc3b07b000000001
cf-ray
6525544ec89f4abc-FRA
logo.svg
lp.clevernetwork.pt/bet365/geo/de/grp1/imgs/ Frame 443E 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.clevernetwork.pt/bet365/geo/de/grp1/imgs/logo.svg?v=2
Requested by
Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/bet365/geo/de/grp1/?affiliate=365_00974178
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:af8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6de22e7410801e46a717cbc8e490111cf960a8a979a626eb374a5a87eefe7f7a

Request headers

Referer
https://lp.clevernetwork.pt/bet365/geo/de/grp1/?affiliate=365_00974178
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:16 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1661
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
NHRENR1E20Q1H3NZ
x-amz-id-2
kcQVpFcrZbgxk/kBuHIVW19EF+N9J1IPS2t8RyYlnRn8vwJhDJS4J9HmbiP863FCKMJHAcA1r54=
last-modified
Mon, 22 Mar 2021 17:40:46 GMT
server
cloudflare
etag
W/"7857867938e1f720dc64fd585176f376"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AUwBPgt%2BzxKzcXwd3IK5uW%2BoKamlOejAMUrqpqxS4oPWd9GrXC8MUm8kMMI3vOibQZj0BRqYt3y%2BagdPZETMBHfUuGkU9WkjEJHbk8%2FwG3TDuV9X90zGySBh7VgpqAuI"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=1800
cf-request-id
0a2b33053e00004abc5e1e1000000001
cf-ray
6525544ec89e4abc-FRA
copy1-pushmobile.svg
lp.clevernetwork.pt/bet365/geo/de/grp1/imgs/ Frame 443E 		12 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.clevernetwork.pt/bet365/geo/de/grp1/imgs/copy1-pushmobile.svg?v=2
Requested by
Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/bet365/geo/de/grp1/?affiliate=365_00974178
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:af8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5555ec1375f73bdb2d5df071a8dfb3d54d5f5081b10a5ac573e53fede97aea49

Request headers

Referer
https://lp.clevernetwork.pt/bet365/geo/de/grp1/?affiliate=365_00974178
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:16 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
193
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
DRM0QCEM4H2E29FW
x-amz-id-2
RmNdXT+8JpCi2X1Tc2RN2uqcQhweLeFA/uIdAT149b/5OtO2HHjsITG0cszzmUVJLXumyaZ11ag=
last-modified
Mon, 29 Mar 2021 17:50:45 GMT
server
cloudflare
etag
W/"1d1e3546d5f3b6cbacb6c00058bd9ad7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GVq1hahVvav3NOuRv6kKonUIctW9WxqT6L9TgihU51udTbs46M3bQl3Uw%2F2SFDdcaME0nuiDhakQG8RVvHoMZi4bj1EHRz%2FpEq%2FuDzdYRQQlHbxNkNNOHQQ9Dbwt833V"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=1800
cf-request-id
0a2b33053e00004abc32115000000001
cf-ray
6525544ec8a44abc-FRA
copy1-pushdown.svg
lp.clevernetwork.pt/bet365/geo/de/grp1/imgs/ Frame 443E 		12 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.clevernetwork.pt/bet365/geo/de/grp1/imgs/copy1-pushdown.svg?v=2
Requested by
Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/bet365/geo/de/grp1/?affiliate=365_00974178
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:af8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1b6b15645987e1fdcbb99f4bc155dd682c0a9c21d54535b105d0301061274b7

Request headers

Referer
https://lp.clevernetwork.pt/bet365/geo/de/grp1/?affiliate=365_00974178
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:16 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1661
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
DRM6XW6EQJTXYHC7
x-amz-id-2
45r/Eg9o9bftJv0i4u+c3Na8GaJ9Sia41fJBRtnvWjby3E6yyXSpYyDlc6hC35nusPlHUuUr/j0=
last-modified
Mon, 29 Mar 2021 17:50:45 GMT
server
cloudflare
etag
W/"c3c9c247689dbb5f539f3561fae9b2c7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MwbJA78j2L8iu9iEMbKrGSYFYJnNT44BjwTjX0SXdmSP4kY3duqbFeDDBdpIYr5yOauM7WuEUoAggyhQRKUPrxIqLNHAH2rit3R3%2F3E4v%2F59E%2F1%2BJny0oqgR0%2FUg%2F1aG"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=1800
cf-request-id
0a2b33053d00004abc7f337000000001
cf-ray
6525544ec8964abc-FRA
copy2-pushmobile.svg
lp.clevernetwork.pt/bet365/geo/de/grp1/imgs/ Frame 443E 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.clevernetwork.pt/bet365/geo/de/grp1/imgs/copy2-pushmobile.svg?v=2
Requested by
Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/bet365/geo/de/grp1/?affiliate=365_00974178
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:af8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5ed0ea5ae2d150352120293b163c96db03e32d02f657a587ad7136724dd2a7f

Request headers

Referer
https://lp.clevernetwork.pt/bet365/geo/de/grp1/?affiliate=365_00974178
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:16 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1661
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
NHRE9Z2905TTJQ41
x-amz-id-2
sLoHkRr0h3ql/EFsplGQYSFOEOB4Jvh+f5vtNzWMgQPg6kjZNIXQ9xWjbK0pW3Ja37Gll5ZTsDQ=
last-modified
Mon, 22 Mar 2021 17:40:46 GMT
server
cloudflare
etag
W/"f88383f2a59eca584ff1697dff801e76"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BlfSGEQBqzpeyFKb%2BWWKZFzG2gb%2BXwtUTEkp3S%2F3FJ3vJbHEoPw%2FNVd8HP6qdTDhdErDurEsWCeywS0qapfdP2e42cgwvDgn1hHMaGyNk4qS%2FswDdQwao2pvZPAv%2FMZT"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=1800
cf-request-id
0a2b33053e00004abc7aadb000000001
cf-ray
6525544ec89b4abc-FRA
copy2-interstitial.svg
lp.clevernetwork.pt/bet365/geo/de/grp1/imgs/ Frame 443E 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.clevernetwork.pt/bet365/geo/de/grp1/imgs/copy2-interstitial.svg
Requested by
Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/bet365/geo/de/grp1/?affiliate=365_00974178
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:af8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d94dd33376cb72c46adf34ec182798c1c0374cd6547f891bbe7b0b1316190e0

Request headers

Referer
https://lp.clevernetwork.pt/bet365/geo/de/grp1/?affiliate=365_00974178
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:16 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1078
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
WMM1TWG4SFV25SMV
x-amz-id-2
FDbfX0ysMXa37J00VnBOM92JGDneUVIkdjDcd3W1zR5KvTVDojwlsvTelJ7OEzPm97YLyf7RLtE=
last-modified
Thu, 20 May 2021 10:29:12 GMT
server
cloudflare
etag
W/"f8c347b470b47b4d3735c370cafd9813"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2oHMi515R%2FOEFjap1mQs3cCld79c%2B4DdZTH48hA7Bsw8IbHyIU79RWgA1Zn3YFrvRvWywNJizRfgydjXFWtoFclJ6WxBV5X1sjD62krbFNRAT3rnxvgoulUxivSK1a8I"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=1800
cf-request-id
0a2b33053d00004abc568c2000000001
cf-ray
6525544ec8994abc-FRA
copy2-interstitial.svg
lp.clevernetwork.pt/bet365/geo/de/grp1/imgs/ Frame 443E 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.clevernetwork.pt/bet365/geo/de/grp1/imgs/copy2-interstitial.svg?v=2
Requested by
Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/bet365/geo/de/grp1/?affiliate=365_00974178
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:af8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d94dd33376cb72c46adf34ec182798c1c0374cd6547f891bbe7b0b1316190e0

Request headers

Referer
https://lp.clevernetwork.pt/bet365/geo/de/grp1/?affiliate=365_00974178
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:16 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1661
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
NHRA2YEV9RJNZWYF
x-amz-id-2
Svr6xTHwygvuLhySGUERq8P8fkFLQ3ob40+P73hhBRgMyaVHzHyekGMWV6LfNpTHS3gQ/WJAfus=
last-modified
Mon, 22 Mar 2021 17:40:46 GMT
server
cloudflare
etag
W/"f8c347b470b47b4d3735c370cafd9813"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kg3a%2BGVfEH%2FaTY0W6JS%2F83T5ZIZpNzTVnO3rp9Vy1mf7o9FAoh4eeLphVefbrVGTmo7OKpPlHQgx1Aa0j9llwJOkGWW49gQWAiRn%2FDc%2BST5pSKSTWbyZLkow5N1q9NZ7"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=1800
cf-request-id
0a2b33053d00004abc7d2e3000000001
cf-ray
6525544ec8984abc-FRA
rocket-loader.min.js
ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame 443E 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/bet365/geo/de/grp1/?affiliate=365_00974178
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:a723 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://lp.clevernetwork.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
cf-request-id
0a2b330535000005d4341e3000000001
last-modified
Wed, 19 May 2021 09:21:20 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"60a4d890-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=d6K%2F76ydFToCnth3i3Kq8AeRN6XyIEg30booOlAftrdL0qAHC%2FmzDGu8CqlSNadA5Kh0EkzcTiFntuWqdw7XZPcSbvtG0%2FZBfD8ztRuOGHh43grZy%2BV9Rh4wbF7ENkob"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
6525544eb88b05d4-FRA
expires
Sat, 22 May 2021 11:47:16 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame E6EA 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-6682610916885114&output=html&h=240&adk=4233806101&adf=3090203552&pi=t.aa~a.3687731992~rp.4&w=288&fwrn=4&fwrnh=100&lmt=1621511102&rafmt=1&to=qs&pwprc=5515570950&psa=0&format=288x240&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621511236063&bpp=1&bdt=1395&idt=-M&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=697x175%2C288x600%2C0x0%2C288x600&nras=3&correlator=4651854520349&frm=20&pv=1&ga_vid=1391234738.1621511235&ga_sid=1621511235&ga_hid=1232767995&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1027&ady=3447&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060957&oid=3&pvsid=2036474664545921&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=oYuZx0WN2s&p=https%3A//www.eotimedopovo.com.br&dtd=44
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-6682610916885114&output=html&h=240&adk=4233806101&adf=3090203552&pi=t.aa~a.3687731992~rp.4&w=288&fwrn=4&fwrnh=100&lmt=1621511102&rafmt=1&to=qs&pwprc=5515570950&psa=0&format=288x240&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621511236063&bpp=1&bdt=1395&idt=-M&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=697x175%2C288x600%2C0x0%2C288x600&nras=3&correlator=4651854520349&frm=20&pv=1&ga_vid=1391234738.1621511235&ga_sid=1621511235&ga_hid=1232767995&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1027&ady=3447&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060957&oid=3&pvsid=2036474664545921&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=oYuZx0WN2s&p=https%3A//www.eotimedopovo.com.br&dtd=44
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkWb3txhZzdq-fhjhZtYC6QMaqoAUTnV3mBvaGNcos5ey7oH9XvgC2qyDu9Bqk; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-6682610916885114&output=html&h=240&adk=4233806101&adf=3090203552&pi=t.aa~a.3687731992~rp.4&w=288&fwrn=4&fwrnh=100&lmt=1621511102&rafmt=1&to=qs&pwprc=5515570950&psa=0&format=288x240&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621511236063&bpp=1&bdt=1395&idt=-M&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=697x175%2C288x600%2C0x0%2C288x600&nras=3&correlator=4651854520349&frm=20&pv=1&ga_vid=1391234738.1621511235&ga_sid=1621511235&ga_hid=1232767995&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1027&ady=3447&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060957&oid=3&pvsid=2036474664545921&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=oYuZx0WN2s&p=https%3A//www.eotimedopovo.com.br&dtd=44

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 20 May 2021 10:57:10 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
3006
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame E317 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/fba90263/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
expires
Thu, 20 May 2021 11:47:16 GMT
generate_204
www.youtube.com/ Frame E317 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?tx2XgQ
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.youtube.com/embed/HiZ8OQj6u20?autoplay=0&origin=http://example.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:17 GMT
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
truncated
/ Frame EA15 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
80355a308910ef9d461fbf61a0076f7efa3a287a32249f3839628d3e1ebf56b8

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 3703 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/fba90263/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
expires
Thu, 20 May 2021 11:47:17 GMT
generate_204
www.youtube.com/ Frame 3703 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?Dde4qA
Requested by
Host: www.eotimedopovo.com.br
URL: https://www.eotimedopovo.com.br/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.youtube.com/embed/PqJe0OuJSMI?autoplay=0&origin=http://example.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:17 GMT
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
0eWRs9v2owYuE6yDy88utlgh72O1yDgkHmBZb7_hHjI.js
pagead2.googlesyndication.com/bg/ Frame 4DFB 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/0eWRs9v2owYuE6yDy88utlgh72O1yDgkHmBZb7_hHjI.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-6682610916885114&output=html&h=600&slotname=7847638580&adk=2545567975&adf=2877706049&pi=t.ma~as.7847638580&w=288&fwrn=4&fwrnh=100&lmt=1621511102&rafmt=1&psa=0&format=288x600&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621511235701&bpp=3&bdt=1034&idt=3&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3D512d2c852bd3847e-22c17cbf44c80033%3AT%3D1621511235%3ART%3D1621511235%3AS%3DALNI_Ma80Ywafa22oRJfYRWhySusi3yswQ&prev_fmts=697x175&correlator=4651854520349&frm=20&pv=1&ga_vid=1391234738.1621511235&ga_sid=1621511235&ga_hid=1232767995&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1027&ady=907&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060957&oid=3&pvsid=2036474664545921&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3ncaUd3z0W&p=https%3A//www.eotimedopovo.com.br&dtd=9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d1e591b3dbf6a3062e13ac83cbcf2eb65821ef63b5c838241e60596fbfe11e32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:19:30 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 12 May 2021 09:08:00 GMT
server
sffe
age
1667
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5773
x-xss-protection
0
expires
Fri, 20 May 2022 11:19:30 GMT
css
fonts.googleapis.com/ Frame 443E 		7 KB
691 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600,800&display=swap
Requested by
Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/bet365/geo/de/grp1/style.css?v=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4d30678d5e72b36305bab11a7d8d24d3fe23d7714031dd57c8d88c77b7ab9803
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://lp.clevernetwork.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 20 May 2021 11:14:34 GMT
server
ESF
date
Thu, 20 May 2021 11:47:17 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 20 May 2021 11:47:17 GMT
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.202 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.eotimedopovo.com.br
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Thu, 20 May 2021 11:47:17 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.eotimedopovo.com.br
t
t.lkqd.net/ Frame 07B7 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.202 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.eotimedopovo.com.br
date
Thu, 20 May 2021 11:47:17 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
s
googleads.g.doubleclick.net/pagead/drt/ Frame 3402 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-6682610916885114&output=html&h=600&adk=2566266563&adf=1269499400&pi=t.aa~a.2379756499~rp.4&w=288&fwrn=4&fwrnh=100&lmt=1621511102&rafmt=1&to=qs&pwprc=5515570950&psa=0&format=288x600&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621511236063&bpp=1&bdt=1395&idt=-M&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=697x175%2C288x600%2C0x0&nras=2&correlator=4651854520349&frm=20&pv=1&ga_vid=1391234738.1621511235&ga_sid=1621511235&ga_hid=1232767995&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1027&ady=2567&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060957&oid=3&pvsid=2036474664545921&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=oNFQIxBvyq&p=https%3A//www.eotimedopovo.com.br&dtd=37
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-6682610916885114&output=html&h=600&adk=2566266563&adf=1269499400&pi=t.aa~a.2379756499~rp.4&w=288&fwrn=4&fwrnh=100&lmt=1621511102&rafmt=1&to=qs&pwprc=5515570950&psa=0&format=288x600&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621511236063&bpp=1&bdt=1395&idt=-M&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=697x175%2C288x600%2C0x0&nras=2&correlator=4651854520349&frm=20&pv=1&ga_vid=1391234738.1621511235&ga_sid=1621511235&ga_hid=1232767995&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1027&ady=2567&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060957&oid=3&pvsid=2036474664545921&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=oNFQIxBvyq&p=https%3A//www.eotimedopovo.com.br&dtd=37
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkWb3txhZzdq-fhjhZtYC6QMaqoAUTnV3mBvaGNcos5ey7oH9XvgC2qyDu9Bqk; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-6682610916885114&output=html&h=600&adk=2566266563&adf=1269499400&pi=t.aa~a.2379756499~rp.4&w=288&fwrn=4&fwrnh=100&lmt=1621511102&rafmt=1&to=qs&pwprc=5515570950&psa=0&format=288x600&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621511236063&bpp=1&bdt=1395&idt=-M&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=697x175%2C288x600%2C0x0&nras=2&correlator=4651854520349&frm=20&pv=1&ga_vid=1391234738.1621511235&ga_sid=1621511235&ga_hid=1232767995&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1027&ady=2567&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060957&oid=3&pvsid=2036474664545921&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=oNFQIxBvyq&p=https%3A//www.eotimedopovo.com.br&dtd=37

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 20 May 2021 10:57:10 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
3007
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
clever.de.min.js
lp.clevernetwork.pt/bet365/js/ Frame 443E 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lp.clevernetwork.pt/bet365/js/clever.de.min.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:af8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54ac31540d0cc04994470e45f7f167649c2de8874d42ae215ec5bfc9a9fa64f3

Request headers

Referer
https://lp.clevernetwork.pt/bet365/geo/de/grp1/?affiliate=365_00974178
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:17 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1083
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
F9NXMWHKBGGBGCBD
x-amz-id-2
oDGuw/2DXgJ5zzhBT2kQmZV6G04WfKCpujdhmCuG63r3udIclnBNPxg4SPMn8bZlni6Z+tFg2DM=
last-modified
Tue, 18 May 2021 17:28:18 GMT
server
cloudflare
etag
W/"f608a5d30dd77ed8de7ceb968e854f04"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OxSchUhf9%2BTNEMV%2BjuSPU7p3Dq5DDopbqseos2mkx2VKIHzOBKWPDOpGF6h33U87nWTAsFIH%2BGBY373P%2BHdt9lCalnqZwp5mCYKza8oZuHInaR1FhT9ejc6xsUeBGQ%2Fe"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
cf-request-id
0a2b33063400004abc6887d000000001
cf-ray
652554505cd54abc-FRA
truncated
/ Frame 2CB0 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
58295361eb6d75ef292f1dc204a3f8be1f4a90bb186cd741db7773bc0a9856a2

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 5B15 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/167177126177049833/Walbusch_TV-Banner_300x250/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 23:34:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43992
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3271
x-xss-protection
0
server
cafe
etag
7483759447172721109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Thu, 20 May 2021 23:34:05 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 5B15 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/167177126177049833/Walbusch_TV-Banner_300x250/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 23:11:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
45376
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Thu, 20 May 2021 23:11:01 GMT
css
fonts.googleapis.com/ Frame 5B15 		4 KB
643 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700&display=swap
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/167177126177049833/Walbusch_TV-Banner_300x250/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6aa6360b39fe982bd5f7cdf9bd09d2ea596614697679c98ad347111aab2b38dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 20 May 2021 11:16:07 GMT
server
ESF
date
Thu, 20 May 2021 11:47:17 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 20 May 2021 11:47:17 GMT
bild_1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/167177126177049833/Walbusch_TV-Banner_300x250/images/ Frame 5B15 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/167177126177049833/Walbusch_TV-Banner_300x250/images/bild_1.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/167177126177049833/Walbusch_TV-Banner_300x250/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e72826a8e96483432e7b075dd5f3280559ef6ba34b824b78c7446f590be3192
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
567692
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30887
x-xss-protection
0
last-modified
Thu, 04 Mar 2021 14:53:54 GMT
server
sffe
date
Thu, 13 May 2021 22:05:45 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 May 2022 22:05:45 GMT
bild_2.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/167177126177049833/Walbusch_TV-Banner_300x250/images/ Frame 5B15 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/167177126177049833/Walbusch_TV-Banner_300x250/images/bild_2.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/167177126177049833/Walbusch_TV-Banner_300x250/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e0af1f2b8e2a591b08c11fc9268a9cb0e38c94434dda039f6c160ce3057aec3
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
4401
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19485
x-xss-protection
0
last-modified
Thu, 04 Mar 2021 14:53:54 GMT
server
sffe
date
Thu, 20 May 2021 10:33:56 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 20 May 2022 10:33:56 GMT
logo.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/167177126177049833/Walbusch_TV-Banner_300x250/images/ Frame 5B15 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/167177126177049833/Walbusch_TV-Banner_300x250/images/logo.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/167177126177049833/Walbusch_TV-Banner_300x250/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e7033fd5df92bff5392cd7166aa9e02fbeb56cfdace1aef20f8ba4a04d5665bf
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
590954
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1082
x-xss-protection
0
last-modified
Thu, 04 Mar 2021 14:53:54 GMT
server
sffe
date
Thu, 13 May 2021 15:38:03 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 May 2022 15:38:03 GMT
cta-icon.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/167177126177049833/Walbusch_TV-Banner_300x250/images/ Frame 5B15 		198 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/167177126177049833/Walbusch_TV-Banner_300x250/images/cta-icon.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/167177126177049833/Walbusch_TV-Banner_300x250/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b6458a29ee3ece5dfe1f568c9fbc935bd85c076510162ef82f79a1c76cf456eb
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
120805
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
162
x-xss-protection
0
last-modified
Thu, 04 Mar 2021 14:53:54 GMT
server
sffe
date
Wed, 19 May 2021 02:13:52 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 May 2022 02:13:52 GMT
cta-text.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/167177126177049833/Walbusch_TV-Banner_300x250/images/ Frame 5B15 		1 KB
774 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/167177126177049833/Walbusch_TV-Banner_300x250/images/cta-text.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/167177126177049833/Walbusch_TV-Banner_300x250/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
07c0e56d3dab9ba01869922dc45a09928804d0ce6c4de08f6f2ff1c558ac8670
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
17847
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
738
x-xss-protection
0
last-modified
Thu, 04 Mar 2021 14:53:54 GMT
server
sffe
date
Thu, 20 May 2021 06:49:50 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 20 May 2022 06:49:50 GMT
320x320_7.gif
lp.clevernetwork.pt/bet365/geo/de/grp1/imgs/ Frame 443E 		100 KB
101 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.clevernetwork.pt/bet365/geo/de/grp1/imgs/320x320_7.gif?v=2
Requested by
Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/bet365/geo/de/grp1/style.css?v=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:af8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f3497390085aa40385402f6a26da4fe771c8b63ab4caf5a5be0033794c181db

Request headers

Referer
https://lp.clevernetwork.pt/bet365/geo/de/grp1/style.css?v=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:17 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3116
cf-ray
652554509d6c4abc-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
102733
x-amz-id-2
VQ3+2Q9TiobUd6yFN1KUajksGJn5QCvArwg9WAMFfF996P5wDI/TMCNNnQ+WEj7ZfpBl/2lBJv0=
last-modified
Mon, 22 Mar 2021 17:40:46 GMT
server
cloudflare
etag
"ca579b3142ddb16f50d36ff80ad9170a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=H02VJK5wEPPgtNQh%2FTpDISmaADzXuOXHXusEy7FKL7ObuXdiX2qSgggeFzseyhdpSKHNPQf%2B957LR1Ojr4gnY2fEsFGgKe4PwK1JNuCLSLD8sLadf2Op%2BjATu1a7bYOa"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
PDC0KZVF6YKA7AZD
cache-control
max-age=1800
cf-request-id
0a2b33066000004abc4da2d000000001
accept-ranges
bytes
content-type
image/gif
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/ Frame 443E 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,800&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://lp.clevernetwork.pt
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 21:31:36 GMT
x-content-type-options
nosniff
last-modified
Tue, 18 May 2021 21:21:19 GMT
server
sffe
age
137741
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14440
x-xss-protection
0
expires
Wed, 18 May 2022 21:31:36 GMT
mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ Frame 5B15 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
null
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 21:32:06 GMT
x-content-type-options
nosniff
last-modified
Tue, 18 May 2021 21:21:50 GMT
server
sffe
age
137711
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15112
x-xss-protection
0
expires
Wed, 18 May 2022 21:32:06 GMT
cs
cs.lkqd.net/ Frame EB2A
Redirect Chain
  • https://nxd.adhaven.com/bid-engine/cs/2e288610711ad6050acd86a3fc72a6c3/v1?rd=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D90%26partnerUserId%3D%24UID
  • https://cs.lkqd.net/cs?partnerId=90&partnerUserId=4c_20f5b36a-5fb8-45e4-aaaf-3f772a11b95e
43 B
403 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=90&partnerUserId=4c_20f5b36a-5fb8-45e4-aaaf-3f772a11b95e
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:17 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=90&partnerUserId=4c_20f5b36a-5fb8-45e4-aaaf-3f772a11b95e
date
Thu, 20 May 2021 11:47:17 GMT
via
1.1 google
server
WildFly/10
x-powered-by
Undertow/1
alt-svc
clear
content-length
0
cm
p.rfihub.com/ Frame EB2A 		42 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.rfihub.com/cm?pub=35678&in=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
193.0.160.129 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 20 May 2021 11:47:17 GMT
Cache-Control
no-cache
Server
Jetty(9.3.29.v20201019)
Content-Type
image/gif
Content-Length
42
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cs
cs.lkqd.net/ Frame EB2A
Redirect Chain
  • https://cs.lkqd.net/cs?partnerId=85&redirect=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db30%26u%3D%24%24rawlkqduserid%24%24%26redirect%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%2...
  • https://a.tribalfusion.com/i.match?p=b30&u=ZyFkoJI3-vI&redirect=https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D$TF_USER_ID_ENC$
  • https://s.tribalfusion.com/z/i.match?p=b30&u=ZyFkoJI3-vI&redirect=https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D$TF_USER_ID_ENC$
  • https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D18072662185290124034
0
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D18072662185290124034
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:17 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
0

Redirect headers

pragma
no-cache
date
Thu, 20 May 2021 11:47:17 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
229
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6525545339ff4aaf-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://cs.lkqd.net/cs?partnerId%3D85%26partnerUserId%3D18072662185290124034
cache-control
no-cache, private
content-type
text/html
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a2b33080500004aafbdbbe000000001
expires
Thu, 01 Jan 1970 00:00:00 GMT
cs
cs.lkqd.net/ Frame EB2A
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/lkq
  • https://match.prod.bidr.io/cookie-sync/lkq?_bee_ppp=1
  • https://cs.lkqd.net/cs?partnerId=80&partnerUserId=AACBqE7BTJkAACzldKpdXw
43 B
530 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=80&partnerUserId=AACBqE7BTJkAACzldKpdXw
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:17 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=80&partnerUserId=AACBqE7BTJkAACzldKpdXw
Date
Thu, 20 May 2021 11:47:17 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
p-E357uSpKxfQzx.gif
cms.quantserve.com/pixel/ Frame EB2A 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/pixel/p-E357uSpKxfQzx.gif?idmatch=0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 11:47:17 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
Cookie set DefaultAff.aspx
members.bet365.de/Members/Helpers/ Frame 616C 		84 B
715 B 		Document
General
Check archive.org
Download Go to
Full URL
https://members.bet365.de/Members/Helpers/DefaultAff.aspx?affiliate=365_00974178
Requested by
Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/bet365/js/clever.de.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
81.94.208.229 Stoke-on-Trent, United Kingdom, ASN34587 (HLM2-AS, GB),
Reverse DNS
Software
/
Resource Hash
662c2c97092391ae013657013ee4e9e1ae67db8d008735ea5e03ae20fecd07ba

Request headers

Host
members.bet365.de
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://lp.clevernetwork.pt/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://lp.clevernetwork.pt/

Response headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Vary
Accept-Encoding
ME-Redirect
PQB
Set-Cookie
Affiliates=Code=365_00974178%2f98068550464&prd=Sports; domain=.bet365.de; expires=Sun, 04-Jul-2021 11:47:17 GMT; path=/; secure ; SameSite=None session=processform=0; path=/; secure ; SameSite=None pstk=75B8AAC5868848C8BAF31D483D2C56BE010003; domain=.bet365.de; path=/; secure ; SameSite=None
Date
Thu, 20 May 2021 11:47:17 GMT
Content-Length
177
728x90_7.gif
lp.clevernetwork.pt/bet365/geo/de/grp1/imgs/ Frame 443E 		66 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.clevernetwork.pt/bet365/geo/de/grp1/imgs/728x90_7.gif?v=2
Requested by
Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/bet365/geo/de/grp1/style.css?v=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:af8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c513eec67ecc7220fb8aeed063c869a5baa885f86ab1110f287c901c340e49a

Request headers

Referer
https://lp.clevernetwork.pt/bet365/geo/de/grp1/style.css?v=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:17 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
838
cf-ray
652554512f084abc-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
67680
x-amz-id-2
aomGbx4lksbCEECs5CJhafvn34jvkYVReyPWH9aYJeAvvBWmDpwuawEzDbEFQD+oAm+MV2fwQYA=
last-modified
Mon, 22 Mar 2021 17:40:46 GMT
server
cloudflare
etag
"4a28bfeb67951e81ebba647ae02d0a4a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=F7CdSbTGfPchmeDyAq%2BzE022DgJFWVv7XIFPaEKprjEOsccq1A0AWw%2FSUJzwOU0j5IaiIHngknXIu5zi%2B%2BS8wySxF83%2BozpuWdd0yyRDXvU4P%2FB5Y66Uhe7rQ9cv9VmJ"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
6BE7CHV02DD12749
cache-control
max-age=1800
cf-request-id
0a2b3306b900004abc95ada000000001
accept-ranges
bytes
content-type
image/gif
720x300_7.gif
lp.clevernetwork.pt/bet365/geo/de/grp1/imgs/ Frame 443E 		190 KB
191 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.clevernetwork.pt/bet365/geo/de/grp1/imgs/720x300_7.gif?v=2
Requested by
Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/bet365/geo/de/grp1/style.css?v=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:af8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac42fb5f97fc83828338609d785d23b7a9ad79ede0128f9be8f8bc373e6cb232

Request headers

Referer
https://lp.clevernetwork.pt/bet365/geo/de/grp1/style.css?v=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:17 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1417
cf-ray
652554514f6b4abc-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
194772
x-amz-id-2
4ntUtf4MeIDgNQM92uZPxfzqr+2msbI1KPlCKqZDWfDMysrtoKogbfxwJS4Rhp6rphwKwHdADtk=
last-modified
Mon, 22 Mar 2021 17:40:46 GMT
server
cloudflare
etag
"8f800ccc15b927e2a9656ebb98fffa41"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Pb0%2BzGb2nZynSJ98c8vNTywVPHE2DuE0r9Im77vRYVGWhP22O2ZbVBnxg3s4LWqMrYgWv9I36GWsn7S4f9je8TTPGDK97Qqz8q8GWhcaB9Pn3JgsId8LhStkb9r3pJhz"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
PDCC6FRDSV689EC7
cache-control
max-age=1800
cf-request-id
0a2b3306d000004abc568ea000000001
accept-ranges
bytes
content-type
image/gif
si
googleads.g.doubleclick.net/pagead/drt/ Frame E6EA
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-6682610916885114&output=html&h=240&adk=4233806101&adf=3090203552&pi=t.aa~a.3687731992~rp.4&w=288&fwrn=4&fwrnh=100&lmt=1621511102&rafmt=1&to=qs&pwprc=5515570950&psa=0&format=288x240&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621511236063&bpp=1&bdt=1395&idt=-M&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=697x175%2C288x600%2C0x0%2C288x600&nras=3&correlator=4651854520349&frm=20&pv=1&ga_vid=1391234738.1621511235&ga_sid=1621511235&ga_hid=1232767995&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1027&ady=3447&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060957&oid=3&pvsid=2036474664545921&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=oYuZx0WN2s&p=https%3A//www.eotimedopovo.com.br&dtd=44
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkWb3txhZzdq-fhjhZtYC6QMaqoAUTnV3mBvaGNcos5ey7oH9XvgC2qyDu9Bqk; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 20 May 2021 11:47:17 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Thu, 20-May-2021 12:47:17 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 20 May 2021 11:47:17 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 20 May 2021 11:47:17 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
si
googleads.g.doubleclick.net/pagead/drt/ Frame 3402
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-6682610916885114&output=html&h=600&adk=2566266563&adf=1269499400&pi=t.aa~a.2379756499~rp.4&w=288&fwrn=4&fwrnh=100&lmt=1621511102&rafmt=1&to=qs&pwprc=5515570950&psa=0&format=288x600&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621511236063&bpp=1&bdt=1395&idt=-M&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=697x175%2C288x600%2C0x0&nras=2&correlator=4651854520349&frm=20&pv=1&ga_vid=1391234738.1621511235&ga_sid=1621511235&ga_hid=1232767995&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1027&ady=2567&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060957&oid=3&pvsid=2036474664545921&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=oNFQIxBvyq&p=https%3A//www.eotimedopovo.com.br&dtd=37
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkWb3txhZzdq-fhjhZtYC6QMaqoAUTnV3mBvaGNcos5ey7oH9XvgC2qyDu9Bqk; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 20 May 2021 11:47:17 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Thu, 20-May-2021 12:47:17 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 20 May 2021 11:47:17 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 20 May 2021 11:47:17 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
0eWRs9v2owYuE6yDy88utlgh72O1yDgkHmBZb7_hHjI.js
pagead2.googlesyndication.com/bg/ Frame D34C 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/0eWRs9v2owYuE6yDy88utlgh72O1yDgkHmBZb7_hHjI.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-6682610916885114&output=html&h=600&adk=2566266563&adf=1269499400&pi=t.aa~a.2379756499~rp.4&w=288&fwrn=4&fwrnh=100&lmt=1621511102&rafmt=1&to=qs&pwprc=5515570950&psa=0&format=288x600&url=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&flash=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1621511236063&bpp=1&bdt=1395&idt=-M&shv=r20210517&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=697x175%2C288x600%2C0x0&nras=2&correlator=4651854520349&frm=20&pv=1&ga_vid=1391234738.1621511235&ga_sid=1621511235&ga_hid=1232767995&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1027&ady=2567&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060957&oid=3&pvsid=2036474664545921&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=oNFQIxBvyq&p=https%3A//www.eotimedopovo.com.br&dtd=37
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d1e591b3dbf6a3062e13ac83cbcf2eb65821ef63b5c838241e60596fbfe11e32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:19:30 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 12 May 2021 09:08:00 GMT
server
sffe
age
1667
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5773
x-xss-protection
0
expires
Fri, 20 May 2022 11:19:30 GMT
bg_1500x400.jpg
lp.clevernetwork.pt/bet365/geo/de/grp1/imgs/ Frame 443E 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.clevernetwork.pt/bet365/geo/de/grp1/imgs/bg_1500x400.jpg?v=2
Requested by
Host: lp.clevernetwork.pt
URL: https://lp.clevernetwork.pt/bet365/geo/de/grp1/style.css?v=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:af8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0baf9ab3059e9d198b54fac80a927d5ba1ded8181f9f69ebf0f5148e6b7a8dbc

Request headers

Referer
https://lp.clevernetwork.pt/bet365/geo/de/grp1/style.css?v=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:17 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1550
cf-ray
652554518fda4abc-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
40884
x-amz-id-2
t3+v8I/dQwwYX+qDa3IZ0bcVtNUYIptrmDLR9FVIf4CqOQoSJhJgJQ7mGRBzXbzoLpCQdVRYAQI=
last-modified
Mon, 22 Mar 2021 17:40:46 GMT
server
cloudflare
etag
"1ddda5a3ee812a76cb8e9fa935449c30"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CXV4aIU7zhkxumKHH%2FkJVKc2iAfQNiDAV4A1UxWfmwh9YyltABa2kWNWan7DKDklJVgZUis68Nn1eYA91O1al7cWVJE2WrT8JtPjARvzcxdp0%2Bb2hiAMtNit%2Fs1BWwVm"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
PDC0CF9TZVWH5JB9
cache-control
max-age=1800
cf-request-id
0a2b3306f400004abca5305000000001
accept-ranges
bytes
content-type
image/jpeg
cf-bgj
h2pri
0eWRs9v2owYuE6yDy88utlgh72O1yDgkHmBZb7_hHjI.js
pagead2.googlesyndication.com/bg/ Frame 5B15 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/0eWRs9v2owYuE6yDy88utlgh72O1yDgkHmBZb7_hHjI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d1e591b3dbf6a3062e13ac83cbcf2eb65821ef63b5c838241e60596fbfe11e32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:19:30 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 12 May 2021 09:08:00 GMT
server
sffe
age
1667
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5773
x-xss-protection
0
expires
Fri, 20 May 2022 11:19:30 GMT
mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ Frame 443E 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UNirkOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://lp.clevernetwork.pt
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 21:32:29 GMT
x-content-type-options
nosniff
last-modified
Tue, 18 May 2021 21:21:26 GMT
server
sffe
age
137688
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14956
x-xss-protection
0
expires
Wed, 18 May 2022 21:32:29 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		10 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210517&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6682610916885114&plah=www.eotimedopovo.com.br&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
33594966b2582bbcde7c59c7a3385623efda6eddab33f4490304a2b564b39dc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 20 May 2021 11:47:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7653
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210517/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6682610916885114&plah=www.eotimedopovo.com.br&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Thu, 20 May 2021 11:47:18 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 1139 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.eotimedopovo.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.eotimedopovo.com.br/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Thu, 20 May 2021 11:36:46 GMT
expires
Fri, 20 May 2022 11:36:46 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
632
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame B67B 		783 B
768 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d209ba59e4e7d29c1caca29059a29ac386feea796d23c1211331f8204f077276
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ZwVVz8sTakSr58ol+fEkqg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.eotimedopovo.com.br/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.eotimedopovo.com.br/

Response headers

expires
Thu, 20 May 2021 11:47:18 GMT
date
Thu, 20 May 2021 11:47:18 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-ZwVVz8sTakSr58ol+fEkqg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
0eWRs9v2owYuE6yDy88utlgh72O1yDgkHmBZb7_hHjI.js
pagead2.googlesyndication.com/bg/ Frame 1139 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/0eWRs9v2owYuE6yDy88utlgh72O1yDgkHmBZb7_hHjI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d1e591b3dbf6a3062e13ac83cbcf2eb65821ef63b5c838241e60596fbfe11e32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:19:30 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 12 May 2021 09:08:00 GMT
server
sffe
age
1668
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5773
x-xss-protection
0
expires
Fri, 20 May 2022 11:19:30 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210517&jk=2036474664545921&bg=!WFulWx_NAAZ7hX_Ue4U7ACkAdvg8WiSjy42G67JyyBhI1Lweyd19vmm17GLJghPGQwBG9RBkv3FOLQIAAABIUgAAAAxoAQcKAQJo0wSxPPb5tHdH4Ycel2V3s2kk-DKc4-L0tQup1l6wrJuxED-__A37eC3Xj3R_Qeyr9F6sT7w1LpBLUxkcCOFZTaM56k5rXeyUYBukwHG1QkbpRdqkIuP3DSs6PNcDL1F1VbA02DVlwkjUfGuyZ5OX_SRN6i3WxWuMelm4WpTq5UCoAdGR-OyqW1dCBGf56ZbONvJAEkAX7h9kRuInq91H7gazKeEBvNLSreywBxov4z6AQQQnv6mEfeY09r2mCnka5VIkrkj4QPwrPe5uSp2QNiuSY-ln-VPzPNmPJkBCi36sJ3DCNrWIyim0vY3LaV4KszvLWEgawGphgBMGVnW33xGZAk0CpFqvEQARRUxe7H4vEAgCsXkK9n8eVc89LIea3e4zHCyYgvOpvtvSouEM9xh7pdagvrbiWvHXHc3uYjATMhmEOzjm5jSdGwm9k4sMFH5DPMYAhbcj2POY6PLVy2WTK_FZqaEOcWH5EoFSq_qTGrR75rK6rrwGeRSYWlyEdlf-zg-3QjYAc6-chJeg-AOlbwGyIurG3GbiSrwjfAob0M_A7DULar3ENFMkautjqRUCGzN4zJ_wKAatq3q9-sgfjbZq8Ko990-jVpLiWFWbfJahcFzD6SVGQqTgaaBlfjWFtZWFoRTvBs02dcwIMpZnnIOfADJD0X2EeBeTMglbt8X3MS2TLOzk8GbAG5f39P52MxUPzZ1AthcrhddZQArlPMbV2OZIBsjfg7g2chuKc0JQ3T_aTgKWGzB71mS-qRKYUoF5fRuHfwXqW1hob5kNb3YmoZarCYM-zP1jWdVTp9hbr6DRmrYqsZ7CqN1cGOUhAomMHqH8vXO85wBuedjtL8pslQgwvQFKYvdH38UXljctvu_ZSlx2baL3-0hjfdA9NFKpHRFxE2-bqA4KUeDnipcIGti1VgOY7b3J5Nv8bC0x4xhxjxcdtYcTwG3f6h9fKhWe1whJS8mIcjrSVpkDuTChvYi0CABMPZSKw1z4Ptme3BIUPgtkXIi-_OHTWSYgEq3-kOcGzVrfyFz7dtY8AgO1h8am_ab2f6fBGzZhlwLbi_OHT1syEVz5QRF-gl2xyNQFrXoDv_UXenKIwHYJf1kWu_r0WLK4V8wLO-mO
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 11:47:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
log_event
www.youtube.com/youtubei/v1/ Frame E317 		28 B
299 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/fba90263/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
120
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/HiZ8OQj6u20?autoplay=0&origin=http://example.com
X-YouTube-Client-Version
1.20210517.1.1
X-YouTube-Time-Zone
Europe/Berlin
X-Goog-Visitor-Id
CgtrRWp3b2tTVHAyQSjDmJmFBg%3D%3D
X-YouTube-Ad-Signals
dt=1621511236379&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C320%2C250&vis=1&wgl=true&ca_type=image&bid=ANyPxKoqtNC44g1Gzvvh66RCGY1WTkBEU7mTxsDEogF9OD3PwGBTjAtmgQ_fgK4P2-CVlOYNqXJGfCrI3zmhomYgLQbzQSFTzw

Response headers

date
Thu, 20 May 2021 11:47:18 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Thu, 20 May 2021 11:47:18 GMT
log_event
www.youtube.com/youtubei/v1/ Frame 3703 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/fba90263/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
120
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/PqJe0OuJSMI?autoplay=0&origin=http://example.com
X-YouTube-Client-Version
1.20210517.1.1
X-YouTube-Time-Zone
Europe/Berlin
X-Goog-Visitor-Id
CgtfZjNKTlB1OGxWWSjDmJmFBg%3D%3D
X-YouTube-Ad-Signals
dt=1621511236439&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C320%2C250&vis=1&wgl=true&ca_type=image&bid=ANyPxKpHtY8XB_gEgyLxw4kY797V4Z4lnLB1uDskrxLyu0EUBE6muC-Vm7keV1UBI7anLqgpnXBY3fHiLxEFPlJ0P_5lE4_AlA

Response headers

date
Thu, 20 May 2021 11:47:18 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Thu, 20 May 2021 11:47:18 GMT
p2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/p?c1=2&c2=34403499&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=510823&ns_st_ec=1&ns_st_cn=1&ns_st_ev=end&ns_st_ct=va&...
  • https://sb.scorecardresearch.com/p2?c1=2&c2=34403499&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=510823&ns_st_ec=1&ns_st_cn=1&ns_st_ev=end&ns_st_ct=va...
64 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p2?c1=2&c2=34403499&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=510823&ns_st_ec=1&ns_st_cn=1&ns_st_ev=end&ns_st_ct=va&ns_st_cl=0&ns_st_pt=0&c3=vidoomynet&c4=&c6=&ns_ts=1621511240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.202.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-202-85.fra53.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:20 GMT
via
1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
2f4QbD155hAIoA-C2NbHnx3YLo6jymZo27k7XQoyYDPrhuSQAbzZaw==

Redirect headers

date
Thu, 20 May 2021 11:47:20 GMT
via
1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/p2?c1=2&c2=34403499&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=510823&ns_st_ec=1&ns_st_cn=1&ns_st_ev=end&ns_st_ct=va&ns_st_cl=0&ns_st_pt=0&c3=vidoomynet&c4=&c6=&ns_ts=1621511240
content-length
280
x-amz-cf-id
Pax5dDU74wMENxsU5ivG-Kk4T8NUsCne0o2aj94iQoxa45m_wh5nfQ==
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.202 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.eotimedopovo.com.br
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Thu, 20 May 2021 11:47:22 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.eotimedopovo.com.br
t
t.lkqd.net/ Frame 07B7 		0
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.202 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.eotimedopovo.com.br
date
Thu, 20 May 2021 11:47:22 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
ad
v.lkqd.net/ Frame 4F19 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1092910&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56560%2C1%2C&c4=&c5=&c6=56560&rnd=90115829&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.54 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
bd96d4a84fc2ddc19eb33881e92f98800a2c41c30fe86a95a0fbe566ff7c32d8

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:22 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://www.eotimedopovo.com.br
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1367
vpaid.js
ad.lkqd.net/vpaid/ Frame F61D 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
ef50960ff4008e29ce90d5fbf828aafc92f1df70f59fb672fa3884fdd2017a5f

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:22 GMT
content-encoding
gzip
last-modified
Mon, 10 May 2021 16:09:54 GMT
etag
"18431b5d583ab7507824ab63424fc76a"
x-hw
1621511242.cds143.am5.hn,1621511242.cds300.am5.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62012
usync.html
ad.lkqd.net/cookie-sync/ Frame C7FD 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
f1b84287f024bbd570be1f1bc70c321931025ffacde7b25210dcc1ccc0575591

Request headers

:method
GET
:authority
ad.lkqd.net
:scheme
https
:path
/cookie-sync/usync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
lkqdidts=1621511242; lkqdid=2e0TeCbexw8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:23 GMT
content-encoding
gzip
content-length
1828
content-type
text/html
last-modified
Mon, 12 Apr 2021 19:06:23 GMT
accept-ranges
bytes
etag
"27034f886617b8db418f17a7a29a7e50"
cache-control
public, max-age=1209600
x-hw
1621511243.cds143.am5.hn,1621511243.cds257.am5.c
access-control-allow-origin
*
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1092910&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56560%2C1%2C&c4=&c5=&c6=56560&rnd=90115829&m=&rtv=1&thost=www.eotimedopovo.com.br
Protocol
H2
Server
146.20.128.54 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.eotimedopovo.com.br
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Thu, 20 May 2021 11:47:23 GMT
content-length
0
access-control-allow-origin
https://www.eotimedopovo.com.br
access-control-max-age
300
cache-control
max-age=300
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
Content-Type
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-credentials
true
ad
v.lkqd.net/ Frame F61D 		115 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1092910&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56560%2C1%2C&c4=&c5=&c6=56560&rnd=90115829&m=&rtv=1&thost=www.eotimedopovo.com.br
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.54 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
416884c8c925364d8f7d5d0400d0a5b9863f563747a3bcd1e1442c6fe4b9dcd0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 20 May 2021 11:47:23 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://www.eotimedopovo.com.br
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
7513
cs
cs.lkqd.net/ Frame C7FD
Redirect Chain
  • https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252...
  • https://cs.krushmedia.com/cd607442bfdf172cfcec45014a5f4ece.gif?puid=2e0TeCbexw8&redir=https://cs.lkqd.net/cs?partnerId%3D102%26partnerUserId%3D%5BUID%5D
  • https://cs.lkqd.net/cs?partnerId=102&partnerUserId=6e97a66d-bcc9-4c5e-a464-ad088bdf4ce7
43 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&partnerUserId=6e97a66d-bcc9-4c5e-a464-ad088bdf4ce7
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:23 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Pragma
no-cache
Date
Thu, 20 May 2021 11:47:23 GMT
Server
nginx
Transfer-Encoding
chunked
Location
https://cs.lkqd.net/cs?partnerId=102&partnerUserId=6e97a66d-bcc9-4c5e-a464-ad088bdf4ce7
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
NXST
c.deployads.com/cs/ Frame C7FD
Redirect Chain
  • https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
  • https://c.deployads.com/cs/NXST?b=2e0TeCbexw8
43 B
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.deployads.com/cs/NXST?b=2e0TeCbexw8
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.95.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-95-9.eu-west-1.compute.amazonaws.com
Software
SortableCactus/1.0 /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 11:47:23 GMT
cache-control
no-cache
server
SortableCactus/1.0
content-type
image/gif
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Thu, 20 May 2021 11:47:23 GMT
server
nginx
location
https://c.deployads.com/cs/NXST?b=2e0TeCbexw8
access-control-max-age
0
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
0
cs
cs.lkqd.net/ Frame C7FD
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=9026173850633255870
43 B
389 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=9026173850633255870
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:23 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=9026173850633255870
pragma
no-cache
date
Thu, 20 May 2021 11:47:22 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cs
cs.lkqd.net/ Frame C7FD
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=161
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=3PH7CN0BRstdilnK1j7LNZ8wNwY
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=3PH7CN0BRstdilnK1j7LNZ8wNwY
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:23 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Location
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=3PH7CN0BRstdilnK1j7LNZ8wNwY
Date
Thu, 20 May 2021 11:47:23 GMT
Connection
keep-alive
Content-Length
104
Content-Type
text/html; charset=utf-8
464986.gif
idsync.rlcdn.com/ Frame C7FD
Redirect Chain
  • https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if
  • https://idsync.rlcdn.com/464986.gif?partner_uid=2e0TeCbexw8
0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/464986.gif?partner_uid=2e0TeCbexw8
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:23 GMT
via
1.1 google
alt-svc
clear
content-length
0

Redirect headers

date
Thu, 20 May 2021 11:47:23 GMT
server
nginx
location
https://idsync.rlcdn.com/464986.gif?partner_uid=2e0TeCbexw8
access-control-max-age
0
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
0
t
t.lkqd.net/ Frame A98B 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.202 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.eotimedopovo.com.br
date
Thu, 20 May 2021 11:47:23 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.202 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.eotimedopovo.com.br
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Thu, 20 May 2021 11:47:23 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.eotimedopovo.com.br
p-E357uSpKxfQzx.gif
cms.quantserve.com/pixel/ Frame F61D 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/pixel/p-E357uSpKxfQzx.gif?idmatch=0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 11:47:23 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
cs
cs.lkqd.net/ Frame F61D
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/lkq
  • https://match.prod.bidr.io/cookie-sync/lkq?_bee_ppp=1
  • https://cs.lkqd.net/cs?partnerId=80&partnerUserId=AACK1U7BTJkAAC0CUzkixw
43 B
394 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=80&partnerUserId=AACK1U7BTJkAAC0CUzkixw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:23 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=80&partnerUserId=AACK1U7BTJkAAC0CUzkixw
Date
Thu, 20 May 2021 11:47:23 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
cm
p.rfihub.com/ Frame F61D 		42 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.rfihub.com/cm?pub=35678&in=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
193.0.160.129 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 20 May 2021 11:47:23 GMT
Cache-Control
no-cache
Server
Jetty(9.3.29.v20201019)
Content-Type
image/gif
Content-Length
42
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cs
cs.lkqd.net/ Frame F61D
Redirect Chain
  • https://nxd.adhaven.com/bid-engine/cs/2e288610711ad6050acd86a3fc72a6c3/v1?rd=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D90%26partnerUserId%3D%24UID
  • https://cs.lkqd.net/cs?partnerId=90&partnerUserId=4c_abece38b-0648-4662-8747-b97df839f4f7
43 B
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=90&partnerUserId=4c_abece38b-0648-4662-8747-b97df839f4f7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:23 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=90&partnerUserId=4c_abece38b-0648-4662-8747-b97df839f4f7
date
Thu, 20 May 2021 11:47:23 GMT
via
1.1 google
server
WildFly/10
x-powered-by
Undertow/1
alt-svc
clear
content-length
0
cs
cs.lkqd.net/ Frame F61D
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=161
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=YwI4ITf3R31uYGxR9VDIXJ8wNwY
43 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=YwI4ITf3R31uYGxR9VDIXJ8wNwY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:23 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Location
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=YwI4ITf3R31uYGxR9VDIXJ8wNwY
Date
Thu, 20 May 2021 11:47:23 GMT
Connection
keep-alive
Content-Length
104
Content-Type
text/html; charset=utf-8
cs
cs.lkqd.net/ Frame F61D
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=9026173850633255870
43 B
389 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=9026173850633255870
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:23 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=9026173850633255870
pragma
no-cache
date
Thu, 20 May 2021 11:47:22 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
CookieSyncLKQD
rtb.adentifi.com/ Frame F61D 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncLKQD
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.207.62.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Content-Type
text/plain
cs
cs.lkqd.net/ Frame F61D
Redirect Chain
  • https://sync.1rx.io/usersync2/lkqd
  • https://cs.lkqd.net/cs?partnerId=7&partnerUserId=OPTOUT
43 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=7&partnerUserId=OPTOUT
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:23 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

pragma
no-cache
date
Thu, 20 May 2021 11:47:23 GMT
server
Tengine
etag
OPTOUT
content-type
text/html
location
https://cs.lkqd.net/cs?partnerId=7&partnerUserId=OPTOUT
cache-control
no-store, no-cache, must-revalidate
expires
0
cs
cs.lkqd.net/ Frame F61D
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=lkqd
  • https://x.bidswitch.net/ul_cb/sync?ssp=lkqd
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=lkqd&bsw_custom_parameter=af876d83-d96d-4a64-97ba-39b233f31be3
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=lkqd&bsw_custom_parameter=af876d83-d96d-4a64-97ba-39b233f31be3
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=8e334e04-404f-4cfa-914e-598717938ba8&user_group=1&ssp=lkqd&bsw_param=af876d83-d96d-4a64-97ba-39b233f31be3
  • https://cs.lkqd.net/cs?partnerId=12&partnerUserId=af876d83-d96d-4a64-97ba-39b233f31be3&redirect=%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D43%26partnerUserId%3Daf876d83-d96d-4a64-97ba-39b233f31be3%26redi...
  • https://cs.lkqd.net/cs?partnerId=43&partnerUserId=af876d83-d96d-4a64-97ba-39b233f31be3&redirect=//cs.lkqd.net/cs?partnerId%3D46%26partnerUserId%3Daf876d83-d96d-4a64-97ba-39b233f31be3
  • https://cs.lkqd.net/cs?partnerId=46&partnerUserId=af876d83-d96d-4a64-97ba-39b233f31be3
43 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=46&partnerUserId=af876d83-d96d-4a64-97ba-39b233f31be3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:23 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

date
Thu, 20 May 2021 11:47:23 GMT
server
nginx
location
//cs.lkqd.net/cs?partnerId=46&partnerUserId=af876d83-d96d-4a64-97ba-39b233f31be3
access-control-max-age
0
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
0
cs
cs.lkqd.net/ Frame F61D
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=e0d6q5j&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=e0d6q5j&ttd_tpi=1
  • https://cs.lkqd.net/cs?partnerId=22&partnerUserId=4b3077bb-e76c-4eab-a92c-ad7cd4cb34de
43 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=22&partnerUserId=4b3077bb-e76c-4eab-a92c-ad7cd4cb34de
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:23 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

pragma
no-cache
date
Thu, 20 May 2021 11:47:23 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.lkqd.net/cs?partnerId=22&partnerUserId=4b3077bb-e76c-4eab-a92c-ad7cd4cb34de
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
203
cs
cs.lkqd.net/ Frame F61D
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3162
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3162&s_h=1
  • https://cs.lkqd.net/cs?partnerId=23&partnerUserId=3aa2bcd3-d11a-4e6e-b941-75cb7e9561ef&gdpr=1&gdpr_consent=
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=23&partnerUserId=3aa2bcd3-d11a-4e6e-b941-75cb7e9561ef&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:23 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

pragma
no-cache
date
Thu, 20 May 2021 11:47:23 GMT
server
Apache-Coyote/1.1
location
https://cs.lkqd.net/cs?partnerId=23&partnerUserId=3aa2bcd3-d11a-4e6e-b941-75cb7e9561ef&gdpr=1&gdpr_consent=
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
cs
cs.lkqd.net/ Frame F61D
Redirect Chain
  • https://gu.dyntrk.com/adx/lkqd/us.php?dynk=l1k4q1d4&gdpr=&gdpr_consent=
  • https://gu.dyntrk.com/adx/lkqd/us.php?dynk=l1k4q1d4&gdpr=&gdpr_consent=&prevuid=03030003_60a64c4b55307&knw=0
  • https://cs.lkqd.net/cs?partnerId=25&partnerUserId=03030003_60a64c4b55307
43 B
391 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=25&partnerUserId=03030003_60a64c4b55307
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:23 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

date
Thu, 20 May 2021 11:47:23 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://cs.lkqd.net/cs?partnerId=25&partnerUserId=03030003_60a64c4b55307
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
cs
cs.lkqd.net/ Frame F61D
Redirect Chain
  • https://media.sabio.us/imp_pixel?invsrc=11&secure=1
  • https://cs.lkqd.net/cs?partnerId=39&partnerUserId=5310115102122377342
43 B
389 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=39&partnerUserId=5310115102122377342
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:23 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=39&partnerUserId=5310115102122377342
date
Thu, 20 May 2021 11:47:23 GMT
server
Apache/2.4.23 (Unix)
content-length
257
content-type
text/html; charset=iso-8859-1
/
loadm.exelator.com/load/ Frame F61D
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=lkqd
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=lkqd&s_h=1
  • https://sb.scorecardresearch.com/p?c1=9&c2=5989497&cs_xi=87f4f7de-dfe1-4fd3-9608-42885adecb9a&rn=TIMESTAMP&cs_xs=3315&r=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1266&gdpr=1&gd...
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1266
  • https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzMxODMxNDE0/mpuid/87f4f7de-dfe1-4fd3-9608-42885adecb9a/rnd/0/url/https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1261%2F&gdpr=1&gdpr_consent=
  • https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1261%2F&gdpr=1&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=445&dpuuid=87f4f7de-dfe1-4fd3-9608-42885adecb9a?redir=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1262&gdpr=1&gdpr_consent=
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1262
  • https://tags.bluekai.com/site/5379?id=87f4f7de-dfe1-4fd3-9608-42885adecb9a&redir=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1263&gdpr=1&gdpr_consent=
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1263
  • https://loadm.exelator.com/load/?p=204&g=281&buid=87f4f7de-dfe1-4fd3-9608-42885adecb9a&j=0&ru=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1265&gdpr=1&gdpr_consent=
0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadm.exelator.com/load/?p=204&g=281&buid=87f4f7de-dfe1-4fd3-9608-42885adecb9a&j=0&ru=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1265&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:24 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

pragma
no-cache
date
Thu, 20 May 2021 11:47:24 GMT
server
Apache-Coyote/1.1
location
https://loadm.exelator.com/load/?p=204&g=281&buid=87f4f7de-dfe1-4fd3-9608-42885adecb9a&j=0&ru=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1265&gdpr=1&gdpr_consent=
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
cs
cs.lkqd.net/ Frame F61D
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/aUTuBPNf?redir=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D52%26partnerUserId%3D%24%7BUSER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/aUTuBPNf?redir=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D52%26partnerUserId%3D%24%7BUSER_ID%7D&_test=YKZMSwABKf2HtQA4
  • https://cs.lkqd.net/cs?partnerId=52&partnerUserId=YKZMSwABKf2HtQA4&_test=YKZMSwABKf2HtQA4
43 B
389 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=52&partnerUserId=YKZMSwABKf2HtQA4&_test=YKZMSwABKf2HtQA4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:23 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

pragma
no-cache
date
Thu, 20 May 2021 11:47:23 GMT
via
1.1 varnish
server
Varnish
x-timer
S1621511244.647073,VS0,VE0
x-served-by
cache-fra19155-FRA
x-cache
HIT
location
https://cs.lkqd.net/cs?partnerId=52&partnerUserId=YKZMSwABKf2HtQA4&_test=YKZMSwABKf2HtQA4
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
cs
cs.lkqd.net/ Frame F61D
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=561322&ev=1&rurl=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D53%26partnerUserId%3D%25%25VGUID%25%25
  • https://cs.lkqd.net/cs?partnerId=53&partnerUserId=H8SMAv3KZ9NK&ev=1&pid=561322
43 B
386 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=53&partnerUserId=H8SMAv3KZ9NK&ev=1&pid=561322
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:23 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://cs.lkqd.net/cs?partnerId=53&partnerUserId=H8SMAv3KZ9NK&ev=1&pid=561322
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-686fd4fb4c-kdlww
expires
-1
464986.gif
idsync.rlcdn.com/ Frame F61D 		0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/464986.gif?partner_uid=2e0TeCbexw8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:23 GMT
via
1.1 google
alt-svc
clear
content-length
0
cs
cs.lkqd.net/ Frame F61D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm&google_hm=MmUwVGVDYmV4dzg
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm=&google_hm=MmUwVGVDYmV4dzg&google_tc=
  • https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEAIj7NNJMC2NPRyhqslGDow&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEAIj7NNJMC2NPRyhqslGDow&google_cver=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:23 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

pragma
no-cache
date
Thu, 20 May 2021 11:47:23 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEAIj7NNJMC2NPRyhqslGDow&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
296
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cs
cs.lkqd.net/ Frame F61D
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b30&u=2e0TeCbexw8&redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D85%26partnerUserId%3D%24TF_USER_ID_ENC%24
  • https://s.tribalfusion.com/z/i.match?p=b30&u=2e0TeCbexw8&redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D85%26partnerUserId%3D%24TF_USER_ID_ENC%24
  • https://cs.lkqd.net/cs?partnerId=85&partnerUserId=18072662185290101814
43 B
390 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=85&partnerUserId=18072662185290101814
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:23 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

pragma
no-cache
date
Thu, 20 May 2021 11:47:23 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
104
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
652554792a484aaf-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://cs.lkqd.net/cs?partnerId=85&partnerUserId=18072662185290101814
cache-control
no-cache, private
content-type
text/html
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a2b331fba00004aaff81b7000000001
expires
Thu, 01 Jan 1970 00:00:00 GMT
cs
cs.lkqd.net/ Frame F61D
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=118
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=118
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=1a81839a-646c-45aa-98bd-99caa0dfc787-60a64c4b-5553&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_i...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=1a81839a-646c-45aa-98bd-99caa0dfc787-60a64c4b-5553&partner_url=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D97%26partnerUser...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=1a81839a-646c-45aa-98bd-99caa0dfc787-60a64c4b-5553&partner_url=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D97%26partn...
  • https://cs.lkqd.net/cs?partnerId=97&partnerUserId=1a81839a-646c-45aa-98bd-99caa0dfc787-60a64c4b-5553
43 B
412 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=97&partnerUserId=1a81839a-646c-45aa-98bd-99caa0dfc787-60a64c4b-5553
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:23 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

date
Thu, 20 May 2021 11:47:23 GMT
via
1.1 google
server
Jetty(9.4.36.v20210114)
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://cs.lkqd.net/cs?partnerId=97&partnerUserId=1a81839a-646c-45aa-98bd-99caa0dfc787-60a64c4b-5553
alt-svc
clear
content-length
0
NXST
c.deployads.com/cs/ Frame F61D 		43 B
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.deployads.com/cs/NXST?b=2e0TeCbexw8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.95.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-95-9.eu-west-1.compute.amazonaws.com
Software
SortableCactus/1.0 /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 11:47:23 GMT
cache-control
no-cache
server
SortableCactus/1.0
content-type
image/gif
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
cs
cs.lkqd.net/ Frame F61D
Redirect Chain
  • https://cs.krushmedia.com/cd607442bfdf172cfcec45014a5f4ece.gif?puid=2e0TeCbexw8&redir=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D102%26partnerUserId%3D%5BUID%5D
  • https://cs.lkqd.net/cs?partnerId=102&partnerUserId=6e97a66d-bcc9-4c5e-a464-ad088bdf4ce7
43 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&partnerUserId=6e97a66d-bcc9-4c5e-a464-ad088bdf4ce7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:23 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Pragma
no-cache
Date
Thu, 20 May 2021 11:47:23 GMT
Server
nginx
Transfer-Encoding
chunked
Location
https://cs.lkqd.net/cs?partnerId=102&partnerUserId=6e97a66d-bcc9-4c5e-a464-ad088bdf4ce7
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
lkqd
event.clientgear.com/cookie/ Frame F61D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://event.clientgear.com/cookie/lkqd?partner=lkqd&cookieid=2e0TeCbexw8&uid={ymcookie}
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.252.78.131 , United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
tag
4cywq-eqnre.ads.tremorhub.com/ad/ 		119 B
472 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://4cywq-eqnre.ads.tremorhub.com/ad/tag?adCode=4cywq-7ivfu&playerWidth=400&playerHeight=225&srcPageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C2437372320371259106593196541%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:6713:fa1a:2031:cf35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
5616a6e1823b43919f7d1a33817cccfa1d9f30c9f10f2deb00d9c3671f91d5f0

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 11:47:23 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.eotimedopovo.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-tremorvideo-status
NO_AD
content-type
text/xml;charset=UTF-8
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		67 B
587 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=13385887&_fw_us_privacy=&_fw_gdpr=&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C49955472437372320371259106%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.21.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-112.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 20 May 2021 11:47:23 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.eotimedopovo.com.br
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1621511243215094-424
Expires
Thu, 20 May 2021 11:47:23 GMT
245558
search.spotxchange.com/vast/2.0/ 		67 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.0/245558?VPAID=JS&content_page_url=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&cb=1143257770&player_width=400&player_height=225&ip_addr=159.48.55.6&device[ua]=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&regs[gdpr]=0&device[geo][lat]=37.751&device[geo][lon]=-97.822&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C1900241232437372320371259106%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 20 May 2021 11:47:23 GMT
Content-Encoding
gzip
X-SpotX-Timing-Transform
0.000532
X-SpotX-Timing-SpotMarket
0.009913
X-SpotX-Timing-Page-Mux
0.000365
X-SpotX-Timing-Page-Require
0.000347
X-fe
024
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000006
Content-Length
77
X-SpotX-Timing-Page
0.016851
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000533
Last-Modified
Thu, 20 May 2021 11:47:23 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Vary
Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary
0.009913
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.eotimedopovo.com.br
X-SpotX-Timing-Page-Misc
0.005142
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000013
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
218947
search.spotxchange.com/vast/2.0/ 		67 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.0/218947?VPAID=JS&content_page_url=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&cb=1910857260&player_width=400&player_height=225&media_transcoding=low&ip_addr=159.48.55.6&device[ua]=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&regs[gdpr]=&user[consent]=&device[geo][lat]=37.751&device[geo][lon]=-97.822&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C24373723203712591061288565757%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 20 May 2021 11:47:23 GMT
Content-Encoding
gzip
X-SpotX-Timing-Transform
0.000895
X-SpotX-Timing-SpotMarket
0.011436
X-SpotX-Timing-Page-Mux
0.000969
X-SpotX-Timing-Page-Require
0.000400
X-fe
110
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000056
Content-Length
77
X-SpotX-Timing-Page
0.020844
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000339
Last-Modified
Thu, 20 May 2021 11:47:23 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Vary
Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary
0.011436
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.eotimedopovo.com.br
X-SpotX-Timing-Page-Misc
0.006737
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000011
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
ups.analytics.yahoo.com/ups/56465/
Redirect Chain
  • https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=812037901&gdpr=&gdpr_consent=&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&eov=eov&pi.width=400&pi.height=225&pi.viewa...
  • https://pr-bh.ybp.yahoo.com/sync/adtech/VA234bd9d6-b961-11eb-b62a-02474a157ceb?gdpr=1&gdpr_consent=&nsync=1
  • https://pixel.advertising.com/ups/56465/sync?uid=y-g_t4YbtE2p6hsUMG2cb9R_IsdHpXh1RgpDCh~A&_origin=0&nsync=1
  • https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-g_t4YbtE2p6hsUMG2cb9R_IsdHpXh1RgpDCh~A&_origin=0&nsync=1&apid=VA23ede28a-b961-11eb-a929-0289a724f814
227 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-g_t4YbtE2p6hsUMG2cb9R_IsdHpXh1RgpDCh~A&_origin=0&nsync=1&apid=VA23ede28a-b961-11eb-a929-0289a724f814
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
6b36889bd724c683ff092fa2b909a8752a9d505004410d3e404a308f2873b51e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 20 May 2021 11:47:23 GMT
Strict-Transport-Security
max-age=31536000
Server
ATS/7.1.2.128
Age
0
Vary
Origin
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Access-Control-Allow-Origin
null
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/xml;charset=UTF-8
Transfer-Encoding
chunked

Redirect headers

date
Thu, 20 May 2021 11:47:23 GMT
location
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-g_t4YbtE2p6hsUMG2cb9R_IsdHpXh1RgpDCh~A&_origin=0&nsync=1&apid=VA23ede28a-b961-11eb-a929-0289a724f814
vary
Origin
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin
null
access-control-allow-credentials
true
strict-transport-security
max-age=31536000
content-length
0
245554
search.spotxchange.com/vast/2.0/ 		67 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.0/245554?VPAID=JS&content_page_url=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&cb=1814724340&player_width=400&player_height=225&ip_addr=159.48.55.6&device[ua]=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&regs[gdpr]=0&device[geo][lat]=37.751&device[geo][lon]=-97.822&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C8303469922437372320371259106%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 20 May 2021 11:47:23 GMT
Content-Encoding
gzip
X-SpotX-Timing-Transform
0.000418
X-SpotX-Timing-SpotMarket
0.010191
X-SpotX-Timing-Page-Mux
0.000332
X-SpotX-Timing-Page-Require
0.000324
X-fe
125
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000003
Content-Length
77
X-SpotX-Timing-Page
0.018422
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000356
Last-Modified
Thu, 20 May 2021 11:47:23 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Vary
Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary
0.010191
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.eotimedopovo.com.br
X-SpotX-Timing-Page-Misc
0.006784
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000013
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
ups.analytics.yahoo.com/ups/56465/
Redirect Chain
  • https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1238354047&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=...
  • https://pr-bh.ybp.yahoo.com/sync/adtech/VA23ede28a-b961-11eb-a929-0289a724f814?gdpr=1&gdpr_consent=&nsync=1
  • https://pixel.advertising.com/ups/56465/sync?uid=y-gT67jnxE2p4x0htb3hTbwxR1cpQtBlaPDUY5~A&_origin=0&nsync=1
  • https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-gT67jnxE2p4x0htb3hTbwxR1cpQtBlaPDUY5~A&_origin=0&nsync=1&apid=VA23ede28a-b961-11eb-a929-0289a724f814
227 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-gT67jnxE2p4x0htb3hTbwxR1cpQtBlaPDUY5~A&_origin=0&nsync=1&apid=VA23ede28a-b961-11eb-a929-0289a724f814
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
6b36889bd724c683ff092fa2b909a8752a9d505004410d3e404a308f2873b51e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 20 May 2021 11:47:23 GMT
Strict-Transport-Security
max-age=31536000
Server
ATS/7.1.2.128
Age
0
Vary
Origin
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Access-Control-Allow-Origin
null
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/xml;charset=UTF-8
Transfer-Encoding
chunked

Redirect headers

date
Thu, 20 May 2021 11:47:23 GMT
location
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-gT67jnxE2p4x0htb3hTbwxR1cpQtBlaPDUY5~A&_origin=0&nsync=1&apid=VA23ede28a-b961-11eb-a929-0289a724f814
vary
Origin
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin
null
access-control-allow-credentials
true
strict-transport-security
max-age=31536000
content-length
0
sync
ups.analytics.yahoo.com/ups/56465/
Redirect Chain
  • https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=640814678&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&eov...
  • https://pr-bh.ybp.yahoo.com/sync/adtech/VA23f71e40-b961-11eb-9a99-02effca90522?gdpr=1&gdpr_consent=&nsync=1
  • https://pixel.advertising.com/ups/56465/sync?uid=y-lc7AufNE2p4bJETi.RiB2R4Az81RfjVHt5Ce~A&_origin=0&nsync=1
  • https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-lc7AufNE2p4bJETi.RiB2R4Az81RfjVHt5Ce~A&_origin=0&nsync=1&apid=VA23ede28a-b961-11eb-a929-0289a724f814
227 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-lc7AufNE2p4bJETi.RiB2R4Az81RfjVHt5Ce~A&_origin=0&nsync=1&apid=VA23ede28a-b961-11eb-a929-0289a724f814
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
6b36889bd724c683ff092fa2b909a8752a9d505004410d3e404a308f2873b51e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 20 May 2021 11:47:23 GMT
Strict-Transport-Security
max-age=31536000
Server
ATS/7.1.2.128
Age
0
Vary
Origin
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Access-Control-Allow-Origin
null
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/xml;charset=UTF-8
Transfer-Encoding
chunked

Redirect headers

date
Thu, 20 May 2021 11:47:23 GMT
location
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-lc7AufNE2p4bJETi.RiB2R4Az81RfjVHt5Ce~A&_origin=0&nsync=1&apid=VA23ede28a-b961-11eb-a929-0289a724f814
vary
Origin
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin
null
access-control-allow-credentials
true
strict-transport-security
max-age=31536000
content-length
0
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		67 B
584 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&_fw_us_privacy=&_fw_gdpr=&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C10654032552437372320371259106,,
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.21.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-112.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 20 May 2021 11:47:23 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.eotimedopovo.com.br
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1621511243321028-399
Expires
Thu, 20 May 2021 11:47:23 GMT
sync
ups.analytics.yahoo.com/ups/56465/
Redirect Chain
  • https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=514978811&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&eov=eov&pi.width=400&pi.height=...
  • https://pr-bh.ybp.yahoo.com/sync/adtech/VA23e5ce5d-b961-11eb-b440-02b90c27b1e5?gdpr=1&gdpr_consent=&nsync=1
  • https://pixel.advertising.com/ups/56465/sync?uid=y-gT67jnxE2p4x0htb3hTbwxR1cpQtBlaPDUY5~A&_origin=0&nsync=1
  • https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-gT67jnxE2p4x0htb3hTbwxR1cpQtBlaPDUY5~A&_origin=0&nsync=1&apid=VA23ede28a-b961-11eb-a929-0289a724f814
227 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-gT67jnxE2p4x0htb3hTbwxR1cpQtBlaPDUY5~A&_origin=0&nsync=1&apid=VA23ede28a-b961-11eb-a929-0289a724f814
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
6b36889bd724c683ff092fa2b909a8752a9d505004410d3e404a308f2873b51e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 20 May 2021 11:47:23 GMT
Strict-Transport-Security
max-age=31536000
Server
ATS/7.1.2.128
Age
0
Vary
Origin
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Access-Control-Allow-Origin
null
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/xml;charset=UTF-8
Transfer-Encoding
chunked

Redirect headers

date
Thu, 20 May 2021 11:47:23 GMT
location
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-gT67jnxE2p4x0htb3hTbwxR1cpQtBlaPDUY5~A&_origin=0&nsync=1&apid=VA23ede28a-b961-11eb-a929-0289a724f814
vary
Origin
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin
null
access-control-allow-credentials
true
strict-transport-security
max-age=31536000
content-length
0
sync
ups.analytics.yahoo.com/ups/56465/
Redirect Chain
  • https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHuEXTfdKx9AY=?cb=343681360&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&duration=&id=&title=&url=&pi.width=400&pi.height=22...
  • https://pr-bh.ybp.yahoo.com/sync/adtech/VA2352aa5e-b961-11eb-9277-06bffd7af2ce?gdpr=1&gdpr_consent=&nsync=1
  • https://pixel.advertising.com/ups/56465/sync?uid=y-gT67jnxE2p4x0htb3hTbwxR1cpQtBlaPDUY5~A&_origin=0&nsync=1
  • https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-gT67jnxE2p4x0htb3hTbwxR1cpQtBlaPDUY5~A&_origin=0&nsync=1&apid=VA23ede28a-b961-11eb-a929-0289a724f814
227 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-gT67jnxE2p4x0htb3hTbwxR1cpQtBlaPDUY5~A&_origin=0&nsync=1&apid=VA23ede28a-b961-11eb-a929-0289a724f814
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
6b36889bd724c683ff092fa2b909a8752a9d505004410d3e404a308f2873b51e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 20 May 2021 11:47:23 GMT
Strict-Transport-Security
max-age=31536000
Server
ATS/7.1.2.128
Age
0
Vary
Origin
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Access-Control-Allow-Origin
null
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/xml;charset=UTF-8
Transfer-Encoding
chunked

Redirect headers

date
Thu, 20 May 2021 11:47:23 GMT
location
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-gT67jnxE2p4x0htb3hTbwxR1cpQtBlaPDUY5~A&_origin=0&nsync=1&apid=VA23ede28a-b961-11eb-a929-0289a724f814
vary
Origin
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin
null
access-control-allow-credentials
true
strict-transport-security
max-age=31536000
content-length
0
ads
loopme.me/api/vast/ 		183 B
226 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://loopme.me/api/vast/ads?appId=b85846f02e&vast=2&uid=7495537660269924043&ip=159.48.55.6&ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&lon=&lat=&dnt=0&bundleid=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&lng=es&&height=400&width=225&page=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&OMID=1&user_consent=&pubid=1092910&us_privacy=&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C24373723203712591061015635840%2C%2C&gdpr=&gdpr_consent=&gdpr_pd=&vpaid=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.55.3.20 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
_ /
Resource Hash
7b38cd9405b29e24d3af2065e6770329f1cb345fe2f368698f68c31a95d48b1a

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:23 GMT
xl
s
server
_
access-control-max-age
3600
access-control-allow-methods
GET,POST
content-type
application/xml
access-control-allow-origin
https://www.eotimedopovo.com.br
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,WWW-Authenticate,Authorization
content-length
183
ads
loopme.me/api/vast/ 		183 B
226 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://loopme.me/api/vast/ads?appId=9d3d0ded64&vast=2&uid=7495537660269924043&ip=159.48.55.6&ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&lon=&lat=&dnt=0&bundleid=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&lng=es&&height=400&width=225&page=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&OMID=1&user_consent=&pubid=1092910&us_privacy=&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C2437372320371259106217388962%2C%2C&gdpr=&gdpr_consent=&gdpr_pd=&vpaid=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.55.3.20 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
_ /
Resource Hash
7b38cd9405b29e24d3af2065e6770329f1cb345fe2f368698f68c31a95d48b1a

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:23 GMT
xl
s
server
_
access-control-max-age
3600
access-control-allow-methods
GET,POST
content-type
application/xml
access-control-allow-origin
https://www.eotimedopovo.com.br
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,WWW-Authenticate,Authorization
content-length
183
vtag
vast.emxdgt.com/ 		27 B
339 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vast.emxdgt.com/vtag?tagid=97333&site.page=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&maxduration=119&skip=0&site.domain=eotimedopovo.com.br&device.ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&device.type=2&device.make=Google&device.model=Chrome%20-%20Windows&w=400&h=225&mimes=video%2Fmp4%2Cvideo%2Fweb%2Cvideo%2Fx-ms-wmv%2Capplication%2Fjavascript&protocols=2%2C3%2C5%2C6&placement=1&linearity=1&minduration=2&minbitrate=200&maxbitrate=10000&playbackmethod=1&maxextend=-1&boxingallowed=0&publisher.name=0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.236.141.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 20 May 2021 11:47:23 GMT
Content-Type
application/xml
Access-Control-Allow-Origin
https://www.eotimedopovo.com.br
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Access-Control-Allow-Headers
security, Content-Type
Content-Length
27
ads
loopme.me/api/vast/ 		183 B
426 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://loopme.me/api/vast/ads?appId=e050b7bfed&vast=2&uid=7495537660269924043&ip=159.48.55.6&ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&lon=&lat=&dnt=0&bundleid=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&lng=es&&height=400&width=225&page=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&OMID=1&user_consent=&pubid=1092910&us_privacy=&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C2437372320371259106364826943%2C%2C&gdpr=&gdpr_consent=&gdpr_pd=&vpaid=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.55.3.20 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
_ /
Resource Hash
7b38cd9405b29e24d3af2065e6770329f1cb345fe2f368698f68c31a95d48b1a

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:23 GMT
xl
s
server
_
access-control-max-age
3600
access-control-allow-methods
GET,POST
content-type
application/xml
access-control-allow-origin
https://www.eotimedopovo.com.br
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,WWW-Authenticate,Authorization
content-length
183
/
x.vindicosuite.com/ 		65 B
773 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://x.vindicosuite.com/?l=560976&t=x&rnd=1867647093&u=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&r=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&ip=159.48.55.6&mediaduration=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.204 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
441c888ef13a4a9910313f7562f49f87db25497a8b79daf540ab15052ce5a0d0 /
Resource Hash
5f91da25c24e6fb0fc2f6b18964b6bb696253b1d13fa9fa32ca8d27f60ec9fee

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 11:47:22 GMT
via
1.1 google
server
441c888ef13a4a9910313f7562f49f87db25497a8b79daf540ab15052ce5a0d0
p3p
CP="NOI DSP COR DEVa TAIa OUR BUS UNI NAV"
access-control-allow-origin
https://www.eotimedopovo.com.br
cache-control
no-store,no-cache,must-revalidate,post-check=0,pre-check=0
access-control-allow-credentials
true
content-type
text/xml;charset=ISO-8859-1
alt-svc
clear
expires
Thu, 01 Dec 1994 16:00:00 GMT
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.202 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.eotimedopovo.com.br
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Thu, 20 May 2021 11:47:23 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.eotimedopovo.com.br
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.202 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.eotimedopovo.com.br
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Thu, 20 May 2021 11:47:23 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.eotimedopovo.com.br
t
t.lkqd.net/ Frame A98B 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.202 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.eotimedopovo.com.br
date
Thu, 20 May 2021 11:47:24 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame A98B 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.202 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.eotimedopovo.com.br
date
Thu, 20 May 2021 11:47:24 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
ad
v.lkqd.net/ Frame 4F19 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1092910&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56560%2C1%2C&c4=&c5=&c6=56560&rnd=17619410&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.54 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
418eb03b3d6f025ffb549949c9bd47d92336d5631cd2811fe0679d98b19db080

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:24 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://www.eotimedopovo.com.br
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1364
vpaid.js
ad.lkqd.net/vpaid/ Frame 6C35 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
ef50960ff4008e29ce90d5fbf828aafc92f1df70f59fb672fa3884fdd2017a5f

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:24 GMT
content-encoding
gzip
last-modified
Mon, 10 May 2021 16:09:54 GMT
etag
"18431b5d583ab7507824ab63424fc76a"
x-hw
1621511244.cds143.am5.hn,1621511244.cds300.am5.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62012
usync.html
ad.lkqd.net/cookie-sync/ Frame 7338 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
f1b84287f024bbd570be1f1bc70c321931025ffacde7b25210dcc1ccc0575591

Request headers

:method
GET
:authority
ad.lkqd.net
:scheme
https
:path
/cookie-sync/usync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
lkqdidts=1621511244; lkqdid=dJI9MkIgkIM
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:24 GMT
content-encoding
gzip
content-length
1828
content-type
text/html
last-modified
Mon, 12 Apr 2021 19:06:23 GMT
accept-ranges
bytes
etag
"27034f886617b8db418f17a7a29a7e50"
cache-control
public, max-age=1209600
x-hw
1621511244.cds143.am5.hn,1621511244.cds257.am5.c
access-control-allow-origin
*
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1092910&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56560%2C1%2C&c4=&c5=&c6=56560&rnd=17619410&m=&rtv=1&thost=www.eotimedopovo.com.br
Protocol
H2
Server
146.20.128.54 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.eotimedopovo.com.br
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Thu, 20 May 2021 11:47:24 GMT
content-length
0
access-control-allow-origin
https://www.eotimedopovo.com.br
access-control-max-age
300
cache-control
max-age=300
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
Content-Type
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-credentials
true
ad
v.lkqd.net/ Frame 6C35 		122 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1092910&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56560%2C1%2C&c4=&c5=&c6=56560&rnd=17619410&m=&rtv=1&thost=www.eotimedopovo.com.br
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.54 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
2a7705fae774b398a3597f3892e30fa31aade2a04d78c58fb65d2d4922d25a1b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 20 May 2021 11:47:25 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://www.eotimedopovo.com.br
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
7880
cs
cs.lkqd.net/ Frame 7338
Redirect Chain
  • https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252...
  • https://cs.krushmedia.com/cd607442bfdf172cfcec45014a5f4ece.gif?puid=dJI9MkIgkIM&redir=https://cs.lkqd.net/cs?partnerId%3D102%26partnerUserId%3D%5BUID%5D
  • https://cs.lkqd.net/cs?partnerId=102&partnerUserId=3657051d-8229-43c6-ac99-6cd8e78f3f6c
43 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&partnerUserId=3657051d-8229-43c6-ac99-6cd8e78f3f6c
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:24 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Pragma
no-cache
Date
Thu, 20 May 2021 11:47:24 GMT
Server
nginx
Transfer-Encoding
chunked
Location
https://cs.lkqd.net/cs?partnerId=102&partnerUserId=3657051d-8229-43c6-ac99-6cd8e78f3f6c
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
NXST
c.deployads.com/cs/ Frame 7338
Redirect Chain
  • https://cs.lkqd.net/cs?partnerId=99&redirect=https%3A%2F%2Fc.deployads.com%2Fcs%2FNXST%3Fb%3D%24%24rawlkqduserid%24%24&r=if
  • https://c.deployads.com/cs/NXST?b=dJI9MkIgkIM
43 B
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.deployads.com/cs/NXST?b=dJI9MkIgkIM
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.95.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-95-9.eu-west-1.compute.amazonaws.com
Software
SortableCactus/1.0 /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 11:47:24 GMT
cache-control
no-cache
server
SortableCactus/1.0
content-type
image/gif
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Thu, 20 May 2021 11:47:24 GMT
server
nginx
location
https://c.deployads.com/cs/NXST?b=dJI9MkIgkIM
access-control-max-age
0
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
0
cs
cs.lkqd.net/ Frame 7338
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=9170013061290539966
43 B
389 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=9170013061290539966
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:24 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=9170013061290539966
pragma
no-cache
date
Thu, 20 May 2021 11:47:24 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cs
cs.lkqd.net/ Frame 7338
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=161
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=beTRRgD1TVtr2u1UOqlVgp8wNwY
43 B
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=beTRRgD1TVtr2u1UOqlVgp8wNwY
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:24 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Location
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=beTRRgD1TVtr2u1UOqlVgp8wNwY
Date
Thu, 20 May 2021 11:47:24 GMT
Connection
keep-alive
Content-Length
104
Content-Type
text/html; charset=utf-8
464986.gif
idsync.rlcdn.com/ Frame 7338
Redirect Chain
  • https://cs.lkqd.net/cs?partnerId=55&redirect=https%3A%2F%2Fidsync.rlcdn.com%2F464986.gif%3Fpartner_uid%3D%24%24rawlkqduserid%24%24&r=if
  • https://idsync.rlcdn.com/464986.gif?partner_uid=dJI9MkIgkIM
0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/464986.gif?partner_uid=dJI9MkIgkIM
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:24 GMT
via
1.1 google
alt-svc
clear
content-length
0

Redirect headers

date
Thu, 20 May 2021 11:47:24 GMT
server
nginx
location
https://idsync.rlcdn.com/464986.gif?partner_uid=dJI9MkIgkIM
access-control-max-age
0
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
0
t
t.lkqd.net/ Frame 52C1 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.202 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.eotimedopovo.com.br
date
Thu, 20 May 2021 11:47:24 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.202 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.eotimedopovo.com.br
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Thu, 20 May 2021 11:47:24 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.eotimedopovo.com.br
cs
cs.lkqd.net/ Frame 6C35
Redirect Chain
  • https://sync.1rx.io/usersync2/lkqd
  • https://cs.lkqd.net/cs?partnerId=7&partnerUserId=OPTOUT
43 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=7&partnerUserId=OPTOUT
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:25 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

pragma
no-cache
date
Thu, 20 May 2021 11:47:25 GMT
server
Tengine
etag
OPTOUT
content-type
text/html
location
https://cs.lkqd.net/cs?partnerId=7&partnerUserId=OPTOUT
cache-control
no-store, no-cache, must-revalidate
expires
0
cs
cs.lkqd.net/ Frame 6C35
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=lkqd
  • https://x.bidswitch.net/ul_cb/sync?ssp=lkqd
  • https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=lkqd&bsw_custom_parameter=88f8fd6b-4ad7-4991-92c2-4f60f86ff418
  • https://x.bidswitch.net/sync?dsp_id=257&user_id=mk1ee16558-b17c-4ccb-864b-34d4c77d6875&expires=7&user_group=5&ssp=lkqd&bsw_param=88f8fd6b-4ad7-4991-92c2-4f60f86ff418
  • https://cs.lkqd.net/cs?partnerId=12&partnerUserId=88f8fd6b-4ad7-4991-92c2-4f60f86ff418&redirect=%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D43%26partnerUserId%3D88f8fd6b-4ad7-4991-92c2-4f60f86ff418%26redi...
  • https://cs.lkqd.net/cs?partnerId=43&partnerUserId=88f8fd6b-4ad7-4991-92c2-4f60f86ff418&redirect=//cs.lkqd.net/cs?partnerId%3D46%26partnerUserId%3D88f8fd6b-4ad7-4991-92c2-4f60f86ff418
  • https://cs.lkqd.net/cs?partnerId=46&partnerUserId=88f8fd6b-4ad7-4991-92c2-4f60f86ff418
43 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=46&partnerUserId=88f8fd6b-4ad7-4991-92c2-4f60f86ff418
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:27 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

date
Thu, 20 May 2021 11:47:27 GMT
server
nginx
location
//cs.lkqd.net/cs?partnerId=46&partnerUserId=88f8fd6b-4ad7-4991-92c2-4f60f86ff418
access-control-max-age
0
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
0
cs
cs.lkqd.net/ Frame 6C35
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=e0d6q5j&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=e0d6q5j&ttd_tpi=1
  • https://cs.lkqd.net/cs?partnerId=22&partnerUserId=c9ccb9af-a70f-45ff-be55-319f633672db
43 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=22&partnerUserId=c9ccb9af-a70f-45ff-be55-319f633672db
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:25 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

pragma
no-cache
date
Thu, 20 May 2021 11:47:25 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.lkqd.net/cs?partnerId=22&partnerUserId=c9ccb9af-a70f-45ff-be55-319f633672db
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
203
cs
cs.lkqd.net/ Frame 6C35
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3162
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3162&s_h=1
  • https://cs.lkqd.net/cs?partnerId=23&partnerUserId=7535f873-a17b-451d-ac9b-1d46678ee5a2&gdpr=1&gdpr_consent=
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=23&partnerUserId=7535f873-a17b-451d-ac9b-1d46678ee5a2&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:25 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

pragma
no-cache
date
Thu, 20 May 2021 11:47:25 GMT
server
Apache-Coyote/1.1
location
https://cs.lkqd.net/cs?partnerId=23&partnerUserId=7535f873-a17b-451d-ac9b-1d46678ee5a2&gdpr=1&gdpr_consent=
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
cs
cs.lkqd.net/ Frame 6C35
Redirect Chain
  • https://gu.dyntrk.com/adx/lkqd/us.php?dynk=l1k4q1d4&gdpr=&gdpr_consent=
  • https://gu.dyntrk.com/adx/lkqd/us.php?dynk=l1k4q1d4&gdpr=&gdpr_consent=&prevuid=03030001_60a64c4d96097&knw=0
  • https://cs.lkqd.net/cs?partnerId=25&partnerUserId=03030001_60a64c4d96097
43 B
391 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=25&partnerUserId=03030001_60a64c4d96097
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:25 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

date
Thu, 20 May 2021 11:47:25 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://cs.lkqd.net/cs?partnerId=25&partnerUserId=03030001_60a64c4d96097
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
cs
cs.lkqd.net/ Frame 6C35
Redirect Chain
  • https://media.sabio.us/imp_pixel?invsrc=11&secure=1
  • https://cs.lkqd.net/cs?partnerId=39&partnerUserId=6971069978502825217
43 B
389 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=39&partnerUserId=6971069978502825217
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:25 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=39&partnerUserId=6971069978502825217
date
Thu, 20 May 2021 11:47:25 GMT
server
Apache/2.4.23 (Unix)
content-length
257
content-type
text/html; charset=iso-8859-1
cs
cs.lkqd.net/ Frame 6C35
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/aUTuBPNf?redir=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D52%26partnerUserId%3D%24%7BUSER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/aUTuBPNf?redir=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D52%26partnerUserId%3D%24%7BUSER_ID%7D&_test=YKZMTQABKhWn4wA4
  • https://cs.lkqd.net/cs?partnerId=52&partnerUserId=YKZMTQABKhWn4wA4&_test=YKZMTQABKhWn4wA4
43 B
389 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=52&partnerUserId=YKZMTQABKhWn4wA4&_test=YKZMTQABKhWn4wA4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:25 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

pragma
no-cache
date
Thu, 20 May 2021 11:47:25 GMT
via
1.1 varnish
server
Varnish
x-timer
S1621511246.729703,VS0,VE0
x-served-by
cache-fra19155-FRA
x-cache
HIT
location
https://cs.lkqd.net/cs?partnerId=52&partnerUserId=YKZMTQABKhWn4wA4&_test=YKZMTQABKhWn4wA4
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
cs
cs.lkqd.net/ Frame 6C35
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=561322&ev=1&rurl=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D53%26partnerUserId%3D%25%25VGUID%25%25
  • https://cs.lkqd.net/cs?partnerId=53&partnerUserId=aelCeicc16KF&ev=1&pid=561322
43 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=53&partnerUserId=aelCeicc16KF&ev=1&pid=561322
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:25 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://cs.lkqd.net/cs?partnerId=53&partnerUserId=aelCeicc16KF&ev=1&pid=561322
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-686fd4fb4c-2rw65
expires
-1
p-E357uSpKxfQzx.gif
cms.quantserve.com/pixel/ Frame 6C35 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/pixel/p-E357uSpKxfQzx.gif?idmatch=0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 11:47:25 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
cs
cs.lkqd.net/ Frame 6C35
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/lkq
  • https://match.prod.bidr.io/cookie-sync/lkq?_bee_ppp=1
  • https://cs.lkqd.net/cs?partnerId=80&partnerUserId=AAB9CE7BTJkAAC2MHnvtLA
43 B
394 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=80&partnerUserId=AAB9CE7BTJkAAC2MHnvtLA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:25 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=80&partnerUserId=AAB9CE7BTJkAAC2MHnvtLA
Date
Thu, 20 May 2021 11:47:25 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
cm
p.rfihub.com/ Frame 6C35 		42 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.rfihub.com/cm?pub=35678&in=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
193.0.160.129 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 20 May 2021 11:47:25 GMT
Cache-Control
no-cache
Server
Jetty(9.3.29.v20201019)
Content-Type
image/gif
Content-Length
42
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cs
cs.lkqd.net/ Frame 6C35
Redirect Chain
  • https://nxd.adhaven.com/bid-engine/cs/2e288610711ad6050acd86a3fc72a6c3/v1?rd=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D90%26partnerUserId%3D%24UID
  • https://cs.lkqd.net/cs?partnerId=90&partnerUserId=4c_07fe6ccc-b0ef-4c5a-a5ff-6bda062000fb
43 B
403 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=90&partnerUserId=4c_07fe6ccc-b0ef-4c5a-a5ff-6bda062000fb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:25 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=90&partnerUserId=4c_07fe6ccc-b0ef-4c5a-a5ff-6bda062000fb
date
Thu, 20 May 2021 11:47:25 GMT
via
1.1 google
server
WildFly/10
x-powered-by
Undertow/1
alt-svc
clear
content-length
0
cs
cs.lkqd.net/ Frame 6C35
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=161
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=beTRRgD1TVtr2u1UOqlVgp8wNwY
43 B
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=beTRRgD1TVtr2u1UOqlVgp8wNwY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:25 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Location
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=beTRRgD1TVtr2u1UOqlVgp8wNwY
Date
Thu, 20 May 2021 11:47:25 GMT
Connection
keep-alive
Content-Length
104
Content-Type
text/html; charset=utf-8
cs
cs.lkqd.net/ Frame 6C35
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=9170013061290539966
43 B
389 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=9170013061290539966
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:25 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=9170013061290539966
pragma
no-cache
date
Thu, 20 May 2021 11:47:25 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cs
cs.lkqd.net/ Frame 6C35
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=118
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=118
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=1441b97e-9105-40b1-be81-cffa4f2b730c-60a64c4d-5553&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_i...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=1441b97e-9105-40b1-be81-cffa4f2b730c-60a64c4d-5553&partner_url=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D97%26partnerUser...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=1441b97e-9105-40b1-be81-cffa4f2b730c-60a64c4d-5553&partner_url=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D97%26partn...
  • https://cs.lkqd.net/cs?partnerId=97&partnerUserId=1441b97e-9105-40b1-be81-cffa4f2b730c-60a64c4d-5553
43 B
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=97&partnerUserId=1441b97e-9105-40b1-be81-cffa4f2b730c-60a64c4d-5553
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:25 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

date
Thu, 20 May 2021 11:47:25 GMT
via
1.1 google
server
Jetty(9.4.36.v20210114)
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://cs.lkqd.net/cs?partnerId=97&partnerUserId=1441b97e-9105-40b1-be81-cffa4f2b730c-60a64c4d-5553
alt-svc
clear
content-length
0
CookieSyncLKQD
rtb.adentifi.com/ Frame 6C35 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncLKQD
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.207.62.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Content-Type
text/plain
/
loadm.exelator.com/load/ Frame 6C35
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=lkqd
  • https://sb.scorecardresearch.com/p?c1=9&c2=5989497&cs_xi=7535f873-a17b-451d-ac9b-1d46678ee5a2&rn=TIMESTAMP&cs_xs=3315&r=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1266&gdpr=1&gd...
  • https://sb.scorecardresearch.com/p2?c1=9&c2=5989497&cs_xi=7535f873-a17b-451d-ac9b-1d46678ee5a2&rn=TIMESTAMP&cs_xs=3315&r=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1266&gdpr=1&g...
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1266
  • https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzMxODMxNDE0/mpuid/7535f873-a17b-451d-ac9b-1d46678ee5a2/rnd/0/url/https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1261%2F&gdpr=1&gdpr_consent=
  • https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1261%2F&gdpr=1&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=445&dpuuid=7535f873-a17b-451d-ac9b-1d46678ee5a2?redir=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1262&gdpr=1&gdpr_consent=
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1262
  • https://tags.bluekai.com/site/5379?id=7535f873-a17b-451d-ac9b-1d46678ee5a2&redir=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1263&gdpr=1&gdpr_consent=
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1263
  • https://loadm.exelator.com/load/?p=204&g=281&buid=7535f873-a17b-451d-ac9b-1d46678ee5a2&j=0&ru=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1265&gdpr=1&gdpr_consent=
0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadm.exelator.com/load/?p=204&g=281&buid=7535f873-a17b-451d-ac9b-1d46678ee5a2&j=0&ru=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1265&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:26 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

pragma
no-cache
date
Thu, 20 May 2021 11:47:26 GMT
server
Apache-Coyote/1.1
location
https://loadm.exelator.com/load/?p=204&g=281&buid=7535f873-a17b-451d-ac9b-1d46678ee5a2&j=0&ru=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1265&gdpr=1&gdpr_consent=
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
464986.gif
idsync.rlcdn.com/ Frame 6C35 		0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/464986.gif?partner_uid=dJI9MkIgkIM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:25 GMT
via
1.1 google
alt-svc
clear
content-length
0
cs
cs.lkqd.net/ Frame 6C35
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm&google_hm=ZEpJOU1rSWdrSU0
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm=&google_hm=ZEpJOU1rSWdrSU0&google_tc=
  • https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEFTSrzWLGW-fk3KTD3wPKtw&google_cver=1
43 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEFTSrzWLGW-fk3KTD3wPKtw&google_cver=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:25 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

pragma
no-cache
date
Thu, 20 May 2021 11:47:25 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEFTSrzWLGW-fk3KTD3wPKtw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
296
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cs
cs.lkqd.net/ Frame 6C35
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b30&u=dJI9MkIgkIM&redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D85%26partnerUserId%3D%24TF_USER_ID_ENC%24
  • https://s.tribalfusion.com/z/i.match?p=b30&u=dJI9MkIgkIM&redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D85%26partnerUserId%3D%24TF_USER_ID_ENC%24
  • https://cs.lkqd.net/cs?partnerId=85&partnerUserId=18072662185290008119
43 B
390 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=85&partnerUserId=18072662185290008119
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:26 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

pragma
no-cache
date
Thu, 20 May 2021 11:47:26 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
58
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
652554878a3c4aaf-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://cs.lkqd.net/cs?partnerId=85&partnerUserId=18072662185290008119
cache-control
no-cache, private
content-type
text/html
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a2b3328b700004aafa63d9000000001
expires
Thu, 01 Jan 1970 00:00:00 GMT
NXST
c.deployads.com/cs/ Frame 6C35 		43 B
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.deployads.com/cs/NXST?b=dJI9MkIgkIM
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.95.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-95-9.eu-west-1.compute.amazonaws.com
Software
SortableCactus/1.0 /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 11:47:25 GMT
cache-control
no-cache
server
SortableCactus/1.0
content-type
image/gif
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
cs
cs.lkqd.net/ Frame 6C35
Redirect Chain
  • https://cs.krushmedia.com/cd607442bfdf172cfcec45014a5f4ece.gif?puid=dJI9MkIgkIM&redir=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D102%26partnerUserId%3D%5BUID%5D
  • https://cs.lkqd.net/cs?partnerId=102&partnerUserId=3657051d-8229-43c6-ac99-6cd8e78f3f6c
43 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&partnerUserId=3657051d-8229-43c6-ac99-6cd8e78f3f6c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:26 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Pragma
no-cache
Date
Thu, 20 May 2021 11:47:25 GMT
Server
nginx
Transfer-Encoding
chunked
Location
https://cs.lkqd.net/cs?partnerId=102&partnerUserId=3657051d-8229-43c6-ac99-6cd8e78f3f6c
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
lkqd
event.clientgear.com/cookie/ Frame 6C35 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://event.clientgear.com/cookie/lkqd?partner=lkqd&cookieid=dJI9MkIgkIM&uid={ymcookie}
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.252.78.131 , United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
tag
4cywq-eqnre.ads.tremorhub.com/ad/ 		119 B
471 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://4cywq-eqnre.ads.tremorhub.com/ad/tag?adCode=4cywq-7ivfu&playerWidth=400&playerHeight=225&srcPageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C671128062475847212844027210%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:6713:fa1a:2031:cf35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
5616a6e1823b43919f7d1a33817cccfa1d9f30c9f10f2deb00d9c3671f91d5f0

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 11:47:25 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.eotimedopovo.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-tremorvideo-status
NO_AD
content-type
text/xml;charset=UTF-8
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		67 B
586 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=13385887&_fw_us_privacy=&_fw_gdpr=&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C10693631226711280624758472128%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.21.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-112.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 20 May 2021 11:47:25 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.eotimedopovo.com.br
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1621511245599032-382
Expires
Thu, 20 May 2021 11:47:25 GMT
245558
search.spotxchange.com/vast/2.0/ 		67 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.0/245558?VPAID=JS&content_page_url=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&cb=543815275&player_width=400&player_height=225&ip_addr=159.48.55.6&device[ua]=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&regs[gdpr]=0&device[geo][lat]=37.751&device[geo][lon]=-97.822&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C18515728486711280624758472128%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 20 May 2021 11:47:25 GMT
Content-Encoding
gzip
X-SpotX-Timing-Transform
0.000406
X-SpotX-Timing-SpotMarket
0.007877
X-SpotX-Timing-Page-Mux
0.000231
X-SpotX-Timing-Page-Require
0.000361
X-fe
108
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000044
Content-Length
77
X-SpotX-Timing-Page
0.013350
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000310
Last-Modified
Thu, 20 May 2021 11:47:25 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Vary
Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary
0.007877
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.eotimedopovo.com.br
X-SpotX-Timing-Page-Misc
0.004109
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000011
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
218947
search.spotxchange.com/vast/2.0/ 		67 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.0/218947?VPAID=JS&content_page_url=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&cb=1900218942&player_width=400&player_height=225&media_transcoding=low&ip_addr=159.48.55.6&device[ua]=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&regs[gdpr]=&user[consent]=&device[geo][lat]=37.751&device[geo][lon]=-97.822&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C6711280624758472128117697702%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 20 May 2021 11:47:25 GMT
Content-Encoding
gzip
X-SpotX-Timing-Transform
0.000275
X-SpotX-Timing-SpotMarket
0.008856
X-SpotX-Timing-Page-Mux
0.000991
X-SpotX-Timing-Page-Require
0.000391
X-fe
120
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000004
Content-Length
77
X-SpotX-Timing-Page
0.013157
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000309
Last-Modified
Thu, 20 May 2021 11:47:25 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Vary
Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary
0.008856
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.eotimedopovo.com.br
X-SpotX-Timing-Page-Misc
0.002321
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000009
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
ups.analytics.yahoo.com/ups/56465/
Redirect Chain
  • https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=2046402306&gdpr=&gdpr_consent=&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&eov=eov&pi.width=400&pi.height=225&pi.view...
  • https://pr-bh.ybp.yahoo.com/sync/adtech/VA25189834-b961-11eb-9d64-02b2dcd60a54?gdpr=1&gdpr_consent=&nsync=1
  • https://pixel.advertising.com/ups/56465/sync?uid=y-xTdBAt9E2p7XS4CccYmizLBhNVb5vz6_JX8O~A&_origin=0&nsync=1
  • https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-xTdBAt9E2p7XS4CccYmizLBhNVb5vz6_JX8O~A&_origin=0&nsync=1&apid=VA251b466c-b961-11eb-ae91-06fca2a61b2f
227 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-xTdBAt9E2p7XS4CccYmizLBhNVb5vz6_JX8O~A&_origin=0&nsync=1&apid=VA251b466c-b961-11eb-ae91-06fca2a61b2f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
6b36889bd724c683ff092fa2b909a8752a9d505004410d3e404a308f2873b51e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 20 May 2021 11:47:25 GMT
Strict-Transport-Security
max-age=31536000
Server
ATS/7.1.2.128
Age
0
Vary
Origin
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Access-Control-Allow-Origin
null
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/xml;charset=UTF-8
Transfer-Encoding
chunked

Redirect headers

date
Thu, 20 May 2021 11:47:25 GMT
location
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-xTdBAt9E2p7XS4CccYmizLBhNVb5vz6_JX8O~A&_origin=0&nsync=1&apid=VA251b466c-b961-11eb-ae91-06fca2a61b2f
vary
Origin
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin
null
access-control-allow-credentials
true
strict-transport-security
max-age=31536000
content-length
0
245554
search.spotxchange.com/vast/2.0/ 		67 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.0/245554?VPAID=JS&content_page_url=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&cb=286008077&player_width=400&player_height=225&ip_addr=159.48.55.6&device[ua]=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&regs[gdpr]=0&device[geo][lat]=37.751&device[geo][lon]=-97.822&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C3106798216711280624758472128%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 20 May 2021 11:47:25 GMT
Content-Encoding
gzip
X-SpotX-Timing-Transform
0.000353
X-SpotX-Timing-SpotMarket
0.008807
X-SpotX-Timing-Page-Mux
0.000365
X-SpotX-Timing-Page-Require
0.000430
X-fe
062
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000004
Content-Length
77
X-SpotX-Timing-Page
0.013383
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000573
Last-Modified
Thu, 20 May 2021 11:47:25 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Vary
Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary
0.008807
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.eotimedopovo.com.br
X-SpotX-Timing-Page-Misc
0.002833
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000017
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
ups.analytics.yahoo.com/ups/56465/
Redirect Chain
  • https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=557797387&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=5...
  • https://pr-bh.ybp.yahoo.com/sync/adtech/VA247d3231-b961-11eb-bd3e-06b7ef6fbdac?gdpr=1&gdpr_consent=&nsync=1
  • https://pixel.advertising.com/ups/56465/sync?uid=y-SJ4FY5BE2p7o1Kf3L.vq0bew5kpqFe6H7RrT~A&_origin=0&nsync=1
  • https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-SJ4FY5BE2p7o1Kf3L.vq0bew5kpqFe6H7RrT~A&_origin=0&nsync=1&apid=VA247d3231-b961-11eb-bd3e-06b7ef6fbdac
227 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-SJ4FY5BE2p7o1Kf3L.vq0bew5kpqFe6H7RrT~A&_origin=0&nsync=1&apid=VA247d3231-b961-11eb-bd3e-06b7ef6fbdac
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
6b36889bd724c683ff092fa2b909a8752a9d505004410d3e404a308f2873b51e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 20 May 2021 11:47:26 GMT
Strict-Transport-Security
max-age=31536000
Server
ATS/7.1.2.128
Age
0
Vary
Origin
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Access-Control-Allow-Origin
null
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/xml;charset=UTF-8
Transfer-Encoding
chunked

Redirect headers

date
Thu, 20 May 2021 11:47:26 GMT
location
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-SJ4FY5BE2p7o1Kf3L.vq0bew5kpqFe6H7RrT~A&_origin=0&nsync=1&apid=VA247d3231-b961-11eb-bd3e-06b7ef6fbdac
vary
Origin
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin
null
access-control-allow-credentials
true
strict-transport-security
max-age=31536000
content-length
0
sync
ups.analytics.yahoo.com/ups/56465/
Redirect Chain
  • https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=265401901&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&eov...
  • https://pr-bh.ybp.yahoo.com/sync/adtech/VA247e65fe-b961-11eb-8805-025d80eddc4f?gdpr=1&gdpr_consent=&nsync=1
  • https://pixel.advertising.com/ups/56465/sync?uid=y-efjj8fdE2p6fqXomf_amCbaY4v0GfW2fXr4p~A&_origin=0&nsync=1
  • https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-efjj8fdE2p6fqXomf_amCbaY4v0GfW2fXr4p~A&_origin=0&nsync=1&apid=VA251b466c-b961-11eb-ae91-06fca2a61b2f
227 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-efjj8fdE2p6fqXomf_amCbaY4v0GfW2fXr4p~A&_origin=0&nsync=1&apid=VA251b466c-b961-11eb-ae91-06fca2a61b2f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
6b36889bd724c683ff092fa2b909a8752a9d505004410d3e404a308f2873b51e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 20 May 2021 11:47:25 GMT
Strict-Transport-Security
max-age=31536000
Server
ATS/7.1.2.128
Age
0
Vary
Origin
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Access-Control-Allow-Origin
null
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/xml;charset=UTF-8
Transfer-Encoding
chunked

Redirect headers

date
Thu, 20 May 2021 11:47:25 GMT
location
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-efjj8fdE2p6fqXomf_amCbaY4v0GfW2fXr4p~A&_origin=0&nsync=1&apid=VA251b466c-b961-11eb-ae91-06fca2a61b2f
vary
Origin
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin
null
access-control-allow-credentials
true
strict-transport-security
max-age=31536000
content-length
0
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		67 B
588 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&_fw_us_privacy=&_fw_gdpr=&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C714745456711280624758472128,,
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.21.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-112.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 20 May 2021 11:47:25 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.eotimedopovo.com.br
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1621511245591039-402
Expires
Thu, 20 May 2021 11:47:25 GMT
sync
ups.analytics.yahoo.com/ups/56465/
Redirect Chain
  • https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=2057969521&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&eov=eov&pi.width=400&pi.height...
  • https://pr-bh.ybp.yahoo.com/sync/adtech/VA251b466c-b961-11eb-ae91-06fca2a61b2f?gdpr=1&gdpr_consent=&nsync=1
  • https://pixel.advertising.com/ups/56465/sync?uid=y-SJ4FY5BE2p7o1Kf3L.vq0bew5kpqFe6H7RrT~A&_origin=0&nsync=1
  • https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-SJ4FY5BE2p7o1Kf3L.vq0bew5kpqFe6H7RrT~A&_origin=0&nsync=1&apid=VA251b466c-b961-11eb-ae91-06fca2a61b2f
227 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-SJ4FY5BE2p7o1Kf3L.vq0bew5kpqFe6H7RrT~A&_origin=0&nsync=1&apid=VA251b466c-b961-11eb-ae91-06fca2a61b2f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
6b36889bd724c683ff092fa2b909a8752a9d505004410d3e404a308f2873b51e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 20 May 2021 11:47:25 GMT
Strict-Transport-Security
max-age=31536000
Server
ATS/7.1.2.128
Age
0
Vary
Origin
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Access-Control-Allow-Origin
null
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/xml;charset=UTF-8
Transfer-Encoding
chunked

Redirect headers

date
Thu, 20 May 2021 11:47:25 GMT
location
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-SJ4FY5BE2p7o1Kf3L.vq0bew5kpqFe6H7RrT~A&_origin=0&nsync=1&apid=VA251b466c-b961-11eb-ae91-06fca2a61b2f
vary
Origin
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin
null
access-control-allow-credentials
true
strict-transport-security
max-age=31536000
content-length
0
sync
ups.analytics.yahoo.com/ups/56465/
Redirect Chain
  • https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHuEXTfdKx9AY=?cb=2034075904&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&duration=&id=&title=&url=&pi.width=400&pi.height=2...
  • https://pr-bh.ybp.yahoo.com/sync/adtech/VA247d87c6-b961-11eb-ac12-024edf18e430?gdpr=1&gdpr_consent=&nsync=1
  • https://pixel.advertising.com/ups/56465/sync?uid=y-SJ4FY5BE2p7o1Kf3L.vq0bew5kpqFe6H7RrT~A&_origin=0&nsync=1
  • https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-SJ4FY5BE2p7o1Kf3L.vq0bew5kpqFe6H7RrT~A&_origin=0&nsync=1&apid=VA247d3231-b961-11eb-bd3e-06b7ef6fbdac
227 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-SJ4FY5BE2p7o1Kf3L.vq0bew5kpqFe6H7RrT~A&_origin=0&nsync=1&apid=VA247d3231-b961-11eb-bd3e-06b7ef6fbdac
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
6b36889bd724c683ff092fa2b909a8752a9d505004410d3e404a308f2873b51e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 20 May 2021 11:47:26 GMT
Strict-Transport-Security
max-age=31536000
Server
ATS/7.1.2.128
Age
0
Vary
Origin
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Access-Control-Allow-Origin
null
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/xml;charset=UTF-8
Transfer-Encoding
chunked

Redirect headers

date
Thu, 20 May 2021 11:47:26 GMT
location
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-SJ4FY5BE2p7o1Kf3L.vq0bew5kpqFe6H7RrT~A&_origin=0&nsync=1&apid=VA247d3231-b961-11eb-bd3e-06b7ef6fbdac
vary
Origin
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin
null
access-control-allow-credentials
true
strict-transport-security
max-age=31536000
content-length
0
ads
loopme.me/api/vast/ 		183 B
226 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://loopme.me/api/vast/ads?appId=9d3d0ded64&vast=2&uid=7455249556461831727&ip=159.48.55.6&ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&lon=&lat=&dnt=0&bundleid=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&lng=es&&height=400&width=225&page=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&OMID=1&user_consent=&pubid=1092910&us_privacy=&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C6711280624758472128976629820%2C%2C&gdpr=&gdpr_consent=&gdpr_pd=&vpaid=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.55.3.20 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
_ /
Resource Hash
7b38cd9405b29e24d3af2065e6770329f1cb345fe2f368698f68c31a95d48b1a

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:25 GMT
xl
s
server
_
access-control-max-age
3600
access-control-allow-methods
GET,POST
content-type
application/xml
access-control-allow-origin
https://www.eotimedopovo.com.br
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,WWW-Authenticate,Authorization
content-length
183
vadtag.html
vpaid.pubmatic.com/ads/video/ 		995 B
875 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C8342771726711280624758472128%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
a6c155333937ca4d6cfbeca26d3d9ff3f7034730496268134a118d75c26d2fd3

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 11:47:25 GMT
content-encoding
gzip
server
Apache/2.2.15 (CentOS)
etag
"461ced-23ca-5b1869b8fc7b9"
vary
Origin, Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://www.eotimedopovo.com.br
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
611
expires
Thu, 20 May 2021 11:47:25 GMT
/
x.vindicosuite.com/ 		65 B
640 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://x.vindicosuite.com/?l=560976&t=x&rnd=97667349&u=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&r=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&ip=159.48.55.6&mediaduration=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.204 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
1659e8fc7ef0895bc6132befb093ff754ead1804e04afbe1e876535a9d0216d6 /
Resource Hash
5f91da25c24e6fb0fc2f6b18964b6bb696253b1d13fa9fa32ca8d27f60ec9fee

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 11:47:24 GMT
via
1.1 google
server
1659e8fc7ef0895bc6132befb093ff754ead1804e04afbe1e876535a9d0216d6
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, HEAD, POST, TRACE, OPTIONS
p3p
CP="NOI DSP COR DEVa TAIa OUR BUS UNI NAV"
access-control-allow-origin
https://www.eotimedopovo.com.br
cache-control
no-store,no-cache,must-revalidate,post-check=0,pre-check=0
access-control-allow-credentials
true
content-type
text/xml;charset=ISO-8859-1
alt-svc
clear
expires
Thu, 01 Dec 1994 16:00:00 GMT
ads
loopme.me/api/vast/ 		183 B
226 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://loopme.me/api/vast/ads?appId=b85846f02e&vast=2&uid=7455249556461831727&ip=159.48.55.6&ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&lon=&lat=&dnt=0&bundleid=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&lng=es&&height=400&width=225&page=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&OMID=1&user_consent=&pubid=1092910&us_privacy=&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C67112806247584721281176612537%2C%2C&gdpr=&gdpr_consent=&gdpr_pd=&vpaid=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.55.3.20 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
_ /
Resource Hash
7b38cd9405b29e24d3af2065e6770329f1cb345fe2f368698f68c31a95d48b1a

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:25 GMT
xl
s
server
_
access-control-max-age
3600
access-control-allow-methods
GET,POST
content-type
application/xml
access-control-allow-origin
https://www.eotimedopovo.com.br
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,WWW-Authenticate,Authorization
content-length
183
vtag
vast.emxdgt.com/ 		27 B
339 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vast.emxdgt.com/vtag?tagid=97333&site.page=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&maxduration=119&skip=0&site.domain=eotimedopovo.com.br&device.ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&device.type=2&device.make=Google&device.model=Chrome%20-%20Windows&w=400&h=225&mimes=video%2Fmp4%2Cvideo%2Fweb%2Cvideo%2Fx-ms-wmv%2Capplication%2Fjavascript&protocols=2%2C3%2C5%2C6&placement=1&linearity=1&minduration=2&minbitrate=200&maxbitrate=10000&playbackmethod=1&maxextend=-1&boxingallowed=0&publisher.name=0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.236.141.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 20 May 2021 11:47:25 GMT
Content-Type
application/xml
Access-Control-Allow-Origin
https://www.eotimedopovo.com.br
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Access-Control-Allow-Headers
security, Content-Type
Content-Length
27
ads
loopme.me/api/vast/ 		183 B
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://loopme.me/api/vast/ads?appId=e050b7bfed&vast=2&uid=7455249556461831727&ip=159.48.55.6&ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&lon=&lat=&dnt=0&bundleid=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&lng=es&&height=400&width=225&page=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&OMID=1&user_consent=&pubid=1092910&us_privacy=&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C6711280624758472128848033063%2C%2C&gdpr=&gdpr_consent=&gdpr_pd=&vpaid=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.55.3.20 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
_ /
Resource Hash
7b38cd9405b29e24d3af2065e6770329f1cb345fe2f368698f68c31a95d48b1a

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:25 GMT
xl
s
server
_
access-control-max-age
3600
access-control-allow-methods
GET,POST
content-type
application/xml
access-control-allow-origin
https://www.eotimedopovo.com.br
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,WWW-Authenticate,Authorization
content-length
183
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.202 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.eotimedopovo.com.br
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Thu, 20 May 2021 11:47:26 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.eotimedopovo.com.br
t
t.lkqd.net/ Frame 52C1 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.202 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.eotimedopovo.com.br
date
Thu, 20 May 2021 11:47:26 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame 726E 		150 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C8342771726711280624758472128%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
d88253f5fa17497bfdc4546ccf644a8f954c7f2314e41f09354f70b2282e48ae

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:26 GMT
content-encoding
gzip
last-modified
Tue, 05 Jan 2021 07:24:19 GMT
server
Apache/2.2.15 (CentOS)
etag
"1408294-257f0-5b82218515d54"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
content-length
35684
truncated
/ 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
showad.js
ads.pubmatic.com/AdServer/js/ Frame 4FAB 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C8342771726711280624758472128%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

last-modified
Tue, 11 May 2021 05:24:02 GMT
etag
"13006b6-96ca-5c2071a26cca4"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13964
content-type
text/html; charset=UTF-8
cache-control
public, max-age=153686
expires
Sat, 22 May 2021 06:28:52 GMT
date
Thu, 20 May 2021 11:47:26 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 726E 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C8342771726711280624758472128%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:26 GMT
content-encoding
gzip
last-modified
Tue, 11 May 2021 05:24:02 GMT
server
Apache/2.2.15 (CentOS)
etag
"13006b6-96ca-5c2071a26cca4"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=153686
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
13964
expires
Sat, 22 May 2021 06:28:52 GMT
t
t.lkqd.net/ Frame 52C1 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.202 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.eotimedopovo.com.br
date
Thu, 20 May 2021 11:47:26 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.202 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.eotimedopovo.com.br
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Thu, 20 May 2021 11:47:26 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.eotimedopovo.com.br
PugMaster
image6.pubmatic.com/AdServer/ Frame 4FAB 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=39787889&p=156498&s=399115&a=1801592&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
247769f3f2c0a9b813e71a3e51f1b607dab4997110689c7d243ea112433bf5cf

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:25 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
match
c1.adform.net/serving/cookie/ Frame 5515
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=8309037D-9209-40CB-BECA-3D8C775CA7D3
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=8309037D-9209-40CB-BECA-3D8C775CA7D3
35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=8309037D-9209-40CB-BECA-3D8C775CA7D3
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
c1.adform.net
:scheme
https
:path
/serving/cookie/match?CC=1&party=14&cid=8309037D-9209-40CB-BECA-3D8C775CA7D3
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
C=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 20 May 2021 11:47:26 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
uid=5304473255754054926; expires=Mon, 19 Jul 2021 11:47:26 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

server
nginx
date
Thu, 20 May 2021 11:47:26 GMT
content-length
0
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=8309037D-9209-40CB-BECA-3D8C775CA7D3
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
C=1; expires=Sun, 20 Jun 2021 11:47:26 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 5A96
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2973727836766397276
42 B
210 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2973727836766397276
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2973727836766397276
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=8309037D-9209-40CB-BECA-3D8C775CA7D3; chkChromeAb67Sec=1; DPSync3=1621555200%3A174%7C1622678400%3A219_201_197; SyncRTB3=1622073600%3A2_223_67_15%7C1622764800%3A35%7C1622332800%3A63%7C1624060800%3A203%7C1622678400%3A220_166_88_231_204_99_189_176_21_7_22_234_71_230_54_81_56_13_161_3_8_165_55; KRTBCOOKIE_80=22987-CAESEAqQJTNK_ruxC-omp1MCGqw&KRTB&16514-CAESEAqQJTNK_ruxC-omp1MCGqw&KRTB&23025-CAESEAqQJTNK_ruxC-omp1MCGqw; PugT=1621511246; PUBMDCID=3; KRTBCOOKIE_153=19420-FKfJmBb0nMoPrpzMEKaFzBrxn8oP85-YQ66Rm0eG&KRTB&22979-FKfJmBb0nMoPrpzMEKaFzBrxn8oP85-YQ66Rm0eG; KRTBCOOKIE_409=22966-rd42mVgVHdTx85jvHN8kW1nj; KRTBCOOKIE_1101=23040-6964337771673680022; KRTBCOOKIE_377=6810-c9ccb9af-a70f-45ff-be55-319f633672db&KRTB&22918-c9ccb9af-a70f-45ff-be55-319f633672db&KRTB&23031-c9ccb9af-a70f-45ff-be55-319f633672db; KRTBCOOKIE_27=16735-uid:f36660a6-4c4e-4100-b9c4-8caa4e22e447&KRTB&16736-uid:f36660a6-4c4e-4100-b9c4-8caa4e22e447&KRTB&23019-uid:f36660a6-4c4e-4100-b9c4-8caa4e22e447&KRTB&23114-uid:f36660a6-4c4e-4100-b9c4-8caa4e22e447; KRTBCOOKIE_594=17105-OPTOUT&KRTB&17107-OPTOUT; KRTBCOOKIE_22=14911-9170013061290539966; SPugT=1621505573; KRTBCOOKIE_57=22776-5428298658445004436; KRTBCOOKIE_218=22978-YKZMTQABKhWn4wA4&KRTB&23194-YKZMTQABKhWn4wA4&KRTB&23209-YKZMTQABKhWn4wA4&KRTB&23244-YKZMTQABKhWn4wA4
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 20 May 2021 11:47:26 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_336=5844-2973727836766397276; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 19-Jun-2021 11:47:26 GMT; path=/ PugT=1621511246; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 19-Jun-2021 11:47:26 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 18-Aug-2021 11:47:26 GMT; path=/
x-lat
lhrpug002:0:621
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2973727836766397276
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame DC7B 		43 B
325 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache
pragma
no-cache
content-type
image/gif
expires
Thu, 20 May 2021 00:00:00 GMT
server
Microsoft-IIS/10.0
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks
954
x-powered-by
ASP.NET
date
Thu, 20 May 2021 11:47:25 GMT
content-length
43
redir
rtb-csync.smartadserver.com/ Frame D05F
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCOUNFN0JUSmtBQUMyTUhudnRMQQ&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAB9CE7BTJkAAC2MHnvtLA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_curre...
43 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAB9CE7BTJkAAC2MHnvtLA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.131 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Host
rtb-csync.smartadserver.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Thu, 20 May 2021 11:47:26 GMT
content-type
image/gif
transfer-encoding
chunked

Redirect headers

Date
Thu, 20 May 2021 11:47:26 GMT
location
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAB9CE7BTJkAAC2MHnvtLA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame 6C53
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6964337771673680022
42 B
522 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6964337771673680022
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6964337771673680022
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=8309037D-9209-40CB-BECA-3D8C775CA7D3; chkChromeAb67Sec=1; DPSync3=1621555200%3A174%7C1622678400%3A219_201_197; SyncRTB3=1622073600%3A2_223_67_15%7C1622764800%3A35%7C1622332800%3A63%7C1624060800%3A203%7C1622678400%3A220_166_88_231_204_99_189_176_21_7_22_234_71_230_54_81_56_13_161_3_8_165_55
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 20 May 2021 11:47:26 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_1101=23040-6964337771673680022; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 19-Jun-2021 11:47:26 GMT; path=/ PugT=1621511246; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 19-Jun-2021 11:47:26 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 18-Aug-2021 11:47:26 GMT; path=/
x-lat
lhrpug004:0:385
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Thu, 20 May 2021 11:47:26 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie
UserID1=6964337771673680022; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6964337771673680022
bridge
cm.adgrx.com/ Frame 7635 		43 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.206 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host
cm.adgrx.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Date
Thu, 20 May 2021 11:47:26 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
server
Cowboy
X-RealServer-NX
ams-delivery-4
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Pug
simage2.pubmatic.com/AdServer/ Frame BB7F
Redirect Chain
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
0
88 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=8309037D-9209-40CB-BECA-3D8C775CA7D3; chkChromeAb67Sec=1; DPSync3=1621555200%3A174%7C1622678400%3A219_201_197; SyncRTB3=1622073600%3A2_223_67_15%7C1622764800%3A35%7C1622332800%3A63%7C1624060800%3A203%7C1622678400%3A220_166_88_231_204_99_189_176_21_7_22_234_71_230_54_81_56_13_161_3_8_165_55
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 20 May 2021 11:47:26 GMT
content-type
text/html; charset=utf-8
x-lat
lhrpug009:2:462
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private
content-encoding
gzip

Redirect headers

set-cookie
viewer_token=24d24304-7ada-40e6-8b45-3a05420aaacb; path=/; domain=csync.loopme.me; Expires=Sun, 20-Jun-2021 11:47:26 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
content-length
0
date
Thu, 20 May 2021 11:47:26 GMT
server
_
Pug
simage2.pubmatic.com/AdServer/ Frame 3EDE
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
42 B
217 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=8309037D-9209-40CB-BECA-3D8C775CA7D3; chkChromeAb67Sec=1; DPSync3=1621555200%3A174%7C1622678400%3A219_201_197; SyncRTB3=1622073600%3A2_223_67_15%7C1622764800%3A35%7C1622332800%3A63%7C1624060800%3A203%7C1622678400%3A220_166_88_231_204_99_189_176_21_7_22_234_71_230_54_81_56_13_161_3_8_165_55
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 20 May 2021 11:47:26 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_594=17105-OPTOUT&KRTB&17107-OPTOUT; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 18-Aug-2021 11:47:26 GMT; path=/ PugT=1621511246; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 19-Jun-2021 11:47:26 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 18-Aug-2021 11:47:26 GMT; path=/
x-lat
lhrpug003:0:628
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Tengine
date
Thu, 20 May 2021 11:47:26 GMT
content-type
text/html
cache-control
no-store, no-cache, must-revalidate
expires
0
pragma
no-cache
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
etag
OPTOUT
Pug
image2.pubmatic.com/AdServer/ Frame 5F23
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=rd42mVgVHdTx85jvHN8kW1nj
42 B
217 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=rd42mVgVHdTx85jvHN8kW1nj
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=rd42mVgVHdTx85jvHN8kW1nj
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=8309037D-9209-40CB-BECA-3D8C775CA7D3; chkChromeAb67Sec=1; DPSync3=1621555200%3A174%7C1622678400%3A219_201_197; SyncRTB3=1622073600%3A2_223_67_15%7C1622764800%3A35%7C1622332800%3A63%7C1624060800%3A203%7C1622678400%3A220_166_88_231_204_99_189_176_21_7_22_234_71_230_54_81_56_13_161_3_8_165_55
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 20 May 2021 11:47:26 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_409=22966-rd42mVgVHdTx85jvHN8kW1nj; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 19-Jun-2021 11:47:26 GMT; path=/ PugT=1621511246; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 19-Jun-2021 11:47:26 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 18-Aug-2021 11:47:26 GMT; path=/
x-lat
lhrpug014:0:897
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
openresty
date
Thu, 20 May 2021 11:47:26 GMT
content-length
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie
u=rd42mVgVHdTx85jvHN8kW1nj; Max-Age=31536000; Domain=.erne.co; Path=/; Secure; SameSite=None
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=rd42mVgVHdTx85jvHN8kW1nj
strict-transport-security
max-age=0; includeSubDomains;
dpe
ad4m.at/ad/ Frame D0CD 		42 B
992 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Thu, 20 May 2021 11:47:26 GMT
content-type
image/gif
content-length
42
report-to
{"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires
0
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy
same-origin
pragma
no-cache
surrogate-control
no-store
x-fastcgi-cache
BYPASS
x-backend-server
adsrv-7d3s
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-request-id
0a2b3329c8000096cedea3e000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
652554893fe096ce-FRA
i.match
a.tribalfusion.com/ Frame 0238 		43 B
768 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method
GET
:authority
a.tribalfusion.com
:scheme
https
:path
/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=aEnrejRZdySaAIUMnYFxotmxtfb4f6UEh054qKZdiopohJCeYZb95kROdS6uJRpaC8si7ySZdD1M
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Thu, 20 May 2021 11:47:26 GMT
content-type
image/gif; charset=utf-8
content-length
43
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
302
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
set-cookie
ANON_ID=aDnu7qrwZayaQXwrSQArQt7NanZdu3ukBeZc9ScuqeD9FBnY54LPQ3yAPVMTR9ZbO5ET2tNv6VyFvTexZcFF5gHcZcGIIEJbQX1xXgvCKpPUiH; path=/; domain=.tribalfusion.com; expires=Wed, 18-Aug-2021 11:47:26 GMT; SameSite=None; Secure; ANON_ID_old=aDnu7qrwZayaQXwrSQArQt7NanZdu3ukBeZc9ScuqeD9FBnY54LPQ3yAPVMTR9ZbO5ET2tNv6VyFvTexZcFF5gHcZcGIIEJbQX1xXgvCKpPUiH; path=/; domain=.tribalfusion.com; expires=Wed, 18-Aug-2021 11:47:26 GMT;
cf-cache-status
DYNAMIC
cf-request-id
0a2b3329c700004e4af0009000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6525548938244e4a-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 5DB9
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%%
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=swrnV0zZ635z&pid=557219
1 B
68 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=swrnV0zZ635z&pid=557219
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=swrnV0zZ635z&pid=557219
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=8309037D-9209-40CB-BECA-3D8C775CA7D3; chkChromeAb67Sec=1; DPSync3=1621555200%3A174%7C1622678400%3A219_201_197; SyncRTB3=1622073600%3A2_223_67_15%7C1622764800%3A35%7C1622332800%3A63%7C1624060800%3A203%7C1622678400%3A220_166_88_231_204_99_189_176_21_7_22_234_71_230_54_81_56_13_161_3_8_165_55; KRTBCOOKIE_80=22987-CAESEAqQJTNK_ruxC-omp1MCGqw&KRTB&16514-CAESEAqQJTNK_ruxC-omp1MCGqw&KRTB&23025-CAESEAqQJTNK_ruxC-omp1MCGqw; PugT=1621511246; PUBMDCID=3; KRTBCOOKIE_153=19420-FKfJmBb0nMoPrpzMEKaFzBrxn8oP85-YQ66Rm0eG&KRTB&22979-FKfJmBb0nMoPrpzMEKaFzBrxn8oP85-YQ66Rm0eG; KRTBCOOKIE_409=22966-rd42mVgVHdTx85jvHN8kW1nj; KRTBCOOKIE_1101=23040-6964337771673680022; KRTBCOOKIE_377=6810-c9ccb9af-a70f-45ff-be55-319f633672db&KRTB&22918-c9ccb9af-a70f-45ff-be55-319f633672db&KRTB&23031-c9ccb9af-a70f-45ff-be55-319f633672db; KRTBCOOKIE_27=16735-uid:f36660a6-4c4e-4100-b9c4-8caa4e22e447&KRTB&16736-uid:f36660a6-4c4e-4100-b9c4-8caa4e22e447&KRTB&23019-uid:f36660a6-4c4e-4100-b9c4-8caa4e22e447&KRTB&23114-uid:f36660a6-4c4e-4100-b9c4-8caa4e22e447; KRTBCOOKIE_594=17105-OPTOUT&KRTB&17107-OPTOUT; KRTBCOOKIE_22=14911-9170013061290539966; SPugT=1621505573
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 20 May 2021 11:47:26 GMT
content-type
text/html; charset=utf-8
content-length
1
set-cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 18-Aug-2021 11:47:26 GMT; path=/
x-lat
lhrpug011:0:374
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server
bh-deployment-686fd4fb4c-2rw65
cache-control
private, max-age=0, no-cache, no-store
expires
-1
content-language
en-US
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=swrnV0zZ635z&pid=557219
server
Jetty(9.4.14.v20181114)
strict-transport-security
max-age=15768000
141
match.deepintent.com/usersync/ Frame 1202 		0
44 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.deepintent.com
:scheme
https
:path
/usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

content-length
0
date
Thu, 20 May 2021 11:47:25 GMT
server
a
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4FAB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=gwkDfZIJQMu-yj2Md1yn0w%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:26 GMT
content-encoding
gzip
last-modified
Wed, 21 Oct 2020 18:57:29 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-1f78-5b232eb4914bb"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=23152
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
2654
expires
Thu, 20 May 2021 18:13:18 GMT

Redirect headers

pragma
no-cache
date
Thu, 20 May 2021 11:47:26 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 4FAB
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=8fb460a6-4c4e-4900-96a0-cd4859d85419
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=8fb460a6-4c4e-4900-96a0-cd4859d85419
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 10:12:53 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Thu, 20 May 2021 11:49:02 GMT
Server
MT3 3736 915c305 master cdg-pixel-x9
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=8fb460a6-4c4e-4900-96a0-cd4859d85419
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 20 May 2021 11:49:01 GMT
/
pixel.onaudience.com/ Frame 4FAB 		0
0
Pug
image2.pubmatic.com/AdServer/ Frame 4FAB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODMwOTAzN0QtOTIwOS00MENCLUJFQ0EtM0Q4Qzc3NUNBN0Qz&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:26 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug017:0:659
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 20 May 2021 11:47:26 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 4FAB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAqQJTNK_ruxC-omp1MCGqw&google_cver=1
42 B
594 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAqQJTNK_ruxC-omp1MCGqw&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:26 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug018:0:384
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 20 May 2021 11:47:26 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAqQJTNK_ruxC-omp1MCGqw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 4FAB 		43 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
be.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:26 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Wed, 19 May 2021 11:47:26 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 4FAB
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:f36660a6-4c4e-4100-b9c4-8caa4e22e447&gdpr=0&gdpr_consent=
42 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:f36660a6-4c4e-4100-b9c4-8caa4e22e447&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:26 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug005:0:409
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Thu, 20 May 2021 11:49:02 GMT
Server
MT3 3736 915c305 master cdg-pixel-x31
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:f36660a6-4c4e-4100-b9c4-8caa4e22e447&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 20 May 2021 11:49:01 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 4FAB
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2628600493596977084
42 B
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2628600493596977084
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:26 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug010:0:411
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 20 May 2021 11:47:26 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2628600493596977084
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 4FAB
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=c9ccb9af-a70f-45ff-be55-319f633672db
42 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=c9ccb9af-a70f-45ff-be55-319f633672db
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:26 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug011:0:509
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 20 May 2021 11:47:26 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=c9ccb9af-a70f-45ff-be55-319f633672db
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
image2.pubmatic.com/AdServer/ Frame 4FAB
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5428298658445004436&gdpr=0&gdpr_consent=
42 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5428298658445004436&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:26 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug001:0:469
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Thu, 20 May 2021 11:47:26 GMT
X-Proxy-Origin
159.48.55.6; 159.48.55.6; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.91:80
AN-X-Request-Uuid
1de823bc-09dd-4d17-800e-5aa3c08b147a
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5428298658445004436&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
8309037D-9209-40CB-BECA-3D8C775CA7D3
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 4FAB 		43 B
203 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/8309037D-9209-40CB-BECA-3D8C775CA7D3?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:26 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 4FAB
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=8309037D-9209-40CB-BECA-3D8C775CA7D3&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-8sWJ9IZE2uXZ4YcygUdfvin2nJjPUlg-~A&gdpr=0&gdpr_consent=
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-8sWJ9IZE2uXZ4YcygUdfvin2nJjPUlg-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 10:13:33 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Thu, 20 May 2021 11:47:26 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-8sWJ9IZE2uXZ4YcygUdfvin2nJjPUlg-~A&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame 4FAB
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=FKfJmBb0nMoPrpzMEKaFzBrxn8oP85-YQ66Rm0eG
42 B
271 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=FKfJmBb0nMoPrpzMEKaFzBrxn8oP85-YQ66Rm0eG
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:26 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug019:0:411
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 20 May 2021 11:47:26 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=FKfJmBb0nMoPrpzMEKaFzBrxn8oP85-YQ66Rm0eG
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 4FAB
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=f334734d-b862-4a79-affe-6e0cfa72720d&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=88f8fd6b-4ad7-4991-92c2-4f60f86ff418&gdpr=&gdpr_consent=&gdpr_pd=
1 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=88f8fd6b-4ad7-4991-92c2-4f60f86ff418&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:26 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug005:0:515
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=88f8fd6b-4ad7-4991-92c2-4f60f86ff418&gdpr=&gdpr_consent=&gdpr_pd=
date
Thu, 20 May 2021 11:47:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 4FAB
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=9170013061290539966&gdpr=0&gdpr_consent=&us_privacy=
1 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=9170013061290539966&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:26 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug001:0:410
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=9170013061290539966&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 20 May 2021 11:47:25 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 4FAB
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YKZMTQABKhWn4wA4&gdpr=0&gdpr_consent=
1 B
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YKZMTQABKhWn4wA4&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:26 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug012:0:450
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 20 May 2021 11:47:26 GMT
via
1.1 varnish
server
Varnish
x-timer
S1621511246.359103,VS0,VE0
x-served-by
cache-fra19155-FRA
x-cache
HIT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YKZMTQABKhWn4wA4&gdpr=0&gdpr_consent=
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
Pug
simage2.pubmatic.com/AdServer/ Frame 4FAB
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:1f54240d-16a8-4c25-9d0a-400704047e7f&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:1f54240d-16a8-4c25-9d0a-400704047e7f&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:26 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug008:0:411
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:1f54240d-16a8-4c25-9d0a-400704047e7f&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Thu, 20 May 2021 11:47:26 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
current
pubmatic-match.dotomi.com/match/bounce/ Frame 4FAB 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=8309037D-9209-40CB-BECA-3D8C775CA7D3&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2010 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 11:47:26 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
image2.pubmatic.com/AdServer/ Frame 4FAB
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=1441b97e-9105-40b1-be81-cffa4f2b730c-60a64c4d-5553&gdpr=0&gdpr_consent=
42 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=1441b97e-9105-40b1-be81-cffa4f2b730c-60a64c4d-5553&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:26 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug016:0:401
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 20 May 2021 11:47:25 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=1441b97e-9105-40b1-be81-cffa4f2b730c-60a64c4d-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 4FAB
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5428298658445004436
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5428298658445004436
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:26 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug015:0:262
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Thu, 20 May 2021 11:47:26 GMT
X-Proxy-Origin
159.48.55.6; 159.48.55.6; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.146:80
AN-X-Request-Uuid
ea97dce1-b3a9-4472-8c9f-0c79df8647d7
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5428298658445004436
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 4FAB
Redirect Chain
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_2ba0267a-c1f7-4844-87fb-c989e5727dbf
42 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_2ba0267a-c1f7-4844-87fb-c989e5727dbf
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:26 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug019:0:395
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_2ba0267a-c1f7-4844-87fb-c989e5727dbf
date
Thu, 20 May 2021 11:47:26 GMT
p3p
CP="This is not a P3P policy"
server
nginx
timing-allow-origin
*
content-length
0
content-language
en-US
AdServerServlet
vid.pubmatic.com/AdServer/ Frame 726E 		27 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C8342771726711280624758472128%2C%2C&us_privacy=&cb=1621511246160&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwww.eotimedopovo.com.br%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fwww.eotimedopovo.com.br%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-5-20%2013:47:26&ranreq=0.8334442006049616&timezone=2&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C8342771726711280624758472128%2C%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:26 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://www.eotimedopovo.com.br
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-vdbg
1:0/165:-1
content-type
application/xml; charset=utf-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.202 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.eotimedopovo.com.br
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Thu, 20 May 2021 11:47:26 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.eotimedopovo.com.br
t
t.lkqd.net/ Frame 52C1 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.202 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.eotimedopovo.com.br
date
Thu, 20 May 2021 11:47:26 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
track
aktrack.pubmatic.com/ Frame 726E 		0
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=156498&s=399115&a=1801592&ts=1621511247&wa=0&e=95&vc=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:26 GMT
content-length
0
content-type
text/html
ad
v.lkqd.net/ Frame 4F19 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1092910&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56560%2C1%2C&c4=&c5=&c6=56560&rnd=34073765&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.54 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
db3dffc85b6581baa10848e51801980b5647706245ec186913c0a1b4232194c4

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:27 GMT
content-encoding
gzip
server
nginx
content-type
application/xml; charset=UTF-8
access-control-allow-origin
https://www.eotimedopovo.com.br
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
1363
vpaid.js
ad.lkqd.net/vpaid/ Frame A166 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
ef50960ff4008e29ce90d5fbf828aafc92f1df70f59fb672fa3884fdd2017a5f

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:27 GMT
content-encoding
gzip
last-modified
Mon, 10 May 2021 16:09:54 GMT
etag
"18431b5d583ab7507824ab63424fc76a"
x-hw
1621511247.cds143.am5.hn,1621511247.cds300.am5.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62012
usync.html
ad.lkqd.net/cookie-sync/ Frame FFE9 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
f1b84287f024bbd570be1f1bc70c321931025ffacde7b25210dcc1ccc0575591

Request headers

:method
GET
:authority
ad.lkqd.net
:scheme
https
:path
/cookie-sync/usync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
lkqdidts=1621511244; lkqdid=dJI9MkIgkIM; sr55=1||1621511244; sr99=1||1621511244; sr7=1|OPTOUT|1621511245; sr25=1|03030001_60a64c4d96097|1621511245; sr22=1|c9ccb9af-a70f-45ff-be55-319f633672db|1621511245; sr80=1|AAB9CE7BTJkAAC2MHnvtLA|1621511245; sr39=1|6971069978502825217|1621511245; sr53=1|aelCeicc16KF|1621511245; sr90=1|4c_07fe6ccc-b0ef-4c5a-a5ff-6bda062000fb|1621511245; sr52=1|YKZMTQABKhWn4wA4|1621511245; sr94=1|9170013061290539966|1621511245; sr93=1|beTRRgD1TVtr2u1UOqlVgp8wNwY|1621511245; sr59=1|CAESEFTSrzWLGW-fk3KTD3wPKtw|1621511245; sr97=1|1441b97e-9105-40b1-be81-cffa4f2b730c-60a64c4d-5553|1621511245; sr102=1|3657051d-8229-43c6-ac99-6cd8e78f3f6c|1621511246; sr85=1|18072662185290008119|1621511246; sr12=1|88f8fd6b-4ad7-4991-92c2-4f60f86ff418|1621511246; sr43=1|88f8fd6b-4ad7-4991-92c2-4f60f86ff418|1621511247; sr46=1|88f8fd6b-4ad7-4991-92c2-4f60f86ff418|1621511247
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:27 GMT
content-encoding
gzip
content-length
1828
content-type
text/html
last-modified
Mon, 12 Apr 2021 19:06:23 GMT
accept-ranges
bytes
etag
"27034f886617b8db418f17a7a29a7e50"
cache-control
public, max-age=1209600
x-hw
1621511247.cds143.am5.hn,1621511247.cds257.am5.c
access-control-allow-origin
*
ad
v.lkqd.net/ Frame A166 		113 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1092910&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56560%2C1%2C&c4=&c5=&c6=56560&rnd=34073765&m=&rtv=1&thost=www.eotimedopovo.com.br
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.54 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
d058064008a1ba33d750f6219dabd5c75294c87288e050d9933b9e08fc60601e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 20 May 2021 11:47:27 GMT
content-encoding
gzip
server
nginx
content-type
application/json
access-control-allow-origin
https://www.eotimedopovo.com.br
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
6665
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://v.lkqd.net/ad?pid=430&sid=1092910&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56560%2C1%2C&c4=&c5=&c6=56560&rnd=34073765&m=&rtv=1&thost=www.eotimedopovo.com.br
Protocol
H2
Server
146.20.128.54 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.eotimedopovo.com.br
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Thu, 20 May 2021 11:47:27 GMT
content-length
0
access-control-allow-origin
https://www.eotimedopovo.com.br
access-control-max-age
300
cache-control
max-age=300
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
Content-Type
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-credentials
true
cm
p.rfihub.com/ Frame FFE9 		42 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.rfihub.com/cm?pub=35678&in=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
193.0.160.129 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 20 May 2021 11:47:27 GMT
Cache-Control
no-cache
Server
Jetty(9.3.29.v20201019)
Content-Type
image/gif
Content-Length
42
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
p-E357uSpKxfQzx.gif
cms.quantserve.com/pixel/ Frame FFE9 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/pixel/p-E357uSpKxfQzx.gif?idmatch=0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 11:47:27 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
cs
cs.lkqd.net/ Frame FFE9
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3162
  • https://cs.lkqd.net/cs?partnerId=23&partnerUserId=7535f873-a17b-451d-ac9b-1d46678ee5a2&gdpr=1&gdpr_consent=
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=23&partnerUserId=7535f873-a17b-451d-ac9b-1d46678ee5a2&gdpr=1&gdpr_consent=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:27 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

pragma
no-cache
date
Thu, 20 May 2021 11:47:27 GMT
server
Apache-Coyote/1.1
location
https://cs.lkqd.net/cs?partnerId=23&partnerUserId=7535f873-a17b-451d-ac9b-1d46678ee5a2&gdpr=1&gdpr_consent=
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
CookieSyncLKQD
rtb.adentifi.com/ Frame FFE9 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncLKQD
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.207.62.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Content-Type
text/plain
/
loadm.exelator.com/load/ Frame FFE9
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=lkqd
  • https://sb.scorecardresearch.com/p?c1=9&c2=5989497&cs_xi=7535f873-a17b-451d-ac9b-1d46678ee5a2&rn=TIMESTAMP&cs_xs=3315&r=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1266&gdpr=1&gd...
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1266
  • https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzMxODMxNDE0/mpuid/7535f873-a17b-451d-ac9b-1d46678ee5a2/rnd/0/url/https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1261%2F&gdpr=1&gdpr_consent=
  • https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1261%2F&gdpr=1&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=445&dpuuid=7535f873-a17b-451d-ac9b-1d46678ee5a2?redir=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1262&gdpr=1&gdpr_consent=
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1262
  • https://tags.bluekai.com/site/5379?id=7535f873-a17b-451d-ac9b-1d46678ee5a2&redir=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1263&gdpr=1&gdpr_consent=
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1263
  • https://loadm.exelator.com/load/?p=204&g=281&buid=7535f873-a17b-451d-ac9b-1d46678ee5a2&j=0&ru=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1265&gdpr=1&gdpr_consent=
0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadm.exelator.com/load/?p=204&g=281&buid=7535f873-a17b-451d-ac9b-1d46678ee5a2&j=0&ru=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1265&gdpr=1&gdpr_consent=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:27 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

pragma
no-cache
date
Thu, 20 May 2021 11:47:27 GMT
server
Apache-Coyote/1.1
location
https://loadm.exelator.com/load/?p=204&g=281&buid=7535f873-a17b-451d-ac9b-1d46678ee5a2&j=0&ru=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1265&gdpr=1&gdpr_consent=
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.202 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.eotimedopovo.com.br
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Thu, 20 May 2021 11:47:27 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.eotimedopovo.com.br
t
t.lkqd.net/ Frame 9A05 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.202 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.eotimedopovo.com.br
date
Thu, 20 May 2021 11:47:27 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
cs
cs.lkqd.net/ Frame A166
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3162
  • https://cs.lkqd.net/cs?partnerId=23&partnerUserId=7535f873-a17b-451d-ac9b-1d46678ee5a2&gdpr=1&gdpr_consent=
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=23&partnerUserId=7535f873-a17b-451d-ac9b-1d46678ee5a2&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.128.47 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:27 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

pragma
no-cache
date
Thu, 20 May 2021 11:47:27 GMT
server
Apache-Coyote/1.1
location
https://cs.lkqd.net/cs?partnerId=23&partnerUserId=7535f873-a17b-451d-ac9b-1d46678ee5a2&gdpr=1&gdpr_consent=
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
/
loadm.exelator.com/load/ Frame A166
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=lkqd
  • https://sb.scorecardresearch.com/p?c1=9&c2=5989497&cs_xi=7535f873-a17b-451d-ac9b-1d46678ee5a2&rn=TIMESTAMP&cs_xs=3315&r=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1266&gdpr=1&gd...
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1266
  • https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzMxODMxNDE0/mpuid/7535f873-a17b-451d-ac9b-1d46678ee5a2/rnd/0/url/https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1261%2F&gdpr=1&gdpr_consent=
  • https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1261%2F&gdpr=1&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=445&dpuuid=7535f873-a17b-451d-ac9b-1d46678ee5a2?redir=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1262&gdpr=1&gdpr_consent=
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1262
  • https://tags.bluekai.com/site/5379?id=7535f873-a17b-451d-ac9b-1d46678ee5a2&redir=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1263&gdpr=1&gdpr_consent=
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1263
  • https://loadm.exelator.com/load/?p=204&g=281&buid=7535f873-a17b-451d-ac9b-1d46678ee5a2&j=0&ru=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1265&gdpr=1&gdpr_consent=
0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadm.exelator.com/load/?p=204&g=281&buid=7535f873-a17b-451d-ac9b-1d46678ee5a2&j=0&ru=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1265&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:28 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

pragma
no-cache
date
Thu, 20 May 2021 11:47:28 GMT
server
Apache-Coyote/1.1
location
https://loadm.exelator.com/load/?p=204&g=281&buid=7535f873-a17b-451d-ac9b-1d46678ee5a2&j=0&ru=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1265&gdpr=1&gdpr_consent=
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
p-E357uSpKxfQzx.gif
cms.quantserve.com/pixel/ Frame A166 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/pixel/p-E357uSpKxfQzx.gif?idmatch=0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 11:47:27 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
cm
p.rfihub.com/ Frame A166 		42 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.rfihub.com/cm?pub=35678&in=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
193.0.160.129 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 20 May 2021 11:47:27 GMT
Cache-Control
no-cache
Server
Jetty(9.3.29.v20201019)
Content-Type
image/gif
Content-Length
42
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
CookieSyncLKQD
rtb.adentifi.com/ Frame A166 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncLKQD
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.207.62.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Content-Type
text/plain
lkqd
event.clientgear.com/cookie/ Frame A166 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://event.clientgear.com/cookie/lkqd?partner=lkqd&cookieid=dJI9MkIgkIM&uid={ymcookie}
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.252.78.131 , United States, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
tag
4cywq-eqnre.ads.tremorhub.com/ad/ 		119 B
471 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://4cywq-eqnre.ads.tremorhub.com/ad/tag?adCode=4cywq-7ivfu&playerWidth=400&playerHeight=225&srcPageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C44857903375569446071962330694%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:6713:fa1a:2031:cf35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
5616a6e1823b43919f7d1a33817cccfa1d9f30c9f10f2deb00d9c3671f91d5f0

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 11:47:27 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.eotimedopovo.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-tremorvideo-status
NO_AD
content-type
text/xml;charset=UTF-8
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		67 B
727 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=13385887&_fw_us_privacy=&_fw_gdpr=&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C7442186194485790337556944607%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.21.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-112.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 20 May 2021 11:47:27 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.eotimedopovo.com.br
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1621511247684027-420
Expires
Thu, 20 May 2021 11:47:27 GMT
245558
search.spotxchange.com/vast/2.0/ 		67 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.0/245558?VPAID=JS&content_page_url=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&cb=477077386&player_width=400&player_height=225&ip_addr=159.48.55.6&device[ua]=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&regs[gdpr]=0&device[geo][lat]=37.751&device[geo][lon]=-97.822&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C9461405444485790337556944607%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 20 May 2021 11:47:27 GMT
Content-Encoding
gzip
X-SpotX-Timing-Transform
0.001759
X-SpotX-Timing-SpotMarket
0.007179
X-SpotX-Timing-Page-Mux
0.000291
X-SpotX-Timing-Page-Require
0.000409
X-fe
096
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000004
Content-Length
77
X-SpotX-Timing-Page
0.012900
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000327
Last-Modified
Thu, 20 May 2021 11:47:27 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Vary
Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary
0.007179
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.eotimedopovo.com.br
X-SpotX-Timing-Page-Misc
0.002920
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000010
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
218947
search.spotxchange.com/vast/2.0/ 		67 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.0/218947?VPAID=JS&content_page_url=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&cb=363816817&player_width=400&player_height=225&media_transcoding=low&ip_addr=159.48.55.6&device[ua]=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&regs[gdpr]=&user[consent]=&device[geo][lat]=37.751&device[geo][lon]=-97.822&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C44857903375569446071201019125%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 20 May 2021 11:47:27 GMT
Content-Encoding
gzip
X-SpotX-Timing-Transform
0.000308
X-SpotX-Timing-SpotMarket
0.009131
X-SpotX-Timing-Page-Mux
0.001567
X-SpotX-Timing-Page-Require
0.000538
X-fe
129
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000003
Content-Length
77
X-SpotX-Timing-Page
0.015504
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000441
Last-Modified
Thu, 20 May 2021 11:47:27 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Vary
Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary
0.009131
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.eotimedopovo.com.br
X-SpotX-Timing-Page-Misc
0.003502
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000013
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
88k_nHSg_6XSp1263gyM+iSSVC+nZNMH
ads-eu.v.ssp.yahoo.com/a/h/
Redirect Chain
  • https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1487255231&gdpr=&gdpr_consent=&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&eov=eov&pi.width=400&pi.height=225&pi.view...
  • https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1487255231&gdpr=&gdpr_consent=&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable...
249 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1487255231&gdpr=&gdpr_consent=&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1&a.y_rid=91a2bcd4-c326-44e8-9825-78fc4b5ee87a&a.is_yahoo=3&redirect_y=dHM9MTYyMTUxMTI0NzcwMy43Mzc3OTM6dXVpZD0iNzUxNjM3Mzg2NjkwNjk0OTY4X19USU1FX18yMDIxLTA1LTIwKzA0JTNBNDclM0EyNSI6YXBpZD1WQTI0N2QzMjMxLWI5NjEtMTFlYi1iZDNlLTA2YjdlZjZmYmRhYzpyZXF1ZXN0X2lkPTkxYTJiY2Q0LWMzMjYtNDRlOC05ODI1LTc4ZmM0YjVlZTg3YQ==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.55.203 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS/7.1.2.128 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Thu, 20 May 2021 11:47:27 GMT
content-encoding
gzip
server
ATS/7.1.2.128
Age
0
content-type
text/xml
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0

Redirect headers

strict-transport-security
max-age=31536000
server
adaptv/1.0
access-control-allow-origin
https://www.eotimedopovo.com.br
content-type
text/plain
location
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=1487255231&gdpr=&gdpr_consent=&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1&a.y_rid=91a2bcd4-c326-44e8-9825-78fc4b5ee87a&a.is_yahoo=3&redirect_y=dHM9MTYyMTUxMTI0NzcwMy43Mzc3OTM6dXVpZD0iNzUxNjM3Mzg2NjkwNjk0OTY4X19USU1FX18yMDIxLTA1LTIwKzA0JTNBNDclM0EyNSI6YXBpZD1WQTI0N2QzMjMxLWI5NjEtMTFlYi1iZDNlLTA2YjdlZjZmYmRhYzpyZXF1ZXN0X2lkPTkxYTJiY2Q0LWMzMjYtNDRlOC05ODI1LTc4ZmM0YjVlZTg3YQ==
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
0
245554
search.spotxchange.com/vast/2.0/ 		67 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.0/245554?VPAID=JS&content_page_url=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&cb=179071695&player_width=400&player_height=225&ip_addr=159.48.55.6&device[ua]=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&regs[gdpr]=0&device[geo][lat]=37.751&device[geo][lon]=-97.822&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C5927143144485790337556944607%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 20 May 2021 11:47:27 GMT
Content-Encoding
gzip
X-SpotX-Timing-Transform
0.000344
X-SpotX-Timing-SpotMarket
0.007951
X-SpotX-Timing-Page-Mux
0.000214
X-SpotX-Timing-Page-Require
0.000302
X-fe
008
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000029
Content-Length
77
X-SpotX-Timing-Page
0.014097
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000365
Last-Modified
Thu, 20 May 2021 11:47:27 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Vary
Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary
0.007951
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.eotimedopovo.com.br
X-SpotX-Timing-Page-Misc
0.004882
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000009
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
88k_nHSg_6XSp1263gyM+iSSVC+nZNMH
ads-eu.v.ssp.yahoo.com/a/h/
Redirect Chain
  • https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=564862145&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=5...
  • https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=564862145&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560...
249 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=564862145&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1&a.y_rid=76147bde-439f-40c3-812a-d1b77898bcd2&a.is_yahoo=3&redirect_y=dHM9MTYyMTUxMTI0NzcwOC4zNzkxNTA6dXVpZD0iNzUxNjM3Mzg2NjkwNjk0OTY4X19USU1FX18yMDIxLTA1LTIwKzA0JTNBNDclM0EyNSI6YXBpZD1WQTI0N2QzMjMxLWI5NjEtMTFlYi1iZDNlLTA2YjdlZjZmYmRhYzpyZXF1ZXN0X2lkPTc2MTQ3YmRlLTQzOWYtNDBjMy04MTJhLWQxYjc3ODk4YmNkMg==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.55.203 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS/7.1.2.128 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Thu, 20 May 2021 11:47:28 GMT
content-encoding
gzip
server
ATS/7.1.2.128
Age
1
content-type
text/xml
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0

Redirect headers

strict-transport-security
max-age=31536000
server
adaptv/1.0
access-control-allow-origin
https://www.eotimedopovo.com.br
content-type
text/plain
location
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=564862145&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1&a.y_rid=76147bde-439f-40c3-812a-d1b77898bcd2&a.is_yahoo=3&redirect_y=dHM9MTYyMTUxMTI0NzcwOC4zNzkxNTA6dXVpZD0iNzUxNjM3Mzg2NjkwNjk0OTY4X19USU1FX18yMDIxLTA1LTIwKzA0JTNBNDclM0EyNSI6YXBpZD1WQTI0N2QzMjMxLWI5NjEtMTFlYi1iZDNlLTA2YjdlZjZmYmRhYzpyZXF1ZXN0X2lkPTc2MTQ3YmRlLTQzOWYtNDBjMy04MTJhLWQxYjc3ODk4YmNkMg==
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
0
88k_nHSg_6XSp1263gyM+iSSVC+nZNMH
ads-eu.v.ssp.yahoo.com/a/h/
Redirect Chain
  • https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=57170301&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&eov=...
  • https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=57170301&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&eov=eov&...
249 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=57170301&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&eov=eov&hp=1&a.y_rid=e06e820c-6893-4e36-88bc-d7bc0e7cc113&a.is_yahoo=3&redirect_y=dHM9MTYyMTUxMTI0NzcwOS42ODMxMDU6dXVpZD0iNzUxNjM3Mzg2NjkwNjk0OTY4X19USU1FX18yMDIxLTA1LTIwKzA0JTNBNDclM0EyNSI6YXBpZD1WQTI0N2QzMjMxLWI5NjEtMTFlYi1iZDNlLTA2YjdlZjZmYmRhYzpyZXF1ZXN0X2lkPWUwNmU4MjBjLTY4OTMtNGUzNi04OGJjLWQ3YmMwZTdjYzExMw==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.55.203 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS/7.1.2.128 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Thu, 20 May 2021 11:47:28 GMT
content-encoding
gzip
server
ATS/7.1.2.128
Age
1
content-type
text/xml
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0

Redirect headers

strict-transport-security
max-age=31536000
server
adaptv/1.0
access-control-allow-origin
https://www.eotimedopovo.com.br
content-type
text/plain
location
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=57170301&gdpr=0&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&eov=eov&hp=1&a.y_rid=e06e820c-6893-4e36-88bc-d7bc0e7cc113&a.is_yahoo=3&redirect_y=dHM9MTYyMTUxMTI0NzcwOS42ODMxMDU6dXVpZD0iNzUxNjM3Mzg2NjkwNjk0OTY4X19USU1FX18yMDIxLTA1LTIwKzA0JTNBNDclM0EyNSI6YXBpZD1WQTI0N2QzMjMxLWI5NjEtMTFlYi1iZDNlLTA2YjdlZjZmYmRhYzpyZXF1ZXN0X2lkPWUwNmU4MjBjLTY4OTMtNGUzNi04OGJjLWQ3YmMwZTdjYzExMw==
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
0
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		67 B
728 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&_fw_us_privacy=&_fw_gdpr=&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C16636331624485790337556944607,,
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.21.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-112.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 20 May 2021 11:47:27 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.eotimedopovo.com.br
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1621511247680035-405
Expires
Thu, 20 May 2021 11:47:27 GMT
88k_nHSg_6XSp1263gyM+iSSVC+nZNMH
ads-eu.v.ssp.yahoo.com/a/h/
Redirect Chain
  • https://ads.adaptv.advertising.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=476694999&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&eov=eov&pi.width=400&pi.height=...
  • https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=476694999&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&eov=eov&pi.width=400&pi.height=225&...
249 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=476694999&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1&a.y_rid=dab35156-9044-4cd0-8fec-27299c9f3b6b&a.is_yahoo=3&redirect_y=dHM9MTYyMTUxMTI0NzcwOC45MTY1MDQ6dXVpZD0iNzUxNjM3Mzg2NjkwNjk0OTY4X19USU1FX18yMDIxLTA1LTIwKzA0JTNBNDclM0EyNSI6YXBpZD1WQTI0N2QzMjMxLWI5NjEtMTFlYi1iZDNlLTA2YjdlZjZmYmRhYzpyZXF1ZXN0X2lkPWRhYjM1MTU2LTkwNDQtNGNkMC04ZmVjLTI3Mjk5YzlmM2I2Yg==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.55.203 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS/7.1.2.128 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Thu, 20 May 2021 11:47:27 GMT
content-encoding
gzip
server
ATS/7.1.2.128
Age
0
content-type
text/xml
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0

Redirect headers

strict-transport-security
max-age=31536000
server
adaptv/1.0
access-control-allow-origin
https://www.eotimedopovo.com.br
content-type
text/plain
location
https://ads-eu.v.ssp.yahoo.com/a/h/88k_nHSg_6XSp1263gyM+iSSVC+nZNMH?cb=476694999&gdpr=&gdpr_consent=&pet=preroll&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&eov=eov&pi.width=400&pi.height=225&pi.viewable=1&scpid=56560&hp=1&a.y_rid=dab35156-9044-4cd0-8fec-27299c9f3b6b&a.is_yahoo=3&redirect_y=dHM9MTYyMTUxMTI0NzcwOC45MTY1MDQ6dXVpZD0iNzUxNjM3Mzg2NjkwNjk0OTY4X19USU1FX18yMDIxLTA1LTIwKzA0JTNBNDclM0EyNSI6YXBpZD1WQTI0N2QzMjMxLWI5NjEtMTFlYi1iZDNlLTA2YjdlZjZmYmRhYzpyZXF1ZXN0X2lkPWRhYjM1MTU2LTkwNDQtNGNkMC04ZmVjLTI3Mjk5YzlmM2I2Yg==
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
0
LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHuEXTfdKx9AY=
ads-eu.v.ssp.yahoo.com/a/h/
Redirect Chain
  • https://ads.adaptv.advertising.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHuEXTfdKx9AY=?cb=1440394888&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&duration=&id=&title=&url=&pi.width=400&pi.height=2...
  • https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHuEXTfdKx9AY=?cb=1440394888&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&duration=&id=&title=&url=&pi.width=400&pi.height=225&p...
249 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHuEXTfdKx9AY=?cb=1440394888&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&duration=&id=&title=&url=&pi.width=400&pi.height=225&pi.viewable=1&eov=eov&scpid=56560&hp=1&a.y_rid=662441dc-d2c6-4a6a-84e5-f08b8576e492&a.is_yahoo=3&redirect_y=dHM9MTYyMTUxMTI0NzcwOC45NjE2NzA6dXVpZD0iNzUxNjM3Mzg2NjkwNjk0OTY4X19USU1FX18yMDIxLTA1LTIwKzA0JTNBNDclM0EyNSI6YXBpZD1WQTI0N2QzMjMxLWI5NjEtMTFlYi1iZDNlLTA2YjdlZjZmYmRhYzpyZXF1ZXN0X2lkPTY2MjQ0MWRjLWQyYzYtNGE2YS04NGU1LWYwOGI4NTc2ZTQ5Mg==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.55.203 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS/7.1.2.128 /
Resource Hash
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Thu, 20 May 2021 11:47:27 GMT
content-encoding
gzip
server
ATS/7.1.2.128
Age
0
content-type
text/xml
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
192
expires
0

Redirect headers

strict-transport-security
max-age=31536000
server
adaptv/1.0
access-control-allow-origin
https://www.eotimedopovo.com.br
content-type
text/plain
location
https://ads-eu.v.ssp.yahoo.com/a/h/LyoDzRX0cOv8KcvlY2oOQnb1IeL0zelHuEXTfdKx9AY=?cb=1440394888&pageUrl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&duration=&id=&title=&url=&pi.width=400&pi.height=225&pi.viewable=1&eov=eov&scpid=56560&hp=1&a.y_rid=662441dc-d2c6-4a6a-84e5-f08b8576e492&a.is_yahoo=3&redirect_y=dHM9MTYyMTUxMTI0NzcwOC45NjE2NzA6dXVpZD0iNzUxNjM3Mzg2NjkwNjk0OTY4X19USU1FX18yMDIxLTA1LTIwKzA0JTNBNDclM0EyNSI6YXBpZD1WQTI0N2QzMjMxLWI5NjEtMTFlYi1iZDNlLTA2YjdlZjZmYmRhYzpyZXF1ZXN0X2lkPTY2MjQ0MWRjLWQyYzYtNGE2YS04NGU1LWYwOGI4NTc2ZTQ5Mg==
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
0
/
x.vindicosuite.com/ 		0
0
ads
loopme.me/api/vast/ 		183 B
226 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://loopme.me/api/vast/ads?appId=9d3d0ded64&vast=2&uid=7455249556461831727&ip=159.48.55.6&ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&lon=&lat=&dnt=0&bundleid=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&lng=es&&height=400&width=225&page=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&OMID=1&user_consent=&pubid=1092910&us_privacy=&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C4485790337556944607905239597%2C%2C&gdpr=&gdpr_consent=&gdpr_pd=&vpaid=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.55.3.20 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
_ /
Resource Hash
7b38cd9405b29e24d3af2065e6770329f1cb345fe2f368698f68c31a95d48b1a

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:27 GMT
xl
s
server
_
access-control-max-age
3600
access-control-allow-methods
GET,POST
content-type
application/xml
access-control-allow-origin
https://www.eotimedopovo.com.br
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,WWW-Authenticate,Authorization
content-length
183
ads
loopme.me/api/vast/ 		183 B
226 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://loopme.me/api/vast/ads?appId=e050b7bfed&vast=2&uid=7455249556461831727&ip=159.48.55.6&ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&lon=&lat=&dnt=0&bundleid=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&lng=es&&height=400&width=225&page=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&OMID=1&user_consent=&pubid=1092910&us_privacy=&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C44857903375569446072057653205%2C%2C&gdpr=&gdpr_consent=&gdpr_pd=&vpaid=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.55.3.20 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
_ /
Resource Hash
7b38cd9405b29e24d3af2065e6770329f1cb345fe2f368698f68c31a95d48b1a

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:27 GMT
xl
s
server
_
access-control-max-age
3600
access-control-allow-methods
GET,POST
content-type
application/xml
access-control-allow-origin
https://www.eotimedopovo.com.br
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,WWW-Authenticate,Authorization
content-length
183
vtag
vast.emxdgt.com/ 		27 B
339 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vast.emxdgt.com/vtag?tagid=97333&site.page=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&maxduration=119&skip=0&site.domain=eotimedopovo.com.br&device.ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&device.type=2&device.make=Google&device.model=Chrome%20-%20Windows&w=400&h=225&mimes=video%2Fmp4%2Cvideo%2Fweb%2Cvideo%2Fx-ms-wmv%2Capplication%2Fjavascript&protocols=2%2C3%2C5%2C6&placement=1&linearity=1&minduration=2&minbitrate=200&maxbitrate=10000&playbackmethod=1&maxextend=-1&boxingallowed=0&publisher.name=0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.236.141.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 20 May 2021 11:47:27 GMT
Content-Type
application/xml
Access-Control-Allow-Origin
https://www.eotimedopovo.com.br
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Access-Control-Allow-Headers
security, Content-Type
Content-Length
27
ads
loopme.me/api/vast/ 		183 B
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://loopme.me/api/vast/ads?appId=b85846f02e&vast=2&uid=7455249556461831727&ip=159.48.55.6&ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&lon=&lat=&dnt=0&bundleid=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&lng=es&&height=400&width=225&page=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&OMID=1&user_consent=&pubid=1092910&us_privacy=&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C44857903375569446071471210178%2C%2C&gdpr=&gdpr_consent=&gdpr_pd=&vpaid=1
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.55.3.20 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
_ /
Resource Hash
7b38cd9405b29e24d3af2065e6770329f1cb345fe2f368698f68c31a95d48b1a

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 11:47:27 GMT
xl
s
server
_
access-control-max-age
3600
access-control-allow-methods
GET,POST
content-type
application/xml
access-control-allow-origin
https://www.eotimedopovo.com.br
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,WWW-Authenticate,Authorization
content-length
183
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.202 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.eotimedopovo.com.br
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Thu, 20 May 2021 11:47:29 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.eotimedopovo.com.br
t
t.lkqd.net/ Frame 9A05 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.202 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.eotimedopovo.com.br
date
Thu, 20 May 2021 11:47:29 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 9A05 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.202 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.eotimedopovo.com.br
date
Thu, 20 May 2021 11:47:29 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.202 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.eotimedopovo.com.br
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Thu, 20 May 2021 11:47:29 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.eotimedopovo.com.br
/
x.vindicosuite.com/ 		65 B
512 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://x.vindicosuite.com/?l=560976&t=x&rnd=1524018399&u=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&r=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&ip=159.48.55.6&mediaduration=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.204 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
441c888ef13a4a9910313f7562f49f87db25497a8b79daf540ab15052ce5a0d0 /
Resource Hash
5f91da25c24e6fb0fc2f6b18964b6bb696253b1d13fa9fa32ca8d27f60ec9fee

Request headers

Referer
https://www.eotimedopovo.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 May 2021 11:47:29 GMT
via
1.1 google
server
441c888ef13a4a9910313f7562f49f87db25497a8b79daf540ab15052ce5a0d0
p3p
CP="NOI DSP COR DEVa TAIa OUR BUS UNI NAV"
access-control-allow-origin
https://www.eotimedopovo.com.br
cache-control
no-store,no-cache,must-revalidate,post-check=0,pre-check=0
access-control-allow-credentials
true
content-type
text/xml;charset=ISO-8859-1
alt-svc
clear
expires
Thu, 01 Dec 1994 16:00:00 GMT
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Server
146.20.132.202 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.eotimedopovo.com.br
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Thu, 20 May 2021 11:47:30 GMT
content-type
text/plain; charset=UTF-8
content-length
0
access-control-allow-credentials
true
access-control-expose-headers
Content-Type, Content-Disposition
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
cache-control
max-age=300
access-control-max-age
300
access-control-allow-origin
https://www.eotimedopovo.com.br
t
t.lkqd.net/ Frame 9A05 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
s.po.st
URL
https://s.po.st/static/v4/post-widget.js
Domain
t.lkqd.net
URL
https://t.lkqd.net/t
Domain
v.lkqd.net
URL
https://v.lkqd.net/ad?pid=430&sid=1092910&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56560%2C1%2C&c4=&c5=&c6=56560&rnd=64733351&m=&rtv=1&thost=www.eotimedopovo.com.br
Domain
v.lkqd.net
URL
https://v.lkqd.net/ad?pid=430&sid=1092910&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=&gdprcs=&pageurl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C56560%2C1%2C&c4=&c5=&c6=56560&rnd=64733351&m=&rtv=1&thost=www.eotimedopovo.com.br
Domain
pixel.onaudience.com
URL
https://pixel.onaudience.com/?partner=214&mapped=8309037D-9209-40CB-BECA-3D8C775CA7D3
Domain
x.vindicosuite.com
URL
https://x.vindicosuite.com/?l=560976&t=x&rnd=1524018399&u=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&r=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&ip=159.48.55.6&mediaduration=
Domain
t.lkqd.net
URL
https://t.lkqd.net/t

Verdicts & Comments Add Verdict or Comment

237 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| bp_thumbnail_resize object| relatedTitles number| relatedTitlesNum object| relatedUrls object| thumburl function| related_results_labels_thumbs function| removeRelatedDuplicates_thumbs function| contains_thumbs function| printRelatedLabels_thumbs object| _taboola function| $ function| jQuery function| click function| bloquear function| desbloquear function| checartecla object| denakoptag object| adsbygoogle string| GoogleAnalyticsObject function| ga function| fbAsyncInit function| $a string| image_tag object| FB object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| googletag object| dkpbjs object| TRC object| _tblConsole undefined| msg object| _comscore function| dkpbjsChunk object| _pbjsGlobals object| ggeac object| google_js_reporting_queue function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl function| udm_ object| ns_p object| COMSCORE function| showrecentpostswiththumbs number| numposts boolean| showpostthumbnails boolean| displaymore boolean| displayseparator boolean| showcommentnum boolean| showpostdate boolean| showpostsummary number| numchars number| google_srt object| google_ad_modifications object| google_logging_queue boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_persistent_state_async boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map string| google_user_agent_client_hint function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| _seedtagq object| google_image_requests function| eHost string| va string| vb string| vc string| vd string| ve string| vf string| vg string| vh string| vi string| vj string| vk string| vl string| vm string| vn string| vidoocustom2 function| firePixel object| lkqdSettings object| vpaidLoader function| setAttributeOnload object| gapi object| ___jsl function| showLucky function| fetchLuck function| readLucky function| feelingLucky object| WebFontConfig object| sas object| pbSimpleAds function| BLOG_attachCsiOnload function| _WidgetManager function| _WidgetInfo function| widget_module_provide function| _AdSenseView function| _BlogArchiveView function| _AttributionView function| _BlogView function| _BlogListView function| _BlogSearchView function| _ContactFormView function| _ExampleView function| _FeaturedPostView function| _FeedView function| _FollowByEmailView function| _FollowersView function| _HeaderView function| _TextView function| _HTMLView function| _ImageView function| _LabelView function| _TextListView function| _LinkListView function| _BloggerButtonView function| _NavbarView function| _PageListView function| _PollView function| _PopularPostsView function| _ProfileView function| _RecentPostsView function| _ReportAbuseView function| _SharingView function| _StatsView function| _SubscribeView function| _SW_toggleReaderList function| _SW_hideReaderList function| _TranslateView function| _WikipediaView string| __wavt function| __gjsload__ object| cookieChoices object| menu number| menuHeight object| jQuery18104588923416636217 object| hstpnetwork number| HstpnetworkRegistryLoaded boolean| google_empty_script_included object| webpackJsonp1621408247482 object| osapi object| gapix object| gadgets object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow object| WebFont object| help object| hgb object| userfeedback boolean| hstpchecker object| lkqd object| mobile_blocked_mfs function| lkqd_http_response object| GoogleGcLKhOms

7 Cookies

Domain/Path Name / Value
.bet365.de/ Name: Affiliates
Value: Code=365_00974178%2f98068550464&prd=Sports
.lkqd.net/ Name: lkqdidts
Value: 1621511237
.lkqd.net/ Name: lkqdid
Value: 2sAz_byaEf8
.lkqd.net/ Name: sr80
Value: 1|AACBqE7BTJkAACzldKpdXw|1621511237
.bet365.de/ Name: pstk
Value: 75B8AAC5868848C8BAF31D483D2C56BE010003
members.bet365.de/ Name: session
Value: processform=0
.lkqd.net/ Name: sr90
Value: 1|4c_20f5b36a-5fb8-45e4-aaaf-3f772a11b95e|1621511237

16 Console Messages

Source Level URL
Text
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C8342771726711280624758472128%2C%2C(Line 180)
Message:
pm-info:Inside Logger.setDebugLevel to set the logger level.
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C8342771726711280624758472128%2C%2C(Line 180)
Message:
pm-info:Inside catch block, setting the value 1 received in the argument due to error:
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C8342771726711280624758472128%2C%2C(Line 180)
Message:
pm-info:Finally, debug level set to 1
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C8342771726711280624758472128%2C%2C(Line 180)
Message:
pm-info:VPAIDMain:handshakeVersion() - PM AD MANAGER RELEASE VERSION: 1.2.0
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C8342771726711280624758472128%2C%2C(Line 180)
Message:
pm-info:VPAIDMain:handshakeVersion() - Player Version:2.0
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C8342771726711280624758472128%2C%2C(Line 180)
Message:
pm-info:into initPreConfiguration method
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C8342771726711280624758472128%2C%2C(Line 180)
Message:
pm-info:Inside Logger.setDebugLevel to set the logger level.
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C8342771726711280624758472128%2C%2C(Line 180)
Message:
pm-info:Inside catch block, setting the value 2 received in the argument due to error:
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C8342771726711280624758472128%2C%2C(Line 180)
Message:
pm-info:Finally, debug level set to 2
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C8342771726711280624758472128%2C%2C(Line 180)
Message:
pm-info:into initAd method
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C8342771726711280624758472128%2C%2C(Line 180)
Message:
pm-info:Inside createQueryString() : QueryString created from adtag variables - adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+7+9+1+1+6&gdpr=0&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C8342771726711280624758472128%2C%2C&us_privacy=&cb=1621511246160
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C8342771726711280624758472128%2C%2C(Line 180)
Message:
pm-info:Inside createQueryString() : QueryString created from adtag variables - SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwww.eotimedopovo.com.br%252F&screenResolution=1600x1200&kdntuid=1&vwndh=0&vwndw=0&vwndurl=https%253A%252F%252Fwww.eotimedopovo.com.br%252F&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-5-20 13:47:26&ranreq=0.8334442006049616&timezone=2&depth=0
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C8342771726711280624758472128%2C%2C(Line 180)
Message:
pm-info:PM AdRequest Time: 0.582secs.
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C8342771726711280624758472128%2C%2C(Line 180)
Message:
pm-info:Ad Error Time: 0.584secs.
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C8342771726711280624758472128%2C%2C(Line 180)
Message:
pm-info:Total Component Time since player call: 0.644secs.
console-api error URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=156498&siteId=399115&adId=1801592&vadFmt=2&vapi=2&vminl=1&vmaxl=181&vh=225&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+3+5+6+7+9+11&sec=1&gdpr=&gdpr_consent=&kadpageurl=https%3A%2F%2Fwww.eotimedopovo.com.br%2F&schain=1.0%2C1%21vidoomy.com%2C56560%2C1%2C8342771726711280624758472128%2C%2C(Line 180)
Message:
pm-error:Invalid/Empty VAST Response from PubMatic Ad Server

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
2.bp.blogspot.com
4.bp.blogspot.com
4cywq-eqnre.ads.tremorhub.com
a.sportradarserving.com
a.tribalfusion.com
a.vidoomy.com
ad.a-ads.com
ad.lkqd.net
ad.turn.com
ad4m.at
ads-eu.v.ssp.yahoo.com
ads.adaptv.advertising.com
ads.playground.xyz
ads.pubmatic.com
ads.stickyadstv.com
ads.vidoomy.com
adservice.google.com
adservice.google.de
ajax.cloudflare.com
ajax.googleapis.com
aktrack.pubmatic.com
apis.google.com
bh.contextweb.com
c.deployads.com
c1.adform.net
cdn.simpleads.com.br
cdn.taboola.com
clevernt.com
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
config.seedtag.com
connect.facebook.net
cs.krushmedia.com
cs.lkqd.net
csync.loopme.me
d.t.tailtarget.com
d.tailtarget.com
d.turn.com
d5p.de17a.com
dis.criteo.com
dpm.demdex.net
dsp.adfarm1.adition.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
event.clientgear.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googledrive.com
green.erne.co
gu.dyntrk.com
i.ytimg.com
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
lh4.googleusercontent.com
lh6.googleusercontent.com
loadm.exelator.com
loopme.me
lp.clevernetwork.pt
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
media.sabio.us
members.bet365.de
netdna.bootstrapcdn.com
nxd.adhaven.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.onaudience.com
pixel.quantserve.com
pixel.tapad.com
pool.admedo.com
pr-bh.ybp.yahoo.com
pubmatic-match.dotomi.com
resources.blogblog.com
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.gumgum.com
rtb.vidoomy.com
s.po.st
s.tribalfusion.com
sb.scorecardresearch.com
search.spotxchange.com
secure.adnxs.com
securepubads.g.doubleclick.net
sender.clevernt.com
simage2.pubmatic.com
static.doubleclick.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.mathtag.com
sync.srv.stackadapt.com
sync.tidaltv.com
t.lkqd.net
tags.bluekai.com
tpc.googlesyndication.com
ui.clevernt.com
um.simpli.fi
ups.analytics.yahoo.com
v.lkqd.net
v3.denakop.com
vast.emxdgt.com
vid.pubmatic.com
vpaid.pubmatic.com
www.blogger.com
www.eotimedopovo.com.br
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.gstatic.com
www.youtube.com
x.bidswitch.net
x.vindicosuite.com
yt3.ggpht.com
pixel.onaudience.com
s.po.st
t.lkqd.net
v.lkqd.net
x.vindicosuite.com
104.18.131.145
13.248.242.197
142.250.186.66
143.204.202.85
146.20.128.47
146.20.128.54
146.20.132.202
148.69.64.109
148.69.64.76
151.101.14.49
151.139.128.11
159.65.196.12
162.55.3.20
162.55.6.213
169.197.150.7
169.50.137.190
172.217.23.98
178.250.2.151
18.156.0.31
18.159.17.140
18.198.69.109
18.203.106.177
184.30.21.112
185.29.135.226
185.64.189.115
185.64.190.75
185.64.190.80
185.64.190.81
185.86.137.131
185.94.180.123
193.0.160.129
198.148.27.139
199.232.137.44
2.18.233.180
2001:678:cb4:bbbb::11
2001:678:cb4:bbbb::13
213.155.156.166
213.19.147.45
23.45.99.241
2600:1f18:612b:4216:6713:fa1a:2031:cf35
2606:4700:10::6816:4a5
2606:4700:20::681a:ad1
2606:4700:20::681a:af8
2606:4700:20::681a:b75
2606:4700::6810:a723
2606:4700::6812:acf
2606:4700::6812:bcf
2606:4700::6812:d05
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1288:110:c305::8000
2a00:1450:4001:801::200a
2a00:1450:4001:802::2001
2a00:1450:4001:802::2003
2a00:1450:4001:802::2004
2a00:1450:4001:802::200e
2a00:1450:4001:803::200a
2a00:1450:4001:809::2001
2a00:1450:4001:809::2002
2a00:1450:4001:809::2006
2a00:1450:4001:809::2009
2a00:1450:4001:809::200e
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2001
2a00:1450:4001:810::2002
2a00:1450:4001:811::2001
2a00:1450:4001:827::2002
2a00:1450:4001:827::200a
2a00:1450:4001:827::200e
2a00:1450:4001:828::2001
2a00:1450:4001:828::2002
2a00:1450:4001:828::2006
2a00:1450:4001:829::2003
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::200a
2a00:1450:4001:82f::200e
2a00:1450:4001:82f::2016
2a00:1450:4001:830::2002
2a00:1450:4001:831::2001
2a00:1450:4001:831::2009
2a00:1450:4001:831::2013
2a00:1450:400c:c07::9d
2a02:fa8:8806:20::2010
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a05:d018:24:b002:ebbe:4057:3491:6f67
2a0b:4d07:102::1
3.123.55.203
3.129.250.65
3.225.15.51
3.233.119.20
34.102.185.99
34.107.184.81
34.98.107.212
35.186.236.204
35.201.123.184
35.210.53.219
35.227.248.159
35.244.174.68
37.157.4.29
37.252.172.249
37.252.173.27
47.252.78.131
5.9.10.165
50.112.11.19
51.178.20.139
52.207.62.93
52.28.254.214
52.30.95.9
52.49.40.147
52.58.102.227
52.59.160.25
54.236.141.192
54.77.47.243
54.93.84.136
66.155.71.150
72.251.241.206
8.2.110.134
81.94.208.229
85.114.159.118
87.98.242.60
00535b5b597302e2749d3c2671f53ac61d0ba3b3e1a6624e6235ce18811b514b
00fc655c4fbe724eb6a21f2eec916c44ce1063336946ab80c3245837eeee4a46
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
05e695a8f4bd26c3a3092afbd08d40b873b39599d47ce15c281b1b526e934258
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
06ad8f0ae899224fe055e708d4e03b41514d6ecfa491753e44b208e6e3aaf7a3
07c0e56d3dab9ba01869922dc45a09928804d0ce6c4de08f6f2ff1c558ac8670
0938d24970f9a46f8846edf91d9a35b993b52c2c818bf075dab439563fc0f0f5
09b0a6bbfe4ca9d3cbb83b7c9131eac0e206a1ccf5677a2a2b60cb40552dd0b8
0a4aec91290b3fe4a7a6a59ca89863a6c779375ab6807790b6e0bc1550859197
0baf9ab3059e9d198b54fac80a927d5ba1ded8181f9f69ebf0f5148e6b7a8dbc
0c09a6e064d23cf9cf4a9cbbb412fdaa78af9ff0d454ece8d90edb5b6b50e889
0ca65061d816e09a31321514c704eed960f991ea794dad1ab01b51238aa8bb84
0d62cdd589152a75cfb03d4a25e56f01f6567c4191b05841f4e8a3119cb51d3c
0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1
12743a4d3c1792493fa6928d682e5685f80b3750199dd28aec652c4c0febdad0
134d0bccea21ff37dbabedb5ed1a167485df6a61326e818fdbf591812459b796
15921a11047f47138620aeac57d69cc2ce4e71c805fd54511f841e82ae2983ea
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
187b2130cdd7857365f314352097dd414d0bea425b98dfb3d0423d7d184d6197
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
1b95ffd8d5e131d47fa1a5ab65bca620eeef87328c413940cd60a9fbcedf4b74
1cb1bc4fbffa8eb9b983009e7bce67aa8673567e64ebec77461688c49194917a
1d253e967c986d216abdb99d19a6f4487d71d64e406b832a22361a29fb62dc55
1dad6cb9a0903898a8f82f89c0d10ee6e94f8459228530fa5df3078100c9f650
1e07ab27ebfeb07e7c503be5cd4efb35c821662bf6c1b566ed97baa2a765189c
1e0af1f2b8e2a591b08c11fc9268a9cb0e38c94434dda039f6c160ce3057aec3
1e5e013c8289698cbe69050a6bdb7de3ed90ae6d965b763dde8b8de9cd09df0c
1f58d6122bcc11fcb6dce0264db5faeb39a777f8ee43b65af9d0c903967aa126
1fab2c293e616fa6ec3df8155b42eaaafdc4d9027fdfa5d9acebb0df8d1ba068
22ca5e3dcd26fa66a4af4b4a5d47a6a3a17f4cb9abdd03707901758b28f5c1d6
22f0916640cd89ec85a9bf93dd593810eef00c292b6ce823d2d0f21c329a68e1
247769f3f2c0a9b813e71a3e51f1b607dab4997110689c7d243ea112433bf5cf
25404c8aa13246396fe1fcc7de144a5ed73ab0543a65a77df79d0d72114b6fed
285bb5af7280c83d84d442b444aa0c09b059e8ed2da1471112e1daf7753aeee4
28e7c5883213aac2724862e788fa2c79bcebc5708d2bbccc44ee0206bd54d484
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
2a7705fae774b398a3597f3892e30fa31aade2a04d78c58fb65d2d4922d25a1b
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2d903176d4df72e36c554fe65598e07df6e8b0b920cd9e37ee91d96389a44791
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f3497390085aa40385402f6a26da4fe771c8b63ab4caf5a5be0033794c181db
30eca74cde3c0649a09fdb26376f9f41ff690ee916fd1221b5a29df7b7bdf86a
32fb46e37490028d33d014af2fa2446ddbab6ecbf50318e488483b3b9aa59ad0
33594966b2582bbcde7c59c7a3385623efda6eddab33f4490304a2b564b39dc7
3450c74da5ae4511f7ad644c413d288a58004e65feec48af3f557c5529697069
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
374d8eef5fd489b376733ac0a35577a11e27e3b98b411232f5fe225efc17ef6b
38451901f3954dcc957d3b6d5fa519b9aec2c489b24b62006257dbecf18308c1
3ac13025dc609fbe2671ff553cec81ea6e640efa3413d7c8944e461b718d1782
3d21821594dc52942caea119495b6b5a4ee09cb61f9a71b439132059a07e31f1
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
416884c8c925364d8f7d5d0400d0a5b9863f563747a3bcd1e1442c6fe4b9dcd0
418eb03b3d6f025ffb549949c9bd47d92336d5631cd2811fe0679d98b19db080
41b81c70a8db61d17efde93327e8ff002420b764b7e15322073e258cb499bc81
424bb50312a7bda2ea46dae4fdfa96d7da5aaf8ed4ff67f6f9dad505adafcf41
43d8848280c9ee08ea34ab6cfde5f048815bcfa9249b2eb7f1f2cf3f9effb930
45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
4a8ae4813a8c879c93419b0c36e3c48a12df46b3a90e4f1dfa438d6058b4919f
4c05737d1cc4b6e27ededf08c7f05146e3d93f92284dab7d962d2d9c03500061
4c42d25b217d0238ad491d1174be0b4e0ee1305e71185e817c0d4ec11a18685d
4d097a0116293da844fdeeaa11f41dd941e511e6df699ff2195e8499de8a42fd
4d30678d5e72b36305bab11a7d8d24d3fe23d7714031dd57c8d88c77b7ab9803
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
51b3c9d9127d7428daf3ca21e9144df48a301a63b5f71c64814bb2a1889926ec
51ec8a9af07a659ee548048f63d5a8124be94c229f42c9c689c625229b52da06
5367b985d0e7260be2ad1a7dcf0578da95c507ba93b57f0facb134374fd4da4f
53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
54665451fd7f53c941c588a0f92dc24d2aa8642afe8cf0ead5bdae54f6cfb95e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
54ac31540d0cc04994470e45f7f167649c2de8874d42ae215ec5bfc9a9fa64f3
5555ec1375f73bdb2d5df071a8dfb3d54d5f5081b10a5ac573e53fede97aea49
5616a6e1823b43919f7d1a33817cccfa1d9f30c9f10f2deb00d9c3671f91d5f0
580a1f41879a53e50cce789d9d9a00d031e95092e309fa6fd515bac787ac3dc3
58295361eb6d75ef292f1dc204a3f8be1f4a90bb186cd741db7773bc0a9856a2
5d2c6fd64b5e06203af55f4c7b0c35b98229a12158e60e3782c453f2e6ca6f3a
5f814e8fa453efc6c00d80a117bc0a62e9d59e1f4672931ffcd93662a5aae9be
5f91da25c24e6fb0fc2f6b18964b6bb696253b1d13fa9fa32ca8d27f60ec9fee
6356dab2c76e9e8b9b9fe33f36effc4b58d2268854e1f4d2609204c4752a765a
63e0d92c004d0b69862e33a9be0e74836872de8844f372fd1c401b80527045fa
63f01adeb450e4b95d0cf41a7bbbffe8f2d89e74b96d3cd962e1a73faa4c0cbf
6478f543c220b0ae26c3536bed75fb9d7beaa9e234618e42ad3eaee5580ad9da
656178f80f84a0d02f39eb8389c3a4fed4368b97f4fce6e99d05d856c9e89ff9
65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b
662c2c97092391ae013657013ee4e9e1ae67db8d008735ea5e03ae20fecd07ba
66692834201188242d64623d532248275efe2ba80101490c96bdce4160b78188
673428a5cfedba07da4750246d430dcf68958ddfe52e2f9528a797be23a67587
67b918f6a6f9afac9d50a4d5b5cac435f0ea4dffc2ed56c25555f198b60eefa8
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
67fbea157a5a4b567c7f5c5d3d7e49898b24886ef7918dab2a6cc43a301a4575
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
69d5bc71bfcac17012ba397dfded0ecfdc21ceeb32d4186291e4cb43b8e4351b
6aa6360b39fe982bd5f7cdf9bd09d2ea596614697679c98ad347111aab2b38dc
6ac5dc61ad3c547afd1e7eb3594daecd75ab2eda5e53a15c5fb52bb2c60ddd13
6b36889bd724c683ff092fa2b909a8752a9d505004410d3e404a308f2873b51e
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
6de22e7410801e46a717cbc8e490111cf960a8a979a626eb374a5a87eefe7f7a
7119729c08a3599e1a213fdbd7ca42c51fcb6ee585794c934913037aabced2ae
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
736b0ba18837307ec23656f5bf10b797ed1adb034d6c28edc3e6183aeaf3727a
769f2d03ab40735029ce1999b9e4cecd25c7b761e720abebd1e9eebe67e933fe
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d
7a05de7c3de0c9029a963830574fff9cc4a44e93f985d2f1aa2e680f211220af
7b38cd9405b29e24d3af2065e6770329f1cb345fe2f368698f68c31a95d48b1a
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5
7e16ea7c8a0aa74f90c2e41bd4e47b0ca2605022c84f6c0c0245e461774a994b
7e72826a8e96483432e7b075dd5f3280559ef6ba34b824b78c7446f590be3192
7ff87a9640536c9a8e2264a26090b2822f84c20808c0d974680928484d406ea1
801ffc320183425aad8f1d94a5b76c6cadb00703f12ccd83dd997cd941c520cd
80355a308910ef9d461fbf61a0076f7efa3a287a32249f3839628d3e1ebf56b8
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84dc67a69f8be0b3c0613864e267001711f3de5d47e3fad8d24411d51025ed0f
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8686abb6033571fa720501e82074d0f55db1eb166e601a045a7d99ce0b27a821
86da39d609467204bb0df4a7a85394cf09c82d9443cdfbf91b88932a8e1cbbf6
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
8875aeef737c004d6176c0c8f4ac2e11a5bead37ff39e52dc6c4c7c848f41439
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8f119dba685412744632c6a30361b35c8b9607cab6a6aa0c59fceb0b3f99b740
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
93ea87740a629b311148b644cb72d376ef82344939bc4d47acff4aa0719ad668
946b2d12e21fc05feee3677deb90a314dfea1899c8a9faa5fe60859e1807c777
95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7
97d812da07c2319e0e64c4137b33a5d3ccfb4c06fa5ab4444f522959e27a9ed0
986007c6e5ee35ac075b04c5eb0a766f9d5d744acb8f9e55122fd5aec690d94c
988a093acd61c060745afd46252dbf4dbced9adffeda3f27a0eaaeb397a163dc
9a32f0ac0146b1df81326bb8d809d7a9c54656df71a950cec47d85aea6b61981
9b740fc33c320c32f37ac69c8a49e3c8822ce660678814520069a3e7923c00e3
9c513eec67ecc7220fb8aeed063c869a5baa885f86ab1110f287c901c340e49a
9d94dd33376cb72c46adf34ec182798c1c0374cd6547f891bbe7b0b1316190e0
9eb8abd21cd55dccbf594f924fc021a47ad55572e0f621d5cb3fd587e9f668f8
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1b6b15645987e1fdcbb99f4bc155dd682c0a9c21d54535b105d0301061274b7
a1d3d178d986f78b59afeb8852053739a3aeb2da593ee37958949b071196be77
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a537d2bafd46996b3ca23da217a06e2c4dd9ac0c5f6d8b8010b0820df53890b3
a561596c61c00e1177647bf16d9c3657311e60304cc4f13bae903c9e806e4c75
a6c155333937ca4d6cfbeca26d3d9ff3f7034730496268134a118d75c26d2fd3
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
a8000d9e41e0673d3faa1c4a06d107ab3ca75557a15e55ef70eee79edfa5b55d
a92a9cd54fd072269ace6f56208502fac2fa2ceea167a09cd539f628b789d02c
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ab227ebdf30bbd3a5675a22cd849325c19c009cb3d5c821495440126697530bd
ac42fb5f97fc83828338609d785d23b7a9ad79ede0128f9be8f8bc373e6cb232
add3c3293a54e99376009fc1786f0c6bf83615d25637f7f2b98f944f5972a5b0
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af0b953fbbad22fc9d75012b31fb90ccb28c9dc583afdf89e6969d8737bc9175
af50123da38c80e4e0737f8316c4bcd4d68e0cbd2530f1e6fbbce7d4f78c32ea
b0d666dfc4416a7841e781a81cadb22a7937539a64f2a14432453b536bc213ad
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b501f167531ccff291237798a31b3d54862273b5d153affa5b80fdf9e8f83211
b5de679f41d5e07318bf721f4877d6320d3e351d6cfd58a00471854e2503d48c
b5ed0ea5ae2d150352120293b163c96db03e32d02f657a587ad7136724dd2a7f
b6458a29ee3ece5dfe1f568c9fbc935bd85c076510162ef82f79a1c76cf456eb
bd96d4a84fc2ddc19eb33881e92f98800a2c41c30fe86a95a0fbe566ff7c32d8
c0e2b85534746678d84586f3fcd8f214510990b44658d79e23c786b216f68ce9
c11b8dcfa4c928d4389ea15e6aaee31f46fa6c23745f66f0afdd7213b2f59eea
c16739b2471c717348631363c3a7fe6a49c381d846696168e6945a0f96781df4
c20f4e658ca4e7fae8204a198a8c770d19b8eb3e13cca4ddab9769f108173f88
c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
c8370a2d050359e9d505acc411e6f457a49b21360a21e6cbc9229bad3a767899
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cdbb929d9ca1e2ce7b2b4227a6e752b820a215a1e4a7e6bc56f943887210e2d7
cdd4eeeca2a2640b2fa20c90046b01f0ba18a28ccfece7037085297ff2e08daf
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d02db114f4715fed03653bb222f980b53b4ac200bc8586973fa80c465a4f812f
d058064008a1ba33d750f6219dabd5c75294c87288e050d9933b9e08fc60601e
d0f905875d084d23746c5d70106f64990d22fd7bcaf9e967c3ec57b95e18b954
d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b
d1e591b3dbf6a3062e13ac83cbcf2eb65821ef63b5c838241e60596fbfe11e32
d209ba59e4e7d29c1caca29059a29ac386feea796d23c1211331f8204f077276
d2d95cc0fd079280d10acc99338c3373ba61ccade60d59cd7a1b6ac7bc25a76e
d596666f7b9a5d90f9cb1e19cf50b7609e82e5e7aa24e662a835cb6f5b160f31
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d87022effcf025352d5bd7c7de2d267422ccd35e6a83276dcb0d0f31e610f514
d88253f5fa17497bfdc4546ccf644a8f954c7f2314e41f09354f70b2282e48ae
db0c9785208fdea5b092fda05366e44b3d9d76d6137de8dd5d1e29bfcac55ad6
db3dffc85b6581baa10848e51801980b5647706245ec186913c0a1b4232194c4
dbe61ec8a3efdcd039ec02f99bf9a0a66e1c2ef4831a8e45d12cb4c736709a8d
dc22f6861c419b751b500e95107c786cbf5cb2bfffd160707cb269fe4c22521d
ddb17b35aa0a1e43ca7fe01c87acdeba4a316699d65d87e5f9a08fe0bae69fc3
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
def6ab8798ab5146c8aa3a2329aa19a8b1246f1248173c11a58538ce0054c5fa
df7364a2023a3a39a1a85b0d626a358be73a6b0d4fe3267df12d560ada39d12d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e563dbcbc7c21b60675a5e8c70be5f359867cbc648b39ab952740244b23dae1b
e581acc738cba51dead610202c58d80a9ab824bbda760b8764d82d0cd5949015
e593d32d2b3c25b54c4632fc55d4c55cce4154e0bfaeb75883da07b742e762dc
e7033fd5df92bff5392cd7166aa9e02fbeb56cfdace1aef20f8ba4a04d5665bf
e751e48f4e7ea27901a50cce0a3e5b695ede7cab50058c4cc51c4a7435d02b7d
e7cd7469392be9dbe1eaeeab2225a4a50ee88909239b51e870a3f79d42e4e685
e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef50960ff4008e29ce90d5fbf828aafc92f1df70f59fb672fa3884fdd2017a5f
f0275273984e78ca6824c6944f8d8bebcb3d7e441fbab8ee380508c3991ef347
f1b84287f024bbd570be1f1bc70c321931025ffacde7b25210dcc1ccc0575591
f4f2d342a59cde989b1a0f70604169cc17169011d6c9fc5a02e87920b0629f31
f51c09f7389cdc5cfdbd249cc66f95f51480041e42da46e5adf088e7bea9a686
f7d30cf07998d5d7873869f69199d740f49e01fb0e1a1cf1976c7809913b3a1a
fa45f092c064a83a00c0f0de65558123699296d8e7c051968357a8a16fa9fb53
fb150bc6490c6ce800e6320e8ca958dd709e038a66aee125f2a768cca1d24436
fc184f96dd18794e204c41075a00923be7e8e568744231d74f2fdf8921f78d29