portalmanaus24h.com.br Open in urlscan Pro
2606:4700:3031::681c:1cef Public Scan

Go To Rescan
Add Verdict Report

URL:
https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
Submission: On December 02 via api (December 2nd 2020, 3:38:08 pm UTC) from BR

Summary HTTP 157 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 30 IPs in 7 countries across 29 domains to perform 157 HTTP transactions. The main IP is 2606:4700:3031::681c:1cef, located in United States and belongs to CLOUDFLARENET, US. The main domain is portalmanaus24h.com.br.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 11th 2020. Valid for: a year.

This is the only time portalmanaus24h.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	2606:4700:303... 2606:4700:3031::681c:1cef	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:a823	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 27	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a0b:4d07:101::1 2a0b:4d07:101::1	44239 (PROINITY ...) (PROINITY PROINITY)
13	104.19.136.78 104.19.136.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:817::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:819::2003	15169 (GOOGLE) (GOOGLE)
11	199.187.193.140 199.187.193.140	47043 (SMARTADSE...) (SMARTADSERVER)
2	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
14	216.58.206.2 216.58.206.2	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81a::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:816::2001	15169 (GOOGLE) (GOOGLE)
2 4	184.30.212.16 184.30.212.16	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	54.171.98.69 54.171.98.69	16509 (AMAZON-02) (AMAZON-02)
1	104.16.199.73 104.16.199.73	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.19.216.61 104.19.216.61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	52.28.88.30 52.28.88.30	16509 (AMAZON-02) (AMAZON-02)
1	198.148.27.139 198.148.27.139	19189 (PULSEPOINT) (PULSEPOINT)
3	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba29	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	2606:4700:303... 2606:4700:3033::ac43:9ff3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.16.200.58 104.16.200.58	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2.19.34.195 2.19.34.195	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	68.232.35.16 68.232.35.16	15133 (EDGECAST) (EDGECAST)
3	51.77.64.70 51.77.64.70	16276 (OVH) (OVH)
2	2606:4700::68... 2606:4700::6810:3f36	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
3	157.245.136.40 157.245.136.40	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	2606:4700:303... 2606:4700:3030::6812:3ff4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a0b:4d07:102::1 2a0b:4d07:102::1	44239 (PROINITY ...) (PROINITY PROINITY)
157	30

16 2606:4700:3031::681c:1cef (United States)

ASN13335 (CLOUDFLARENET, US)

portalmanaus24h.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a823 (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, DE)

cdn.simpleads.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 104.19.136.78 (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:817::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:819::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 199.187.193.140 (Canada)

ASN47043 (SMARTADSERVER, CA)

ads.simpleads.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 216.58.206.2 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s20-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:816::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 184.30.212.16 (Netherlands) 2 redirects

ASN20940 (AKAMAI-ASN1, EU)
PTR: a184-30-212-16.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.171.98.69 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-98-69.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.199.73 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.216.61 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.lentainform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.28.88.30 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-88-30.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:6c00::210:ba29 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

creatives.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:3033::ac43:9ff3 (United States)

ASN13335 (CLOUDFLARENET, US)

d.liquidadserver.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tracker.liquidadserver.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.200.58 (United States)

ASN13335 (CLOUDFLARENET, US)

pixel.yabidos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2.19.34.195 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-19-34-195.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.232.35.16 (United States)

ASN15133 (EDGECAST, US)

ced-ns.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.77.64.70 (Germany)

ASN16276 (OVH, FR)
PTR: de-fra-1.pro.ip-api.com

pro.ip-api.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:3f36 (United States)

ASN13335 (CLOUDFLARENET, US)

pre.glotgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

6917555d30d5e345f3bb0e98b837f77d.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b053f1d77208c5497fe1e9c9ae869bb2.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b8a3fa1f88cd0b45b8787eeb312feda2.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.245.136.40 (United States)

ASN14061 (DIGITALOCEAN-ASN, US)

delivery.liquidadserver.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3030::6812:3ff4 (United States)

ASN13335 (CLOUDFLARENET, US)

tracker.liquidadserver.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a0b:4d07:102::1 (Switzerland)

ASN44239 (PROINITY PROINITY, DE)

lqdads-7405.kxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com 6917555d30d5e345f3bb0e98b837f77d.safeframe.googlesyndication.com b053f1d77208c5497fe1e9c9ae869bb2.safeframe.googlesyndication.com b8a3fa1f88cd0b45b8787eeb312feda2.safeframe.googlesyndication.com	180 KB
18	doubleclick.net 1 redirects googleads.g.doubleclick.net cm.g.doubleclick.net securepubads.g.doubleclick.net	352 KB
16	portalmanaus24h.com.br portalmanaus24h.com.br	430 KB
14	gstatic.com fonts.gstatic.com	144 KB
13	mgid.com jsc.mgid.com cdn.mgid.com servicer.mgid.com cm.mgid.com s-img.mgid.com c.mgid.com	115 KB
12	liquidadserver.com.br d.liquidadserver.com.br delivery.liquidadserver.com.br tracker.liquidadserver.com.br	172 KB
12	simpleads.com.br cdn.simpleads.com.br ads.simpleads.com.br	32 KB
9	scorecardresearch.com sb.scorecardresearch.com	6 KB
5	googletagservices.com www.googletagservices.com	140 KB
4	sascdn.com creatives.sascdn.com ced-ns.sascdn.com	14 KB
4	rubiconproject.com 2 redirects secure-assets.rubiconproject.com eus.rubiconproject.com	572 B
4	google.com adservice.google.com	554 B
3	kxcdn.com lqdads-7405.kxcdn.com	2 KB
3	google.fr adservice.google.fr	427 B
3	ip-api.com pro.ip-api.com	1 KB
3	googleapis.com fonts.googleapis.com	3 KB
2	glotgrx.com pre.glotgrx.com	560 B
2	yabidos.com pixel.yabidos.com	25 KB
2	google-analytics.com www.google-analytics.com	18 KB
2	googletagmanager.com www.googletagmanager.com	66 KB
2	facebook.net connect.facebook.net	61 KB
1	contextweb.com bh.contextweb.com	406 B
1	bidswitch.net 1 redirects x.bidswitch.net	216 B
1	lentainform.com cm.lentainform.com	288 B
1	idealmedia.io cm.idealmedia.io	285 B
1	adsrvr.org 1 redirects match.adsrvr.org	474 B
1	google.de adservice.google.de	169 B
1	googleadservices.com partner.googleadservices.com	269 B
1	cloudflare.com ajax.cloudflare.com	4 KB
157	29

	Domain	Requested by
16	portalmanaus24h.com.br	portalmanaus24h.com.br ajax.cloudflare.com
14	fonts.gstatic.com	fonts.googleapis.com
13	securepubads.g.doubleclick.net	creatives.sascdn.com securepubads.g.doubleclick.net portalmanaus24h.com.br
11	ads.simpleads.com.br	cdn.simpleads.com.br ads.simpleads.com.br
10	pagead2.googlesyndication.com	ajax.cloudflare.com pagead2.googlesyndication.com securepubads.g.doubleclick.net
9	sb.scorecardresearch.com	portalmanaus24h.com.br creatives.sascdn.com
8	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com securepubads.g.doubleclick.net
6	tracker.liquidadserver.com.br	d.liquidadserver.com.br portalmanaus24h.com.br
5	www.googletagservices.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
4	s-img.mgid.com
4	cm.mgid.com	jsc.mgid.com
4	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com
3	lqdads-7405.kxcdn.com	d.liquidadserver.com.br
3	delivery.liquidadserver.com.br	d.liquidadserver.com.br
3	adservice.google.fr	securepubads.g.doubleclick.net
3	pro.ip-api.com	d.liquidadserver.com.br
3	d.liquidadserver.com.br	ads.simpleads.com.br
3	creatives.sascdn.com	ads.simpleads.com.br
3	fonts.googleapis.com	portalmanaus24h.com.br
2	pre.glotgrx.com
2	pixel.yabidos.com	ads.simpleads.com.br pixel.yabidos.com
2	eus.rubiconproject.com	cm.mgid.com ads.simpleads.com.br
2	secure-assets.rubiconproject.com	2 redirects
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	cdn.mgid.com	jsc.mgid.com
2	www.googletagmanager.com	ajax.cloudflare.com cdn.simpleads.com.br
2	connect.facebook.net	ajax.cloudflare.com connect.facebook.net
1	c.mgid.com
1	b8a3fa1f88cd0b45b8787eeb312feda2.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	b053f1d77208c5497fe1e9c9ae869bb2.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	6917555d30d5e345f3bb0e98b837f77d.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	ced-ns.sascdn.com
1	bh.contextweb.com
1	x.bidswitch.net	1 redirects
1	cm.lentainform.com
1	cm.g.doubleclick.net	1 redirects
1	cm.idealmedia.io
1	match.adsrvr.org	1 redirects
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	servicer.mgid.com	jsc.mgid.com
1	jsc.mgid.com	ajax.cloudflare.com
1	cdn.simpleads.com.br	ajax.cloudflare.com
1	ajax.cloudflare.com	portalmanaus24h.com.br
157	45

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
www.youtube.com
widgets.mgid.com
www.mgid.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-11` - `2021-07-11`	a year	crt.sh
ajax.cloudflare.com DigiCert ECC Secure Server CA	`2020-08-11` - `2022-08-16`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-11-02` - `2021-01-30`	3 months	crt.sh
cdn.simpleads.com.br Sectigo RSA Domain Validation Secure Server CA	`2020-04-27` - `2022-07-26`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
ads.simpleads.com.br Sectigo RSA Domain Validation Secure Server CA	`2019-02-08` - `2021-02-07`	2 years	crt.sh
*.googleadservices.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-02-13` - `2021-02-17`	2 years	crt.sh
*.contextweb.com DigiCert SHA2 Secure Server CA	`2020-05-07` - `2022-05-12`	2 years	crt.sh
*.sascdn.com DigiCert Secure Site ECC CA-1	`2020-10-14` - `2021-11-11`	a year	crt.sh
sb.scorecardresearch.com DigiCert Secure Site ECC CA-1	`2020-07-17` - `2021-06-02`	a year	crt.sh
*.ip-api.com Sectigo RSA Domain Validation Secure Server CA	`2019-11-05` - `2021-11-04`	2 years	crt.sh
*.glotgrx.com Go Daddy Secure Certificate Authority - G2	`2019-11-13` - `2021-01-12`	a year	crt.sh
*.google.fr GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
delivery.liquidadserver.com.br Let's Encrypt Authority X3	`2020-09-12` - `2020-12-11`	3 months	crt.sh
*.kxcdn.com Thawte RSA CA 2018	`2019-07-04` - `2021-09-01`	2 years	crt.sh

This page contains 20 frames:

Primary Page: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
Frame ID: B5D94E5F0873DEBCCECD9B9EFCCC17E4
Requests: 87 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201112/r20190131/zrt_lookup.html
Frame ID: D2BCF7B21B79912A02B0765C79C4A984
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3689238491183238&output=html&h=90&slotname=8009966046&adk=2207777445&adf=1952787757&pi=t.ma~as.8009966046&w=728&lmt=1606923472&psa=1&format=728x90&url=https%3A%2F%2Fportalmanaus24h.com.br%2FTG88IMVETCSA%2Facesso.php&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1606923471808&bpp=16&bdt=2636&idt=165&shv=r20201112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db40ab5ff96f06213%3AT%3D1606923469%3AS%3DALNI_Mb2NkmIBKVFQkFfV3Awux-NK4gMpQ&correlator=7458064389988&frm=20&pv=2&ga_vid=35848103.1606923472&ga_sid=1606923472&ga_hid=420138166&ga_fc=0&iag=0&icsg=197296304&dssz=28&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1426&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=87754325845791&pem=441&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=WrDrH8Xddb&p=https%3A//portalmanaus24h.com.br&dtd=209
Frame ID: D24533EEDBCF58DBF8988074DECEC9C6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3689238491183238&output=html&h=280&adk=38579086&adf=1283080809&pi=t.aa~a.1117277066~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1606923472&rafmt=1&to=qs&pwprc=6305729440&psa=1&format=1200x280&url=https%3A%2F%2Fportalmanaus24h.com.br%2FTG88IMVETCSA%2Facesso.php&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1606923471829&bpp=3&bdt=2657&idt=208&shv=r20201112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db40ab5ff96f06213%3AT%3D1606923469%3AS%3DALNI_Mb2NkmIBKVFQkFfV3Awux-NK4gMpQ&prev_fmts=728x90&correlator=7458064389988&frm=20&pv=1&ga_vid=35848103.1606923472&ga_sid=1606923472&ga_hid=420138166&ga_fc=0&iag=0&icsg=34557034672&dssz=29&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=98&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=87754325845791&pem=441&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=jhHKZJ66e8&p=https%3A//portalmanaus24h.com.br&dtd=215
Frame ID: 3DC7D7524FC491B8C30CF1ED52A6E270
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3689238491183238&output=html&adk=1309800647&adf=4848473&lmt=1606923472&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fportalmanaus24h.com.br%2FTG88IMVETCSA%2Facesso.php&ea=0&flash=0&pra=7&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1606923471829&bpp=3&bdt=2656&idt=252&shv=r20201112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db40ab5ff96f06213%3AT%3D1606923469%3AS%3DALNI_Mb2NkmIBKVFQkFfV3Awux-NK4gMpQ&prev_fmts=728x90%2C1200x280&nras=1&correlator=7458064389988&frm=20&pv=1&ga_vid=35848103.1606923472&ga_sid=1606923472&ga_hid=420138166&ga_fc=0&iag=0&icsg=138228138690&dssz=30&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=87754325845791&pem=441&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&dtd=265
Frame ID: E902924C9DBE826D96FAAC6D481B453F
Requests: 1 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1606923472113171304133
Frame ID: 2886CC5095CAE0CD3D964796D3F82B71
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: C1A9E81DD1B625BE9AAD40DA9AEBAB1F
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Frame ID: E2C5AD6919BFA399B3D1771FF55AD7D4
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=us-east
Frame ID: 493930EAB33C9C48ED28216EA657BB0F
Requests: 1 HTTP requests in this frame

Frame: https://d.liquidadserver.com.br/tags
Frame ID: A112A333E2FB8951EB294697AC7D3A1B
Requests: 6 HTTP requests in this frame

Frame: https://d.liquidadserver.com.br/tags
Frame ID: 8A1D9B94011EB1E49B4DA2E34F3B694C
Requests: 6 HTTP requests in this frame

Frame: https://d.liquidadserver.com.br/tags
Frame ID: 8E35FA697DB1E915CE539A4BCDE389BF
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 0A7FC799BB32D33681BE81C3F106F165
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 996C0B262F6A49D5D5F02652057BD4A0
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 9AC2BE87696C741E8D69AEEC634E5EF6
Requests: 12 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvUaE-vgllBUB42JMnCLiUxoRWFbCiv2Vt_S7L8nRnQScvZ4Kp2cfEYWkjoMhXzFlDWZXNTw5ovrtLeUlrgSdnjnEvjPDjtSwRS7pXOlEyf5Off3Pt7H2l9mIRDIb7hWmfDaDjba06GJom0Cvjyep2EvCIUa56DKJ73pu5XAMfVfM30kGH8kp1lDOUDLL77_AOnPKRGs0SQmlGOzLJjq73y-pOPcnruxmvCO4ezE0AAEXW-Zleu9ZOFPZaigmpXsOj3kv1x5qWAIbSkIrJneYd-z-XZfgUq_igYaA9Q58vOutXiZwSZfJiCKZoWlGNh-V4fmSI&sig=Cg0ArKJSzJ7c-2DhylPtEAE&urlfix=1&adurl=
Frame ID: 676078B189D8984229E64B11EA3C8468
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssgcBmMwRZHdttjyW1Lu5MCD-bo2voDohj7MckR-4KInBXlvOkmGbrUnbdjMGmoM9gMPdFknmEKGgdDre4r-KP9jyVCZfNcoiHqPW5RmlyXOagaHUEyvtFaSs9P8t5Pr6U8rQ0XVeJ8-3eE_IjIM3lGazWQFMTRYqjofPp0SyDXfrm8VW7W0y-nBDSsHaOtaqnQDgafshi6VM9-KAt7RkPVHJDUMuDaGpXKmvZi89b99WQimwWV3SKP8lnWfrJZ8TLHj0EpIsPai8R_rUg4-r-yQn24GrafILMOyjhypf4&sig=Cg0ArKJSzC7MPiMw_XvGEAE&urlfix=1&adurl=
Frame ID: E242BAC641882E212CEA29E61FD98974
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: C0E5ED9A2ED97171B7AE9E8D3CFB1EC8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: 7EE2E5E8A8D5F1B5A0FE87A7D118FCAE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: 1C275200AC83404A5EB1F4792C89D84D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i
headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

157
Requests

100 %
HTTPS

55 %
IPv6

29
Domains

45
Subdomains

30
IPs

7
Countries

1769 kB
Transfer

5221 kB
Size

3
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/portalmanaus24h
Title:

Search URL Search Domain Scan URL

URL: https://www.instagram.com/portalmanaus24h/
Title:

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCw6yPx7ZXiDwdb1aVejW93A?view_as=subscriber
Title:

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=portalmanaus24h.com.br&utm_medium=referral&utm_campaign=widgets&utm_content=1037079

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/5523139/i/57371692/0/pp/1/1?h=rudB3lDmAbcn3sc1MvtU3H8vHJ7iiG0B-alCPuORMvw4JjtG6aft9CZSIsgB2FK_&rid=56c5fecd-34b4-11eb-a85d-d094662c24f7&tt=Direct&cpm=1&gbpp=1&iv=11&muid=kb2LN5KYAgB7

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/3944304/i/57371692/0/pp/2/1?h=rudB3lDmAbcn3sc1MvtU3LIMJ5uTVz5C-XRiTfFhLXR5Wid6JHNgcrU8cG5EoiKg&rid=56c5fecd-34b4-11eb-a85d-d094662c24f7&tt=Direct&cpm=1&gbpp=1&iv=11&muid=kb2LN5KYAgB7

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/3805489/i/57371692/0/pp/3/1?h=rudB3lDmAbcn3sc1MvtU3O3pS0ev-VWxO8dIC-ZHptRPLqKTYDzqFMB3bDWdk13L&rid=56c5fecd-34b4-11eb-a85d-d094662c24f7&tt=Direct&cpm=1&gbpp=1&iv=11&muid=kb2LN5KYAgB7

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/3866389/i/57371692/0/pp/4/1?h=rudB3lDmAbcn3sc1MvtU3GOhXS9WWJios-nIdaJuFT-FlImJ4x2pFCOVxUDygI8B&rid=56c5fecd-34b4-11eb-a85d-d094662c24f7&tt=Direct&cpm=1&iv=11&muid=kb2LN5KYAgB7

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 67

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

Request Chain 68

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://cm.mgid.com/m?cdsp=371158&c=ed5d227b-b953-4394-846a-520b6fb966a9&ttl=1609515472

Request Chain 70

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=a2IyTDZGQ1Z0RkI3&muidn=kb2L6FCVtFB7 HTTP 302
https://cm.mgid.com/google?muidn=kb2L6FCVtFB7&google_ula={guid},5&google_gid=CAESEG4ldnnrN5n6DNJBKmsQdtg&google_cver=1

Request Chain 72

https://x.bidswitch.net/sync?dsp_id=303&user_id=kb2L6FCVtFB7 HTTP 302
https://bh.contextweb.com/bh/rtset?do=add&pid=556010&ev=ab790b0f-0cfc-460c-82a0-eea33c1cee8f

Request Chain 82

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=us-east

157 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 404 Primary Request acesso.php Show response
portalmanaus24h.com.br/TG88IMVETCSA/ 56 KB
9 KB 1304ms
1304ms Document
text/html 2606:4700:3031::681c:1cef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:1cef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.11
Resource Hash: 6be5a031e2a8c35b1f76f30139d9cd5b3cd3f3d78adc8521fecd336f44df5b2b

Request headers

:method: GET
:authority: portalmanaus24h.com.br
:scheme: https
:path: /TG88IMVETCSA/acesso.php
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:37:49 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d0f43b267ea5b875e293435476cc8bf321606923467; expires=Fri, 01-Jan-21 15:37:47 GMT; path=/; domain=.portalmanaus24h.com.br; HttpOnly; SameSite=Lax; Secure
x-powered-by: PHP/7.4.11
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://portalmanaus24h.com.br/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache: hit
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
cf-request-id: 06c5b3545b000005bfaaa8b000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pkvZw50w5Jg0giTcgj0q0Gqff2hOTl04%2FVOieZtehW6Nn%2BG1dC1XnSSvYqIAeTFU6At0SEHB378boXNqmD5%2Fzp20irTVPV3Dfpz11nEiLlZ7GZTJ1CiDyzjRbsN0owtbqNFt"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5fb6219a2f2505bf-FRA
content-encoding: br

GET
H2 200 2a454.css
portalmanaus24h.com.br/wp-content/litespeed/cssjs/ 1 MB
106 KB 2245ms
2244ms Stylesheet
text/css 2606:4700:3031::681c:1cef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portalmanaus24h.com.br/wp-content/litespeed/cssjs/2a454.css?c20a0
Requested by: Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:1cef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53bbf52c8b5b0fa61fc6c1ef85aa01a2b68be0fdce8c963d273ce394f596b926

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:37:51 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
cf-request-id: 06c5b3597c000005bf60239000000001
last-modified: Wed, 02 Dec 2020 15:25:36 GMT
server: cloudflare
etag: W/"108029-5fc7b1f0-c285d9a00768c120;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mVK%2FD8nzWN%2BBc0D57R2YHCMOo8MMKxEnvIO9QV9HeFThgwTs7cw0g4yHvvwLSJeS1fMjJBja8xA9oOUYjsVDwkG9p7RhXfjxlKWEKj%2FBSTqeLTOodpkmNiOD1ZDa11Og9%2BoF"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 5fb621a25b1f05bf-FRA
expires: Thu, 02 Dec 2021 21:37:50 GMT

GET
H2 200 logo-portal-200-x-50.jpg
portalmanaus24h.com.br/wp-content/uploads/2020/11/ 7 KB
7 KB 15ms
14ms Image
image/jpeg 2606:4700:3031::681c:1cef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalmanaus24h.com.br/wp-content/uploads/2020/11/logo-portal-200-x-50.jpg
Requested by: Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:1cef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fdc103f9663010ea930ca029351019e0af082d32eb3a7f729fb69bc2ec232238

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:37:49 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 129751
content-length: 6865
cf-request-id: 06c5b3597d000005bf5c01e000000001
last-modified: Wed, 04 Nov 2020 16:12:10 GMT
server: cloudflare
etag: "1ad1-5fa2d2da-c463a7f6523411b4;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UAhC%2BIB3pCakp035tWFAWew1wvFYGtkzQaognaRSG27dirghU%2FdGp8b%2Fv2FKVsxykVMtTTk8lICMnP09v15u6OYe%2Fd6cVDKYeBgoZSSN36YbMNvi%2BsfdS%2F2cxqZVezyBR6op"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 5fb621a26b2705bf-FRA
expires: Wed, 01 Dec 2021 09:35:18 GMT

GET
H2 200 email-decode.min.js Show response
portalmanaus24h.com.br/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 9ms
8ms Script
application/javascript 2606:4700:3031::681c:1cef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portalmanaus24h.com.br/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::681c:1cef , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:37:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
cf-request-id: 06c5b3597d000005bf891e3000000001
last-modified: Tue, 24 Nov 2020 15:06:25 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"5fbd2171-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=h9hEOvChwfbVNqQRLfEmwioxCehb%2F5CcLA5%2F%2FbPRAoYWI9eBXCZNN00CIezKUxVLZ9ZcVfmgHRsIdXlmnPB66MgCzhcDg63KC7UKn4kCTX3GCJe%2BM8D8ud%2Fhz4NqftG9wThr"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 5fb621a26b2805bf-FRA
expires: Fri, 04 Dec 2020 15:37:49 GMT

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ 12 KB
4 KB 26ms
25ms Script
application/javascript 2606:4700::6810:a823
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Requested by

Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a823 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:37:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-request-id: 06c5b359810000c2b812353000000001
last-modified: Tue, 24 Nov 2020 15:06:25 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"5fbd2171-3016"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Iej8Yqb3FLa6lZNXzH7SB4WVhfkavotMHFZtLiyYXKiuN%2Fh3WpxLDrAR0IzkIASk5578HXaZYM2ewRQiuFOVmFdltPq1tNWz25NH567dLeVUY0bA6SFqFSVRV7bELbuJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 5fb621a25ea6c2b8-FRA
expires: Fri, 04 Dec 2020 15:37:49 GMT

GET
DATA 200
OK truncated
/ 114 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 069e2abed69e2efcd6930c0615ae8c32c1cb9f76e6e9ffae45495bc6759a3f95

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 101 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c9a612722eed86936463bc8772a9d4509e0c24f22485221beaa583a60079fef2

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 0b1c9.js Show response
portalmanaus24h.com.br/wp-content/litespeed/cssjs/ 315 KB
69 KB 23ms
21ms Script
application/x-javascript 2606:4700:3031::681c:1cef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portalmanaus24h.com.br/wp-content/litespeed/cssjs/0b1c9.js?28cd2
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:1cef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4b814a0e6838c13703ff30b18c890ed768ccd67432553ff953d83b3d589db73

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:37:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 32766
cf-polished: origSize=322212
cf-bgj: minify
cf-request-id: 06c5b36267000005bf6035f000000001
last-modified: Wed, 02 Dec 2020 04:39:08 GMT
server: cloudflare
etag: W/"4eaa4-5fc71a6c-57061f13d7c68fad;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ze8nMKRngUZlR%2BgX6ekLZKzRzgLPYNuCNqJaBw4h8WAUVVSaIx6H1lPMSsDAU%2FULjfkACKZeSK2UsYYJpeub9xAWzw0gXt7xbkFtonOLXlXsVvHmoXrDCvKkTIoYyc%2BXg99T"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 5fb621b0ae3105bf-FRA
expires: Thu, 02 Dec 2021 12:31:45 GMT

GET
H3-Q050 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 129 KB
44 KB 25ms
23ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b18ad37f9a3ede082154d3a0f80e096ac44f72407b07c2530a9cbe20b52d0253

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:37:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 45265
x-xss-protection: 0
server: cafe
etag: 4631651015791465471
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 02 Dec 2020 15:37:51 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/pt_BR/ 3 KB
2 KB 8ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pt_BR/sdk.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

21906f4f635a0b8968a9087c803b2714e7ed2ed818ce61276b4fab8da3f1b82d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://portalmanaus24h.com.br
Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: iORQn1/O2PG0omfDfvmNQA==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1781
etag: "30ecbacb6c19b5aaeb8b47c3bf665bd9"
x-fb-debug: RQ8N8GNTUfS5rrYvvixEnIIppXoQp5uITb74jqzsK4Tl6wLC9UYRgIqreEvamUeTgAkOeurIh7RZzZ9tEahuVA==
x-fb-trip-id: 664085054
x-fb-content-md5: fa776745e663dccec0c767d6207e6f49
x-frame-options: DENY
date: Wed, 02 Dec 2020 15:37:51 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 02 Dec 2020 15:51:18 GMT

GET
H2 200 show.js Show response
cdn.simpleads.com.br/v2/s321679/p1144737/ 3 KB
2 KB 8ms
5ms Script
application/x-javascript 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.simpleads.com.br/v2/s321679/p1144737/show.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, DE),

Reverse DNS

Software

keycdn-engine / PHP/5.6.29

Resource Hash

6c41e176a52cd84ddb4efe26b8745ad6e9e0bbb520c9236126747a7ef118ea61

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:37:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-edge-location: defr
x-powered-by: PHP/5.6.29
x-cache: HIT
content-length: 1487
x-shield: active
server: keycdn-engine
etag: "16588bd9df4256d00eaf8c21f90747f4-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
link: <http://tag.simpleads.com.br/v2/s321679/p1144737/show.js>; rel="canonical"
expires: Wed, 02 Dec 2020 16:37:51 GMT

GET
H2 200 portalmanaus24h.com.br.1037079.js Show response
jsc.mgid.com/p/o/ 208 KB
55 KB 32ms
30ms Script
text/javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/p/o/portalmanaus24h.com.br.1037079.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e862cd0cae842403ff5218ffefaaa5f16f43918776e8fc476d5e799f83173845

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:37:51 GMT
content-encoding: br
cf-cache-status: HIT
age: 118
cf-polished: origSize=213131
last-modified: Mon, 23 Nov 2020 11:07:38 GMT
x-amz-request-id: 822C6FC023BCA5DC
x-amz-id-2: aeifAkBBSAGB6x9QljYGCAWJrwrkIvEhynMQnAUZgPPtUauXNPnKeZJG3PZ5/SO9aJKfxVjJ940=
cf-bgj: minify
server: cloudflare
etag: W/"d4ce96bfbfcd049163f9b45f5000cad1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-request-id: 06c5b3626c000032c2ca3a8000000001
cf-ray: 5fb621b0ac6432c2-CDG
expires: Wed, 02 Dec 2020 18:37:51 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 17ms
15ms Script
application/javascript 2a00:1450:4001:817::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-184185299-1

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8ca12b603338491dae016804e4971ee30b1838fedb2c7ee1a54023e8ae6d2756

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:37:51 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38695
x-xss-protection: 0
last-modified: Wed, 02 Dec 2020 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 02 Dec 2020 15:37:51 GMT

GET
H2 200 jquery.js Show response
portalmanaus24h.com.br/wp-includes/js/jquery/ 95 KB
32 KB 17ms
16ms Script
application/x-javascript 2606:4700:3031::681c:1cef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portalmanaus24h.com.br/wp-includes/js/jquery/jquery.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:1cef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:37:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 282070
cf-polished: origSize=96873
cf-bgj: minify
cf-request-id: 06c5b36269000005bf8399d000000001
last-modified: Wed, 04 Nov 2020 14:05:22 GMT
server: cloudflare
etag: W/"17a69-5fa2b522-4a0f1b1f2e607d36;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SRN%2FYXA1lPpbhdICawsy1e3lH1JEcutHSSEPHDIxZyTaZ2DML5mRddZbltN%2B1If39xX%2BbCx94i0FGDmvsqRkAsdAndQwvFA8el0vRm1nnYBPW%2BnpVdvLrEL9jeOiMDYc6Y16"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 5fb621b0ae3505bf-FRA
expires: Mon, 29 Nov 2021 15:16:41 GMT

GET
H2 200 webfontloader.min.js Show response
portalmanaus24h.com.br/wp-content/plugins/litespeed-cache/assets/js/ 12 KB
5 KB 13ms
12ms Script
application/x-javascript 2606:4700:3031::681c:1cef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portalmanaus24h.com.br/wp-content/plugins/litespeed-cache/assets/js/webfontloader.min.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:1cef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f58202a14e2dcb4c672d6e9f0881ddc2b4e88225a97aadd940400a7377ee02d

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:37:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 176049
cf-request-id: 06c5b36268000005bf6a2a8000000001
last-modified: Wed, 04 Nov 2020 14:05:50 GMT
server: cloudflare
etag: W/"2f42-5fa2b53e-5975bb5f335f005e;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UmQtc0UGijVzpJYPyOOq2AROGRq5R9p90RH47hlCreuFh8fatYJOs8Cio29akP74qkr72t9m8Cxt0nTyVOu2eTP1XA3cDWc4c%2BrSf6FvrY74FiVrjXMQhYo8LfBhhTCGwVfe"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 5fb621b0ae3605bf-FRA
expires: Tue, 30 Nov 2021 20:43:42 GMT

GET
H2 200 teatro-amazonas-Copia-300x225.jpg
portalmanaus24h.com.br/wp-content/uploads/2020/11/ 9 KB
10 KB 12ms
11ms Image
image/jpeg 2606:4700:3031::681c:1cef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalmanaus24h.com.br/wp-content/uploads/2020/11/teatro-amazonas-Copia-300x225.jpg
Requested by: Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/wp-content/litespeed/cssjs/2a454.css?c20a0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:1cef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0ff1c8d8961ef788b3f734e18eebe6a543b703871e2872baa34a5e31b9f7c5b

Request headers

Referer: https://portalmanaus24h.com.br/wp-content/litespeed/cssjs/2a454.css?c20a0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:37:51 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 129750
content-length: 9627
cf-request-id: 06c5b3626f000005bfbf087000000001
last-modified: Wed, 04 Nov 2020 16:26:57 GMT
server: cloudflare
etag: "259b-5fa2d651-c4603b825ee32933;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=oJDbA7tiI9O5akf3JV8vuviA7qNGd%2BKrXcsFgOglZJkKIRnfka2%2Fnn5oQ1z7Bl%2B59W1hwEkYcgltEJ%2BrYofz9eCSNamy3IbACfyf86MK4bczegEtVD4FtVMaQLYADWfBYlbo"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 5fb621b0be4d05bf-FRA
expires: Wed, 01 Dec 2021 09:35:21 GMT

GET
H2 200 newspaper.woff
portalmanaus24h.com.br/wp-content/themes/Newspaper/images/icons/ 122 KB
67 KB 20ms
20ms Font
application/font-woff 2606:4700:3031::681c:1cef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portalmanaus24h.com.br/wp-content/themes/Newspaper/images/icons/newspaper.woff?19
Requested by: Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/wp-content/litespeed/cssjs/2a454.css?c20a0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:1cef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb07a5e06c489409f52896aacd9783ac93c4656fb4863aad19b0600cf0081f07

Request headers

Origin: https://portalmanaus24h.com.br
Referer: https://portalmanaus24h.com.br/wp-content/litespeed/cssjs/2a454.css?c20a0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:37:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 225486
cf-request-id: 06c5b36270000005bfd09b0000000001
last-modified: Wed, 04 Nov 2020 14:06:50 GMT
server: cloudflare
etag: W/"1e8ec-5fa2b57a-cc7a1c15277c6427;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vgpUAmEw4P6d5GTvoB8gQvkotu93YS3BA6iN%2BliYPRdvaXpf005xxkzSxLE%2BMLhuwZgWkLWnYK%2FUN9qpRvtKwB%2F%2F91ZBZ30jTl%2BU%2Bqw0t6VxVYonO1umsEncl8pDDcLmimHQ"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 5fb621b0be5305bf-FRA
expires: Tue, 30 Nov 2021 06:59:45 GMT

GET
H2 200 css
fonts.googleapis.com/ 22 KB
1 KB 15ms
14ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Requested by

Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

297b33ba930feb975c6869804a999ec114c2235b151d019e4e844902f3ce41c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 02 Dec 2020 13:40:46 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
date: Wed, 02 Dec 2020 15:37:51 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Wed, 02 Dec 2020 15:37:51 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
622 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cf7a2b3976c3af63dc2bca70cc5625a26341f19b1ccd484feddf076df895ed58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 02 Dec 2020 14:53:20 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
date: Wed, 02 Dec 2020 15:37:51 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Wed, 02 Dec 2020 15:37:51 GMT

GET
H2 200 ByMGID.svg
cdn.mgid.com/images/logos/ 2 KB
1 KB 24ms
23ms Image
image/svg+xml 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/ByMGID.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aae80a8125affd8e33409d76e77ae2918d62c2028ee68e0d9fd6093d41ca0aad

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:37:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 07 May 2020 09:36:25 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1588844166/ctime:1588844166/gid:0/gname:root/md5:17534e4d893e6f9d5f70f8483530ae6e/mode:33206/mtime:1588844166/uid:0/uname:root
age: 6546
etag: W/"17534e4d893e6f9d5f70f8483530ae6e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-id-2: 5KTvy9umK7Q9q7ayYfRhARbIRy2XVYo4Q/XpLliaGD20EGMrNCeynM9vzhfKBPhTvzrfw18tEFk=
content-type: image/svg+xml
cf-ray: 5fb621b2bada32c2-CDG
x-amz-request-id: EDD0957952C83C96
cf-request-id: 06c5b363af000032c2a4085000000001

GET
DATA 200
OK truncated
/ 138 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d98d7a81b2cc1e6b36d75db78826771fed2ddbe50ab593bea89ba19d6e6f7cb4

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/ 231 KB
87 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad7386d16a056df5c235702a97a5fa4cee68e302d71041aa35df96151f756f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:37:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 88601
x-xss-protection: 0
server: cafe
etag: 4353532171737760018
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Dec 2020 15:37:51 GMT

GET
H3-Q050 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201112/r20190131/ Frame D2BC 0
0 7ms
6ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20201112/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20201112/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnCfUbtNvNxWQCEGndYp5hS6RPw9m8ljbd3bBiBFuu_Lxf9orsE0eju4BTP
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 02 Dec 2020 00:54:53 GMT
expires: Wed, 16 Dec 2020 00:54:53 GMT
content-type: text/html; charset=UTF-8
etag: 5228831996244654541
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4745
x-xss-protection: 0
age: 52978
cache-control: public, max-age=1209600
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 css
fonts.googleapis.com/ 16 KB
1 KB 16ms
15ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,300%7CRoboto:400,500,700,300

Requested by

Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/wp-content/plugins/litespeed-cache/assets/js/webfontloader.min.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2c13dd9e31b7964d80c340e7f9891b2f35cee30f4f5c673536ac662ed500f591

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 02 Dec 2020 15:37:51 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
date: Wed, 02 Dec 2020 15:37:51 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Wed, 02 Dec 2020 15:37:51 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://portalmanaus24h.com.br
Referer: https://fonts.googleapis.com/css?family=Open+Sans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 06:47:05 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:28 GMT
server: sffe
age: 31846
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Thu, 02 Dec 2021 06:47:05 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://portalmanaus24h.com.br
Referer: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 26 Nov 2020 12:08:16 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 530975
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11056
x-xss-protection: 0
expires: Fri, 26 Nov 2021 12:08:16 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://portalmanaus24h.com.br
Referer: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 30 Nov 2020 23:06:16 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 145895
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Tue, 30 Nov 2021 23:06:16 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://portalmanaus24h.com.br
Referer: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 17:20:25 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 80246
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Wed, 01 Dec 2021 17:20:25 GMT

GET
H3-Q050 200 KFOkCnqEu92Fr1Mu51xIIzIXKMny.woff2
fonts.gstatic.com/s/roboto/v20/ 12 KB
12 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOkCnqEu92Fr1Mu51xIIzIXKMny.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3be0a916496d7936bb83ce60a4de9f10ef400f16c38e7dd7c65449c795e7739b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://portalmanaus24h.com.br
Referer: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 26 Nov 2020 09:05:50 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:19:00 GMT
server: sffe
age: 541921
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12680
x-xss-protection: 0
expires: Fri, 26 Nov 2021 09:05:50 GMT

GET
H2 200 1 Show response
servicer.mgid.com/1037079/ 3 KB
2 KB 80ms
80ms Script
application/x-javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/1037079/1?w=1600&h=406&cols=2&pv=5&cbuster=1606923471905510535259&niet=4g&nisd=false&ref=&cxurl=https%3A%2F%2Fportalmanaus24h.com.br%2FTG88IMVETCSA%2Facesso.php&lu=https%3A%2F%2Fportalmanaus24h.com.br%2FTG88IMVETCSA%2Facesso.php&pageView=1&pvid=176241a4c22b751ae6f&implVersion=11&dpr=1&muid=kb2LN5KYAgB7
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/o/portalmanaus24h.com.br.1037079.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28b4a4552abaa94aa364c05cadb542a998c6fdc6a339997b49b26d4a5edcf296

Request headers

Referer: https://portalmanaus24h.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Dec 2020 15:37:51 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5fb621b37e1932c2-CDG
cf-request-id: 06c5b36430000032c2c50ec000000001

GET
H/1.1 200
OK smart.js Show response
ads.simpleads.com.br/tag/2447/ 32 KB
12 KB 124ms
124ms Script
application/javascript 199.187.193.140
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.simpleads.com.br/tag/2447/smart.js
Requested by: Host: cdn.simpleads.com.br
URL: https://cdn.simpleads.com.br/v2/s321679/p1144737/show.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.187.193.140 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: 447d369f201b54a41f92b45b3b319420a5f1078cef687ae23f1831b34bd9a8e6

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:37:51 GMT
cache-control: public,max-age=300
transfer-encoding: chunked
content-encoding: br
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8

GET
H3-Q050 200 gtm.js Show response
www.googletagmanager.com/ 70 KB
28 KB 16ms
16ms Script
application/javascript 2a00:1450:4001:817::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5Q83CDM

Requested by

Host: cdn.simpleads.com.br
URL: https://cdn.simpleads.com.br/v2/s321679/p1144737/show.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

37962d820471b928427f6bbc581a044e0daff0d4096bb58bb05227d6c05525c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:37:51 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28205
x-xss-protection: 0
last-modified: Wed, 02 Dec 2020 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 02 Dec 2020 15:37:51 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/pt_BR/ 195 KB
59 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pt_BR/sdk.js?hash=5bb8084350093f49427816d957ad81ea&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6f96f545c5578e53167400f8e466da0109fccbc9efecdc9e5dc6004765a8f323

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://portalmanaus24h.com.br
Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: eXWC+my5etMC+MPPEKyYxQ==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 60131
etag: "70859c9b44e93b2aa3ddd461ef6451cf"
x-fb-debug: idBj5LOSS85vDkxMDr96/iao6qw5GDdb0qQWCcP9CLaK/yi10TFJxi7c9cTPCxK3tfGFubVQyvTrxcVzyu5y8w==
x-fb-trip-id: 664085054
x-fb-content-md5: 97f4601ca603dfaa730130476064b509
x-frame-options: DENY
date: Wed, 02 Dec 2020 15:37:51 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
expires: Thu, 02 Dec 2021 15:07:35 GMT

GET
H3-Q050 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,300%7CRoboto:400,500,700,300

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://portalmanaus24h.com.br
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,300%7CRoboto:400,500,700,300
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 25 Nov 2020 16:29:45 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:27 GMT
server: sffe
age: 601686
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9080
x-xss-protection: 0
expires: Thu, 25 Nov 2021 16:29:45 GMT

GET
H3-Q050 200 mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,300%7CRoboto:400,500,700,300

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://portalmanaus24h.com.br
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,300%7CRoboto:400,500,700,300
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 30 Nov 2020 18:45:39 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:49 GMT
server: sffe
age: 161532
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9180
x-xss-protection: 0
expires: Tue, 30 Nov 2021 18:45:39 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-184185299-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 6510
date: Wed, 02 Dec 2020 13:49:21 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Wed, 02 Dec 2020 15:49:21 GMT

GET
H2 200 Video-mostra-momento-em-que-motorista-embriagado-atropela-motociclistas-324x160.jpg
portalmanaus24h.com.br/wp-content/uploads/2020/12/ 11 KB
11 KB 11ms
11ms Image
image/jpeg 2606:4700:3031::681c:1cef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalmanaus24h.com.br/wp-content/uploads/2020/12/Video-mostra-momento-em-que-motorista-embriagado-atropela-motociclistas-324x160.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:1cef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a806c51aeb0b950cbcce4147104160752b9e65a40a5d50e49b06a26127cb478

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:37:51 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 32805
content-length: 11031
cf-request-id: 06c5b36459000005bf74959000000001
last-modified: Wed, 02 Dec 2020 04:03:16 GMT
server: cloudflare
etag: "2b17-5fc71204-114c793111d34a58;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ytJLqwRolQTK3fTTnWLzD7ZLlHZryvthhL2AOHIwwR%2BGnKgU%2FBanbyZwS9CfsPrf3nBF8EHbjTRJWIifMLTu%2F%2F4%2BnJdkFr2029B5AP2jpG28FJKUESqnuQL2UcOYymMvb2wF"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 5fb621b3c80c05bf-FRA
expires: Thu, 02 Dec 2021 12:31:06 GMT

GET
H3-Q050 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,300%7CRoboto:400,500,700,300

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://portalmanaus24h.com.br
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,300%7CRoboto:400,500,700,300
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 06:47:05 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:28 GMT
server: sffe
age: 31846
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Thu, 02 Dec 2021 06:47:05 GMT

GET
H3-Q050 200 mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 8ms
6ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,300%7CRoboto:400,500,700,300

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://portalmanaus24h.com.br
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,300%7CRoboto:400,500,700,300
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 22:38:12 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:16 GMT
server: sffe
age: 61179
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9016
x-xss-protection: 0
expires: Wed, 01 Dec 2021 22:38:12 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,300%7CRoboto:400,500,700,300

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://portalmanaus24h.com.br
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,300%7CRoboto:400,500,700,300
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 17:20:25 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 80246
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Wed, 01 Dec 2021 17:20:25 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,300%7CRoboto:400,500,700,300

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://portalmanaus24h.com.br
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,300%7CRoboto:400,500,700,300
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 26 Nov 2020 12:08:16 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 530975
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11056
x-xss-protection: 0
expires: Fri, 26 Nov 2021 12:08:16 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,300%7CRoboto:400,500,700,300

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://portalmanaus24h.com.br
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,300%7CRoboto:400,500,700,300
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 30 Nov 2020 23:06:16 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 145895
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Tue, 30 Nov 2021 23:06:16 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,300%7CRoboto:400,500,700,300

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://portalmanaus24h.com.br
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,300%7CRoboto:400,500,700,300
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 10:07:19 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:52 GMT
server: sffe
age: 19832
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11180
x-xss-protection: 0
expires: Thu, 02 Dec 2021 10:07:19 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://portalmanaus24h.com.br
Referer: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 10:07:19 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:52 GMT
server: sffe
age: 19832
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11180
x-xss-protection: 0
expires: Thu, 02 Dec 2021 10:07:19 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 212 B
269 B 36ms
36ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=portalmanaus24h.com.br&callback=_gfp_s_&client=ca-pub-3689238491183238&cookie=ID%3Db40ab5ff96f06213%3AT%3D1606923469%3AS%3DALNI_Mb2NkmIBKVFQkFfV3Awux-NK4gMpQ

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

89204e5565e559e69518d4ae768eaf35adec1ad7048d1d45c7e23f7f259f5e34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:37:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 201
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
169 B 15ms
15ms Script
application/javascript 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=portalmanaus24h.com.br

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Dec 2020 15:37:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
150 B 16ms
16ms Script
application/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=portalmanaus24h.com.br

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Dec 2020 15:37:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame D245 0
0 150ms
149ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3689238491183238&output=html&h=90&slotname=8009966046&adk=2207777445&adf=1952787757&pi=t.ma~as.8009966046&w=728&lmt=1606923472&psa=1&format=728x90&url=https%3A%2F%2Fportalmanaus24h.com.br%2FTG88IMVETCSA%2Facesso.php&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1606923471808&bpp=16&bdt=2636&idt=165&shv=r20201112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db40ab5ff96f06213%3AT%3D1606923469%3AS%3DALNI_Mb2NkmIBKVFQkFfV3Awux-NK4gMpQ&correlator=7458064389988&frm=20&pv=2&ga_vid=35848103.1606923472&ga_sid=1606923472&ga_hid=420138166&ga_fc=0&iag=0&icsg=197296304&dssz=28&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1426&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=87754325845791&pem=441&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=WrDrH8Xddb&p=https%3A//portalmanaus24h.com.br&dtd=209

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3689238491183238&output=html&h=90&slotname=8009966046&adk=2207777445&adf=1952787757&pi=t.ma~as.8009966046&w=728&lmt=1606923472&psa=1&format=728x90&url=https%3A%2F%2Fportalmanaus24h.com.br%2FTG88IMVETCSA%2Facesso.php&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1606923471808&bpp=16&bdt=2636&idt=165&shv=r20201112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db40ab5ff96f06213%3AT%3D1606923469%3AS%3DALNI_Mb2NkmIBKVFQkFfV3Awux-NK4gMpQ&correlator=7458064389988&frm=20&pv=2&ga_vid=35848103.1606923472&ga_sid=1606923472&ga_hid=420138166&ga_fc=0&iag=0&icsg=197296304&dssz=28&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1426&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=87754325845791&pem=441&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=WrDrH8Xddb&p=https%3A//portalmanaus24h.com.br&dtd=209
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnCfUbtNvNxWQCEGndYp5hS6RPw9m8ljbd3bBiBFuu_Lxf9orsE0eju4BTP
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 02 Dec 2020 15:37:52 GMT
server: cafe
content-length: 205
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
6 KB 18ms
17ms XHR
application/json 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201112&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a34b76b50f10f76c5227d92cb0a9aa03b6a3d329e949f229bf0a718f1cabaa6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Dec 2020 15:37:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6368
x-xss-protection: 0

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d56ee6a2ba915ad87e2dc9b49d9199563f3b35f9e048938e84d1a033e5c2b1c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:37:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1605702985553312"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28207
x-xss-protection: 0
expires: Wed, 02 Dec 2020 15:37:52 GMT

GET
H2 200 policial-atira-na-perna-de-cliente-de-bar-324x160.jpg
portalmanaus24h.com.br/wp-content/uploads/2020/12/ 14 KB
15 KB 24ms
23ms Image
image/jpeg 2606:4700:3031::681c:1cef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalmanaus24h.com.br/wp-content/uploads/2020/12/policial-atira-na-perna-de-cliente-de-bar-324x160.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:1cef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca4fc58fa3ca10bbbaf881c48e7262979cebfa912cf9f4a1da4f1fa216dfeff3

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:37:52 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 32806
content-length: 14839
cf-request-id: 06c5b364a7000005bf4a80b000000001
last-modified: Wed, 02 Dec 2020 03:45:11 GMT
server: cloudflare
etag: "39f7-5fc70dc7-36dafe64893e01fa;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YWBhIUozUwhkLA7fnLY9nYhseoNu6uv%2FSD%2BtWCzlVNfqiyusjMdx%2BFSKMm5jZ3qxbwiELkm16yaf2Nx5D7IljeyIegJODx3c4JIi9lD3z7TFFzQkC0wejBneyV9HEr4cbgh8"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 5fb621b4399605bf-FRA
expires: Thu, 02 Dec 2021 12:31:06 GMT

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 3DC7 0
0 130ms
130ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3689238491183238&output=html&h=280&adk=38579086&adf=1283080809&pi=t.aa~a.1117277066~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1606923472&rafmt=1&to=qs&pwprc=6305729440&psa=1&format=1200x280&url=https%3A%2F%2Fportalmanaus24h.com.br%2FTG88IMVETCSA%2Facesso.php&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1606923471829&bpp=3&bdt=2657&idt=208&shv=r20201112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db40ab5ff96f06213%3AT%3D1606923469%3AS%3DALNI_Mb2NkmIBKVFQkFfV3Awux-NK4gMpQ&prev_fmts=728x90&correlator=7458064389988&frm=20&pv=1&ga_vid=35848103.1606923472&ga_sid=1606923472&ga_hid=420138166&ga_fc=0&iag=0&icsg=34557034672&dssz=29&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=98&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=87754325845791&pem=441&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=jhHKZJ66e8&p=https%3A//portalmanaus24h.com.br&dtd=215

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3689238491183238&output=html&h=280&adk=38579086&adf=1283080809&pi=t.aa~a.1117277066~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1606923472&rafmt=1&to=qs&pwprc=6305729440&psa=1&format=1200x280&url=https%3A%2F%2Fportalmanaus24h.com.br%2FTG88IMVETCSA%2Facesso.php&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1606923471829&bpp=3&bdt=2657&idt=208&shv=r20201112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db40ab5ff96f06213%3AT%3D1606923469%3AS%3DALNI_Mb2NkmIBKVFQkFfV3Awux-NK4gMpQ&prev_fmts=728x90&correlator=7458064389988&frm=20&pv=1&ga_vid=35848103.1606923472&ga_sid=1606923472&ga_hid=420138166&ga_fc=0&iag=0&icsg=34557034672&dssz=29&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=98&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=87754325845791&pem=441&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=jhHKZJ66e8&p=https%3A//portalmanaus24h.com.br&dtd=215
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnCfUbtNvNxWQCEGndYp5hS6RPw9m8ljbd3bBiBFuu_Lxf9orsE0eju4BTP
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 02 Dec 2020 15:37:52 GMT
server: cafe
content-length: 205
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
47 B 14ms
14ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&aip=1&a=420138166&t=pageview&_s=1&dl=https%3A%2F%2Fportalmanaus24h.com.br%2FTG88IMVETCSA%2Facesso.php&ul=en-us&de=UTF-8&dt=P%C3%A1gina%20n%C3%A3o%20encontrada%20-%20Portal%20Manaus%2024h&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAUABAAAAAC~&jid=1334949037&gjid=667896506&cid=35848103.1606923472&tid=UA-184185299-1&_gid=1027118239.1606923472&_r=1&did=dZTNiMT&gtm=2oub41&z=409312609

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 02 Dec 2020 15:37:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://portalmanaus24h.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 16 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:37:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Wed, 02 Dec 2020 15:37:52 GMT

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame E902 0
0 63ms
62ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3689238491183238&output=html&adk=1309800647&adf=4848473&lmt=1606923472&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fportalmanaus24h.com.br%2FTG88IMVETCSA%2Facesso.php&ea=0&flash=0&pra=7&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1606923471829&bpp=3&bdt=2656&idt=252&shv=r20201112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db40ab5ff96f06213%3AT%3D1606923469%3AS%3DALNI_Mb2NkmIBKVFQkFfV3Awux-NK4gMpQ&prev_fmts=728x90%2C1200x280&nras=1&correlator=7458064389988&frm=20&pv=1&ga_vid=35848103.1606923472&ga_sid=1606923472&ga_hid=420138166&ga_fc=0&iag=0&icsg=138228138690&dssz=30&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=87754325845791&pem=441&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&dtd=265

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3689238491183238&output=html&adk=1309800647&adf=4848473&lmt=1606923472&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fportalmanaus24h.com.br%2FTG88IMVETCSA%2Facesso.php&ea=0&flash=0&pra=7&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1606923471829&bpp=3&bdt=2656&idt=252&shv=r20201112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db40ab5ff96f06213%3AT%3D1606923469%3AS%3DALNI_Mb2NkmIBKVFQkFfV3Awux-NK4gMpQ&prev_fmts=728x90%2C1200x280&nras=1&correlator=7458064389988&frm=20&pv=1&ga_vid=35848103.1606923472&ga_sid=1606923472&ga_hid=420138166&ga_fc=0&iag=0&icsg=138228138690&dssz=30&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=87754325845791&pem=441&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&dtd=265
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnCfUbtNvNxWQCEGndYp5hS6RPw9m8ljbd3bBiBFuu_Lxf9orsE0eju4BTP
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 02 Dec 2020 15:37:52 GMT
server: cafe
content-length: 3263
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 Moro-sera-socio-diretor-em-empresa-que-representa-a-Odebrecht-324x160.jpg
portalmanaus24h.com.br/wp-content/uploads/2020/12/ 6 KB
6 KB 11ms
11ms Image
image/jpeg 2606:4700:3031::681c:1cef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalmanaus24h.com.br/wp-content/uploads/2020/12/Moro-sera-socio-diretor-em-empresa-que-representa-a-Odebrecht-324x160.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:1cef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f9cb118a348fe2b77c5b19d1778eb7505a9317bf07251a0798b700425ee8c32

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:37:52 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 42208
content-length: 6117
cf-request-id: 06c5b364e5000005bf67b78000000001
last-modified: Wed, 02 Dec 2020 03:07:13 GMT
server: cloudflare
etag: "17e5-5fc704e1-eb7aeef10c6536bd;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZSxxshWYOdf%2BnEUqNvL%2BztV4FTree8cseaMRKHsxxBdqHAkcF0amADRAwz3jTjtH1joQvq%2Bu8bHghsgoyns5LddcYLFqZPLyBwJbwHG6JOO8tfj500ogrK9Kz1MwvxKtAvzu"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 5fb621b4aabd05bf-FRA
expires: Thu, 02 Dec 2021 09:54:24 GMT

GET
H2 200 ByMGID.svg
cdn.mgid.com/images/logos/ 2 KB
970 B 22ms
22ms Image
image/svg+xml 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/ByMGID.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/o/portalmanaus24h.com.br.1037079.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aae80a8125affd8e33409d76e77ae2918d62c2028ee68e0d9fd6093d41ca0aad

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:37:52 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 07 May 2020 09:36:25 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1588844166/ctime:1588844166/gid:0/gname:root/md5:17534e4d893e6f9d5f70f8483530ae6e/mode:33206/mtime:1588844166/uid:0/uname:root
age: 6547
etag: W/"17534e4d893e6f9d5f70f8483530ae6e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-id-2: 5KTvy9umK7Q9q7ayYfRhARbIRy2XVYo4Q/XpLliaGD20EGMrNCeynM9vzhfKBPhTvzrfw18tEFk=
content-type: image/svg+xml
cf-ray: 5fb621b4b9a032c2-CDG
x-amz-request-id: EDD0957952C83C96
cf-request-id: 06c5b364f1000032c2f419f000000001

GET
H2 200 i.js Show response
cm.mgid.com/ 970 B
736 B 77ms
77ms Script
application/javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?&cbuster=1606923472110831396168
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/o/portalmanaus24h.com.br.1037079.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 812e73dfb24e948bf18d3442e5cb0adb24ed094e5f8186c6445cc003c141799a

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Dec 2020 15:37:52 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: 86aaf6b0-a167-454c-b5f1-99c8ff7f01ae
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5fb621b4b9b832c2-CDG
cf-request-id: 06c5b364f6000032c2fa102000000001
server: cloudflare

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame 2886 19 B
338 B 76ms
76ms Script
application/javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1606923472113171304133
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/o/portalmanaus24h.com.br.1037079.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Dec 2020 15:37:52 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: c015501f-8af0-4aca-a452-9b2b7adc3c47
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5fb621b4c9cb32c2-CDG
cf-request-id: 06c5b364f9000032c2a23e4000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0LzQ5Mjg0MjE2MTgyMmY0OGI2MzQ2MGUzNjJhYTljOTJiLmpwZWc.webp
s-img.mgid.com/g/5523139/492x277/135x0x1062x708/ 15 KB
15 KB 30ms
28ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/5523139/492x277/135x0x1062x708/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDMvMTAxOTI0LzQ5Mjg0MjE2MTgyMmY0OGI2MzQ2MGUzNjJhYTljOTJiLmpwZWc.webp?v=1606923471-iJa6SVd0wnG5Nxw4LTxnnPpKKLFcEm1RKi6G0p8PvCU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be32c31eebb3cd49807bc71cecc36e6960d5fd7b94c98e3ed56c83600f1226eb

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:37:52 GMT
cf-cache-status: HIT
last-modified: Mon, 05 Oct 2020 11:23:52 GMT
x-mg-request-uuid: 11b0403c-8f7b-4c4e-be90-235b39c7251d
age: 2562548
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5fb621b4c9f932c2-CDG
content-length: 14898
cf-request-id: 06c5b36500000032c2ca3f9000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzE5Mjg1Y2FiMDIyMDQ2ODE5NGIxNzU3ZTZmMzhjZDQ3LmpwZWc.webp
s-img.mgid.com/g/3944304/492x277/0x0x758x505/ 19 KB
19 KB 25ms
24ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3944304/492x277/0x0x758x505/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzE5Mjg1Y2FiMDIyMDQ2ODE5NGIxNzU3ZTZmMzhjZDQ3LmpwZWc.webp?v=1606923471-RpZjjgWXIbR-YfZ7kyoT64hqIKvV3qR5ZONGq6tOHu0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b24555211c2b44bfc9d83befefeb792fb7af40988f8a5ac3483177f44bec544

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:37:52 GMT
cf-cache-status: HIT
last-modified: Mon, 05 Oct 2020 11:32:40 GMT
x-mg-request-uuid: 18cc288a-b44e-478f-a417-fb21f557366b
age: 2459420
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5fb621b4c9ff32c2-CDG
content-length: 18994
cf-request-id: 06c5b36500000032c28d375000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0L2FmNzNmOTExYzA0OWI2Y2NmZTRmN2M3YjFlOGQ5OWQzLmpwZz90PTE0OTc5ODQ5NjIzMjM.webp
s-img.mgid.com/g/3805489/492x277/0x158x799x532/ 11 KB
11 KB 26ms
25ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3805489/492x277/0x158x799x532/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjAvMTAxOTI0L2FmNzNmOTExYzA0OWI2Y2NmZTRmN2M3YjFlOGQ5OWQzLmpwZz90PTE0OTc5ODQ5NjIzMjM.webp?v=1606923471-0neiwzyUxRGpwAOwd4lJQlremuvSrBjo-QmRLeN-Vtg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce9ea81f9121149c46f65d067fda963c4f4afe3a2677093f840b63c07040b9a0

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:37:52 GMT
cf-cache-status: HIT
last-modified: Mon, 05 Oct 2020 11:24:00 GMT
x-mg-request-uuid: 0ec2c5c9-f606-4df2-ac91-8cd4203abaaa
age: 2382843
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5fb621b4ca0032c2-CDG
content-length: 11178
cf-request-id: 06c5b36500000032c2bf329000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzhiODQxOTNiZDc0NDBkYTUwZWFmNjUyMDMwZDY1YzQ4LmpwZWc.webp
s-img.mgid.com/g/3866389/492x277/0x0x749x499/ 9 KB
10 KB 27ms
26ms Image
image/webp 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3866389/492x277/0x0x749x499/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzhiODQxOTNiZDc0NDBkYTUwZWFmNjUyMDMwZDY1YzQ4LmpwZWc.webp?v=1606923471-unXr6HTNiIap7M3X3U991YWUK0P5DpF4GFTnkqwWYVc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd5b48a2b3b432683bd43bc06b311f28417230a9b920453836e0e2aeafabab16

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:37:52 GMT
cf-cache-status: HIT
last-modified: Mon, 05 Oct 2020 11:23:09 GMT
x-mg-request-uuid: 87ecc3aa-1f5e-41dc-8995-eae87db88d9a
age: 2298282
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5fb621b4ca0232c2-CDG
content-length: 9604
cf-request-id: 06c5b36500000032c291b45000000001
server: cloudflare

OPTIONS
H/1.1 200
OK call
ads.simpleads.com.br/2447/ Frame 0
0 122ms
122ms Other 199.187.193.140
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.simpleads.com.br/2447/call
Protocol: HTTP/1.1
Server: 199.187.193.140 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://portalmanaus24h.com.br
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 02 Dec 2020 15:37:52 GMT
content-length: 0
cache-control: no-cache,no-store
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, HEAD, POST
access-control-allow-origin: https://portalmanaus24h.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

POST
H/1.1 200
OK call Show response
ads.simpleads.com.br/2447/ 5 KB
1 KB 134ms
133ms XHR
application/json 199.187.193.140
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.simpleads.com.br/2447/call
Requested by: Host: ads.simpleads.com.br
URL: https://ads.simpleads.com.br/tag/2447/smart.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.187.193.140 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: 9f2fc574e6f1581b3df7ee980e957b8d631fc3fb7918e1bbab6dcb1c8f06f36d

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type: application/json

Response headers

pragma: no-cache
date: Wed, 02 Dec 2020 15:37:52 GMT
content-encoding: br
vary: Accept-Encoding
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://portalmanaus24h.com.br
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
transfer-encoding: chunked

GET
H2 200 David-Almeida-anuncia-Marcos-Rotta-na-infraestrutura-324x160.jpg
portalmanaus24h.com.br/wp-content/uploads/2020/12/ 14 KB
15 KB 12ms
12ms Image
image/jpeg 2606:4700:3031::681c:1cef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalmanaus24h.com.br/wp-content/uploads/2020/12/David-Almeida-anuncia-Marcos-Rotta-na-infraestrutura-324x160.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:1cef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2467b382295827fc5c7d634ced5cb38b06d6ae6688400dd9e5254d8667800f2e

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:37:52 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 43879
content-length: 14821
cf-request-id: 06c5b36521000005bf50353000000001
last-modified: Wed, 02 Dec 2020 02:52:05 GMT
server: cloudflare
etag: "39e5-5fc70155-810feab01173b349;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=T37IXJgqKaEiw%2FsyPm9pl0hOWE5EpQFIHIWSyh1tM9tIvo9LUCbQ4fCfny0TRFbOfSGEU7kIXLqmGJW%2Bk5dUtp9yj6%2BAy0oKLl6crbDq6sFawyBA8P3gLPz9tIazknNijsce"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 5fb621b50bd705bf-FRA
expires: Thu, 02 Dec 2021 09:26:33 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame C1A9 0
0 7ms
5ms Document
text/html 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Wed, 02 Dec 2020 15:24:47 GMT
expires: Thu, 02 Dec 2021 15:24:47 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 785
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 Video-mostra-mulher-dando-surra-no-namorado-veja-o-video-324x160.jpg
portalmanaus24h.com.br/wp-content/uploads/2020/12/ 6 KB
6 KB 13ms
12ms Image
image/jpeg 2606:4700:3031::681c:1cef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalmanaus24h.com.br/wp-content/uploads/2020/12/Video-mostra-mulher-dando-surra-no-namorado-veja-o-video-324x160.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:1cef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92b33196a232ed91cb8132457039c35a87201dfa05c14ff22d82f3494135444d

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:37:52 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 43877
content-length: 6089
cf-request-id: 06c5b36551000005bfa7a7f000000001
last-modified: Wed, 02 Dec 2020 02:08:58 GMT
server: cloudflare
etag: "17c9-5fc6f73a-84969f60d8d63b5a;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ombjKfR7XzDmflIzFdLWqTwHW7IhGIt%2Fi6ElHDWd89NEjUw6ZmbnTDJqW83ZKAwV2XHRsYz8fOqwF77pJjBBZXO%2B2%2Fuk4mPmZBQRGwHPPb7kb%2FEfORn%2BBLN%2FHzOOzAGD4J11"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 5fb621b54cb005bf-FRA
expires: Thu, 02 Dec 2021 09:26:35 GMT

GET
H/1.1

200
OK

usync.html
eus.rubiconproject.com/ Frame E2C5
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

0
0

29ms
29ms

Document
text/html

184.30.212.16
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Requested by: Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1606923472110831396168
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.212.16 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a184-30-212-16.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Mon, 28 Sep 2020 17:02:39 GMT
ETag: "4000c-123-5b062a240e9c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 238
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Dec 2020 15:37:52 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Date: Wed, 02 Dec 2020 15:37:52 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
https://cm.mgid.com/m?cdsp=371158&c=ed5d227b-b953-4394-846a-520b6fb966a9&ttl=1609515472

43 B
408 B

85ms
85ms

Image
image/gif

104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=371158&c=ed5d227b-b953-4394-846a-520b6fb966a9&ttl=1609515472
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Dec 2020 15:37:52 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 29b36578-5f17-47bf-90ec-5d63a8c388bc
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5fb621b59c1032c2-CDG
cf-request-id: 06c5b36581000032c2f8a03000000001
server: cloudflare

Redirect headers

pragma: no-cache
date: Wed, 02 Dec 2020 15:37:52 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.mgid.com/m?cdsp=371158&c=ed5d227b-b953-4394-846a-520b6fb966a9&ttl=1609515472
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 205

GET
H2 200 /
cm.idealmedia.io/setmuidn/ 0
285 B 81ms
78ms Image
image/gif 104.16.199.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.idealmedia.io/setmuidn/?muidf=kb2L6FCVtFB7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.199.73 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Dec 2020 15:37:52 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 5fb621b56911cd97-CDG
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
cf-request-id: 06c5b3655d0000cd97442cf000000001

GET
H2

200

google
cm.mgid.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=a2IyTDZGQ1Z0RkI3&muidn=kb2L6FCVtFB7
https://cm.mgid.com/google?muidn=kb2L6FCVtFB7&google_ula={guid},5&google_gid=CAESEG4ldnnrN5n6DNJBKmsQdtg&google_cver=1

0
250 B

74ms
74ms

Image
text/plain

104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/google?muidn=kb2L6FCVtFB7&google_ula={guid},5&google_gid=CAESEG4ldnnrN5n6DNJBKmsQdtg&google_cver=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Dec 2020 15:37:52 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: text/plain
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5fb621b57ba732c2-CDG
cf-request-id: 06c5b3656f000032c2c5110000000001

Redirect headers

pragma: no-cache
date: Wed, 02 Dec 2020 15:37:52 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.mgid.com/google?muidn=kb2L6FCVtFB7&google_ula={guid},5&google_gid=CAESEG4ldnnrN5n6DNJBKmsQdtg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 327
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
cm.lentainform.com/setmuidn/ 0
288 B 87ms
85ms Image
image/gif 104.19.216.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lentainform.com/setmuidn/?muidf=kb2L6FCVtFB7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.216.61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Dec 2020 15:37:52 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 5fb621b56950ee23-CDG
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
cf-request-id: 06c5b3655e0000ee23d6351000000001

GET
H2

200

rtset
bh.contextweb.com/bh/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=303&user_id=kb2L6FCVtFB7
https://bh.contextweb.com/bh/rtset?do=add&pid=556010&ev=ab790b0f-0cfc-460c-82a0-eea33c1cee8f

49 B
406 B

303ms
99ms

Image
image/gif

198.148.27.139
PULSEPOINT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/bh/rtset?do=add&pid=556010&ev=ab790b0f-0cfc-460c-82a0-eea33c1cee8f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),

Reverse DNS

Software

Jetty(9.4.14.v20181114) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
content-language: en-US
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
content-type: image/gif;charset=iso-8859-1
cw-server: bh-deployment-659d447f4f-csr55
expires: -1

Redirect headers

location: //bh.contextweb.com/bh/rtset?do=add&pid=556010&ev=ab790b0f-0cfc-460c-82a0-eea33c1cee8f
date: Wed, 02 Dec 2020 15:37:52 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 Sindicato-anuncia-paralisacao-dos-onibus-a-partir-da-proxima-quinta-feira-3.-324x160.jpg
portalmanaus24h.com.br/wp-content/uploads/2020/12/ 14 KB
14 KB 14ms
12ms Image
image/jpeg 2606:4700:3031::681c:1cef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalmanaus24h.com.br/wp-content/uploads/2020/12/Sindicato-anuncia-paralisacao-dos-onibus-a-partir-da-proxima-quinta-feira-3.-324x160.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:1cef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 139293969a3af52128cec6885aae531bd55ddf25f4e43ff1e9b1ff624b78ee69

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:37:52 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 47861
content-length: 13847
cf-request-id: 06c5b3657a000005bf6cb4b000000001
last-modified: Wed, 02 Dec 2020 01:10:58 GMT
server: cloudflare
etag: "3617-5fc6e9a2-c5d7b394a249bfb7;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VObpCT29fE%2FYprctc5ioa%2Bk7RZUm6XV9shLkbDtpUGVjoa5yKV5%2FrUOrZU8OYGOp8d9%2B9x5JVOhV5RIbE%2FfmxYXqZEyogKjNbldk6f5M%2FT0fQENlKkDVkdO34mczwSKk7I6z"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 5fb621b59d6b05bf-FRA
expires: Thu, 02 Dec 2021 08:20:11 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
23 B 15ms
15ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gda_r20201112&jk=87754325845791&bg=!wcKlwuLNAAUoamvQKFiecMVHAAPrnAIAAABuUgAAABJoAQcKAUlAdZnvLbo8gnucHiA9-mYS6KGtbmU2qsEIGLRich0lerFjsBJPXQT9l40iv6NkXUs7nldc4sEOfhy-I5-Qjl0IckgN5RlKqCjAC4-kWd-HOLK5PtvMKPUPheQr1_wDgzBghvdO4xxaczcuBwgkZXHtunqnFxGZ1NiMZFRlKEwpfL9QqvV71VcIV4H81yLgxY0Z9yaUl_Spz6TqCOoqu_B19M72vyuGzOUPBpyk7wYzkthD6MdPfRnV2xxjCyxldY46GblGPD84-pErq8A3l-VcAbLvZHPWRWWpxS0T7KwdGgfjZgChGOaMygD9BKxBc21todsjRRrv-GtuY3GF2CS4bSgHYZs2qe2uJ4gIw6BrUhqHoHV4iqeQkKbDJFtJ0k-JvoYpz2F2yI1mz0alLh3nD5Q8yqk91ltr1U8XoQzgmIzcZjGSzyVUr5kBvzPDvWhjr8a_qA5sFXCE7mNHey_goY_ZIr3KA6GEJVEkRNo3jzQLrZn0cI_GuTAEGKiNBAzWZTg34CEdyLe_TfHN6j6RITcInDdJEcowpY91dvszPZppVAmV0-7pMfCfQSnl8Pw8C0XPhcUREdnUSPmbtKQAXCE7iv5QblCQlVazIgTPpOZ7_UqBS4v-h0L4HsyfNHdeWWFOS2R3gWqFMvC_kaYj2R3pnX7AH_01lUJwk9HKchRLNC2OUM1yhu5iJP4OzQNLTrEMsjD2hakMNjsRkAnEEEpODfaf9t21ngcPDxl8_A89veTRi8j9585n6D7jSRXKSIRpHJfma1Rc7rGq1SyFBcaoDRcjzChoTiNmmFp5AmWKS_4AgVXukgx1k-RMPMVajXqiW4XdGzIFYMvOx6KNf3G3IWGbgo9Ta3uIaG1WKsMIKZK48yZ_qO31XiwVZcX1Ng3Q8LYdUk_VFZMLELVmsVsOYhrJeORKW7w8lDMnAPSat0RtIvZMFi7J_eTXozToCV81ceg1gJLgR4hiODfEStlj6tmmEe-XfwPoboyd7cKMwyreo-oEY3-XuQhHb_go2sLWJ5iwhej8fw

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Dec 2020 15:37:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK nshow Show response
ads.simpleads.com.br/h/ 22 B
326 B 193ms
192ms Script
application/javascript 199.187.193.140
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.simpleads.com.br/h/nshow?siteid=321679&pgid=1144737&fmtid=52896&tag=smp_52896&tmstp=9300959968&visit=S&uii=396422078545296963&acd=1606923472320&ckid=0&async=1&pubid=20&systgt=%24qc%3D1311284246%3B%24ql%3DUnknown%3B%24qpc%3D93200%3B%24qt%3D184_1614_38539t%3B%24dma%3D0%3B%24b%3D16830%3B%24o%3D12100%3B%24sw%3D1600%3B%24sh%3D1200&tgt=%24dt%3D1t&pgDomain=https%3A%2F%2Fportalmanaus24h.com.br%2FTG88IMVETCSA%2Facesso.php&noadcbk=sas.noad&gdpr=1&insid=9592408%2C&capp=0%2C&mcrdbt=0%2C
Requested by: Host: ads.simpleads.com.br
URL: https://ads.simpleads.com.br/tag/2447/smart.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.187.193.140 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: eb5005571cb358990d29174bdeca9af94f4343ba0d7f248706b8d363715937a1

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Dec 2020 15:37:52 GMT
content-encoding: br
vary: Accept-Encoding
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
transfer-encoding: chunked
content-type: application/javascript; charset=UTF-8

GET
H/1.1 200
OK nshow Show response
ads.simpleads.com.br/h/ 23 KB
7 KB 134ms
134ms Script
application/javascript 199.187.193.140
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.simpleads.com.br/h/nshow?siteid=321679&pgid=1144737&fmtid=52026&tag=smp_52026&tmstp=9300959968&visit=S&uii=396422078545296964&acd=1606923472320&ckid=0&async=1&pubid=20&systgt=%24qc%3D1311284246%3B%24ql%3DUnknown%3B%24qpc%3D93200%3B%24qt%3D184_1614_38539t%3B%24dma%3D0%3B%24b%3D16830%3B%24o%3D12100%3B%24sw%3D1600%3B%24sh%3D1200&tgt=%24dt%3D1t&pgDomain=https%3A%2F%2Fportalmanaus24h.com.br%2FTG88IMVETCSA%2Facesso.php&noadcbk=sas.noad&gdpr=1&insid=8055129%2C&capp=0%2C&mcrdbt=0%2C
Requested by: Host: ads.simpleads.com.br
URL: https://ads.simpleads.com.br/tag/2447/smart.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.187.193.140 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: fcee51fb53f0133068ed9d4cbd832efa49f81f6b2a0a76359b04279f86243d12

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Dec 2020 15:37:51 GMT
content-encoding: br
vary: Accept-Encoding
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
x-smrt-i: 8055129
cache-control: no-cache,no-store
transfer-encoding: chunked
content-type: application/javascript; charset=UTF-8

GET
H/1.1 200
OK nshow Show response
ads.simpleads.com.br/h/ 15 KB
3 KB 134ms
133ms Script
application/javascript 199.187.193.140
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.simpleads.com.br/h/nshow?siteid=321679&pgid=1144737&fmtid=52027&tag=smp_52027&tmstp=9300959968&visit=S&uii=396422078545296965&acd=1606923472320&ckid=0&async=1&pubid=20&systgt=%24qc%3D1311284246%3B%24ql%3DUnknown%3B%24qpc%3D93200%3B%24qt%3D184_1614_38539t%3B%24dma%3D0%3B%24b%3D16830%3B%24o%3D12100%3B%24sw%3D1600%3B%24sh%3D1200&tgt=%24dt%3D1t&pgDomain=https%3A%2F%2Fportalmanaus24h.com.br%2FTG88IMVETCSA%2Facesso.php&noadcbk=sas.noad&gdpr=1&insid=8055518%2C&capp=0%2C&mcrdbt=0%2C
Requested by: Host: ads.simpleads.com.br
URL: https://ads.simpleads.com.br/tag/2447/smart.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.187.193.140 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: 6a3c2a95f809d869b0b3742454572660cc278a66e70cacec8b7b950d0d7e5abd

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Dec 2020 15:37:51 GMT
content-encoding: br
vary: Accept-Encoding
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
x-smrt-i: 8055518
cache-control: no-cache,no-store
transfer-encoding: chunked
content-type: application/javascript; charset=UTF-8

GET
H/1.1 200
OK nshow Show response
ads.simpleads.com.br/h/ 17 KB
5 KB 127ms
127ms Script
application/javascript 199.187.193.140
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.simpleads.com.br/h/nshow?siteid=321679&pgid=1144737&fmtid=52892&tag=smp_52892&tmstp=9300959968&visit=S&uii=396422078545296966&acd=1606923472320&ckid=0&async=1&pubid=20&systgt=%24qc%3D1311284246%3B%24ql%3DUnknown%3B%24qpc%3D93200%3B%24qt%3D184_1614_38539t%3B%24dma%3D0%3B%24b%3D16830%3B%24o%3D12100%3B%24sw%3D1600%3B%24sh%3D1200&tgt=%24dt%3D1t&pgDomain=https%3A%2F%2Fportalmanaus24h.com.br%2FTG88IMVETCSA%2Facesso.php&noadcbk=sas.noad&gdpr=1&insid=9024423%2C&capp=0%2C&mcrdbt=0%2C
Requested by: Host: ads.simpleads.com.br
URL: https://ads.simpleads.com.br/tag/2447/smart.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.187.193.140 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: f1ce7f2648eb997311039e58418b0addab8e49813aacacd319134c8ff6485042

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Dec 2020 15:37:51 GMT
content-encoding: br
vary: Accept-Encoding
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
x-smrt-i: 9024423
cache-control: no-cache,no-store
transfer-encoding: chunked
content-type: application/javascript; charset=UTF-8

GET
H/1.1 200
OK aip
ads.simpleads.com.br/h/ 43 B
270 B 154ms
153ms Image
image/gif 199.187.193.140
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.simpleads.com.br/h/aip?siteid=321679&pgid=1144737&fmtid=52025&tmstp=9300959968&visit=S&uii=396422078545296967&acd=1606923472320&ckid=0&pubid=20&statid=1&systgt=%24qc%3d1311284246%3b%24ql%3dUnknown%3b%24qpc%3d93200%3b%24qt%3d184_1614_38539t%3b%24dma%3d0%3b%24b%3d16830%3b%24o%3d12100%3b%24sw%3d1600%3b%24sh%3d1200&tgt=%24dt%3d1t&rnd=9269740697
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.187.193.140 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Dec 2020 15:37:51 GMT
cache-control: no-cache,no-store
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H/1.1 200
OK aip
ads.simpleads.com.br/h/ 43 B
270 B 123ms
122ms Image
image/gif 199.187.193.140
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.simpleads.com.br/h/aip?siteid=321679&pgid=1144737&fmtid=52893&tmstp=9300959968&visit=S&uii=396422078545296968&acd=1606923472320&ckid=0&pubid=20&statid=1&systgt=%24qc%3d1311284246%3b%24ql%3dUnknown%3b%24qpc%3d93200%3b%24qt%3d184_1614_38539t%3b%24dma%3d0%3b%24b%3d16830%3b%24o%3d12100%3b%24sw%3d1600%3b%24sh%3d1200&tgt=%24dt%3d1t&rnd=5846892071
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.187.193.140 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Dec 2020 15:37:51 GMT
cache-control: no-cache,no-store
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H/1.1 200
OK aip
ads.simpleads.com.br/h/ 43 B
270 B 121ms
120ms Image
image/gif 199.187.193.140
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.simpleads.com.br/h/aip?siteid=321679&pgid=1144737&fmtid=52895&tmstp=9300959968&visit=S&uii=396422078545296969&acd=1606923472320&ckid=0&pubid=20&statid=1&systgt=%24qc%3d1311284246%3b%24ql%3dUnknown%3b%24qpc%3d93200%3b%24qt%3d184_1614_38539t%3b%24dma%3d0%3b%24b%3d16830%3b%24o%3d12100%3b%24sw%3d1600%3b%24sh%3d1200&tgt=%24dt%3d1t&rnd=2449350507
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.187.193.140 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Dec 2020 15:37:52 GMT
cache-control: no-cache,no-store
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H/1.1

200
OK

usync.html
eus.rubiconproject.com/ Frame 4939
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=us-east

0
0

24ms
24ms

Document
text/html

184.30.212.16
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=us-east
Requested by: Host: ads.simpleads.com.br
URL: https://ads.simpleads.com.br/h/nshow?siteid=321679&pgid=1144737&fmtid=52892&tag=smp_52892&tmstp=9300959968&visit=S&uii=396422078545296966&acd=1606923472320&ckid=0&async=1&pubid=20&systgt=%24qc%3D1311284246%3B%24ql%3DUnknown%3B%24qpc%3D93200%3B%24qt%3D184_1614_38539t%3B%24dma%3D0%3B%24b%3D16830%3B%24o%3D12100%3B%24sw%3D1600%3B%24sh%3D1200&tgt=%24dt%3D1t&pgDomain=https%3A%2F%2Fportalmanaus24h.com.br%2FTG88IMVETCSA%2Facesso.php&noadcbk=sas.noad&gdpr=1&insid=9024423%2C&capp=0%2C&mcrdbt=0%2C
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.212.16 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a184-30-212-16.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Mon, 28 Sep 2020 17:02:39 GMT
ETag: "4000c-123-5b062a240e9c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 238
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Dec 2020 15:37:52 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=us-east
Date: Wed, 02 Dec 2020 15:37:52 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H/1.1 200
OK dhtml-ad-simpleads-ads-05-beta4.js Show response
creatives.sascdn.com/diff/2447/6880103/ 14 KB
4 KB 9ms
7ms Script
application/x-javascript 2a02:26f0:6c00::210:ba29
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://creatives.sascdn.com/diff/2447/6880103/dhtml-ad-simpleads-ads-05-beta4.js
Requested by: Host: ads.simpleads.com.br
URL: https://ads.simpleads.com.br/h/nshow?siteid=321679&pgid=1144737&fmtid=52892&tag=smp_52892&tmstp=9300959968&visit=S&uii=396422078545296966&acd=1606923472320&ckid=0&async=1&pubid=20&systgt=%24qc%3D1311284246%3B%24ql%3DUnknown%3B%24qpc%3D93200%3B%24qt%3D184_1614_38539t%3B%24dma%3D0%3B%24b%3D16830%3B%24o%3D12100%3B%24sw%3D1600%3B%24sh%3D1200&tgt=%24dt%3D1t&pgDomain=https%3A%2F%2Fportalmanaus24h.com.br%2FTG88IMVETCSA%2Facesso.php&noadcbk=sas.noad&gdpr=1&insid=9024423%2C&capp=0%2C&mcrdbt=0%2C
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba29 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: Apache /
Resource Hash: 2c026cf4c6db7213dc7036ab1da4d408a07e48895cca8057670eb32ce5cce543

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 02 Dec 2020 15:37:52 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Sep 2019 13:31:13 GMT
Server: Apache
ETag: "64cb55210c8391cc9ffb3a0c84bf565d:1568899873"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4022
Expires: Thu, 02 Dec 2021 15:37:52 GMT

GET
H/1.1 200
OK sas-floor-ad-1-4b_d8c5fe9f-4248-4adf-8032-05f01ddd4f08.js Show response
creatives.sascdn.com/diff/2447/6880103/ 8 KB
3 KB 6ms
6ms Script
application/x-javascript 2a02:26f0:6c00::210:ba29
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://creatives.sascdn.com/diff/2447/6880103/sas-floor-ad-1-4b_d8c5fe9f-4248-4adf-8032-05f01ddd4f08.js
Requested by: Host: ads.simpleads.com.br
URL: https://ads.simpleads.com.br/h/nshow?siteid=321679&pgid=1144737&fmtid=52027&tag=smp_52027&tmstp=9300959968&visit=S&uii=396422078545296965&acd=1606923472320&ckid=0&async=1&pubid=20&systgt=%24qc%3D1311284246%3B%24ql%3DUnknown%3B%24qpc%3D93200%3B%24qt%3D184_1614_38539t%3B%24dma%3D0%3B%24b%3D16830%3B%24o%3D12100%3B%24sw%3D1600%3B%24sh%3D1200&tgt=%24dt%3D1t&pgDomain=https%3A%2F%2Fportalmanaus24h.com.br%2FTG88IMVETCSA%2Facesso.php&noadcbk=sas.noad&gdpr=1&insid=8055518%2C&capp=0%2C&mcrdbt=0%2C
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba29 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0e29f9a85e5960160477df2b85d9677a3deee504bac7a5abe6d204d741bb8258

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 02 Dec 2020 15:37:52 GMT
Content-Encoding: gzip
Last-Modified: Thu, 23 Apr 2020 19:54:21 GMT
Server: AkamaiNetStorage
ETag: "20736de8ce69da81b561b8d000b50604:1587671661"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2548
Expires: Thu, 02 Dec 2021 15:37:52 GMT

GET
H2 200 tags Show response
d.liquidadserver.com.br/ Frame A112 177 KB
55 KB 55ms
54ms Script
application/javascript 2606:4700:3033::ac43:9ff3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://d.liquidadserver.com.br/tags
Requested by: Host: ads.simpleads.com.br
URL: https://ads.simpleads.com.br/h/nshow?siteid=321679&pgid=1144737&fmtid=52027&tag=smp_52027&tmstp=9300959968&visit=S&uii=396422078545296965&acd=1606923472320&ckid=0&async=1&pubid=20&systgt=%24qc%3D1311284246%3B%24ql%3DUnknown%3B%24qpc%3D93200%3B%24qt%3D184_1614_38539t%3B%24dma%3D0%3B%24b%3D16830%3B%24o%3D12100%3B%24sw%3D1600%3B%24sh%3D1200&tgt=%24dt%3D1t&pgDomain=https%3A%2F%2Fportalmanaus24h.com.br%2FTG88IMVETCSA%2Facesso.php&noadcbk=sas.noad&gdpr=1&insid=8055518%2C&capp=0%2C&mcrdbt=0%2C
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:9ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.4
Resource Hash: bf73ece92d892694c939f494ab9fbe2a58e8a7ce9f2ebabeb721b475876c46fd

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:37:52 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-edge-location: defr
x-powered-by: PHP/7.1.4
x-cache: HIT
access-control-allow-methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
cf-request-id: 06c5b3669a0000c26dd338d000000001
link: <https://delivery.liquidadserver.com.br/tags>; rel="canonical"
referrer-policy: unsafe-url
last-modified: Wed, 18 Nov 2020 19:32:59 GMT
server: cloudflare
etag: W/"2c5e6-175dcd88632"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jzMzPPcgdJmOXhTMNXdSI1qoPY9LmdlO0Jkmg3OhTbAgxcWaytxErjqW%2FrJGXgfM%2FHxlbVN3l45fwpOaISk2gQSiUNd1HW3Lwt6WSdBvqVaq00YgxwkG2I6ky7UeqLx1kxRW5w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
cf-ray: 5fb621b75dddc26d-FRA
access-control-allow-headers: X-Requested-With,content-type
expires: Wed, 09 Dec 2020 15:37:52 GMT

GET
H2 200 tags Show response
d.liquidadserver.com.br/ Frame 8A1D 177 KB
54 KB 121ms
121ms Script
application/javascript 2606:4700:3033::ac43:9ff3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://d.liquidadserver.com.br/tags
Requested by: Host: ads.simpleads.com.br
URL: https://ads.simpleads.com.br/h/nshow?siteid=321679&pgid=1144737&fmtid=52026&tag=smp_52026&tmstp=9300959968&visit=S&uii=396422078545296964&acd=1606923472320&ckid=0&async=1&pubid=20&systgt=%24qc%3D1311284246%3B%24ql%3DUnknown%3B%24qpc%3D93200%3B%24qt%3D184_1614_38539t%3B%24dma%3D0%3B%24b%3D16830%3B%24o%3D12100%3B%24sw%3D1600%3B%24sh%3D1200&tgt=%24dt%3D1t&pgDomain=https%3A%2F%2Fportalmanaus24h.com.br%2FTG88IMVETCSA%2Facesso.php&noadcbk=sas.noad&gdpr=1&insid=8055129%2C&capp=0%2C&mcrdbt=0%2C
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:9ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.4
Resource Hash: bf73ece92d892694c939f494ab9fbe2a58e8a7ce9f2ebabeb721b475876c46fd

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:37:52 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-edge-location: defr
x-powered-by: PHP/7.1.4
x-cache: HIT
access-control-allow-methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
cf-request-id: 06c5b366a10000c26dbd36a000000001
link: <https://delivery.liquidadserver.com.br/tags>; rel="canonical"
referrer-policy: unsafe-url
last-modified: Wed, 18 Nov 2020 19:32:59 GMT
server: cloudflare
etag: W/"2c5e6-175dcd88632"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8QQYoyBHuYluyicZlWvfjd3YXezQ4QTE3mCyU5fIkjsyxn9h2wKU6XIxC4jwic%2FEKXXMFOsGPKyhAp8nAtU3a8FPf7Fmw7nwkjxGB%2BdGHU7Zz8GflDSWdcnlY7FburqdWpcp%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
cf-ray: 5fb621b76df5c26d-FRA
access-control-allow-headers: X-Requested-With,content-type
expires: Wed, 09 Dec 2020 15:37:52 GMT

GET
H/1.1 200
OK sas-interstitial-2-18b_4bc0b97f-9e32-4b1a-9caa-38cc1de43fc1.js Show response
creatives.sascdn.com/diff/2447/6880103/ 18 KB
5 KB 10ms
8ms Script
application/x-javascript 2a02:26f0:6c00::210:ba29
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://creatives.sascdn.com/diff/2447/6880103/sas-interstitial-2-18b_4bc0b97f-9e32-4b1a-9caa-38cc1de43fc1.js
Requested by: Host: ads.simpleads.com.br
URL: https://ads.simpleads.com.br/h/nshow?siteid=321679&pgid=1144737&fmtid=52026&tag=smp_52026&tmstp=9300959968&visit=S&uii=396422078545296964&acd=1606923472320&ckid=0&async=1&pubid=20&systgt=%24qc%3D1311284246%3B%24ql%3DUnknown%3B%24qpc%3D93200%3B%24qt%3D184_1614_38539t%3B%24dma%3D0%3B%24b%3D16830%3B%24o%3D12100%3B%24sw%3D1600%3B%24sh%3D1200&tgt=%24dt%3D1t&pgDomain=https%3A%2F%2Fportalmanaus24h.com.br%2FTG88IMVETCSA%2Facesso.php&noadcbk=sas.noad&gdpr=1&insid=8055129%2C&capp=0%2C&mcrdbt=0%2C
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba29 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: f6517ce6a414dcaca2b78e079a713c70f59ce7ed85b66229c747fb0869d969f4

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 02 Dec 2020 15:37:52 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30 Sep 2020 15:46:25 GMT
Server: AkamaiNetStorage
ETag: "b904ac1715c52a81ea6d60f6d99141c8:1601480785.399798"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5176
Expires: Thu, 02 Dec 2021 15:37:52 GMT

GET
H2 200 fltiu.js Show response
pixel.yabidos.com/ 2 KB
2 KB 56ms
22ms Script
application/javascript 104.16.200.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/fltiu.js?qid=034393f5534393f5734363&cid=647&p=2447&s=https%3a%2f%2fportalmanaus24h.com.br&x=SmartAdserver&nci=8055129&nai=52026&adtg=smp_52026&si=321679&ip=&ua=Mozilla%2f5.0+(Macintosh%3b+Intel+Mac+OS+X+10_14_5)+AppleWebKit%2f537.36+(KHTML%2c+like+Gecko)+Chrome%2f83.0.4103.61+Safari%2f537.36&flcb=681075853&di=
Requested by: Host: ads.simpleads.com.br
URL: https://ads.simpleads.com.br/h/nshow?siteid=321679&pgid=1144737&fmtid=52026&tag=smp_52026&tmstp=9300959968&visit=S&uii=396422078545296964&acd=1606923472320&ckid=0&async=1&pubid=20&systgt=%24qc%3D1311284246%3B%24ql%3DUnknown%3B%24qpc%3D93200%3B%24qt%3D184_1614_38539t%3B%24dma%3D0%3B%24b%3D16830%3B%24o%3D12100%3B%24sw%3D1600%3B%24sh%3D1200&tgt=%24dt%3D1t&pgDomain=https%3A%2F%2Fportalmanaus24h.com.br%2FTG88IMVETCSA%2Facesso.php&noadcbk=sas.noad&gdpr=1&insid=8055129%2C&capp=0%2C&mcrdbt=0%2C
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87ce4cc30530348882f7ec9e07ca8a24e704140aef3ef8260c3272598081c99b

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:37:52 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 23 Nov 2020 20:24:01 GMT
server: cloudflare
age: 4256
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 5fb621b7ac24bd63-CDG
content-length: 1146
cf-request-id: 06c5b366c90000bd634e18a000000001
expires: Wed, 02 Dec 2020 17:37:52 GMT

GET
H2 200 tags Show response
d.liquidadserver.com.br/ Frame 8E35 177 KB
54 KB 83ms
82ms Script
application/javascript 2606:4700:3033::ac43:9ff3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://d.liquidadserver.com.br/tags
Requested by: Host: ads.simpleads.com.br
URL: https://ads.simpleads.com.br/h/nshow?siteid=321679&pgid=1144737&fmtid=52892&tag=smp_52892&tmstp=9300959968&visit=S&uii=396422078545296966&acd=1606923472320&ckid=0&async=1&pubid=20&systgt=%24qc%3D1311284246%3B%24ql%3DUnknown%3B%24qpc%3D93200%3B%24qt%3D184_1614_38539t%3B%24dma%3D0%3B%24b%3D16830%3B%24o%3D12100%3B%24sw%3D1600%3B%24sh%3D1200&tgt=%24dt%3D1t&pgDomain=https%3A%2F%2Fportalmanaus24h.com.br%2FTG88IMVETCSA%2Facesso.php&noadcbk=sas.noad&gdpr=1&insid=9024423%2C&capp=0%2C&mcrdbt=0%2C
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:9ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.4
Resource Hash: bf73ece92d892694c939f494ab9fbe2a58e8a7ce9f2ebabeb721b475876c46fd

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:37:52 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-edge-location: defr
x-powered-by: PHP/7.1.4
x-cache: HIT
access-control-allow-methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
cf-request-id: 06c5b366ac0000c26d178f5000000001
link: <https://delivery.liquidadserver.com.br/tags>; rel="canonical"
referrer-policy: unsafe-url
last-modified: Wed, 18 Nov 2020 19:32:59 GMT
server: cloudflare
etag: W/"2c5e6-175dcd88632"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZdRgAw%2FevDnUNKLUGTZuPhkQSYk1k5ykc59QiCyhyHQYDKK9s5Qnr1Dopuax7zxvJEXcZWw0WtSFHPkvp5IFXX3DkGT2pWhJBwReS4mWczlVgCeWhARd2gNRgEet5BTRZ6RInA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
cf-ray: 5fb621b77e0dc26d-FRA
access-control-allow-headers: X-Requested-With,content-type
expires: Wed, 09 Dec 2020 15:37:52 GMT

GET
H2 404 acesso.php
portalmanaus24h.com.br/TG88IMVETCSA/ 56 KB
56 KB 1321ms
1321ms Image
text/html 2606:4700:3031::681c:1cef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
Requested by: Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:1cef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.11
Resource Hash: faf9810146e69ceabb44e0a3bbb3481eccd3d7031c5eeaa4a1f52796fcb4b77d

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:37:53 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.4.11
x-litespeed-cache: hit
cf-request-id: 06c5b366b5000005bf5c1bb000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KfiDhom6lpZtU2tYW98erYnMi2KqliXkRjk9nW3ETWrnnYiSaq8APg82ED41qm8%2FkmPXgBqVS3CBaCPMv4puUsPflQn4dzEr8LjP0eVBTirYJ8AOZUsX08EXOUwAE4feq6cf"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
x-turbo-charged-by: LiteSpeed
cf-ray: 5fb621b78b4e05bf-FRA
link: <https://portalmanaus24h.com.br/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
DATA 200
OK truncated
/ 556 B
556 B Image
img/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 84ebb28c30d3d9fbcb792980ff677143ef36faf6a0bead58a56b75c713889c22

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: img/png

GET
H3-Q050 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 0A7F 53 KB
18 KB 36ms
36ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: creatives.sascdn.com
URL: https://creatives.sascdn.com/diff/2447/6880103/sas-floor-ad-1-4b_d8c5fe9f-4248-4adf-8032-05f01ddd4f08.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

72859c6beb751d71d46eef287809181e56d8eefe5e0dd89adafad35b328b0f0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:37:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "711 / 980 of 1000 / last-modified: 1606911066"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18381
x-xss-protection: 0
expires: Wed, 02 Dec 2020 15:37:52 GMT

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ Frame 0A7F 1 KB
1 KB 28ms
27ms Script
application/x-javascript 2.19.34.195
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.34.195 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-19-34-195.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 02 Dec 2020 15:37:52 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Thu, 03 Dec 2020 15:37:52 GMT

GET
H/1.1 200
OK p
sb.scorecardresearch.com/ Frame 0A7F 43 B
460 B 26ms
25ms Image
image/gif 2.19.34.195
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=8&c2=23608916&c3=321679&ns_ap_it=b&ns_ap_pn=&rn=9300959968
Requested by: Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.34.195 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-19-34-195.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Dec 2020 15:37:52 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 close_54x54.png
ced-ns.sascdn.com/diff/templates/images/ 1 KB
1 KB 16ms
15ms Image
image/png 68.232.35.16
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ced-ns.sascdn.com/diff/templates/images/close_54x54.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.232.35.16 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (pab/6FAA) /
Resource Hash: 76db8eaafd56a116fa9f722f596da45b0ef936a6975861fe6b481fe3bccd2398

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:37:52 GMT
last-modified: Thu, 20 Mar 2014 16:32:28 GMT
server: ECS (pab/6FAA)
age: 2300
etag: "70c31bd388f7006acdb8aa3d4bcbe99a:1395333148"
x-cache: HIT
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
content-length: 1351

GET
H3-Q050 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 996C 53 KB
18 KB 36ms
36ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: creatives.sascdn.com
URL: https://creatives.sascdn.com/diff/2447/6880103/sas-interstitial-2-18b_4bc0b97f-9e32-4b1a-9caa-38cc1de43fc1.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

72859c6beb751d71d46eef287809181e56d8eefe5e0dd89adafad35b328b0f0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:37:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "711 / 984 of 1000 / last-modified: 1606911066"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18381
x-xss-protection: 0
expires: Wed, 02 Dec 2020 15:37:52 GMT

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ Frame 996C 1 KB
1 KB 25ms
25ms Script
application/x-javascript 2.19.34.195
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.34.195 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-19-34-195.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 02 Dec 2020 15:37:52 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Thu, 03 Dec 2020 15:37:52 GMT

GET
H/1.1 200
OK p
sb.scorecardresearch.com/ Frame 996C 43 B
460 B 24ms
24ms Image
image/gif 2.19.34.195
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=8&c2=23608916&c3=321679&ns_ap_it=b&ns_ap_pn=&rn=9300959968
Requested by: Host: creatives.sascdn.com
URL: https://creatives.sascdn.com/diff/2447/6880103/sas-interstitial-2-18b_4bc0b97f-9e32-4b1a-9caa-38cc1de43fc1.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.34.195 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-19-34-195.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Dec 2020 15:37:52 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK aip
ads.simpleads.com.br/h/ 43 B
270 B 124ms
122ms Image
image/gif 199.187.193.140
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.simpleads.com.br/h/aip?siteid=321679&pgid=1144737&fmtid=52896&tmstp=9300959968&visit=S&uii=396422078545296963&acd=1606923472320&ckid=0&pubid=20&statid=1&systgt=%24qc%3d1311284246%3b%24ql%3dUnknown%3b%24qpc%3d93200%3b%24qt%3d184_1614_38539t%3b%24dma%3d0%3b%24b%3d16830%3b%24o%3d12100%3b%24sw%3d1600%3b%24sh%3d1200&tgt=%24dt%3d1t&rnd=1605747338
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.187.193.140 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Dec 2020 15:37:52 GMT
cache-control: no-cache,no-store
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H/1.1 204
No Content b
sb.scorecardresearch.com/ Frame 0A7F 0
399 B 25ms
24ms Image
text/plain 2.19.34.195
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=8&c2=23608916&c3=&ns__t=1606923472594&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fportalmanaus24h.com.br%2FTG88IMVETCSA%2Facesso.php&c9=
Requested by: Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.34.195 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-19-34-195.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Dec 2020 15:37:52 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK json Show response
pro.ip-api.com/ Frame A112 266 B
422 B 25ms
24ms Fetch
application/json 51.77.64.70
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.ip-api.com/json?key=BRsrCTcgCy7FxIl
Requested by: Host: d.liquidadserver.com.br
URL: https://d.liquidadserver.com.br/tags
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS: de-fra-1.pro.ip-api.com
Software: /
Resource Hash: fa42225c8b2ac65d442fbdca2d3113cf55e3c401ebffecaaf016f832b50a7658

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 02 Dec 2020 15:37:52 GMT
Content-Length: 266
Content-Type: application/json; charset=utf-8

GET
H3-Q050 200 pubads_impl_2020111901.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 0A7F 277 KB
98 KB 36ms
35ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

2fa866f281364240678617640d2944c8927bb03588410dfec54a4a97641129e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:37:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 19 Nov 2020 09:45:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99950
x-xss-protection: 0
expires: Wed, 02 Dec 2020 15:37:52 GMT

GET
H/1.1 204
No Content b
sb.scorecardresearch.com/ Frame 996C 0
399 B 24ms
24ms Image
text/plain 2.19.34.195
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=8&c2=23608916&c3=&ns__t=1606923472656&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fportalmanaus24h.com.br%2FTG88IMVETCSA%2Facesso.php&c9=
Requested by: Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.34.195 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-19-34-195.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Dec 2020 15:37:52 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 pubads_impl_2020111901.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 996C 277 KB
98 KB 39ms
39ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

2fa866f281364240678617640d2944c8927bb03588410dfec54a4a97641129e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:37:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 19 Nov 2020 09:45:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99950
x-xss-protection: 0
expires: Wed, 02 Dec 2020 15:37:52 GMT

GET
H2 200 flimpobj.js Show response
pixel.yabidos.com/ 30 KB
24 KB 24ms
22ms Script
application/javascript 104.16.200.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/flimpobj.js?cb=1606923472654&ver1=2.2.3&qid=034393f5534393f5734363&rnd=iimvdk3gxord&cid=647
Requested by: Host: pixel.yabidos.com
URL: https://pixel.yabidos.com/fltiu.js?qid=034393f5534393f5734363&cid=647&p=2447&s=https%3a%2f%2fportalmanaus24h.com.br&x=SmartAdserver&nci=8055129&nai=52026&adtg=smp_52026&si=321679&ip=&ua=Mozilla%2f5.0+(Macintosh%3b+Intel+Mac+OS+X+10_14_5)+AppleWebKit%2f537.36+(KHTML%2c+like+Gecko)+Chrome%2f83.0.4103.61+Safari%2f537.36&flcb=681075853&di=
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.200.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3f5fe43cf3b943aa4ef647e87d8189c61b971c177cb3a6f3e88076fd4b2b9df

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:37:52 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 23 Nov 2020 20:24:01 GMT
server: cloudflare
age: 4256
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 5fb621b82c8bbd63-CDG
content-length: 23972
cf-request-id: 06c5b3671d0000bd633ba11000000001
expires: Wed, 02 Dec 2020 17:37:52 GMT

GET
H3-Q050 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 9AC2 53 KB
18 KB 44ms
43ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: creatives.sascdn.com
URL: https://creatives.sascdn.com/diff/2447/6880103/dhtml-ad-simpleads-ads-05-beta4.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

72859c6beb751d71d46eef287809181e56d8eefe5e0dd89adafad35b328b0f0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:37:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "711 / 318 of 1000 / last-modified: 1606911066"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18381
x-xss-protection: 0
expires: Wed, 02 Dec 2020 15:37:52 GMT

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ Frame 9AC2 1 KB
1 KB 27ms
26ms Script
application/x-javascript 2.19.34.195
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.34.195 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-19-34-195.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 02 Dec 2020 15:37:52 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Thu, 03 Dec 2020 15:37:52 GMT

GET
H/1.1 200
OK p
sb.scorecardresearch.com/ Frame 9AC2 43 B
460 B 25ms
24ms Image
image/gif 2.19.34.195
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=8&c2=23608916&c3=321679&ns_ap_it=b&ns_ap_pn=&rn=9300959968
Requested by: Host: creatives.sascdn.com
URL: https://creatives.sascdn.com/diff/2447/6880103/dhtml-ad-simpleads-ads-05-beta4.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.34.195 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-19-34-195.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Dec 2020 15:37:52 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK json Show response
pro.ip-api.com/ Frame 8E35 266 B
422 B 25ms
24ms Fetch
application/json 51.77.64.70
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.ip-api.com/json?key=BRsrCTcgCy7FxIl
Requested by: Host: d.liquidadserver.com.br
URL: https://d.liquidadserver.com.br/tags
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS: de-fra-1.pro.ip-api.com
Software: /
Resource Hash: fa42225c8b2ac65d442fbdca2d3113cf55e3c401ebffecaaf016f832b50a7658

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 02 Dec 2020 15:37:52 GMT
Content-Length: 266
Content-Type: application/json; charset=utf-8

GET
H/1.1 200
OK json Show response
pro.ip-api.com/ Frame 8A1D 266 B
422 B 32ms
25ms Fetch
application/json 51.77.64.70
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.ip-api.com/json?key=BRsrCTcgCy7FxIl
Requested by: Host: d.liquidadserver.com.br
URL: https://d.liquidadserver.com.br/tags
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS: de-fra-1.pro.ip-api.com
Software: /
Resource Hash: fa42225c8b2ac65d442fbdca2d3113cf55e3c401ebffecaaf016f832b50a7658

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 02 Dec 2020 15:37:52 GMT
Content-Length: 266
Content-Type: application/json; charset=utf-8

GET
H/1.1 204
No Content b
sb.scorecardresearch.com/ Frame 9AC2 0
399 B 247ms
247ms Image
text/plain 2.19.34.195
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=8&c2=23608916&c3=&ns__t=1606923472716&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fportalmanaus24h.com.br%2FTG88IMVETCSA%2Facesso.php&c9=
Requested by: Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.34.195 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-19-34-195.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Dec 2020 15:37:52 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vbl.gif
pre.glotgrx.com/ 26 B
446 B 48ms
28ms Image
image/gif 2606:4700::6810:3f36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pre.glotgrx.com/vbl.gif?cb=1606923472738&rnd=iimvdk3gxord&ifm=0&uai=2&cid=647&s=https%253A//portalmanaus24h.com.br&p=2447&x=SmartAdserver&adtg=smp_52026&ats=0&atf=smp_52026&nsi=&si=321679&nci=8055129&nai=52026&pft=0&iip=0&adb=0&adc=0&adcd=i0_f0_o0_e0&ai=&icp=undefined&impid=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:37:52 GMT
cf-cache-status: HIT
last-modified: Mon, 01 Jun 2020 01:14:19 GMT
server: cloudflare
age: 2157
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 5fb621b8dabb2484-FRA
content-length: 26
cf-request-id: 06c5b36783000024847d1a7000000001
expires: Wed, 02 Dec 2020 17:37:52 GMT

GET
H2 200 nflrc.gif
pre.glotgrx.com/ 26 B
114 B 48ms
29ms Image
image/gif 2606:4700::6810:3f36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pre.glotgrx.com/nflrc.gif?cb=1606923472728653&ver=1.2r81&qid=034393f5534393f5734363&p=2447&s=https%253A//portalmanaus24h.com.br&x=SmartAdserver&cid=647&od1=&od2=&adtg=smp_52026&nci=8055129&nai=52026&si=321679&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=iimvdk3gxord&impid=&tps=39&ver1=2.2.3&di=&flcb=681075853&ua=Mozilla%2f5.0+(Macintosh%3b+Intel+Mac+OS+X+10_14_5)+AppleWebKit%2f537.36+(KHTML%2c+like+Gecko)+Chrome%2f83.0.4103.61+Safari%2f537.36&ip=&1=6f0ee731b7b4ce8ac0f9c16acf24ceb7&2=1.0&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%7D%7D&6=2&7={%22e%22:%223%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=0&atf=smp_52026&dbgcid=647&ifm=0&penv=b&pt=&ptbp=&tw=1&ldp=0&icpl=58&icp=https%253A//portalmanaus24h.com.br/TG88IMVETCSA/acesso.php&irfl=0&irf=&cty=4&fcs=1&flky=ver-fl-6-qid-fl-22-p-fl-4-s-fl-36-x-fl-13-cid-fl-3-od1-fl-0-od2-fl-0-adtg-fl-9-nci-fl-7-nai-fl-5-si-fl-6-ai-fl-0-nsi-fl-0-co-fl-0-cstm1-fl-0-cstm2-fl-0-cstm3-fl-0-rnd-fl-12-impid-fl-0-tps-fl-0-cb-fl-13-ver1-fl-5-di-fl-0-flcb-fl-9-ua-fl-132-ip-fl-0-&spfp=1&spfnp=0&sp1=Chromefl_andLinux&sp2=Chromefl_andMacIntel&adv=0&det=1&adb=0&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=1600x1200&gpu=undefined&ncf=4g_9.1_undefined_null_0_undefined_false&fli=3429136985&flerr=0&trim=&fio=17
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:37:52 GMT
cf-cache-status: HIT
last-modified: Mon, 01 Jun 2020 01:14:19 GMT
server: cloudflare
age: 2151
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 5fb621b8dabf2484-FRA
content-length: 26
cf-request-id: 06c5b3678600002484a8a50000000001
expires: Wed, 02 Dec 2020 17:37:52 GMT

GET
H3-Q050 200 integrator.js Show response
adservice.google.fr/adsid/ Frame 0A7F 109 B
150 B 17ms
16ms Script
application/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=portalmanaus24h.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Dec 2020 15:37:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 0A7F 109 B
127 B 15ms
15ms Script
application/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=portalmanaus24h.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Dec 2020 15:37:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 0A7F 4 KB
2 KB 176ms
176ms XHR
text/plain 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4479936634566110&correlator=2468200020919254&output=ldjh&impl=fifs&eid=21067995%2C21068794%2C21068811&vrg=2020111901&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201202&iu_parts=21713884182%2Cad_footer%2Cad_footer_desktop&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x66%7C980x90%7C980x120%7C750x100%7C960x90%7C468x60%7C970x90%7C950x90&cookie=ID%3Db40ab5ff96f06213-2260585781a600bb%3AT%3D1606923472%3ART%3D1606923472%3AS%3DALNI_MZrDcY-HL7bnHsy4Bjj0GlRrsgtKQ&cdm=portalmanaus24h.com.br&bc=31&abxe=1&lmt=1606923472&dt=1606923472769&dlt=1606923472558&idt=194&ea=0&frm=23&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=1291662414&ucis=a17d2f5vqwnd&ifi=1&ifk=3515554735&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fportalmanaus24h.com.br%2FTG88IMVETCSA%2Facesso.php&top=https%3A%2F%2Fportalmanaus24h.com.br%2FTG88IMVETCSA%2Facesso.php&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=35848103.1606923472&ga_sid=1606923473&ga_hid=791415275&ga_fc=true&fws=256&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

6eca1cd8f52675e9a6504800c47f532fbb196fbe958c41f2a8c0e3ae6e3c68c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:37:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2314
x-xss-protection: 0
google-lineitem-id: 4752570600
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138241122535
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://portalmanaus24h.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
6917555d30d5e345f3bb0e98b837f77d.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 0A7F 0
0 52ms
38ms Other
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://6917555d30d5e345f3bb0e98b837f77d.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 pubads_impl_2020111901.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 9AC2 277 KB
98 KB 36ms
35ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

2fa866f281364240678617640d2944c8927bb03588410dfec54a4a97641129e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:37:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 19 Nov 2020 09:45:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99950
x-xss-protection: 0
expires: Wed, 02 Dec 2020 15:37:52 GMT

GET
H3-Q050 200 integrator.js Show response
adservice.google.fr/adsid/ Frame 996C 109 B
127 B 16ms
15ms Script
application/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=portalmanaus24h.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Dec 2020 15:37:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 996C 109 B
127 B 16ms
15ms Script
application/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=portalmanaus24h.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Dec 2020 15:37:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 996C 4 KB
2 KB 126ms
125ms XHR
text/plain 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3869305654397669&correlator=3497313131299515&output=ldjh&impl=fifs&eid=21068809&vrg=2020111901&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201202&iu_parts=21713884182%2Cad_primeiro_impacto%2Cad_primeiro_impacto_desktop&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=480x320%7C580x400%7C1000x540%7C1024x768%7C640x480%7C1260x400%7C970x250&cookie=ID%3Db40ab5ff96f06213-2260585781a600bb%3AT%3D1606923472%3ART%3D1606923472%3AS%3DALNI_MZrDcY-HL7bnHsy4Bjj0GlRrsgtKQ&cdm=portalmanaus24h.com.br&bc=31&abxe=1&lmt=1606923472&dt=1606923472806&dlt=1606923472579&idt=214&ea=0&frm=23&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=235222445&ucis=nvp14ng7h1i4&ifi=1&ifk=3515554735&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fportalmanaus24h.com.br%2FTG88IMVETCSA%2Facesso.php&top=https%3A%2F%2Fportalmanaus24h.com.br%2FTG88IMVETCSA%2Facesso.php&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=35848103.1606923472&ga_sid=1606923473&ga_hid=493012384&ga_fc=true&fws=256&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

7fddde09e7af591a1aa9d712b3eb59931d2c95285a11c31429eb31e63aa5ddec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:37:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2370
x-xss-protection: 0
google-lineitem-id: 4752570600
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138240942008
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://portalmanaus24h.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
b053f1d77208c5497fe1e9c9ae869bb2.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 996C 0
0 55ms
39ms Other
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://b053f1d77208c5497fe1e9c9ae869bb2.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 integrator.js Show response
adservice.google.fr/adsid/ Frame 9AC2 109 B
150 B 17ms
16ms Script
application/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=portalmanaus24h.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Dec 2020 15:37:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 9AC2 109 B
150 B 15ms
15ms Script
application/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=portalmanaus24h.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Dec 2020 15:37:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 9AC2 468 B
280 B 102ms
102ms XHR
text/plain 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=596849277340820&correlator=1034987941544327&output=ldjh&impl=fifs&vrg=2020111901&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201202&iu_parts=21713884182%2Cad_slider%2Cad_slider_desktop&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x100%7C240x133%7C300x250%7C200x200%7C336x280%7C250x250%7C300x300%7C320x100&fluid=height&cookie=ID%3Db40ab5ff96f06213-2260585781a600bb%3AT%3D1606923472%3ART%3D1606923472%3AS%3DALNI_MZrDcY-HL7bnHsy4Bjj0GlRrsgtKQ&cdm=portalmanaus24h.com.br&bc=31&abxe=1&lmt=1606923472&dt=1606923473000&dlt=1606923472555&idt=439&ea=0&frm=23&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=1057568192&ucis=abp53c4vwn1x&ifi=1&ifk=3515554735&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fportalmanaus24h.com.br%2FTG88IMVETCSA%2Facesso.php&top=https%3A%2F%2Fportalmanaus24h.com.br%2FTG88IMVETCSA%2Facesso.php&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=35848103.1606923472&ga_sid=1606923473&ga_hid=1715388609&ga_fc=true&fws=256&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

f6d7f6088972489e3063f1a1d21bfc86b61339b72f43efd9994801b4d09ada9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:37:53 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://portalmanaus24h.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
b8a3fa1f88cd0b45b8787eeb312feda2.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 9AC2 0
0 57ms
39ms Other
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://b8a3fa1f88cd0b45b8787eeb312feda2.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6760 0
0 38ms
37ms Fetch
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvUaE-vgllBUB42JMnCLiUxoRWFbCiv2Vt_S7L8nRnQScvZ4Kp2cfEYWkjoMhXzFlDWZXNTw5ovrtLeUlrgSdnjnEvjPDjtSwRS7pXOlEyf5Off3Pt7H2l9mIRDIb7hWmfDaDjba06GJom0Cvjyep2EvCIUa56DKJ73pu5XAMfVfM30kGH8kp1lDOUDLL77_AOnPKRGs0SQmlGOzLJjq73y-pOPcnruxmvCO4ezE0AAEXW-Zleu9ZOFPZaigmpXsOj3kv1x5qWAIbSkIrJneYd-z-XZfgUq_igYaA9Q58vOutXiZwSZfJiCKZoWlGNh-V4fmSI&sig=Cg0ArKJSzJ7c-2DhylPtEAE&urlfix=1&adurl=

Requested by

Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Dec 2020 15:37:53 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6760 75 KB
29 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e72a6053c72fd8b75a2723a35b054605a26ed93fe36fa40c5cb1ace71322129

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:37:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1605702985553312"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29194
x-xss-protection: 0
expires: Wed, 02 Dec 2020 15:37:53 GMT

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 996C 73 KB
28 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d56ee6a2ba915ad87e2dc9b49d9199563f3b35f9e048938e84d1a033e5c2b1c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:37:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1605702985553312"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28207
x-xss-protection: 0
expires: Wed, 02 Dec 2020 15:37:53 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 996C 8 KB
6 KB 21ms
20ms XHR
application/json 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020111901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a47c5f5e29085e35027772455c9ce573c0562ae0e27f3e9366cc1b1b576917e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Dec 2020 15:37:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6297
x-xss-protection: 0

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame E242 0
0 41ms
39ms Fetch
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssgcBmMwRZHdttjyW1Lu5MCD-bo2voDohj7MckR-4KInBXlvOkmGbrUnbdjMGmoM9gMPdFknmEKGgdDre4r-KP9jyVCZfNcoiHqPW5RmlyXOagaHUEyvtFaSs9P8t5Pr6U8rQ0XVeJ8-3eE_IjIM3lGazWQFMTRYqjofPp0SyDXfrm8VW7W0y-nBDSsHaOtaqnQDgafshi6VM9-KAt7RkPVHJDUMuDaGpXKmvZi89b99WQimwWV3SKP8lnWfrJZ8TLHj0EpIsPai8R_rUg4-r-yQn24GrafILMOyjhypf4&sig=Cg0ArKJSzC7MPiMw_XvGEAE&urlfix=1&adurl=

Requested by

Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Dec 2020 15:37:53 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame E242 75 KB
29 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e72a6053c72fd8b75a2723a35b054605a26ed93fe36fa40c5cb1ace71322129

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:37:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1605702985553312"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29194
x-xss-protection: 0
expires: Wed, 02 Dec 2020 15:37:53 GMT

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0A7F 73 KB
28 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d56ee6a2ba915ad87e2dc9b49d9199563f3b35f9e048938e84d1a033e5c2b1c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:37:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1605702985553312"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28207
x-xss-protection: 0
expires: Wed, 02 Dec 2020 15:37:53 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 0A7F 9 KB
7 KB 21ms
21ms XHR
application/json 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020111901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6ab0d66f4810a55d79f8675c8361cabf0c2e35ca6881103308e8ef033c5a1da3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Dec 2020 15:37:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6783
x-xss-protection: 0

GET
H/1.1 200
OK zone Show response
delivery.liquidadserver.com.br/ Frame A112 6 KB
2 KB 94ms
92ms Fetch
application/json 157.245.136.40
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.liquidadserver.com.br/zone?key_md5=bcc1a90307f7b6c1e9a0311fc5c8d9fe&country=France&state=%C3%8Ele-de-France&city=Paris&latitude=48.9335&longitude=2.3661&stid=72b03950ae4683b73171db4632666b05
Requested by: Host: d.liquidadserver.com.br
URL: https://d.liquidadserver.com.br/tags
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 157.245.136.40 , United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) / PHP/7.1.4
Resource Hash: 84d832d3323bc4abc90538fa1b1c9b9355cc05563c1e5f64ea33b77c9ac2ae69

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 02 Dec 2020 15:37:53 GMT
Content-Encoding: gzip
Referrer-Policy: unsafe-url
Server: nginx/1.14.0 (Ubuntu)
X-Powered-By: PHP/7.1.4
Vary: Origin, Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://portalmanaus24h.com.br
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With,content-type
ETag: W/"16e5-evvrRIq9TT0SdzCbFoy82g1QLUI"

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 996C 16 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:37:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Wed, 02 Dec 2020 15:37:53 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 0A7F 16 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:37:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Wed, 02 Dec 2020 15:37:53 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6760 0
22 B 39ms
38ms Image
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstM21D0bV_0t7BMJJw-X57yu60ATWuy9v_lkRAUWwSLhaj-GoiZEJyN2a-3O8mbMOVBcQhDM48FMru3-FxKdCJkL1XLq2Pe7_Eoo9h_QhxScnglD-kbKxuUkbvaP7Budvqs7MraFfmqVVVeVelKpYnlC7F07n4BCeMxmmSrH9ULYbjz1xoWbmlKp6aqGJGtzccIMyzZMMH7DgOkVeKe5CXlusFWAptSpCxaCiT6k8zxGofk4unJP-YPghQIlGNR1uxwEPb5m0lrPvm8qS1GRsVrkRzigq2rWqRSGWplOSFW4ep1F8_heF_k-Br8VrfteNZ8KVcn3g&sig=Cg0ArKJSzOWNAl2hmc3WEAE&urlfix=1&adurl=

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Dec 2020 15:37:53 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame E242 0
22 B 38ms
38ms Image
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstItAS2pDyaAMfdQ8943gJWVlqI4h8YMB_N9UVH_yCw8HdCaD5K8ytOqPwFiH_ywSbUhYzHKQBDPyKBb6pN7AsK2Q1FgfdeDFNmRY6BaypaV5VGiIsZyy0OfxeNwnttdQMUUgG2Ye2lCpdk7RTET2AFc--VbNgAMVqyf9VqHqyfudsJoEdvZqgKLd7FotmW485hxC0uJpA5Rof_17RRKFtRpWXXeUWgc_QQBoqL80z_2CcnKuGgUSKTuVF66_HJ-YAGFEPpgavNJdH4jD6kI0AwDQJTbrI8MYDHDLV0GkyGVA&sig=Cg0ArKJSzHm7BuBnAH3EEAE&urlfix=1&adurl=

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Dec 2020 15:37:53 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame C0E5 0
0 6ms
6ms Document
text/html 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Wed, 02 Dec 2020 15:24:47 GMT
expires: Thu, 02 Dec 2021 15:24:47 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 786
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame 7EE2 0
0 6ms
6ms Document
text/html 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Wed, 02 Dec 2020 15:24:47 GMT
expires: Thu, 02 Dec 2021 15:24:47 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 786
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 9AC2 8 KB
6 KB 17ms
17ms XHR
application/json 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020111901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f977c933bffb16696289d4d082f581414d3f85b1c22c48e0975eef21fab8b6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Dec 2020 15:37:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6402
x-xss-protection: 0

GET
H/1.1 200
OK zone Show response
delivery.liquidadserver.com.br/ Frame 8E35 6 KB
2 KB 89ms
89ms Fetch
application/json 157.245.136.40
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.liquidadserver.com.br/zone?key_md5=bcc1a90307f7b6c1e9a0311fc5c8d9fe&country=France&state=%C3%8Ele-de-France&city=Paris&latitude=48.9335&longitude=2.3661&stid=72b03950ae4683b73171db4632666b05
Requested by: Host: d.liquidadserver.com.br
URL: https://d.liquidadserver.com.br/tags
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 157.245.136.40 , United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) / PHP/7.1.4
Resource Hash: 7c9257d18e1efd4f06a64ec5f49889eb2c5b76cddcfec7e63d5546b6b539a0f2

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 02 Dec 2020 15:37:53 GMT
Content-Encoding: gzip
Referrer-Policy: unsafe-url
Server: nginx/1.14.0 (Ubuntu)
X-Powered-By: PHP/7.1.4
Vary: Origin, Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://portalmanaus24h.com.br
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With,content-type
ETag: W/"16e5-ayZFAezfinweFhqIMWVmheXdt+M"

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 9AC2 16 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:37:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Wed, 02 Dec 2020 15:37:53 GMT

GET
H2 200 / Show response
tracker.liquidadserver.com.br/ Frame A112 43 B
493 B 111ms
110ms Fetch
image/gif 2606:4700:3030::6812:3ff4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.liquidadserver.com.br/?ev=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJhZF9pZCI6MzgsImFkX25hbWUiOiJURVNURSBDT09LSUVMRVNTIiwiYWRfdHlwZSI6IkRpc3BsYXkiLCJ6b25lX2lkIjoyMCwiem9uZV9uYW1lIjoiVEVTVEUgQ09PS0lFTEVTUyIsInpvbmVfbWQ1IjoiYmNjMWE5MDMwN2Y3YjZjMWU5YTAzMTFmYzVjOGQ5ZmUiLCJjbGllbnRfaWQiOjM4NTc5LCJjbGllbnRfbmFtZSI6IlNJTVBMRUFEUyBURUNOT0xPR0lBIEUgSU5GT1JNQUNBTyBESUdJVEFMIExURCIsImNhbXBhaWduX2lkIjoxNSwiY2FtcGFpZ25fbmFtZSI6IlRFU1RFIENPT0tJRUxFU1MiLCJjcmVhdGl2ZXNpemUiOiIxeDEiLCJuYW1lTWQ1IjoiYmNjMWE5MDMwN2Y3YjZjMWU5YTAzMTFmYzVjOGQ5ZmUzOCIsImNyZWF0aXZlX3VybCI6IiIsImV4dGVuc2lvbiI6ImdpZiIsInNpemUiOm51bGwsIm9ubGluZSI6IkFndWFyZGFuZG8iLCJyaWQiOiJlZWUwMTBlOWE0NTE3OTg2MWYwMzgxYTYxNzY1Y2IxNiIsImRvbWFpbiI6InBvcnRhbG1hbmF1czI0aC5jb20uYnIiLCJyZWZlcmVyIjoiaHR0cHM6Ly9wb3J0YWxtYW5hdXMyNGguY29tLmJyL1RHODhJTVZFVENTQS9hY2Vzc28ucGhwIiwiY291bnRyeSI6IkZyYW5jZSIsImNpdHkiOiJQYXJpcyIsInN0YXRlIjoiw45sZS1kZS1GcmFuY2UiLCJsYXRpdHVkZSI6IjQ4LjkzMzUiLCJsb25naXR1ZGUiOiIyLjM2NjEiLCJzdGlkIjoiNzJiMDM5NTBhZTQ2ODNiNzMxNzFkYjQ2MzI2NjZiMDUiLCJldmVudCI6InJlcXVlc3QifQ.9tu5fvoTGNinMSPfp1tHKjOtpNvVCI8vdHpdodR6PDY
Requested by: Host: d.liquidadserver.com.br
URL: https://d.liquidadserver.com.br/tags
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6812:3ff4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.7
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:37:53 GMT
access-control-allow-methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.1.7
content-length: 43
cf-request-id: 06c5b3690b00002b7d02b0d000000001
referrer-policy: unsafe-url
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7LLGWkTlZTOMBYFMCjNyduW1O%2BaFk%2FdPSBOfdkCXAR6yjBut87U0KnrmV5VwHhJGJ4VKMRB4JGU8Cw6w8QGdakX8CEO0Gk9aGvJPl8QupG7qo%2BvcvrDL%2F5RQMW5MmOqxCtD1DsnGllBuZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: https://portalmanaus24h.com.br
access-control-allow-credentials: true
cf-ray: 5fb621bb49f42b7d-FRA
access-control-allow-headers: X-Requested-With,content-type

GET
H2 200 / Show response
tracker.liquidadserver.com.br/ Frame A112 43 B
544 B 298ms
297ms Fetch
image/gif 2606:4700:3033::ac43:9ff3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.liquidadserver.com.br/?ev=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJhZF9pZCI6MzgsImFkX25hbWUiOiJURVNURSBDT09LSUVMRVNTIiwiYWRfdHlwZSI6IkRpc3BsYXkiLCJ6b25lX2lkIjoyMCwiem9uZV9uYW1lIjoiVEVTVEUgQ09PS0lFTEVTUyIsInpvbmVfbWQ1IjoiYmNjMWE5MDMwN2Y3YjZjMWU5YTAzMTFmYzVjOGQ5ZmUiLCJjbGllbnRfaWQiOjM4NTc5LCJjbGllbnRfbmFtZSI6IlNJTVBMRUFEUyBURUNOT0xPR0lBIEUgSU5GT1JNQUNBTyBESUdJVEFMIExURCIsImNhbXBhaWduX2lkIjoxNSwiY2FtcGFpZ25fbmFtZSI6IlRFU1RFIENPT0tJRUxFU1MiLCJjcmVhdGl2ZXNpemUiOiIxeDEiLCJuYW1lTWQ1IjoiYmNjMWE5MDMwN2Y3YjZjMWU5YTAzMTFmYzVjOGQ5ZmUzOCIsImNyZWF0aXZlX3VybCI6IiIsImV4dGVuc2lvbiI6ImdpZiIsInNpemUiOm51bGwsIm9ubGluZSI6IkFndWFyZGFuZG8iLCJyaWQiOiJlZWUwMTBlOWE0NTE3OTg2MWYwMzgxYTYxNzY1Y2IxNiIsImRvbWFpbiI6InBvcnRhbG1hbmF1czI0aC5jb20uYnIiLCJyZWZlcmVyIjoiaHR0cHM6Ly9wb3J0YWxtYW5hdXMyNGguY29tLmJyL1RHODhJTVZFVENTQS9hY2Vzc28ucGhwIiwiY291bnRyeSI6IkZyYW5jZSIsImNpdHkiOiJQYXJpcyIsInN0YXRlIjoiw45sZS1kZS1GcmFuY2UiLCJsYXRpdHVkZSI6IjQ4LjkzMzUiLCJsb25naXR1ZGUiOiIyLjM2NjEiLCJzdGlkIjoiNzJiMDM5NTBhZTQ2ODNiNzMxNzFkYjQ2MzI2NjZiMDUiLCJldmVudCI6ImltcHJlc3Npb24ifQ.kSlshQYe_FIG1EMnztKmXUiR6d7AG7ciOs0l431tkyM
Requested by: Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:9ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.7
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:37:53 GMT
access-control-allow-methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.1.7
content-length: 43
cf-request-id: 06c5b3690b0000c26df6a4b000000001
referrer-policy: unsafe-url
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bohtJyJo%2BNDqUpwWEUh3OQqHAfAbZSQQf%2BZP7KUzWCNoHKfQh9WUhxS%2Bg8Tlr37JxBslskOqCGgvNHCEqFDC%2FSQjgPOEjDm%2BqDzVq3PEnsCm3QCC9FzqKjrQPaCZhzV4svjGICT863EE6g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: https://portalmanaus24h.com.br
access-control-allow-credentials: true
cf-ray: 5fb621bb4d67c26d-FRA
access-control-allow-headers: X-Requested-With,content-type

GET
H2 200 bcc1a90307f7b6c1e9a0311fc5c8d9fe38.gif
lqdads-7405.kxcdn.com/media/ Frame A112 42 B
737 B 9ms
9ms Image
image/gif 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lqdads-7405.kxcdn.com/media/bcc1a90307f7b6c1e9a0311fc5c8d9fe38.gif
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, DE),
Reverse DNS
Software: keycdn-engine / PHP/7.1.4
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:37:53 GMT
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
x-edge-location: defr
x-powered-by: PHP/7.1.4
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 42
cf-request-id: 05a631e6db0000e8ff53943200000001
last-modified: Wed, 07 Oct 2020 17:25:20 GMT
server: keycdn-engine
etag: W/"2a-17504189277"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=39&lkg-time=1602099925"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 5dea1f515cf8e8ff-MXP
expires: Wed, 09 Dec 2020 15:37:53 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame 1C27 0
0 6ms
5ms Document
text/html 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Wed, 02 Dec 2020 15:24:47 GMT
expires: Thu, 02 Dec 2021 15:24:47 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 786
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK zone Show response
delivery.liquidadserver.com.br/ Frame 8A1D 6 KB
2 KB 90ms
90ms Fetch
application/json 157.245.136.40
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.liquidadserver.com.br/zone?key_md5=bcc1a90307f7b6c1e9a0311fc5c8d9fe&country=France&state=%C3%8Ele-de-France&city=Paris&latitude=48.9335&longitude=2.3661&stid=72b03950ae4683b73171db4632666b05
Requested by: Host: d.liquidadserver.com.br
URL: https://d.liquidadserver.com.br/tags
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 157.245.136.40 , United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) / PHP/7.1.4
Resource Hash: f7196c5b199fc55908a174b64f8f0bed2358a2554b3ade2b1e8349a6cc9c2aac

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 02 Dec 2020 15:37:53 GMT
Content-Encoding: gzip
Referrer-Policy: unsafe-url
Server: nginx/1.14.0 (Ubuntu)
X-Powered-By: PHP/7.1.4
Vary: Origin, Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://portalmanaus24h.com.br
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With,content-type
ETag: W/"16e5-H2s6czs8Dll+geWvRL5HbtbHwiM"

GET
H2 200 / Show response
tracker.liquidadserver.com.br/ Frame 8E35 43 B
351 B 321ms
320ms Fetch
image/gif 2606:4700:3030::6812:3ff4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.liquidadserver.com.br/?ev=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJhZF9pZCI6MzgsImFkX25hbWUiOiJURVNURSBDT09LSUVMRVNTIiwiYWRfdHlwZSI6IkRpc3BsYXkiLCJ6b25lX2lkIjoyMCwiem9uZV9uYW1lIjoiVEVTVEUgQ09PS0lFTEVTUyIsInpvbmVfbWQ1IjoiYmNjMWE5MDMwN2Y3YjZjMWU5YTAzMTFmYzVjOGQ5ZmUiLCJjbGllbnRfaWQiOjM4NTc5LCJjbGllbnRfbmFtZSI6IlNJTVBMRUFEUyBURUNOT0xPR0lBIEUgSU5GT1JNQUNBTyBESUdJVEFMIExURCIsImNhbXBhaWduX2lkIjoxNSwiY2FtcGFpZ25fbmFtZSI6IlRFU1RFIENPT0tJRUxFU1MiLCJjcmVhdGl2ZXNpemUiOiIxeDEiLCJuYW1lTWQ1IjoiYmNjMWE5MDMwN2Y3YjZjMWU5YTAzMTFmYzVjOGQ5ZmUzOCIsImNyZWF0aXZlX3VybCI6IiIsImV4dGVuc2lvbiI6ImdpZiIsInNpemUiOm51bGwsIm9ubGluZSI6IkFndWFyZGFuZG8iLCJyaWQiOiJlZmQxMmNhZTBkMzM5ODVmMDAxZmYzNGQyYTM3NjZlNiIsImRvbWFpbiI6InBvcnRhbG1hbmF1czI0aC5jb20uYnIiLCJyZWZlcmVyIjoiaHR0cHM6Ly9wb3J0YWxtYW5hdXMyNGguY29tLmJyL1RHODhJTVZFVENTQS9hY2Vzc28ucGhwIiwiY291bnRyeSI6IkZyYW5jZSIsImNpdHkiOiJQYXJpcyIsInN0YXRlIjoiw45sZS1kZS1GcmFuY2UiLCJsYXRpdHVkZSI6IjQ4LjkzMzUiLCJsb25naXR1ZGUiOiIyLjM2NjEiLCJzdGlkIjoiNzJiMDM5NTBhZTQ2ODNiNzMxNzFkYjQ2MzI2NjZiMDUiLCJldmVudCI6InJlcXVlc3QifQ.Fy81gp5XZ2ni1_vKD_coaEi7OfcbyXsuS92Dduzao_A
Requested by: Host: d.liquidadserver.com.br
URL: https://d.liquidadserver.com.br/tags
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6812:3ff4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.7
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:37:53 GMT
access-control-allow-methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.1.7
content-length: 43
cf-request-id: 06c5b3695600002b7de8b56000000001
referrer-policy: unsafe-url
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cfUoj%2FlENeaJWZ6JwQiQ%2FHQuDt8JlOr9DtXweL4T30nMsqx59rZM9RE8l5Vm79i6uqDWZCES3gbcz7Q%2BnOYwpK4HGsl%2BMT8EEuqsg5EMFFrFW%2Bzq8H5QF42yHcHvIo5YPyM9cgGoKIRTKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: https://portalmanaus24h.com.br
access-control-allow-credentials: true
cf-ray: 5fb621bbbb6a2b7d-FRA
access-control-allow-headers: X-Requested-With,content-type

GET
H2 200 bcc1a90307f7b6c1e9a0311fc5c8d9fe38.gif
lqdads-7405.kxcdn.com/media/ Frame 8E35 42 B
737 B 11ms
10ms Image
image/gif 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lqdads-7405.kxcdn.com/media/bcc1a90307f7b6c1e9a0311fc5c8d9fe38.gif
Requested by: Host: d.liquidadserver.com.br
URL: https://d.liquidadserver.com.br/tags
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, DE),
Reverse DNS
Software: keycdn-engine / PHP/7.1.4
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:37:53 GMT
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
x-edge-location: defr
x-powered-by: PHP/7.1.4
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 42
cf-request-id: 05a631e6db0000e8ff53943200000001
last-modified: Wed, 07 Oct 2020 17:25:20 GMT
server: keycdn-engine
etag: W/"2a-17504189277"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=39&lkg-time=1602099925"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 5dea1f515cf8e8ff-MXP
expires: Wed, 09 Dec 2020 15:37:53 GMT

GET
H2 200 / Show response
tracker.liquidadserver.com.br/ Frame 8E35 43 B
348 B 299ms
299ms Fetch
image/gif 2606:4700:3033::ac43:9ff3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.liquidadserver.com.br/?ev=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJhZF9pZCI6MzgsImFkX25hbWUiOiJURVNURSBDT09LSUVMRVNTIiwiYWRfdHlwZSI6IkRpc3BsYXkiLCJ6b25lX2lkIjoyMCwiem9uZV9uYW1lIjoiVEVTVEUgQ09PS0lFTEVTUyIsInpvbmVfbWQ1IjoiYmNjMWE5MDMwN2Y3YjZjMWU5YTAzMTFmYzVjOGQ5ZmUiLCJjbGllbnRfaWQiOjM4NTc5LCJjbGllbnRfbmFtZSI6IlNJTVBMRUFEUyBURUNOT0xPR0lBIEUgSU5GT1JNQUNBTyBESUdJVEFMIExURCIsImNhbXBhaWduX2lkIjoxNSwiY2FtcGFpZ25fbmFtZSI6IlRFU1RFIENPT0tJRUxFU1MiLCJjcmVhdGl2ZXNpemUiOiIxeDEiLCJuYW1lTWQ1IjoiYmNjMWE5MDMwN2Y3YjZjMWU5YTAzMTFmYzVjOGQ5ZmUzOCIsImNyZWF0aXZlX3VybCI6IiIsImV4dGVuc2lvbiI6ImdpZiIsInNpemUiOm51bGwsIm9ubGluZSI6IkFndWFyZGFuZG8iLCJyaWQiOiJlZmQxMmNhZTBkMzM5ODVmMDAxZmYzNGQyYTM3NjZlNiIsImRvbWFpbiI6InBvcnRhbG1hbmF1czI0aC5jb20uYnIiLCJyZWZlcmVyIjoiaHR0cHM6Ly9wb3J0YWxtYW5hdXMyNGguY29tLmJyL1RHODhJTVZFVENTQS9hY2Vzc28ucGhwIiwiY291bnRyeSI6IkZyYW5jZSIsImNpdHkiOiJQYXJpcyIsInN0YXRlIjoiw45sZS1kZS1GcmFuY2UiLCJsYXRpdHVkZSI6IjQ4LjkzMzUiLCJsb25naXR1ZGUiOiIyLjM2NjEiLCJzdGlkIjoiNzJiMDM5NTBhZTQ2ODNiNzMxNzFkYjQ2MzI2NjZiMDUiLCJldmVudCI6ImltcHJlc3Npb24ifQ.rBYPWkGHp5nWdwk3m6qCGsanFOUfujAa3irR8oeB1Z8
Requested by: Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:9ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.7
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:37:53 GMT
access-control-allow-methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.1.7
content-length: 43
cf-request-id: 06c5b369580000c26d05376000000001
referrer-policy: unsafe-url
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7jJ8%2BGdDa5FfJFlm4UZcgHFtRzMJDqHEPC9PDXy8jtNBmlOF8UyhmOfaptaNe7IRbbCK3qQMsMj0971hwob4tv8XNpFpd3Dfe%2F%2FF1NMGygFEbyeFEIhTL5Tl4wINzE57phQjHGMW58N6ag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: https://portalmanaus24h.com.br
access-control-allow-credentials: true
cf-ray: 5fb621bbce4bc26d-FRA
access-control-allow-headers: X-Requested-With,content-type

GET
H2 200 c
c.mgid.com/ 43 B
280 B 140ms
140ms Image
image/gif 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/c?f=1&pv=3&v=784|184|8|rudB3lDmAbcn3sc1MvtU3LIMJ5uTVz5C-XRiTfFhLXR5Wid6JHNgcrU8cG5EoiKg&fw=1&extjs=66044&v=784|185|8|rudB3lDmAbcn3sc1MvtU3O3pS0ev-VWxO8dIC-ZHptRPLqKTYDzqFMB3bDWdk13L&v=784|185|8|rudB3lDmAbcn3sc1MvtU3GOhXS9WWJios-nIdaJuFT-FlImJ4x2pFCOVxUDygI8B&v=784|184|8|rudB3lDmAbcn3sc1MvtU3H8vHJ7iiG0B-alCPuORMvw4JjtG6aft9CZSIsgB2FK_&cid=1037079&h2=_IqHHECS4sm7TQFWqEkmfXiIRCw5aJaSpM4M_SpA4o4*&rid=56c5fecd-34b4-11eb-a85d-d094662c24f7&tt=Direct&pageImp=1&muid=kb2L6FCVtFB7&cbuster=1606923473254755983287&tpl=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Dec 2020 15:37:53 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 198a0d30-d1b7-4c46-b7a9-59b30a4f695c
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5fb621bbec4132c2-CDG
cf-request-id: 06c5b36970000032c291bae000000001
server: cloudflare

GET
H2 200 / Show response
tracker.liquidadserver.com.br/ Frame 8A1D 43 B
348 B 291ms
291ms Fetch
image/gif 2606:4700:3030::6812:3ff4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.liquidadserver.com.br/?ev=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJhZF9pZCI6MzgsImFkX25hbWUiOiJURVNURSBDT09LSUVMRVNTIiwiYWRfdHlwZSI6IkRpc3BsYXkiLCJ6b25lX2lkIjoyMCwiem9uZV9uYW1lIjoiVEVTVEUgQ09PS0lFTEVTUyIsInpvbmVfbWQ1IjoiYmNjMWE5MDMwN2Y3YjZjMWU5YTAzMTFmYzVjOGQ5ZmUiLCJjbGllbnRfaWQiOjM4NTc5LCJjbGllbnRfbmFtZSI6IlNJTVBMRUFEUyBURUNOT0xPR0lBIEUgSU5GT1JNQUNBTyBESUdJVEFMIExURCIsImNhbXBhaWduX2lkIjoxNSwiY2FtcGFpZ25fbmFtZSI6IlRFU1RFIENPT0tJRUxFU1MiLCJjcmVhdGl2ZXNpemUiOiIxeDEiLCJuYW1lTWQ1IjoiYmNjMWE5MDMwN2Y3YjZjMWU5YTAzMTFmYzVjOGQ5ZmUzOCIsImNyZWF0aXZlX3VybCI6IiIsImV4dGVuc2lvbiI6ImdpZiIsInNpemUiOm51bGwsIm9ubGluZSI6IkFndWFyZGFuZG8iLCJyaWQiOiIyYTNkMTI2ZDRlY2FlNDRiYWYwOWNlOWU5YTBkNzFiZCIsImRvbWFpbiI6InBvcnRhbG1hbmF1czI0aC5jb20uYnIiLCJyZWZlcmVyIjoiaHR0cHM6Ly9wb3J0YWxtYW5hdXMyNGguY29tLmJyL1RHODhJTVZFVENTQS9hY2Vzc28ucGhwIiwiY291bnRyeSI6IkZyYW5jZSIsImNpdHkiOiJQYXJpcyIsInN0YXRlIjoiw45sZS1kZS1GcmFuY2UiLCJsYXRpdHVkZSI6IjQ4LjkzMzUiLCJsb25naXR1ZGUiOiIyLjM2NjEiLCJzdGlkIjoiNzJiMDM5NTBhZTQ2ODNiNzMxNzFkYjQ2MzI2NjZiMDUiLCJldmVudCI6InJlcXVlc3QifQ.TpogZKhDIr9mBlxp47sKSwPlKQqIgmcpf_v_iCzy02w
Requested by: Host: d.liquidadserver.com.br
URL: https://d.liquidadserver.com.br/tags
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6812:3ff4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.7
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:37:53 GMT
access-control-allow-methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.1.7
content-length: 43
cf-request-id: 06c5b3697c00002b7d3e311000000001
referrer-policy: unsafe-url
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fQ7FtgaWbuH7YXss9Ksfq%2BQwo8SM4MeffX8NRsAjrCM8r%2BkC5TPOlLcFfuRQB9vnWmI%2FEt6eLsac%2FoYtsBT3DROUOni2UHkl6g9vp9mkOJk2ft8ArDcLoUP%2FyribUTrAPv6I6nB24oja8w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: https://portalmanaus24h.com.br
access-control-allow-credentials: true
cf-ray: 5fb621bbfc322b7d-FRA
access-control-allow-headers: X-Requested-With,content-type

GET
H2 200 bcc1a90307f7b6c1e9a0311fc5c8d9fe38.gif
lqdads-7405.kxcdn.com/media/ Frame 8A1D 42 B
737 B 6ms
6ms Image
image/gif 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lqdads-7405.kxcdn.com/media/bcc1a90307f7b6c1e9a0311fc5c8d9fe38.gif
Requested by: Host: d.liquidadserver.com.br
URL: https://d.liquidadserver.com.br/tags
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, DE),
Reverse DNS
Software: keycdn-engine / PHP/7.1.4
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:37:53 GMT
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
x-edge-location: defr
x-powered-by: PHP/7.1.4
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 42
cf-request-id: 05a631e6db0000e8ff53943200000001
last-modified: Wed, 07 Oct 2020 17:25:20 GMT
server: keycdn-engine
etag: W/"2a-17504189277"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=39&lkg-time=1602099925"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 5dea1f515cf8e8ff-MXP
expires: Wed, 09 Dec 2020 15:37:53 GMT

GET
H2 200 / Show response
tracker.liquidadserver.com.br/ Frame 8A1D 43 B
350 B 291ms
290ms Fetch
image/gif 2606:4700:3033::ac43:9ff3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.liquidadserver.com.br/?ev=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJhZF9pZCI6MzgsImFkX25hbWUiOiJURVNURSBDT09LSUVMRVNTIiwiYWRfdHlwZSI6IkRpc3BsYXkiLCJ6b25lX2lkIjoyMCwiem9uZV9uYW1lIjoiVEVTVEUgQ09PS0lFTEVTUyIsInpvbmVfbWQ1IjoiYmNjMWE5MDMwN2Y3YjZjMWU5YTAzMTFmYzVjOGQ5ZmUiLCJjbGllbnRfaWQiOjM4NTc5LCJjbGllbnRfbmFtZSI6IlNJTVBMRUFEUyBURUNOT0xPR0lBIEUgSU5GT1JNQUNBTyBESUdJVEFMIExURCIsImNhbXBhaWduX2lkIjoxNSwiY2FtcGFpZ25fbmFtZSI6IlRFU1RFIENPT0tJRUxFU1MiLCJjcmVhdGl2ZXNpemUiOiIxeDEiLCJuYW1lTWQ1IjoiYmNjMWE5MDMwN2Y3YjZjMWU5YTAzMTFmYzVjOGQ5ZmUzOCIsImNyZWF0aXZlX3VybCI6IiIsImV4dGVuc2lvbiI6ImdpZiIsInNpemUiOm51bGwsIm9ubGluZSI6IkFndWFyZGFuZG8iLCJyaWQiOiIyYTNkMTI2ZDRlY2FlNDRiYWYwOWNlOWU5YTBkNzFiZCIsImRvbWFpbiI6InBvcnRhbG1hbmF1czI0aC5jb20uYnIiLCJyZWZlcmVyIjoiaHR0cHM6Ly9wb3J0YWxtYW5hdXMyNGguY29tLmJyL1RHODhJTVZFVENTQS9hY2Vzc28ucGhwIiwiY291bnRyeSI6IkZyYW5jZSIsImNpdHkiOiJQYXJpcyIsInN0YXRlIjoiw45sZS1kZS1GcmFuY2UiLCJsYXRpdHVkZSI6IjQ4LjkzMzUiLCJsb25naXR1ZGUiOiIyLjM2NjEiLCJzdGlkIjoiNzJiMDM5NTBhZTQ2ODNiNzMxNzFkYjQ2MzI2NjZiMDUiLCJldmVudCI6ImltcHJlc3Npb24ifQ.jNhPxWg3c8SRGNBRpxia7uxKWha_uW8S8wHQb1IqU0Q
Requested by: Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:9ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.7
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 15:37:53 GMT
access-control-allow-methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.1.7
content-length: 43
cf-request-id: 06c5b3697f0000c26dd0a01000000001
referrer-policy: unsafe-url
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6m24LqaavG3q7M7qTAqnj2D9m2u1ZNgXdI%2B6mrPwm0qPXs2N0IcPI5pwWpTxSLTasCGoFdmwjJy1hclZ8d7%2B1YK7xI%2BD43SyfPx%2FO5zROdiaysDo8OthCxH1fGhj%2FqkxdEKs2sI%2Bw158KQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: https://portalmanaus24h.com.br
access-control-allow-credentials: true
cf-ray: 5fb621bbfeb2c26d-FRA
access-control-allow-headers: X-Requested-With,content-type

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 996C 0
23 B 15ms
14ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gpt_2020111901&jk=3869305654397669&bg=!lpWllbXNAAUoamvQKFi1brh6Z-d2lgIAAADOUgAAACZoAQcKAKuvl8JHucPv1SULrRMUkk5L2n5R8fjORHRr8TARMFK82LMk1ROcCbA102iXbcJK4kmgtH0S1rYKsPtvt45rsDvTdFZdV3e-8Z9MLWXq6e4tth8NC43eYbJI3LJDd-q4tRVYuUlwknu1JPc2L9vLo5J34SpNvt9q6K0jF4zZ_cfI87W7VFZKneqtw4u6cQUENYCi96V7AyBCOA9GIO-FZQYflwOGLLEFBSUOaH2ZAd8AvQ8i21Al9s4mGg5h3mxGSDLJYsiNd90mAI4xk0uUTFH95q0kpSlphmKcojJhTxiaIvMWi9s8nF-ZyeoYUzst0fzyx9sVfzP32Hri-wrQIvokI7iGe_WG2_csxeHWcI023e02NtCmxgVsSNf7rZpADYeN2-7OVM4wRPQHBQBusgeNbKwRe9yX6hqgm2QNgClA4Qdh1pkHpsjA1cQSaCjj3bzGpJhPz46BrconLz_fAp0ww-eX3DPbsz0sizu8zjmxBDzytAXZbutSx-Gkwt5aREILoq9diecRHPw6Pyo8Q1e-1sYti8UZ_pq6ODtAIN00hI9rVS-cVmBtMRxizkG0tkg3vOl_PKVpwaF_qzwvo63F9AUhOlgTnHJkvyuf50rX8L8JLfFtkOohX8UmADYromcTHCIbbIMeytfFVNjdzsihnqh4osavGHMYFSgInTGAQex3sdXjgCXLMTKvBSvyzy-5P3QOpxXKUrMIUN-LRNH8n2KJ651sXMaP9cdTBPAFgGY2nfthk4f8l6-dMmf9LxMvsPuMDIwxHFdLKi_NHJ5SUIq6YSvUOLICN-T8J_p2fXV-uBPvjVBEVTACh1JL8ylDbiwvvmz3A-TrXjABtKSKfbiXoBsB2eQWVq-B7g

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Dec 2020 15:37:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0A7F 0
23 B 15ms
15ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gpt_2020111901&jk=4479936634566110&bg=!fX6lfl7NAAUoamvQKFjiekyhbF2IkQIAAADaUgAAACBoAQcKAVN0fvwoMlxr4TJMDtvZPuxWBQdQll4s9jdnGl4ouHcsId2UJbAzc0bFGGcajI3UrEU0mXG49LwdGcxrNvli-9LxpBa0JlwvPCJQvxOW5cY_Xuw-7dna12pRtA1X8ZWq6pE2bIZBgFhz03wudTtapWYKE33rFdMgtCOYKe3h0UyLc6x23FneAlFtTJej-SfY7sMyXGTv7OgokTD2C9ljOIO0nLQnNGGHpD0nokxQiGrhXJg7zYC02raOU6dxL8izsuNGPjXfLuAw3Jmt8jjoBirL-CJ0oqrcvQzrp1L4BJF24coxo5Om9KdjmBA9TMHJVL-8wuUj9Li-nGvoCBCvt-vOMF67z56icAVUsTx0hJQNWPeTSY5RTaTCVOYcLT0f-BlKQXdzBaQjnmsXxu8inWTSy440mVm5myAiEEXfaDLvr0c2v5rKESY3L5T1myMWedJziceZAe6JFeETeWpiWZqO56-efe71_3KMxmxvPkL6T8tLBpUV3WETXALYfcaKNrwSnmj-8J_RR8F2Rf18XEleH8uRXbxe-junS9UuvFtjNJdT6w4MWI2YvRw2I4nTIVS2BVmLo1X1FJdy-TIYUgK_TrnOHjAHFCifG_qWgE933d-lrGzZQwz6tvjfkwJatadACs6cOAvbLnZ1MSljeXHe1Rrssfhes--svXaakmSurgQlmoQ93RBg0Jwv_dpS2tA6JjY8ytfoD3tqjMF-jo4VoCe_8Sq11pl2QeHzy4Yaksq8036NFrYtHE7V9gH5tUXksdzV7u_orgqlxgcvo8k4XFUcmiC1NuEgyi1rcDlBubE1JPVm3OpEQ_klJ_S5shRyZ4hVMYX8BQ3KYOBKgZ3yDii-ZBteKyQMh6Ua140qUvFgv1DD4wxd80BkL7v_oRjsEH5_SeKB2bEHrg3yPWqfzRLoUzSCKYcDljR3CRpZZ22pZ_ugnbCCotPzWWzq8uMv9lj50Nil8TNkG_XV7KLmCq9C9L67QreF8JN6iFNsmBThgmdXO8YFFiulOLrMOWtQXVvCEp0gw2YC0rsuXxxbytlMuc4vhZG9-3DmIcsjMrOpSuDsZzSmJVpfsyEnKkoEaUzNHrfpS5FRuS770awsZQcWuQ

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Dec 2020 15:37:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9AC2 0
23 B 15ms
15ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gpt_2020111901&jk=596849277340820&bg=!TE-lT2_NAAVGySeIRljGAb-ZaI5JdwIAAACOUgAAABpoAQcKAOPeRo5erThJjSHMJYtyhS6_21tytC4rh05lJn52_NzIZRPxosDFSsQUH7oV6phSK_ps67r29k6DMVlOIgOUhEsmYUpTHdusutbqKLyUFs4qoA399N2XQjwc_gk4M-Rle-_LA3z8H9O_DiloFwRkbCGoxuVRmXtPPzmhOPVYSyp6ZY7vjcW5wID11ysEfjhpEyq1cdSPbFqcZhfHGWtHgvkXh-NgDrdNmk7CJhaGft7A_X0E5J6MMWU6dUIXtkLkgnXVW161q5OttDJ760eLygn24UQnqtH64QiXVpZfqbA7oead2JkB3xGevPg9YCSqb8hYFWDeFFna5E_t_e0Cc64BNhbo0uLLxK7bdDI2-E8OY0A_sT0CeefIIL32uZfPC6PaMEFtHt8_WffSj4RaRjyUsE5A1pm2utg7WW2Pb1BHZ5CIkAE9Ck12gbU_NaUkt5oJQXZNBcyoX-CGzxVnMZ6YJXZANX9gCbvT9nAB_tc4OTS4L3rrTz2wNqXnsEZthM5a9I5lfIl_7-sRCbRzYV2CLCwyr48CgBifQVh3vuOQImdVp4uTgpfYnXdMSAue4ndY9_8r7RVVkf9tPzKLrZQ0RgcAfNN8hV7zLE1ShGEItFJ_kcIpacPwa3TxsGHVrvQXK3YRtTk_QMwuBrlccra_TtMo6y494HVgFuQ0h5MwbXxeZvNd39ZylOkjU8WRYWOL-MAJ5HyazKmI8ZpJc0D8JdKRyJcH6EfF-87mDieFsvrBdDfn-h8ZcMOyZGAL_Rru6r3_PvVxZr03SN1_6a7jiz96o_Zu5SqL94TTokHScVDTDrRhAF0fR2XzkoIZ2YtTryKbFQ-5A8ypVr3sRMZ4tgN9Ti72phndku5EN2RUUEurzvijGjBCrDfuQr19tcewtgfo14-kMALuW2yJiVrOdL2px6nITw1mwxGm2eF9MMA_HHAu

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/TG88IMVETCSA/acesso.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Dec 2020 15:37:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

371 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.portalmanaus24h.com.br/	1970-01-19 23:43:39	Name: __gads Value: ID=b40ab5ff96f06213:T=1606923469:S=ALNI_Mb2NkmIBKVFQkFfV3Awux-NK4gMpQ
portalmanaus24h.com.br/	1969-12-31 23:59:59	Name: MarketGidStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%2C%22TejndEEDj%22%3A%22Ze-.nle_B%22%7D%2C%22C1037079%22%3A%7B%22page%22%3A1%7D%7D
.portalmanaus24h.com.br/	1970-01-19 15:05:15	Name: __cfduid Value: d0f43b267ea5b875e293435476cc8bf321606923467

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://jsc.mgid.com/p/o/portalmanaus24h.com.br.1037079.js(Line 1) Message: [object HTMLImageElement]
console-api	log	URL: https://creatives.sascdn.com/diff/2447/6880103/sas-interstitial-2-18b_4bc0b97f-9e32-4b1a-9caa-38cc1de43fc1.js(Line 1) Message: [object Arguments]
console-api	log	URL: https://creatives.sascdn.com/diff/2447/6880103/sas-interstitial-2-18b_4bc0b97f-9e32-4b1a-9caa-38cc1de43fc1.js(Line 1) Message: [object Arguments]
console-api	log	URL: https://d.liquidadserver.com.br/tags(Line 1) Message: Houve erro
console-api	log	(Line 15) Message: Slider => [object Object]
console-api	log	URL: https://d.liquidadserver.com.br/tags(Line 1) Message: Houve erro
console-api	log	URL: https://d.liquidadserver.com.br/tags(Line 1) Message: Houve erro

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6917555d30d5e345f3bb0e98b837f77d.safeframe.googlesyndication.com
ads.simpleads.com.br
adservice.google.com
adservice.google.de
adservice.google.fr
ajax.cloudflare.com
b053f1d77208c5497fe1e9c9ae869bb2.safeframe.googlesyndication.com
b8a3fa1f88cd0b45b8787eeb312feda2.safeframe.googlesyndication.com
bh.contextweb.com
c.mgid.com
cdn.mgid.com
cdn.simpleads.com.br
ced-ns.sascdn.com
cm.g.doubleclick.net
cm.idealmedia.io
cm.lentainform.com
cm.mgid.com
connect.facebook.net
creatives.sascdn.com
d.liquidadserver.com.br
delivery.liquidadserver.com.br
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
jsc.mgid.com
lqdads-7405.kxcdn.com
match.adsrvr.org
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.yabidos.com
portalmanaus24h.com.br
pre.glotgrx.com
pro.ip-api.com
s-img.mgid.com
sb.scorecardresearch.com
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
servicer.mgid.com
tpc.googlesyndication.com
tracker.liquidadserver.com.br
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
104.16.199.73
104.16.200.58
104.19.136.78
104.19.216.61
157.245.136.40
184.30.212.16
198.148.27.139
199.187.193.140
2.19.34.195
216.58.206.2
2606:4700:3030::6812:3ff4
2606:4700:3031::681c:1cef
2606:4700:3033::ac43:9ff3
2606:4700::6810:3f36
2606:4700::6810:a823
2a00:1450:4001:803::200a
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::200e
2a00:1450:4001:816::2001
2a00:1450:4001:817::2008
2a00:1450:4001:819::2003
2a00:1450:4001:81a::2002
2a00:1450:4001:81c::2002
2a02:26f0:6c00::210:ba29
2a03:2880:f01c:8012:face:b00c:0:3
2a0b:4d07:101::1
2a0b:4d07:102::1
51.77.64.70
52.28.88.30
54.171.98.69
68.232.35.16
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
069e2abed69e2efcd6930c0615ae8c32c1cb9f76e6e9ffae45495bc6759a3f95
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0e29f9a85e5960160477df2b85d9677a3deee504bac7a5abe6d204d741bb8258
139293969a3af52128cec6885aae531bd55ddf25f4e43ff1e9b1ff624b78ee69
21906f4f635a0b8968a9087c803b2714e7ed2ed818ce61276b4fab8da3f1b82d
2467b382295827fc5c7d634ced5cb38b06d6ae6688400dd9e5254d8667800f2e
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
28b4a4552abaa94aa364c05cadb542a998c6fdc6a339997b49b26d4a5edcf296
297b33ba930feb975c6869804a999ec114c2235b151d019e4e844902f3ce41c4
2a806c51aeb0b950cbcce4147104160752b9e65a40a5d50e49b06a26127cb478
2c026cf4c6db7213dc7036ab1da4d408a07e48895cca8057670eb32ce5cce543
2c13dd9e31b7964d80c340e7f9891b2f35cee30f4f5c673536ac662ed500f591
2fa866f281364240678617640d2944c8927bb03588410dfec54a4a97641129e6
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
37962d820471b928427f6bbc581a044e0daff0d4096bb58bb05227d6c05525c4
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3be0a916496d7936bb83ce60a4de9f10ef400f16c38e7dd7c65449c795e7739b
3f9cb118a348fe2b77c5b19d1778eb7505a9317bf07251a0798b700425ee8c32
447d369f201b54a41f92b45b3b319420a5f1078cef687ae23f1831b34bd9a8e6
4b24555211c2b44bfc9d83befefeb792fb7af40988f8a5ac3483177f44bec544
53bbf52c8b5b0fa61fc6c1ef85aa01a2b68be0fdce8c963d273ce394f596b926
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5a34b76b50f10f76c5227d92cb0a9aa03b6a3d329e949f229bf0a718f1cabaa6
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
5e72a6053c72fd8b75a2723a35b054605a26ed93fe36fa40c5cb1ace71322129
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
6a3c2a95f809d869b0b3742454572660cc278a66e70cacec8b7b950d0d7e5abd
6ab0d66f4810a55d79f8675c8361cabf0c2e35ca6881103308e8ef033c5a1da3
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6be5a031e2a8c35b1f76f30139d9cd5b3cd3f3d78adc8521fecd336f44df5b2b
6c41e176a52cd84ddb4efe26b8745ad6e9e0bbb520c9236126747a7ef118ea61
6eca1cd8f52675e9a6504800c47f532fbb196fbe958c41f2a8c0e3ae6e3c68c0
6f58202a14e2dcb4c672d6e9f0881ddc2b4e88225a97aadd940400a7377ee02d
6f96f545c5578e53167400f8e466da0109fccbc9efecdc9e5dc6004765a8f323
72859c6beb751d71d46eef287809181e56d8eefe5e0dd89adafad35b328b0f0f
76db8eaafd56a116fa9f722f596da45b0ef936a6975861fe6b481fe3bccd2398
7c9257d18e1efd4f06a64ec5f49889eb2c5b76cddcfec7e63d5546b6b539a0f2
7fddde09e7af591a1aa9d712b3eb59931d2c95285a11c31429eb31e63aa5ddec
812e73dfb24e948bf18d3442e5cb0adb24ed094e5f8186c6445cc003c141799a
84d832d3323bc4abc90538fa1b1c9b9355cc05563c1e5f64ea33b77c9ac2ae69
84ebb28c30d3d9fbcb792980ff677143ef36faf6a0bead58a56b75c713889c22
87ce4cc30530348882f7ec9e07ca8a24e704140aef3ef8260c3272598081c99b
89204e5565e559e69518d4ae768eaf35adec1ad7048d1d45c7e23f7f259f5e34
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919
8ca12b603338491dae016804e4971ee30b1838fedb2c7ee1a54023e8ae6d2756
8f977c933bffb16696289d4d082f581414d3f85b1c22c48e0975eef21fab8b6d
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
92b33196a232ed91cb8132457039c35a87201dfa05c14ff22d82f3494135444d
9f2fc574e6f1581b3df7ee980e957b8d631fc3fb7918e1bbab6dcb1c8f06f36d
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a3f5fe43cf3b943aa4ef647e87d8189c61b971c177cb3a6f3e88076fd4b2b9df
a47c5f5e29085e35027772455c9ce573c0562ae0e27f3e9366cc1b1b576917e1
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a4b814a0e6838c13703ff30b18c890ed768ccd67432553ff953d83b3d589db73
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aae80a8125affd8e33409d76e77ae2918d62c2028ee68e0d9fd6093d41ca0aad
ad7386d16a056df5c235702a97a5fa4cee68e302d71041aa35df96151f756f48
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
b18ad37f9a3ede082154d3a0f80e096ac44f72407b07c2530a9cbe20b52d0253
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
bb07a5e06c489409f52896aacd9783ac93c4656fb4863aad19b0600cf0081f07
be32c31eebb3cd49807bc71cecc36e6960d5fd7b94c98e3ed56c83600f1226eb
bf73ece92d892694c939f494ab9fbe2a58e8a7ce9f2ebabeb721b475876c46fd
c9a612722eed86936463bc8772a9d4509e0c24f22485221beaa583a60079fef2
ca4fc58fa3ca10bbbaf881c48e7262979cebfa912cf9f4a1da4f1fa216dfeff3
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
ce9ea81f9121149c46f65d067fda963c4f4afe3a2677093f840b63c07040b9a0
cf7a2b3976c3af63dc2bca70cc5625a26341f19b1ccd484feddf076df895ed58
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d56ee6a2ba915ad87e2dc9b49d9199563f3b35f9e048938e84d1a033e5c2b1c5
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
d98d7a81b2cc1e6b36d75db78826771fed2ddbe50ab593bea89ba19d6e6f7cb4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e862cd0cae842403ff5218ffefaaa5f16f43918776e8fc476d5e799f83173845
eb5005571cb358990d29174bdeca9af94f4343ba0d7f248706b8d363715937a1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0ff1c8d8961ef788b3f734e18eebe6a543b703871e2872baa34a5e31b9f7c5b
f1ce7f2648eb997311039e58418b0addab8e49813aacacd319134c8ff6485042
f6517ce6a414dcaca2b78e079a713c70f59ce7ed85b66229c747fb0869d969f4
f6d7f6088972489e3063f1a1d21bfc86b61339b72f43efd9994801b4d09ada9e
f7196c5b199fc55908a174b64f8f0bed2358a2554b3ade2b1e8349a6cc9c2aac
fa42225c8b2ac65d442fbdca2d3113cf55e3c401ebffecaaf016f832b50a7658
faf9810146e69ceabb44e0a3bbb3481eccd3d7031c5eeaa4a1f52796fcb4b77d
fcee51fb53f0133068ed9d4cbd832efa49f81f6b2a0a76359b04279f86243d12
fd5b48a2b3b432683bd43bc06b311f28417230a9b920453836e0e2aeafabab16
fdc103f9663010ea930ca029351019e0af082d32eb3a7f729fb69bc2ec232238

portalmanaus24h.com.br Open in urlscan Pro 2606:4700:3031::681c:1cef Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

157 Requests

100 %HTTPS

55 %IPv6

29 Domains

45 Subdomains

30 IPs

7 Countries

1769 kBTransfer

5221 kBSize

3 Cookies

8 Outgoing links

Redirected requests

157 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

portalmanaus24h.com.br Open in urlscan Pro
2606:4700:3031::681c:1cef Public Scan

Screenshot
Live screenshot

Full Image

157
Requests

100 %
HTTPS

55 %
IPv6

29
Domains

45
Subdomains

30
IPs

7
Countries

1769 kB
Transfer

5221 kB
Size

3
Cookies

157 HTTP transactions
4 data transactions