portaldoplmx.com Open in urlscan Pro
188.114.96.9 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://portaldoplmx.com/
Effective URL:
https://portaldoplmx.com/
Submission Tags: suspect
Submission: On October 18 via api (October 18th 2024, 4:57:39 pm UTC) from BR — Scanned from NL

Summary HTTP 43 Redirects Links 2 Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 43 HTTP transactions. The main IP is 188.114.96.9, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is portaldoplmx.com.
TLS certificate: Issued by WE1 on October 17th 2024. Valid for: 3 months.

This is the only time portaldoplmx.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
34	188.114.96.9 188.114.96.9		13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:830::200a		15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:4f49		13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	172.217.18.3 172.217.18.3		15169 (GOOGLE) (GOOGLE)
43	5

34 188.114.96.9 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

portaldoplmx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4f49 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.18.3 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	portaldoplmx.com portaldoplmx.com	3 MB
5	gstatic.com fonts.gstatic.com	67 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	4 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 683	7 KB
43	4

	Domain	Requested by
34	portaldoplmx.com	portaldoplmx.com
5	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	portaldoplmx.com
1	static.cloudflareinsights.com	portaldoplmx.com
43	4

This site contains links to these domains. Also see Links.

Domain
themeforest.net
wa.me

Subject Issuer	Validity	Valid
portaldoplmx.com WE1	`2024-10-17` - `2025-01-15`	3 months	crt.sh
upload.video.google.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
cloudflareinsights.com WE1	`2024-09-03` - `2024-12-02`	3 months	crt.sh
*.gstatic.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://portaldoplmx.com/
Frame ID: D68055228E91A5B00FC9EC37135E9770
Requests: 43 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Portal Atendimento – Home

Page URL History Show full URLs

http://portaldoplmx.com/ HTTP 307
https://portaldoplmx.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Revslider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/revslider/[/\w-]+/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

43
Requests

98 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

5
IPs

3
Countries

2740 kB
Transfer

7805 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://themeforest.net/item/betheme-responsive-multipurpose-wordpress-theme/7758048?ref=muffingroup
Title: Buy now

Search URL Search Domain Scan URL

URL: https://wa.me/56982446656
Title: REALIZE SEU ORÇAMENTO

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://portaldoplmx.com/ HTTP 307
https://portaldoplmx.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

43 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
portaldoplmx.com/
Redirect Chain

http://portaldoplmx.com/
https://portaldoplmx.com/

98 KB
23 KB

499ms
444ms

Document
text/html

188.114.96.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portaldoplmx.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0dbb29fb5da465933ff754427aeb805a8ef4b6cce35ccc96a71b1e5d7bfe5b23

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8d4a1161cc010e81-AMS
content-encoding: zstd
content-type: text/html; charset=UTF-8
date: Fri, 18 Oct 2024 16:57:31 GMT
link: <https://portaldoplmx.com/wp-json/>; rel="https://api.w.org/" <https://portaldoplmx.com/wp-json/wp/v2/pages/32>; rel="alternate"; title="JSON"; type="application/json" <https://portaldoplmx.com/>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ER2rrdjDl%2FF3Fd%2FubLysXURlOOR%2FkJ4WPqNWBzZFpM%2BR0Ee5Pti1gVVEVaaY%2FruOz54RCHJHFcmEdYC1sA5tPMZcNqLF6vTrE189TmeX%2FjEOmm8wSXjlC55FRxTEDRHP0O39"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfCacheStatus;desc="DYNAMIC"
x-pingback: https://portaldoplmx.com/xmlrpc.php
x-turbo-charged-by: LiteSpeed

Redirect headers

Location: https://portaldoplmx.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H3 200 style.min.css
portaldoplmx.com/wp-includes/css/dist/block-library/ 110 KB
17 KB 75ms
74ms Stylesheet
text/css 188.114.96.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portaldoplmx.com/wp-includes/css/dist/block-library/style.min.css?ver=6.6.2
Requested by: Host: portaldoplmx.com
URL: https://portaldoplmx.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb3a89cc6347e098063bd15f285bc90411846ddce6f17812364feedab67a67f5

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://portaldoplmx.com/

Response headers

content-encoding: zstd
cf-cache-status: HIT
age: 63294
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TmyPz3Q0iG0L%2FcuDXwPLAU7u213mww6Q4VkhKvsXVpKPA0X0nUQxvCd90fQ3dzCHLYp6cw0Jz5irx41P9XGmjfZ48MRXIP5VBOjZt9eV9R9j%2BgPTiQ8VSD%2B9%2B9YsVitEvRUl"}],"group":"cf-nel","max_age":604800}
expires: Thu, 24 Oct 2024 23:22:37 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 18 Oct 2024 16:57:31 GMT
content-type: text/css
last-modified: Thu, 05 Sep 2024 02:19:20 GMT
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d4a1165c9880e81-AMS
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 be.css
portaldoplmx.com/wp-content/themes/betheme/css/ 332 KB
65 KB 88ms
84ms Stylesheet
text/css 188.114.96.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portaldoplmx.com/wp-content/themes/betheme/css/be.css?ver=25.1.7
Requested by: Host: portaldoplmx.com
URL: https://portaldoplmx.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02d86fc45e22c9d7be5ca264435323944651cdd5b419c51e3eb0c6193fb5761c

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://portaldoplmx.com/

Response headers

content-encoding: zstd
cf-cache-status: HIT
age: 63294
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bOZhBYfYmtfXZ0zT8nkziGLfLOXl0Fr2ic%2FLERcNiVkywwkbeQIp1U1pnf2DgSlRUJ4EzW%2FijjKZEqA7ialcdtj4m2FOAKeEX3SAFq7Y%2BbwaBCnuHyP1yVgBm3ziNvaGqv1C"}],"group":"cf-nel","max_age":604800}
expires: Thu, 24 Oct 2024 23:22:37 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 18 Oct 2024 16:57:31 GMT
content-type: text/css
last-modified: Mon, 20 Dec 2021 14:28:52 GMT
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d4a1165c98b0e81-AMS
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 animations.min.css
portaldoplmx.com/wp-content/themes/betheme/assets/animations/ 57 KB
7 KB 41ms
38ms Stylesheet
text/css 188.114.96.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portaldoplmx.com/wp-content/themes/betheme/assets/animations/animations.min.css?ver=25.1.7
Requested by: Host: portaldoplmx.com
URL: https://portaldoplmx.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38be46aaa000896df8c89b3d6fc608efe575d822c4f4541cf7ad6b5069ce2879

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://portaldoplmx.com/

Response headers

content-encoding: zstd
cf-cache-status: HIT
age: 63294
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ojUdKb2ogZ6ykRSNQzwNxxLjYaBdYyD4N0tDixc1n5bjQ%2BIRG55gfjT6Y1M5N1DGnoxXH6m0gCHKwclHE0rwjw%2FY0%2FoEQtfwp295jbsiw7N8ACNC%2BvJeV7Uzgw5ZCe4kbRQf"}],"group":"cf-nel","max_age":604800}
expires: Thu, 24 Oct 2024 23:22:37 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 18 Oct 2024 16:57:31 GMT
content-type: text/css
last-modified: Tue, 14 Dec 2021 19:31:22 GMT
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d4a1165c98f0e81-AMS
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 fontawesome.css
portaldoplmx.com/wp-content/themes/betheme/fonts/fontawesome/ 59 KB
14 KB 221ms
218ms Stylesheet
text/css 188.114.96.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portaldoplmx.com/wp-content/themes/betheme/fonts/fontawesome/fontawesome.css?ver=25.1.7
Requested by: Host: portaldoplmx.com
URL: https://portaldoplmx.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a8f55d140604ca7fed7724ee5d45c06d445673636211543d30959c317a98a4b

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://portaldoplmx.com/

Response headers

content-encoding: zstd
cf-cache-status: HIT
age: 63294
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KNZx69jz5Q31wBl0%2B2mO8EErbWdrG0B0R7f%2BUF1O3m4aU4LWkC9ukFPWbzWNUIRWn1ZhFhWVUEXQSI39u8NIK72oMDtBHGcpyOENTin4e3xAww8HfvTI2ry2IgQSnYImcWAc"}],"group":"cf-nel","max_age":604800}
expires: Thu, 24 Oct 2024 23:22:37 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 18 Oct 2024 16:57:31 GMT
content-type: text/css
last-modified: Tue, 14 Dec 2021 19:31:24 GMT
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d4a1165c9910e81-AMS
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 jplayer.blue.monday.min.css
portaldoplmx.com/wp-content/themes/betheme/assets/jplayer/css/ 9 KB
3 KB 239ms
236ms Stylesheet
text/css 188.114.96.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portaldoplmx.com/wp-content/themes/betheme/assets/jplayer/css/jplayer.blue.monday.min.css?ver=25.1.7
Requested by: Host: portaldoplmx.com
URL: https://portaldoplmx.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10f8e5f272c9ae8c8271ab51d7310aaf9c9bed694104dbe6ff10d99849d19ab8

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://portaldoplmx.com/

Response headers

content-encoding: zstd
cf-cache-status: HIT
age: 63294
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AyTH%2BzCfRckIW2O8ovpFCva0x2BwAsxbeur8kJSOfCZYfH8qpV6doVweRXBqX71BeFEjNTPEJ%2BqFC98Sd7O4wMiAes0OLqEFH1ECWw70oW3NPj8a7VXG0UTNa9Nffw46g61K"}],"group":"cf-nel","max_age":604800}
expires: Thu, 24 Oct 2024 23:22:37 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 18 Oct 2024 16:57:31 GMT
content-type: text/css
last-modified: Tue, 14 Dec 2021 19:31:22 GMT
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d4a1165c9930e81-AMS
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 responsive.css
portaldoplmx.com/wp-content/themes/betheme/css/ 59 KB
12 KB 240ms
237ms Stylesheet
text/css 188.114.96.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portaldoplmx.com/wp-content/themes/betheme/css/responsive.css?ver=25.1.7
Requested by: Host: portaldoplmx.com
URL: https://portaldoplmx.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09655c7993d8be9b0773512659abd59d962afb3d2f1c271d5dc8109bcb0b0115

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://portaldoplmx.com/

Response headers

content-encoding: zstd
cf-cache-status: HIT
age: 63294
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tkqsx%2FIe%2BRe0fWPHAVWkDWVg1I0GTLPCmGVcoJbfq%2F8n5udOC%2FHRZTiH817zGrmHMNJ0CqesOhJO%2FslAeS%2BHhnNZEj%2B7fRG5sXQWSHCOooVf1YtJRn1vLnBKXrv2wzFRLGSB"}],"group":"cf-nel","max_age":604800}
expires: Thu, 24 Oct 2024 23:22:37 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 18 Oct 2024 16:57:31 GMT
content-type: text/css
last-modified: Tue, 14 Dec 2021 19:31:24 GMT
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d4a1165c9960e81-AMS
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H2 200 css
fonts.googleapis.com/ 37 KB
3 KB 199ms
66ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A1%2C300%2C400%2C400italic%2C500%2C700%2C700italic%7CLora%3A1%2C300%2C400%2C400italic%2C500%2C700%2C700italic&display=swap&ver=6.6.2

Requested by

Host: portaldoplmx.com
URL: https://portaldoplmx.com/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ec8406ef1dd00160a5cbddb24c5ff48178f5723b1302b96ce556fc5124ba0835

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://portaldoplmx.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Fri, 18 Oct 2024 16:57:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 18 Oct 2024 16:57:31 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 style.css
portaldoplmx.com/wp-content/plugins/wp-whatsapp-chat/build/frontend/css/ 32 KB
12 KB 289ms
287ms Stylesheet
text/css 188.114.96.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portaldoplmx.com/wp-content/plugins/wp-whatsapp-chat/build/frontend/css/style.css?ver=7.4.6
Requested by: Host: portaldoplmx.com
URL: https://portaldoplmx.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b949ad34d4145f803cdd2a3d07180f047ac362ae19ac146c8593b679e62cade2

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://portaldoplmx.com/

Response headers

content-encoding: zstd
cf-cache-status: HIT
age: 63294
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KAXWliCYqfDMHqinOFcxo5dm%2Fo8UWrKW5F5y9nXFChlSM%2FdkGdk7QLtRJGddtlCuJPnYO2TIb5S%2FX4eT9IhYBjAKWJ1E3EEf3Ip%2FXc8XHuSBOytpWelpfcv2tVIwyHASmVwr"}],"group":"cf-nel","max_age":604800}
expires: Thu, 24 Oct 2024 23:22:37 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 18 Oct 2024 16:57:31 GMT
content-type: text/css
last-modified: Thu, 17 Oct 2024 17:36:03 GMT
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d4a1165c9990e81-AMS
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 jquery.min.js Show response
portaldoplmx.com/wp-includes/js/jquery/ 86 KB
32 KB 440ms
438ms Script
text/javascript 188.114.96.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portaldoplmx.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: portaldoplmx.com
URL: https://portaldoplmx.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://portaldoplmx.com/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JRoEHEl%2F6er3rU%2FpJYOs%2BS9EacLONb%2FL10IWPLcAEgac9Y2qA9CUq0Bw%2FvMEAqUtk3%2BGqBqAfUMXIdWY%2FAz5KVrRRvcwf82%2FoBfwjYzGIZ7kmUCKCBgozdtUKzCdCgM6RwuZ"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d4a1165c99b0e81-AMS
alt-svc: h3=":443"; ma=86400
date: Fri, 18 Oct 2024 16:57:31 GMT
x-turbo-charged-by: LiteSpeed
content-type: text/javascript
last-modified: Tue, 29 Aug 2023 02:44:24 GMT
vary: Accept-Encoding
priority: u=1,i=?0

GET
H3 200 jquery-migrate.min.js Show response
portaldoplmx.com/wp-includes/js/jquery/ 13 KB
6 KB 492ms
491ms Script
text/javascript 188.114.96.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portaldoplmx.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: portaldoplmx.com
URL: https://portaldoplmx.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://portaldoplmx.com/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6PZreH7RAtRZhFAcwZD%2B7jPl9nYFOtYQuVOtj6dG8S%2BylEXZCOfcjqmpCgSa%2Bx8bykq7xzIEfEmK9tlE3KbkfSSfwrDYUGWDJlXomDQYc3R5nkHjz%2FiCkChy1%2Fi0ekB5oWNE"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d4a1165c99d0e81-AMS
alt-svc: h3=":443"; ma=86400
date: Fri, 18 Oct 2024 16:57:31 GMT
x-turbo-charged-by: LiteSpeed
content-type: text/javascript
last-modified: Fri, 09 Jun 2023 15:19:24 GMT
vary: Accept-Encoding
priority: u=1,i=?0

GET
H3 200 lof.png
portaldoplmx.com/wp-content/uploads/2024/10/ 44 KB
45 KB 49ms
48ms Image
image/png 188.114.96.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portaldoplmx.com/wp-content/uploads/2024/10/lof.png
Requested by: Host: portaldoplmx.com
URL: https://portaldoplmx.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d43fec8cf6f125dc12ed67bc461c9c881ed7618ae30a3ff7bd22e4cba864f337

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://portaldoplmx.com/

Response headers

cf-cache-status: HIT
age: 63294
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jmgakOav28SYMXGBMCvOcZItqUy68Vgsz4XK%2BH29bQsaKBdxsL32RCQa8aFO5QdyutcBmhFlokzJvI1uhzBOktnZHwoGbeoQ7dQfvVWyURoHHgEzHoPp0fRiXoUUtaufcM%2Fr"}],"group":"cf-nel","max_age":604800}
expires: Thu, 24 Oct 2024 23:22:37 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 18 Oct 2024 16:57:31 GMT
content-type: image/png
last-modified: Thu, 17 Oct 2024 17:16:21 GMT
vary: Accept-Encoding
priority: u=2,i
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d4a1165c9a10e81-AMS
accept-ranges: bytes
content-length: 45526
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 dummy.png
portaldoplmx.com/wp-content/plugins/revslider/sr6/assets/assets/ 68 B
578 B 56ms
54ms Image
image/png 188.114.96.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portaldoplmx.com/wp-content/plugins/revslider/sr6/assets/assets/dummy.png
Requested by: Host: portaldoplmx.com
URL: https://portaldoplmx.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://portaldoplmx.com/

Response headers

cf-cache-status: HIT
age: 63294
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BGAvrr6mCLO8KqPZlqARz7DLU%2B8eV4J19O2JvEdqYUKSsYkUp5edPOcbsZYwEerQJUYrMxMNdRwYHovcYISOL4TUZcNAtXN9dv7cr97FyIq%2BD9F6LQ9e2nnqbib%2F7EdF%2FBLQ"}],"group":"cf-nel","max_age":604800}
expires: Thu, 24 Oct 2024 23:22:37 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 18 Oct 2024 16:57:31 GMT
content-type: image/png
last-modified: Thu, 17 Oct 2024 17:04:32 GMT
vary: Accept-Encoding
priority: u=2,i
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d4a1165c9a30e81-AMS
accept-ranges: bytes
content-length: 68
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 Captura-de-tela-2024-10-17-141915-1.png
portaldoplmx.com/wp-content/uploads/2024/10/ 77 KB
77 KB 62ms
58ms Image
image/png 188.114.96.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portaldoplmx.com/wp-content/uploads/2024/10/Captura-de-tela-2024-10-17-141915-1.png
Requested by: Host: portaldoplmx.com
URL: https://portaldoplmx.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b431bbbbe5d046d115f501f92726528569f296e81e6a37b079afda9e5759a715

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://portaldoplmx.com/

Response headers

cf-cache-status: HIT
age: 63295
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QP%2Fq60z3SJL4ntyA4ezzmg1mqI43ANxxh%2F0UqhRK%2F%2FtGdeEJbTWa24GsoSn9H3vZ6bopfFUf8%2FYXgsyTCJFEUVxvErRleDYIAzq7u8cXhPg2DtCDJzpajJt3mpdTNfclz%2Bie"}],"group":"cf-nel","max_age":604800}
expires: Thu, 24 Oct 2024 23:22:37 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 18 Oct 2024 16:57:32 GMT
content-type: image/png
last-modified: Thu, 17 Oct 2024 17:25:04 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d4a11690dcb0e81-AMS
accept-ranges: bytes
content-length: 78642
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 Captura-de-tela-2024-10-17-141801.png
portaldoplmx.com/wp-content/uploads/2024/10/ 316 KB
317 KB 50ms
46ms Image
image/png 188.114.96.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portaldoplmx.com/wp-content/uploads/2024/10/Captura-de-tela-2024-10-17-141801.png
Requested by: Host: portaldoplmx.com
URL: https://portaldoplmx.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fcee7d1ca7d7fdd47072ef267aeef6d1864d77eadd6acaacae735e0eadb53820

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://portaldoplmx.com/

Response headers

cf-cache-status: HIT
age: 63295
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l%2FKSCtYwODrUrWL5UyZvoycelJ%2FBWeDQdQI%2BUhW9eAJl49aytgeE2XkeON7McT3RQIfaArsw4zK9xboeT6unk1%2B9W%2ByFnqMI8ZzbN5Gqb7gzU8hZtNuTjHpgAY3JHgBPRLtT"}],"group":"cf-nel","max_age":604800}
expires: Thu, 24 Oct 2024 23:22:37 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 18 Oct 2024 16:57:32 GMT
content-type: image/png
last-modified: Thu, 17 Oct 2024 17:21:42 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d4a11690dcc0e81-AMS
accept-ranges: bytes
content-length: 323736
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 Captura-de-tela-2024-10-17-142320.png
portaldoplmx.com/wp-content/uploads/2024/10/ 2 MB
2 MB 103ms
99ms Image
image/png 188.114.96.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portaldoplmx.com/wp-content/uploads/2024/10/Captura-de-tela-2024-10-17-142320.png
Requested by: Host: portaldoplmx.com
URL: https://portaldoplmx.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8cdc07b87f0518ef5d75e93e559f3918508a4a15360d78d205b8bc1c14fa513f

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://portaldoplmx.com/

Response headers

cf-cache-status: HIT
age: 63295
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X29zSehydecRip%2F5vF4yEP9t9Mm3K%2FKm4G8ULynK20nZz0ZOfCS6kO6nvMHzKS2cr2O5ZhNGnKeKIhRA7%2BQ9d1FCRpJnj348PH%2BJxNQQ4gt8oYS67x93FEVrbf%2B%2FtIPQHyvP"}],"group":"cf-nel","max_age":604800}
expires: Thu, 24 Oct 2024 23:22:37 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 18 Oct 2024 16:57:32 GMT
content-type: image/png
last-modified: Thu, 17 Oct 2024 17:27:29 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d4a11690dce0e81-AMS
accept-ranges: bytes
content-length: 1625225
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 Captura-de-tela-2024-10-17-142436.png
portaldoplmx.com/wp-content/uploads/2024/10/ 54 KB
54 KB 188ms
184ms Image
image/png 188.114.96.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portaldoplmx.com/wp-content/uploads/2024/10/Captura-de-tela-2024-10-17-142436.png
Requested by: Host: portaldoplmx.com
URL: https://portaldoplmx.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd0a384b893b8cd508b316bb80ec43ad7039836b6ea3ae87d9cbb5ab172f2686

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://portaldoplmx.com/

Response headers

cf-cache-status: HIT
age: 63295
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dYx1npM8wciiMF6gwwhs23cUmy1HrZWEQe7oS1GhNbCi%2F21qo4QRDt8ytknDAxIcDDpOwGi%2FXfvy258eqtlb3nG%2BV95YeOfDFgY%2FJ51ShgIEufwIOFCXWVNAnXAflCe7i%2B%2FO"}],"group":"cf-nel","max_age":604800}
expires: Thu, 24 Oct 2024 23:22:37 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 18 Oct 2024 16:57:32 GMT
content-type: image/png
last-modified: Thu, 17 Oct 2024 17:28:44 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d4a11690dcf0e81-AMS
accept-ranges: bytes
content-length: 55213
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 email-decode.min.js Show response
portaldoplmx.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 472ms
472ms Script
application/javascript 188.114.96.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portaldoplmx.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: portaldoplmx.com
URL: https://portaldoplmx.com/

Protocol

H3

Security

QUIC, , AES_128_GCM

Server

188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://portaldoplmx.com/

Response headers

x-frame-options: DENY
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=172800, public
content-encoding: gzip
etag: W/"670fb497-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b8enQE4lBBuo0ogOv3OfdINjdXMXGGtwJCyo1OyDxibJy6Skw5qSitM%2FSJ3X%2BjaJctnIPPv3y1IwednhKUtS1X9U1e1imrUlUzC0bbv5G%2B7pFMmoxcalfi%2BDISWrbXDPDp6F"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8d4a11663a3a0e81-AMS
expires: Sun, 20 Oct 2024 16:57:31 GMT
date: Fri, 18 Oct 2024 16:57:31 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 12:41:59 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 200 css
fonts.googleapis.com/ 7 KB
855 B 66ms
55ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300%2C500%2C400&display=swap

Requested by

Host: portaldoplmx.com
URL: https://portaldoplmx.com/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a2af9324a809db97dd441e41b9841080d13b855c76b9ded55c5abd1b4f002e0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://portaldoplmx.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Fri, 18 Oct 2024 16:57:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 18 Oct 2024 16:57:32 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 rs6.css
portaldoplmx.com/wp-content/plugins/revslider/sr6/assets/css/ 57 KB
14 KB 38ms
36ms Stylesheet
text/css 188.114.96.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portaldoplmx.com/wp-content/plugins/revslider/sr6/assets/css/rs6.css?ver=6.7.4
Requested by: Host: portaldoplmx.com
URL: https://portaldoplmx.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2a7a173045c7ed2c9474ee0edd3ebc0389454132b0a16e55b3eae6402c46a05

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://portaldoplmx.com/

Response headers

content-encoding: zstd
cf-cache-status: HIT
age: 63295
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X1x2cPBDatx0zvk7ETfnZUT5GqwsUYm%2BtC%2Bh%2FEXyvceQfbiDOirmLKA2FK3%2Bb8NA%2BYha6IXqJxqV%2FP32uXWpLKsGYObtBdh4kZN%2FgBLf3rZj6KSlXJi6nNnkR0gBYajdBmug"}],"group":"cf-nel","max_age":604800}
expires: Thu, 24 Oct 2024 23:22:37 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 18 Oct 2024 16:57:32 GMT
content-type: text/css
last-modified: Thu, 17 Oct 2024 17:04:32 GMT
vary: Accept-Encoding
priority: u=2,i=?0
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d4a1168fdb90e81-AMS
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 rbtools.min.js Show response
portaldoplmx.com/wp-content/plugins/revslider/sr6/assets/js/ 161 KB
63 KB 189ms
184ms Script
text/javascript 188.114.96.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portaldoplmx.com/wp-content/plugins/revslider/sr6/assets/js/rbtools.min.js?ver=6.7.2
Requested by: Host: portaldoplmx.com
URL: https://portaldoplmx.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4596b16b126326b0d8fc2fb8bf91389ad3dc4671a269187913c19a8f2ad1094

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://portaldoplmx.com/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8A8gBBDPcwNW1d0oQZJxaF9YSkh26BNrT1LLrq7TRH0lRb7lLzfRmSNm%2ByviQ61qPSsYwtM%2FpOFXAMhhKfkBvL84wHAx22C80NdVWZLX6Mp2%2ByidYpLyfmQ3I6eHooylUr2H"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d4a11690dd10e81-AMS
alt-svc: h3=":443"; ma=86400
date: Fri, 18 Oct 2024 16:57:32 GMT
x-turbo-charged-by: LiteSpeed
content-type: text/javascript
last-modified: Thu, 17 Oct 2024 17:04:32 GMT
vary: Accept-Encoding
priority: u=3,i=?0

GET
H3 200 rs6.min.js Show response
portaldoplmx.com/wp-content/plugins/revslider/sr6/assets/js/ 405 KB
111 KB 188ms
183ms Script
text/javascript 188.114.96.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portaldoplmx.com/wp-content/plugins/revslider/sr6/assets/js/rs6.min.js?ver=6.7.4
Requested by: Host: portaldoplmx.com
URL: https://portaldoplmx.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18c034e8caa6309a777f480cb671892899f48f95bc6b1e016ecc5e96e4e8f10a

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://portaldoplmx.com/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qHEnX2sZx1U5mKXYjEFSqYuJQick0Hv%2BfupWm6FfOoDMLPKlKjORBJjvU4qExAoADKid17d0wadE8exSZRuywHkdYAJiw1rdVahICrjQPjCwPuIMNEYhOFfbTSq4U1pLWbFY"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d4a11690dd20e81-AMS
alt-svc: h3=":443"; ma=86400
date: Fri, 18 Oct 2024 16:57:32 GMT
x-turbo-charged-by: LiteSpeed
content-type: text/javascript
last-modified: Thu, 17 Oct 2024 17:04:32 GMT
vary: Accept-Encoding
priority: u=3,i=?0

GET
H3 200 core.min.js Show response
portaldoplmx.com/wp-includes/js/jquery/ui/ 21 KB
8 KB 201ms
197ms Script
text/javascript 188.114.96.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portaldoplmx.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.3
Requested by: Host: portaldoplmx.com
URL: https://portaldoplmx.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e84c9f8d71bc6eb2dac2fce59a6caea62da51ffa8cf56b41806f59386ab1322

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://portaldoplmx.com/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bNIDHsCR6g6ptTrZ1ZWuxG%2B3vclTZ7VGgH9xfLCN90QkW%2FUjf1gKnX61wdim4rWLP47umSrmCE78L6qNMoE3S%2Fu%2Fr5oZAcP8RvUqgnHCL36PPluXLBCXgtFoJtjwtrjTrh5r"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d4a11690dbd0e81-AMS
alt-svc: h3=":443"; ma=86400
date: Fri, 18 Oct 2024 16:57:32 GMT
x-turbo-charged-by: LiteSpeed
content-type: text/javascript
last-modified: Thu, 27 Jun 2024 23:21:44 GMT
vary: Accept-Encoding
priority: u=2,i=?0

GET
H3 200 tabs.min.js Show response
portaldoplmx.com/wp-includes/js/jquery/ui/ 12 KB
5 KB 179ms
175ms Script
text/javascript 188.114.96.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portaldoplmx.com/wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.3
Requested by: Host: portaldoplmx.com
URL: https://portaldoplmx.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1ac109fb0da76a03eb39daecb548806675cda9793ad6bce4621c651746de08f

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://portaldoplmx.com/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QWgazKpcPvRU%2BcHfckmyXwHgpFfz0EUNo761ZCWXjNhPjWU%2Bk2Toh9LbVpjvgWU6SZ2%2FK2pJjCvbSt6bKp0cqAro26x5yZPwfSBOnzP0Ws6kcZL3NUh9YnvSAwO9uzQ4o2J7"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d4a11690dbe0e81-AMS
alt-svc: h3=":443"; ma=86400
date: Fri, 18 Oct 2024 16:57:32 GMT
x-turbo-charged-by: LiteSpeed
content-type: text/javascript
last-modified: Thu, 27 Jun 2024 23:21:44 GMT
vary: Accept-Encoding
priority: u=2,i=?0

GET
H3 200 plugins.js Show response
portaldoplmx.com/wp-content/themes/betheme/js/ 197 KB
59 KB 210ms
206ms Script
text/javascript 188.114.96.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portaldoplmx.com/wp-content/themes/betheme/js/plugins.js?ver=25.1.7
Requested by: Host: portaldoplmx.com
URL: https://portaldoplmx.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54766cd48bb6d7cdd9c40489d6e8caa9ccba6c5d289e016b5576bceff9093613

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://portaldoplmx.com/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O1NCFeAc9xKyXmXUEp7WwtSMRk6rIFMi9LKVs93Ns%2BcZHycQo6iKjSBXq9gqegclNojXOnL7hGjeeQJuLqznShLSN8YMAVHp1xIbkWNRtOCPkBU5yPIa0gs6T4r7PEglnoYv"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d4a11690dbf0e81-AMS
alt-svc: h3=":443"; ma=86400
date: Fri, 18 Oct 2024 16:57:32 GMT
x-turbo-charged-by: LiteSpeed
content-type: text/javascript
last-modified: Tue, 14 Dec 2021 19:31:24 GMT
vary: Accept-Encoding
priority: u=2,i=?0

GET
H3 200 menu.js Show response
portaldoplmx.com/wp-content/themes/betheme/js/ 2 KB
1 KB 181ms
177ms Script
text/javascript 188.114.96.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portaldoplmx.com/wp-content/themes/betheme/js/menu.js?ver=25.1.7
Requested by: Host: portaldoplmx.com
URL: https://portaldoplmx.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c22005bbdf738de61a4c2ee99c2b3c4fe52f336dfc8aa274860c58c845027d50

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://portaldoplmx.com/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5jTXOzJjR6jTfCIVQ0YxwaehOIYA4I41QyB85%2Bvbffs%2Fx%2FeOXPPeDDWCUyDjQT2WlEAL56rVYpGsAxfhO9CDLr5JB9B9rEfxPN2OmhBCPHupmdyRQkP%2BnL6SNgJQsLukigIh"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d4a11690dc00e81-AMS
alt-svc: h3=":443"; ma=86400
date: Fri, 18 Oct 2024 16:57:32 GMT
x-turbo-charged-by: LiteSpeed
content-type: text/javascript
last-modified: Tue, 14 Dec 2021 19:31:24 GMT
vary: Accept-Encoding
priority: u=2,i=?0

GET
H3 200 animations.min.js Show response
portaldoplmx.com/wp-content/themes/betheme/assets/animations/ 2 KB
1 KB 181ms
177ms Script
text/javascript 188.114.96.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portaldoplmx.com/wp-content/themes/betheme/assets/animations/animations.min.js?ver=25.1.7
Requested by: Host: portaldoplmx.com
URL: https://portaldoplmx.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1bbd7ecc1eb2490fa89949a1af779e82a0817587e19a8396936ed86e430550b

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://portaldoplmx.com/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lOlEyRMoXtixMgSdcT%2Fqslh500wA%2B4J75KrEyko9KYv5cufVOEGBuKwRkUBfPZp5etGhPa68qSuORjqYuIeRNMNZTHOkbxjEwGYw2czy3d4qWSZ5Jf%2FwGdR2NywdtLf2GXoW"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d4a11690dc10e81-AMS
alt-svc: h3=":443"; ma=86400
date: Fri, 18 Oct 2024 16:57:32 GMT
x-turbo-charged-by: LiteSpeed
content-type: text/javascript
last-modified: Tue, 14 Dec 2021 19:31:22 GMT
vary: Accept-Encoding
priority: u=2,i=?0

GET
H3 200 jplayer.min.js Show response
portaldoplmx.com/wp-content/themes/betheme/assets/jplayer/ 51 KB
14 KB 182ms
178ms Script
text/javascript 188.114.96.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portaldoplmx.com/wp-content/themes/betheme/assets/jplayer/jplayer.min.js?ver=25.1.7
Requested by: Host: portaldoplmx.com
URL: https://portaldoplmx.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e6c69ba30da65996fe5cfd06a9248ad71966d7f05781b646d87358a7e202511

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://portaldoplmx.com/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M6ZJRUq4vfG43h5TR1OTxRGuKmQ1fu4QiqLvsmJvi69OZlv%2F%2B1nvIoHFFH6yDlCU8xSzODPLNoirlBWJbPsNAWYBisHghMcIz7cY%2BKuCaBo4%2FsYeYLvhA%2Fs%2FIEoLh6Ut%2B66Q"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d4a11690dc30e81-AMS
alt-svc: h3=":443"; ma=86400
date: Fri, 18 Oct 2024 16:57:32 GMT
x-turbo-charged-by: LiteSpeed
content-type: text/javascript
last-modified: Tue, 14 Dec 2021 19:31:22 GMT
vary: Accept-Encoding
priority: u=2,i=?0

GET
H3 200 translate3d.js Show response
portaldoplmx.com/wp-content/themes/betheme/js/parallax/ 4 KB
2 KB 137ms
133ms Script
text/javascript 188.114.96.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portaldoplmx.com/wp-content/themes/betheme/js/parallax/translate3d.js?ver=25.1.7
Requested by: Host: portaldoplmx.com
URL: https://portaldoplmx.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0a00439e0c82d42a9b64c694698665bd924252eb48e86b1c95a4d40dac471a4

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://portaldoplmx.com/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZMieqi%2FAJCwAy%2BnfAyP6AdNvYAsaIG0egtjHU3%2B0jw9SyOb79ka4%2FAaGQ2hPDBYgTOdPWIAha3aYKgZgYVlRb3aHU2EIx5LqEmUOqDu6Rtsk4DBPktBFhOJCDUBM4lGr7Cfq"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d4a11690dc40e81-AMS
alt-svc: h3=":443"; ma=86400
date: Fri, 18 Oct 2024 16:57:32 GMT
x-turbo-charged-by: LiteSpeed
content-type: text/javascript
last-modified: Tue, 14 Dec 2021 19:31:24 GMT
vary: Accept-Encoding
priority: u=2,i=?0

GET
H3 200 scripts.js Show response
portaldoplmx.com/wp-content/themes/betheme/js/ 85 KB
20 KB 266ms
262ms Script
text/javascript 188.114.96.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portaldoplmx.com/wp-content/themes/betheme/js/scripts.js?ver=25.1.7
Requested by: Host: portaldoplmx.com
URL: https://portaldoplmx.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2dba7329e8c4fa7e4128fc8e81e02b4e034219492ef976746b4bcd4790a50060

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://portaldoplmx.com/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CaGy%2Bo9d7Us7kkOMoAflKWKFFXQeASF4rPb5pRKlbdVem%2FQ7FywN5nAolDVccJnQG8b2MAeJGBEBy5jmgZkiKWZE%2Btj9RWxf0qpk4JHblzGWErOSuuq9dQdMpqrRQxSQ3AHw"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d4a11690dc80e81-AMS
alt-svc: h3=":443"; ma=86400
date: Fri, 18 Oct 2024 16:57:32 GMT
x-turbo-charged-by: LiteSpeed
content-type: text/javascript
last-modified: Tue, 14 Dec 2021 19:31:24 GMT
vary: Accept-Encoding
priority: u=2,i=?0

GET
H3 200 index.js Show response
portaldoplmx.com/wp-content/plugins/wp-whatsapp-chat/build/frontend/js/ 7 KB
3 KB 282ms
278ms Script
text/javascript 188.114.96.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portaldoplmx.com/wp-content/plugins/wp-whatsapp-chat/build/frontend/js/index.js?ver=050b65b6ccb82df6ae3c
Requested by: Host: portaldoplmx.com
URL: https://portaldoplmx.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3242ca41da46d84918ca6b71dcae985eefb056ea64a7f513a86f73652658f425

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://portaldoplmx.com/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z%2FGbwtaaYRxJJy2Kne%2FQa8BAiN4Bmeso3J2QI68uPNV1sRPfMagPtb95VRVl4EFBWR5z%2B%2F%2BkqT9ku7yx3gV5%2BQZoHCV%2BUHqPDgi6%2Fnl11%2FkOzt%2BFPrboTXx%2BpoMfefjc30al"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d4a11690dca0e81-AMS
alt-svc: h3=":443"; ma=86400
date: Fri, 18 Oct 2024 16:57:32 GMT
x-turbo-charged-by: LiteSpeed
content-type: text/javascript
last-modified: Thu, 17 Oct 2024 17:36:03 GMT
vary: Accept-Encoding
priority: u=2,i=?0

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 221ms
78ms Script
text/javascript 2606:4700::6810:4f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: portaldoplmx.com
URL: https://portaldoplmx.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Origin: https://portaldoplmx.com
Referer: https://portaldoplmx.com/

Response headers

cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"2024.6.1"
cross-origin-resource-policy: cross-origin
cf-ray: 8d4a116a1f60b978-AMS
access-control-allow-origin: *
date: Fri, 18 Oct 2024 16:57:32 GMT
content-type: text/javascript;charset=UTF-8
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
vary: Accept-Encoding
server: cloudflare

GET 9fc47288-3dbb-4b80-a549-e1d7d3b78d6c
https://portaldoplmx.com/ 0
0

GET
H3 200 lof.png
portaldoplmx.com/wp-content/uploads/2024/10/ 44 KB
0 4ms
4ms Image
image/png 188.114.96.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portaldoplmx.com/wp-content/uploads/2024/10/lof.png
Requested by: Host: portaldoplmx.com
URL: https://portaldoplmx.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d43fec8cf6f125dc12ed67bc461c9c881ed7618ae30a3ff7bd22e4cba864f337

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://portaldoplmx.com/

Response headers

cf-cache-status: HIT
age: 63294
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jmgakOav28SYMXGBMCvOcZItqUy68Vgsz4XK%2BH29bQsaKBdxsL32RCQa8aFO5QdyutcBmhFlokzJvI1uhzBOktnZHwoGbeoQ7dQfvVWyURoHHgEzHoPp0fRiXoUUtaufcM%2Fr"}],"group":"cf-nel","max_age":604800}
expires: Thu, 24 Oct 2024 23:22:37 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 18 Oct 2024 16:57:31 GMT
content-type: image/png
last-modified: Thu, 17 Oct 2024 17:16:21 GMT
vary: Accept-Encoding
priority: u=2,i
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d4a1165c9a10e81-AMS
accept-ranges: bytes
content-length: 45526
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v32/ 13 KB
13 KB 333ms
210ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A1%2C300%2C400%2C400italic%2C500%2C700%2C700italic%7CLora%3A1%2C300%2C400%2C400italic%2C500%2C700%2C700italic&display=swap&ver=6.6.2

Protocol

H3

Security

QUIC, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f3.1e100.net

Software

sffe /

Resource Hash

bf9cfe01317e3758dd38982921dc1f26cc7243237d02e7ed90d3830b6f4e8ed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Origin: https://portaldoplmx.com
Referer: https://fonts.googleapis.com/

Response headers

age: 219718
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 16 Oct 2025 03:55:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 03:55:34 GMT
last-modified: Thu, 01 Aug 2024 20:41:22 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 13388
x-xss-protection: 0
server: sffe

GET
H3 200 icons.woff
portaldoplmx.com/wp-content/themes/betheme/fonts/mfn/ 80 KB
80 KB 2737ms
2736ms Font
font/woff 188.114.96.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portaldoplmx.com/wp-content/themes/betheme/fonts/mfn/icons.woff?31690507
Requested by: Host: portaldoplmx.com
URL: https://portaldoplmx.com/wp-content/themes/betheme/css/be.css?ver=25.1.7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 559a910060423ed485ddc062a9ab5318859bbfde26be3f73d9b83ac0b9dae677

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Origin: https://portaldoplmx.com
Referer: https://portaldoplmx.com/wp-content/themes/betheme/css/be.css?ver=25.1.7

Response headers

cf-cache-status: HIT
age: 63295
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rAGdtAc3cXuCG6R%2BP%2FCyJsxyQnaLn6bipUs%2BdoLjaLHsO9L05pnHhzMCvWLPjhSaEH108rJZXsuPmmJctOZ51aDP6vP%2BN6LoSmlB01%2FQSYYUx9U9zGalLAaq9PNJndt4JNva"}],"group":"cf-nel","max_age":604800}
expires: Thu, 24 Oct 2024 23:22:37 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 18 Oct 2024 16:57:32 GMT
content-type: font/woff
last-modified: Tue, 14 Dec 2021 19:31:24 GMT
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d4a11697e3f0e81-AMS
accept-ranges: bytes
content-length: 81448
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v32/ 13 KB
13 KB 262ms
184ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A1%2C300%2C400%2C400italic%2C500%2C700%2C700italic%7CLora%3A1%2C300%2C400%2C400italic%2C500%2C700%2C700italic&display=swap&ver=6.6.2

Protocol

H3

Security

QUIC, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f3.1e100.net

Software

sffe /

Resource Hash

0e637574ec102b93795e00daaa92eebdacf1dcee9133b123fb9b56ea8eaf7e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Origin: https://portaldoplmx.com
Referer: https://fonts.googleapis.com/

Response headers

age: 255595
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 15 Oct 2025 17:57:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 15 Oct 2024 17:57:37 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 13432
x-xss-protection: 0
server: sffe

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v32/ 13 KB
13 KB 274ms
197ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A1%2C300%2C400%2C400italic%2C500%2C700%2C700italic%7CLora%3A1%2C300%2C400%2C400italic%2C500%2C700%2C700italic&display=swap&ver=6.6.2

Protocol

H3

Security

QUIC, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f3.1e100.net

Software

sffe /

Resource Hash

a70c2bc728eb261ac55c2ff878249947bcd3a9d8827d94e63fbdd8fe67156986

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Origin: https://portaldoplmx.com
Referer: https://fonts.googleapis.com/

Response headers

age: 220368
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 16 Oct 2025 03:44:44 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 03:44:44 GMT
last-modified: Thu, 01 Aug 2024 20:41:20 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 13528
x-xss-protection: 0
server: sffe

GET
H3 200 KFOkCnqEu92Fr1Mu51xIIzIXKMny.woff2
fonts.gstatic.com/s/roboto/v32/ 15 KB
15 KB 295ms
218ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOkCnqEu92Fr1Mu51xIIzIXKMny.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A1%2C300%2C400%2C400italic%2C500%2C700%2C700italic%7CLora%3A1%2C300%2C400%2C400italic%2C500%2C700%2C700italic&display=swap&ver=6.6.2

Protocol

H3

Security

QUIC, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f3.1e100.net

Software

sffe /

Resource Hash

7cced09b0fd8718262ff270eb5abd55b60b5ba5459692321c6be96c460c1c14e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Origin: https://portaldoplmx.com
Referer: https://fonts.googleapis.com/

Response headers

age: 326599
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Tue, 14 Oct 2025 22:14:13 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 14 Oct 2024 22:14:13 GMT
last-modified: Thu, 01 Aug 2024 20:41:23 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 15036
x-xss-protection: 0
server: sffe

GET
H3 200 wp-emoji-release.min.js Show response
portaldoplmx.com/wp-includes/js/ 18 KB
6 KB 2560ms
2560ms Script
text/javascript 188.114.96.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portaldoplmx.com/wp-includes/js/wp-emoji-release.min.js?ver=6.6.2
Requested by: Host: portaldoplmx.com
URL: https://portaldoplmx.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://portaldoplmx.com/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j1q0e8BI3SktEaFY%2FbTAonhl2iAapM1NY2hMB7uHc8Pckmu31TlXJV1R0Ed%2BAtRNan1s%2Fyo6OllUolNRDk4ADpXJs3F9lHMFfOOqYY25AoNOfHSTD%2BnobLcCt2FF8MmZ35%2Fl"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d4a116acff40e81-AMS
alt-svc: h3=":443"; ma=86400
date: Fri, 18 Oct 2024 16:57:32 GMT
x-turbo-charged-by: LiteSpeed
content-type: text/javascript
last-modified: Thu, 27 Jun 2024 23:21:44 GMT
vary: Accept-Encoding
priority: u=3,i=?0

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 55b8be4284458cd4c3ac412561fc7f7c4d5bb0eb0b44f4cb6a66cd211e861a73

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Origin: https://portaldoplmx.com
Referer

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v32/ 13 KB
13 KB 38ms
37ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A1%2C300%2C400%2C400italic%2C500%2C700%2C700italic%7CLora%3A1%2C300%2C400%2C400italic%2C500%2C700%2C700italic&display=swap&ver=6.6.2

Protocol

H3

Security

QUIC, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f3.1e100.net

Software

sffe /

Resource Hash

0a7fc3de6341e5ab2853f213dbf792903cd35039daa9530a649a20a877ccac8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Origin: https://portaldoplmx.com
Referer: https://fonts.googleapis.com/

Response headers

age: 220043
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 16 Oct 2025 03:50:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 03:50:09 GMT
last-modified: Thu, 01 Aug 2024 20:41:26 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 13408
x-xss-protection: 0
server: sffe

GET
H3 200 header.png
portaldoplmx.com/wp-content/uploads/2024/10/ 2 MB
0 37ms
37ms Image
image/png 188.114.96.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portaldoplmx.com/wp-content/uploads/2024/10/header.png
Requested by: Host: portaldoplmx.com
URL: https://portaldoplmx.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://portaldoplmx.com/

Response headers

cf-cache-status: HIT
age: 63298
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XnhqN4n4xYtfqXJf6qduPPXLGdty28l06AjeTSUd0xWA7mbL%2BkBGU8fczmeKJSjXcYmFRu%2FJjhvimwu6nV4Zbw1aNypVqnn8YyA0npOZsds1TUSrRaTW2qx34TlbbGQLG%2Bi4"}],"group":"cf-nel","max_age":604800}
expires: Thu, 24 Oct 2024 23:22:37 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 18 Oct 2024 16:57:35 GMT
content-type: image/png
last-modified: Thu, 17 Oct 2024 17:11:22 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d4a117aebab0e81-AMS
accept-ranges: bytes
content-length: 3071784
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 header.png
portaldoplmx.com/wp-content/uploads/2024/10/ 2 MB
0 31ms
30ms Image
image/png 188.114.96.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portaldoplmx.com/wp-content/uploads/2024/10/header.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer: https://portaldoplmx.com/

Response headers

cf-cache-status: HIT
age: 63301
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pPOkmdOuiOhpFLUJsYzqMVoRuqOpEhA2lEHvgZRk7JdPYti6QB1NI7X5WZ96XY3Fci3a3OPxv%2FgtKD5jtj99uslF%2Fs2Lmka5nvFJoCLjCDoMYXYuN3JYTlp9DnST%2BEmVoPIf"}],"group":"cf-nel","max_age":604800}
expires: Thu, 24 Oct 2024 23:22:37 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 18 Oct 2024 16:57:38 GMT
content-type: image/png
last-modified: Thu, 17 Oct 2024 17:11:22 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d4a11916bfa0e81-AMS
accept-ranges: bytes
content-length: 3071784
x-turbo-charged-by: LiteSpeed
server: cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: portaldoplmx.com
URL: blob:https://portaldoplmx.com/9fc47288-3dbb-4b80-a549-e1d7d3b78d6c

Verdicts & Comments Add Verdict or Comment

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _wpemojiSettings function| jQuery function| setREVStartSize number| RSIW number| RSIH object| RS_MODULES function| revslider_showDoubleJqueryError object| mfn function| EvEmitter function| imagesLoaded function| jQueryBridget function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Isotope function| Masonry object| NiceScroll object| StickySidebar function| Waypoint function| animateElement function| randomClass function| animateOnce function| animateInfinite function| animateEnd string| triggerClasses object| classesArray number| classAmount object| mfnSetup function| qlwapp function| tpj object| revapi1 object| __cfBeacon string| waypointContextKey object| gsapVersions object| tpGS object| punchgs object| RSANYID object| RSANYID_sliderID string| RSBrowser object| T boolean| _rs_firefox object| twemoji object| wp

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
portaldoplmx.com
static.cloudflareinsights.com
portaldoplmx.com
172.217.18.3
188.114.96.9
2606:4700::6810:4f49
2a00:1450:4001:830::200a
02d86fc45e22c9d7be5ca264435323944651cdd5b419c51e3eb0c6193fb5761c
09655c7993d8be9b0773512659abd59d962afb3d2f1c271d5dc8109bcb0b0115
0a7fc3de6341e5ab2853f213dbf792903cd35039daa9530a649a20a877ccac8a
0dbb29fb5da465933ff754427aeb805a8ef4b6cce35ccc96a71b1e5d7bfe5b23
0e637574ec102b93795e00daaa92eebdacf1dcee9133b123fb9b56ea8eaf7e14
10f8e5f272c9ae8c8271ab51d7310aaf9c9bed694104dbe6ff10d99849d19ab8
18c034e8caa6309a777f480cb671892899f48f95bc6b1e016ecc5e96e4e8f10a
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2dba7329e8c4fa7e4128fc8e81e02b4e034219492ef976746b4bcd4790a50060
3242ca41da46d84918ca6b71dcae985eefb056ea64a7f513a86f73652658f425
38be46aaa000896df8c89b3d6fc608efe575d822c4f4541cf7ad6b5069ce2879
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
54766cd48bb6d7cdd9c40489d6e8caa9ccba6c5d289e016b5576bceff9093613
559a910060423ed485ddc062a9ab5318859bbfde26be3f73d9b83ac0b9dae677
55b8be4284458cd4c3ac412561fc7f7c4d5bb0eb0b44f4cb6a66cd211e861a73
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
6a8f55d140604ca7fed7724ee5d45c06d445673636211543d30959c317a98a4b
6e6c69ba30da65996fe5cfd06a9248ad71966d7f05781b646d87358a7e202511
7cced09b0fd8718262ff270eb5abd55b60b5ba5459692321c6be96c460c1c14e
7e84c9f8d71bc6eb2dac2fce59a6caea62da51ffa8cf56b41806f59386ab1322
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8cdc07b87f0518ef5d75e93e559f3918508a4a15360d78d205b8bc1c14fa513f
a1ac109fb0da76a03eb39daecb548806675cda9793ad6bce4621c651746de08f
a2af9324a809db97dd441e41b9841080d13b855c76b9ded55c5abd1b4f002e0d
a70c2bc728eb261ac55c2ff878249947bcd3a9d8827d94e63fbdd8fe67156986
b431bbbbe5d046d115f501f92726528569f296e81e6a37b079afda9e5759a715
b949ad34d4145f803cdd2a3d07180f047ac362ae19ac146c8593b679e62cade2
bf9cfe01317e3758dd38982921dc1f26cc7243237d02e7ed90d3830b6f4e8ed0
c0a00439e0c82d42a9b64c694698665bd924252eb48e86b1c95a4d40dac471a4
c22005bbdf738de61a4c2ee99c2b3c4fe52f336dfc8aa274860c58c845027d50
c4596b16b126326b0d8fc2fb8bf91389ad3dc4671a269187913c19a8f2ad1094
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
d1bbd7ecc1eb2490fa89949a1af779e82a0817587e19a8396936ed86e430550b
d2a7a173045c7ed2c9474ee0edd3ebc0389454132b0a16e55b3eae6402c46a05
d43fec8cf6f125dc12ed67bc461c9c881ed7618ae30a3ff7bd22e4cba864f337
dd0a384b893b8cd508b316bb80ec43ad7039836b6ea3ae87d9cbb5ab172f2686
ec8406ef1dd00160a5cbddb24c5ff48178f5723b1302b96ce556fc5124ba0835
fb3a89cc6347e098063bd15f285bc90411846ddce6f17812364feedab67a67f5
fcee7d1ca7d7fdd47072ef267aeef6d1864d77eadd6acaacae735e0eadb53820