portalmanaus24h.com.br Open in urlscan Pro
2606:4700:3031::681c:1cef Public Scan

Go To Rescan
Add Verdict Report

URL:
https://portalmanaus24h.com.br/webApps_AplicationCpf.php
Submission: On December 03 via api (December 3rd 2020, 9:23:33 pm UTC) from BR

Summary HTTP 171 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 32 IPs in 12 countries across 33 domains to perform 171 HTTP transactions. The main IP is 2606:4700:3031::681c:1cef, located in United States and belongs to CLOUDFLARENET, US. The main domain is portalmanaus24h.com.br.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 11th 2020. Valid for: a year.

This is the only time portalmanaus24h.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	2606:4700:303... 2606:4700:3031::681c:1cef	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:a723	13335 (CLOUDFLAR...) (CLOUDFLARENET)
23	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2a0b:4d07:101::1 2a0b:4d07:101::1	44239 (PROINITY ...) (PROINITY PROINITY)
15	104.19.133.78 104.19.133.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:817::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:814::200a	15169 (GOOGLE) (GOOGLE)
5	51.77.64.70 51.77.64.70	16276 (OVH) (OVH)
14	2a00:1450:400... 2a00:1450:4001:819::2003	15169 (GOOGLE) (GOOGLE)
14	216.58.206.2 216.58.206.2	15169 (GOOGLE) (GOOGLE)
1 15	199.187.193.164 199.187.193.164	47043 (SMARTADSE...) (SMARTADSERVER)
2 4	184.30.212.16 184.30.212.16	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1	104.19.217.61 104.19.217.61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5 5	3.121.66.166 3.121.66.166	16509 (AMAZON-02) (AMAZON-02)
1	88.214.205.108 88.214.205.108	46636 (NATCOWEB) (NATCOWEB)
2 2	188.42.196.115 188.42.196.115	7979 (SERVERS-COM) (SERVERS-COM)
2 2	185.184.8.30 185.184.8.30	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
2 2	54.72.52.19 54.72.52.19	16509 (AMAZON-02) (AMAZON-02)
1	104.16.221.74 104.16.221.74	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba29	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3 3	161.117.111.214 161.117.111.214	45102 (CNNIC-ALI...) (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co.)
6	2606:4700:303... 2606:4700:3030::6812:3ff4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.16.201.58 104.16.201.58	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	54.154.162.165 54.154.162.165	16509 (AMAZON-02) (AMAZON-02)
3 12	172.227.80.146 172.227.80.146	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2.16.186.107 2.16.186.107	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2600:9000:219... 2600:9000:2190:d000:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6810:3f36	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	157.245.136.40 157.245.136.40	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	104.244.38.20 104.244.38.20	7415 (ADSAFE-1) (ADSAFE-1)
3	2a00:1450:401... 2a00:1450:4010:c0f::9c	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
3	2606:4700:303... 2606:4700:3033::6812:3ef4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:820::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:824::200e	15169 (GOOGLE) (GOOGLE)
171	32

16 2606:4700:3031::681c:1cef (United States)

ASN13335 (CLOUDFLARENET, US)

portalmanaus24h.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a723 (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, DE)

cdn.simpleads.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lqdads-7405.kxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 104.19.133.78 (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:817::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:814::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 51.77.64.70 (Germany)

ASN16276 (OVH, FR)
PTR: de-fra-1.pro.ip-api.com

pro.ip-api.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:819::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 216.58.206.2 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s20-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 199.187.193.164 (Canada) 1 redirects

ASN47043 (SMARTADSERVER, CA)

ads.simpleads.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 184.30.212.16 (Netherlands) 2 redirects

ASN20940 (AKAMAI-ASN1, EU)
PTR: a184-30-212-16.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.162 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f162.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.217.61 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.lentainform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.121.66.166 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-66-166.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.214.205.108 (United Kingdom)

ASN46636 (NATCOWEB, US)

sync.admanmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.42.196.115 (Luxembourg) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.30 (Poland) 2 redirects

ASN204995 (RTB-HOUSE-AMS, NL)
PTR: ip-185-184-8-30.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ams.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.72.52.19 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-52-19.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.221.74 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:6c00::210:ba29 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

creatives.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 161.117.111.214 (Singapore, Singapore) 3 redirects

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN)

sync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:3030::6812:3ff4 (United States)

ASN13335 (CLOUDFLARENET, US)

d.liquidadserver.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tracker.liquidadserver.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.201.58 (United States)

ASN13335 (CLOUDFLARENET, US)

pixel.yabidos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.154.162.165 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-162-165.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 172.227.80.146 (United States) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a172-227-80-146.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.186.107 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-16-186-107.deploy.static.akamaitechnologies.com

ced-ns.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2190:d000:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:3f36 (United States)

ASN13335 (CLOUDFLARENET, US)

pre.glotgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.245.136.40 (United States)

ASN14061 (DIGITALOCEAN-ASN, US)

delivery.liquidadserver.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.244.38.20 (United States)

ASN7415 (ADSAFE-1, US)
PTR: sjedt.adsafeprotected.com

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4010:c0f::9c (Lappeenranta, Finland)

ASN15169 (GOOGLE, US)

adservice.google.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a03b5dbf87b0687e5871df2969472973.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
1fed252caa561456b7cca9269320fc87.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
e242190ff3d686a186cd1a7e383f0141.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3033::6812:3ef4 (United States)

ASN13335 (CLOUDFLARENET, US)

tracker.liquidadserver.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:820::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:824::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	googlesyndication.com pagead2.googlesyndication.com a03b5dbf87b0687e5871df2969472973.safeframe.googlesyndication.com 1fed252caa561456b7cca9269320fc87.safeframe.googlesyndication.com e242190ff3d686a186cd1a7e383f0141.safeframe.googlesyndication.com tpc.googlesyndication.com	184 KB
17	doubleclick.net 1 redirects googleads.g.doubleclick.net cm.g.doubleclick.net securepubads.g.doubleclick.net	354 KB
16	simpleads.com.br 1 redirects cdn.simpleads.com.br ads.simpleads.com.br	38 KB
16	portalmanaus24h.com.br portalmanaus24h.com.br	441 KB
15	mgid.com jsc.mgid.com cdn.mgid.com servicer.mgid.com cm.mgid.com s-img.mgid.com c.mgid.com	119 KB
14	gstatic.com fonts.gstatic.com	145 KB
12	scorecardresearch.com 3 redirects sb.scorecardresearch.com	9 KB
12	liquidadserver.com.br d.liquidadserver.com.br delivery.liquidadserver.com.br tracker.liquidadserver.com.br	173 KB
7	adsafeprotected.com pixel.adsafeprotected.com static.adsafeprotected.com dt.adsafeprotected.com	92 KB
5	bidswitch.net 5 redirects x.bidswitch.net	2 KB
5	googletagservices.com www.googletagservices.com	141 KB
5	ip-api.com pro.ip-api.com	2 KB
4	sascdn.com creatives.sascdn.com ced-ns.sascdn.com	14 KB
4	rubiconproject.com 2 redirects secure-assets.rubiconproject.com eus.rubiconproject.com	572 B
4	google.com adservice.google.com	2 KB
3	kxcdn.com lqdads-7405.kxcdn.com	2 KB
3	google.ch adservice.google.ch	1 KB
3	smartadserver.com 3 redirects sync.smartadserver.com	645 B
3	googleapis.com fonts.googleapis.com	3 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	glotgrx.com pre.glotgrx.com	559 B
2	yabidos.com pixel.yabidos.com	25 KB
2	adsrvr.org 2 redirects match.adsrvr.org	905 B
2	creativecdn.com 2 redirects creativecdn.com ams.creativecdn.com	691 B
2	betweendigital.com 2 redirects ads.betweendigital.com	1 KB
2	googletagmanager.com www.googletagmanager.com	66 KB
2	facebook.net connect.facebook.net	61 KB
1	idealmedia.io cm.idealmedia.io	555 B
1	admanmedia.com sync.admanmedia.com	103 B
1	lentainform.com cm.lentainform.com	558 B
1	google.de adservice.google.de	803 B
1	googleadservices.com partner.googleadservices.com	648 B
1	cloudflare.com ajax.cloudflare.com	5 KB
171	33

	Domain	Requested by
16	portalmanaus24h.com.br	portalmanaus24h.com.br ajax.cloudflare.com
15	ads.simpleads.com.br	1 redirects cdn.simpleads.com.br ads.simpleads.com.br
14	fonts.gstatic.com	fonts.googleapis.com
13	securepubads.g.doubleclick.net	creatives.sascdn.com securepubads.g.doubleclick.net portalmanaus24h.com.br
12	sb.scorecardresearch.com	3 redirects portalmanaus24h.com.br sb.scorecardresearch.com
10	pagead2.googlesyndication.com	ajax.cloudflare.com pagead2.googlesyndication.com securepubads.g.doubleclick.net
8	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
6	tracker.liquidadserver.com.br	d.liquidadserver.com.br portalmanaus24h.com.br
6	cm.mgid.com	jsc.mgid.com
5	x.bidswitch.net	5 redirects
5	www.googletagservices.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
5	pro.ip-api.com	cdn.simpleads.com.br d.liquidadserver.com.br
4	s-img.mgid.com
4	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
3	lqdads-7405.kxcdn.com	d.liquidadserver.com.br
3	adservice.google.ch	securepubads.g.doubleclick.net
3	dt.adsafeprotected.com
3	delivery.liquidadserver.com.br	d.liquidadserver.com.br
3	d.liquidadserver.com.br	ads.simpleads.com.br
3	sync.smartadserver.com	3 redirects
3	creatives.sascdn.com	ads.simpleads.com.br
3	fonts.googleapis.com	portalmanaus24h.com.br
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	pre.glotgrx.com
2	static.adsafeprotected.com	pixel.adsafeprotected.com portalmanaus24h.com.br
2	pixel.adsafeprotected.com	ads.simpleads.com.br
2	pixel.yabidos.com	ads.simpleads.com.br pixel.yabidos.com
2	match.adsrvr.org	2 redirects
2	ads.betweendigital.com	2 redirects
2	eus.rubiconproject.com	cm.mgid.com ads.simpleads.com.br
2	secure-assets.rubiconproject.com	2 redirects
2	cdn.mgid.com	jsc.mgid.com
2	www.googletagmanager.com	ajax.cloudflare.com cdn.simpleads.com.br
2	connect.facebook.net	ajax.cloudflare.com connect.facebook.net
1	e242190ff3d686a186cd1a7e383f0141.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	1fed252caa561456b7cca9269320fc87.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	a03b5dbf87b0687e5871df2969472973.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	ced-ns.sascdn.com
1	c.mgid.com
1	cm.idealmedia.io
1	ams.creativecdn.com	1 redirects
1	creativecdn.com	1 redirects
1	sync.admanmedia.com
1	cm.lentainform.com
1	cm.g.doubleclick.net	1 redirects
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	servicer.mgid.com	jsc.mgid.com
1	jsc.mgid.com	ajax.cloudflare.com
1	cdn.simpleads.com.br	ajax.cloudflare.com
1	ajax.cloudflare.com	portalmanaus24h.com.br
171	52

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
www.youtube.com
widgets.mgid.com
www.mgid.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-11` - `2021-07-11`	a year	crt.sh
ajax.cloudflare.com DigiCert ECC Secure Server CA	`2020-08-11` - `2022-08-16`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-11-02` - `2021-01-30`	3 months	crt.sh
cdn.simpleads.com.br Sectigo RSA Domain Validation Secure Server CA	`2020-04-27` - `2022-07-26`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.ip-api.com Sectigo RSA Domain Validation Secure Server CA	`2019-11-05` - `2021-11-04`	2 years	crt.sh
*.gstatic.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
ads.simpleads.com.br Sectigo RSA Domain Validation Secure Server CA	`2019-02-08` - `2021-02-07`	2 years	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-02-13` - `2021-02-17`	2 years	crt.sh
*.admanmedia.com Go Daddy Secure Certificate Authority - G2	`2020-04-20` - `2021-06-19`	a year	crt.sh
*.sascdn.com DigiCert Secure Site ECC CA-1	`2020-10-14` - `2021-11-11`	a year	crt.sh
fw.adsafeprotected.com Amazon	`2020-09-09` - `2021-10-09`	a year	crt.sh
sb.scorecardresearch.com DigiCert Secure Site ECC CA-1	`2020-07-17` - `2021-06-02`	a year	crt.sh
static.adsafeprotected.com Amazon	`2020-10-03` - `2021-11-03`	a year	crt.sh
*.glotgrx.com Go Daddy Secure Certificate Authority - G2	`2019-11-13` - `2021-01-12`	a year	crt.sh
delivery.liquidadserver.com.br Let's Encrypt Authority X3	`2020-09-12` - `2020-12-11`	3 months	crt.sh
*.adsafeprotected.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-17` - `2021-06-17`	a year	crt.sh
*.google.ch GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.kxcdn.com Thawte RSA CA 2018	`2019-07-04` - `2021-09-01`	2 years	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh

This page contains 20 frames:

Primary Page: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
Frame ID: 9F0E92EEDA53C2E3846263C4CCC6D670
Requests: 99 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201201/r20190131/zrt_lookup.html
Frame ID: F99DDB92D8ADAE843EF04B769E836CD1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3689238491183238&output=html&h=90&slotname=8009966046&adk=2207777445&adf=1952787757&pi=t.ma~as.8009966046&w=728&lmt=1607030596&psa=0&format=728x90&url=https%3A%2F%2Fportalmanaus24h.com.br%2FwebApps_AplicationCpf.php&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1607030596656&bpp=13&bdt=2627&idt=233&shv=r20201201&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=4939284701104&frm=20&pv=2&ga_vid=799505736.1607030597&ga_sid=1607030597&ga_hid=376536215&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066430%2C21067981&oid=3&pvsid=1076649700012079&pem=366&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=X72ZvhMPcV&p=https%3A//portalmanaus24h.com.br&dtd=258
Frame ID: C297F951DFCA3D7496CE26E8370AA998
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3689238491183238&output=html&adk=1309800647&adf=4848473&lmt=1607030596&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fportalmanaus24h.com.br%2FwebApps_AplicationCpf.php&ea=0&flash=0&pra=7&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1607030596669&bpp=2&bdt=2640&idt=260&shv=r20201201&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&nras=1&correlator=4939284701104&frm=20&pv=1&ga_vid=799505736.1607030597&ga_sid=1607030597&ga_hid=376536215&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066430%2C21067981&oid=3&pvsid=1076649700012079&pem=366&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=272
Frame ID: 23410A284FC040C91DA40272D1B68456
Requests: 1 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=160703059710876668725
Frame ID: 735882AA48298B3F58D6F20D49822F52
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Frame ID: 50674591894438269A856CA78319F926
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=us-east
Frame ID: AFFFDA974735448CD6537B2649E8357E
Requests: 1 HTTP requests in this frame

Frame: https://d.liquidadserver.com.br/tags
Frame ID: 4432CDC039FADF05DC7C4D69A32FE7D0
Requests: 6 HTTP requests in this frame

Frame: https://d.liquidadserver.com.br/tags
Frame ID: 49E2F8520D8637D567A2A874C43BC520
Requests: 6 HTTP requests in this frame

Frame: https://d.liquidadserver.com.br/tags
Frame ID: 00F949151C77C8B3F00F54E464D90040
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: C81C4AA863E89A659196D078D5C39943
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 2C2FD339D5DA7861E1B51A068DA5E339
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: F5FE26157EFC43697DFBD700B3C76BC4
Requests: 12 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.4.114.js
Frame ID: DCC1AD74A3D5CDFE5E813B08377FC659
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvBqC9e6HajtB5H2pY10BF5XVARjNrEc1ednoBh7wmyWC00JyZEIW6hh790DVbz6a6R0z_W9D2uQTF-zWnPlPPwiLor1mylVucFrhcoxj8bNEjhZcZqofMiXOIPu4u7JGEXOa4LICywTSVx1dL03X5AYFVp5vy5huiMXBtn4W_wmngaQQ0Z2S2aUu52rnqa6cH1TuoQt6iWNukKqOMuOMNDjCL6cnF22TZ0M3k40b0v7NNaJvfskxIyKr94EfStSX6zyZPT7v0GqgpnCu8sm6_4T6QirWBAj3kK1-phFgt853XHSc4RGl1cMZSnCD2dLTA4&sig=Cg0ArKJSzE_A4q4Lhu4eEAE&urlfix=1&adurl=
Frame ID: 8CE7E59603E955F8FD7549ED66F735DA
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsss3TfATVj-4g0XH_x9ZJ7kww-lIb9J6ixICh-2SR4bpJDVb_B7N5Y_FMfQbJFs5R4nfg_zCvUEpmpykd8PPsLehOe3HCTJxo1kBESxCeoHpImCB4uhrMH_DTbL0wesMBFFAy3EM95o9RmmjOsOHVhT8_JtLbzUofuzNEb3as7lqdI9EgAWBid3-UrZ7-dPAaIps9iqLphxnj4bRdpys4e0K1HbDBx8Ef4eID1PzkSkKpgIA1vL4OrkGvXUXzrFUY4Ud38e1A33935qsNri_hDA8YF30M4UEjKlHrdl&sig=Cg0ArKJSzCllaZy5QQ56EAE&urlfix=1&adurl=
Frame ID: 9ACA14A7F292C30E63129C7A652A81CE
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: E5D27F37A58628077D2924A91C140535
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: 995D539B276CD09AC3EED3C352BD0503
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: EA0F21C987950E933F047763AC82B265
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: 0F9EFC33DFAEC4AC209AE0E4E32598AC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i
headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

171
Requests

99 %
HTTPS

46 %
IPv6

33
Domains

52
Subdomains

32
IPs

12
Countries

1897 kB
Transfer

5553 kB
Size

1
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/portalmanaus24h
Title:

Search URL Search Domain Scan URL

URL: https://www.instagram.com/portalmanaus24h/
Title:

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCw6yPx7ZXiDwdb1aVejW93A?view_as=subscriber
Title:

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=portalmanaus24h.com.br&utm_medium=referral&utm_campaign=widgets&utm_content=1037079

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/3961825/i/57371692/0/pp/1/1?h=1e446W7B70qde7H1EpayY_qsq5gMRs3nUl8uWLYNfE_419RCV6-Nl71zRCqLrZp3&rid=c23ab151-35ad-11eb-bab9-d094662f8ab5&tt=Direct&cpm=1&gbpp=1&iv=11

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/6288128/i/57371692/0/pp/2/1?h=1e446W7B70qde7H1EpayYyWRMIyTNNAUKGA9XE6aD5ulIjNbPkmslK0GYFX3yJD4&rid=c23ab151-35ad-11eb-bab9-d094662f8ab5&tt=Direct&cpm=1&gbpp=1&iv=11

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/4039677/i/57371692/0/pp/3/1?h=1e446W7B70qde7H1EpayY1QbXGkwmmwc7f6AaikIe0Oo6J7ZBGxklQ2zUPhJ-z4I&rid=c23ab151-35ad-11eb-bab9-d094662f8ab5&tt=Direct&cpm=1&gbpp=1&iv=11

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/3887976/i/57371692/0/pp/4/1?h=1e446W7B70qde7H1EpayY4eSFrkbImAzewUBJGLvpyjaykeGGNwzAMfUqwH1wynT&rid=c23ab151-35ad-11eb-bab9-d094662f8ab5&tt=Direct&cpm=1&iv=11

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 57

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

Request Chain 58

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=a2IzZzEyc1ZTcW5k&muidn=kb3g12sVSqnd HTTP 302
https://cm.mgid.com/google?muidn=kb3g12sVSqnd&google_ula={guid},5&google_gid=CAESEH2NRsLyWyNfPDNuKyVisW4&google_cver=1

Request Chain 60

https://x.bidswitch.net/sync?dsp_id=303&user_id=kb3g12sVSqnd HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=kb3g12sVSqnd HTTP 302
https://sync.admanmedia.com/bidswitch.gif?puid=b039302c-2ffc-479e-b7cc-ea8d57e5d4a7&redir=[RED]

Request Chain 61

https://x.bidswitch.net/sync?ssp=mgid HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=mgid HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dmgid%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dmgid%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D&crf=1 HTTP 302
https://x.bidswitch.net/sync?dsp_id=429&user_id=36910dc5-fea8-5253-b46b-3187eba266c2&ssp=mgid&expires=30&user_group=1 HTTP 302
https://cm.mgid.com/m?cdsp=433145&c=b039302c-2ffc-479e-b7cc-ea8d57e5d4a7&gdpr=&gdpr_consent=&us_privacy=

Request Chain 62

https://creativecdn.com/cm-notify?pi=mgid HTTP 302
https://ams.creativecdn.com/cm-notify?pi=mgid&tc=1 HTTP 302
https://cm.mgid.com/m?cdsp=501037&c=BNjSCRPpkacAVxQO90nT&pi=mgid&tc=1

Request Chain 63

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://cm.mgid.com/m?cdsp=371158&c=50f60961-8b26-437a-bdf4-3e14d787c5c7&ttl=1609622597

Request Chain 66

https://ads.simpleads.com.br/2447/call HTTP 307
https://ads.simpleads.com.br/2447/call?cklb=1

Request Chain 77

https://sync.smartadserver.com/getuid?url=https%3a%2f%2fads.simpleads.com.br%2fsetuid%3fuid%3d%5bsas_uid%5d HTTP 302
https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fads.simpleads.com.br%2Fsetuid%3Fuid%3D%5Bsas_uid%5D&cklb=1 HTTP 302
https://ads.simpleads.com.br/setuid?uid=4592133437634945862

Request Chain 78

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=us-east

Request Chain 90

https://sb.scorecardresearch.com/p?c1=8&c2=23608916&c3=321679&ns_ap_it=b&ns_ap_pn=&rn=4561101860 HTTP 302
https://sb.scorecardresearch.com/p2?c1=8&c2=23608916&c3=321679&ns_ap_it=b&ns_ap_pn=&rn=4561101860&cs_ak_ss=1

Request Chain 94

https://sb.scorecardresearch.com/p?c1=8&c2=23608916&c3=321679&ns_ap_it=b&ns_ap_pn=&rn=4561101860 HTTP 302
https://sb.scorecardresearch.com/p2?c1=8&c2=23608916&c3=321679&ns_ap_it=b&ns_ap_pn=&rn=4561101860&cs_ak_ss=1

Request Chain 101

https://sb.scorecardresearch.com/p?c1=8&c2=23608916&c3=321679&ns_ap_it=b&ns_ap_pn=&rn=4561101860 HTTP 302
https://sb.scorecardresearch.com/p2?c1=8&c2=23608916&c3=321679&ns_ap_it=b&ns_ap_pn=&rn=4561101860&cs_ak_ss=1

Request Chain 172

https://sync.smartadserver.com/getuid?url=https%3a%2f%2fads.simpleads.com.br%2fsetuid%3fuid%3d%5bsas_uid%5d HTTP 302
https://ads.simpleads.com.br/setuid?uid=4592133437634945862

171 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 404 Primary Request webApps_AplicationCpf.php Show response
portalmanaus24h.com.br/ 56 KB
9 KB 1196ms
1114ms Document
text/html 2606:4700:3031::681c:1cef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:1cef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.11
Resource Hash: f56faba0d7bb9f2404e86c1b5466605e71bfa1e1ca858216dcdeb518c52411dc

Request headers

:method: GET
:authority: portalmanaus24h.com.br
:scheme: https
:path: /webApps_AplicationCpf.php
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 21:23:14 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d853539c36c9f6de1aa1aa53287730e871607030592; expires=Sat, 02-Jan-21 21:23:12 GMT; path=/; domain=.portalmanaus24h.com.br; HttpOnly; SameSite=Lax; Secure
x-powered-by: PHP/7.4.11
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://portalmanaus24h.com.br/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache: hit
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
cf-request-id: 06cc15ed960000c3038c915000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vtgS60LYFhJqEZbYrfi85C4Rkdlkky3BSc3DmNJ1%2BW3fg8WwIw79WkEKAW6UHhSxi5ZZrpyXy%2B0nh72uZ1r25gn7I72TsxGLQJNjqnd6RtYz%2FAC6A2ekRVNndqiAIWYuVxHQ"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5fc058f5bcd3c303-FRA
content-encoding: br

GET
H2 200 6faef.css
portalmanaus24h.com.br/wp-content/litespeed/cssjs/ 1 MB
106 KB 2197ms
2196ms Stylesheet
text/css 2606:4700:3031::681c:1cef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portalmanaus24h.com.br/wp-content/litespeed/cssjs/6faef.css?f49ad
Requested by: Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:1cef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4d2d805d488a3b87f0ff37d1d9dee6d7193939bc16c056afb133fa823226cd1

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 21:23:16 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
cf-request-id: 06cc15f1f10000c3037a167000000001
last-modified: Thu, 03 Dec 2020 20:40:50 GMT
server: cloudflare
etag: W/"108029-5fc94d52-1cfb19bdd72b605a;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tIlOa%2F%2BesutCVI%2By%2BNXEFbXL3fjL9c2N0F%2F6VF6A7yR8mMWk1vEGDuGTuFDPu5jKC7DvFhqTk17tFzy2BCVlqzx%2B7ZE3K6TE0JGYWK1bC%2Boq3IzEIAM0QusX4MGRFsVSRDV0"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 5fc058fcbb79c303-FRA
expires: Sat, 04 Dec 2021 03:23:14 GMT

GET
H2 200 logo-portal-200-x-50.jpg
portalmanaus24h.com.br/wp-content/uploads/2020/11/ 7 KB
7 KB 28ms
28ms Image
image/jpeg 2606:4700:3031::681c:1cef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalmanaus24h.com.br/wp-content/uploads/2020/11/logo-portal-200-x-50.jpg
Requested by: Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:1cef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fdc103f9663010ea930ca029351019e0af082d32eb3a7f729fb69bc2ec232238

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 21:23:14 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 236876
content-length: 6865
cf-request-id: 06cc15f1f20000c30340ab9000000001
last-modified: Wed, 04 Nov 2020 16:12:10 GMT
server: cloudflare
etag: "1ad1-5fa2d2da-c463a7f6523411b4;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=aJbKj6Nz0iBypdeEwTu7nrjaqvvCFewPg9XcdFPbFuQSEL5KsCBkgIIsszi8fBv%2FMOjd%2FjdVYQeaidBo9n0XpM9qQ9XMXfK4jo%2Bz4%2B%2BdcyOfCqIHIwXL39Bv2YnN2SRPOFFe"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 5fc058fcbb7ac303-FRA
expires: Wed, 01 Dec 2021 09:35:18 GMT

GET
H2 200 email-decode.min.js Show response
portalmanaus24h.com.br/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 9ms
8ms Script
application/javascript 2606:4700:3031::681c:1cef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portalmanaus24h.com.br/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/webApps_AplicationCpf.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::681c:1cef , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 21:23:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
cf-request-id: 06cc15f1f20000c3034db08000000001
last-modified: Wed, 02 Dec 2020 12:50:47 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"5fc78da7-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SDw9me17hEqY3ZFAnGDWbrBdUU6tiTaAgOqAURrDhe63tXhSovCWyyC4UfRMPEBZUsTsJdWpyRBZ3ArwYQ8GEQz%2FEf0ifGyJHQfDmaiNJKhtU0uP%2B3PZM5ULUOUKpK1qB%2Bwp"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 5fc058fcbb7dc303-FRA
expires: Sat, 05 Dec 2020 21:23:14 GMT

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ 12 KB
5 KB 29ms
13ms Script
application/javascript 2606:4700::6810:a723
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Requested by

Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/webApps_AplicationCpf.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a723 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 21:23:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-request-id: 06cc15f20100006455ef9da000000001
last-modified: Wed, 02 Dec 2020 12:50:47 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"5fc78da7-3016"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=49REHL%2BYodpV1%2BWIHAS1TgNSlpkPTXF%2FWRwHViDANoJSMAetXYVUn1lYrpJq97%2FG1jjAKM4Io3mFJ4KJj5Z1viGFTi6SuNSfPnsa8%2BePnVCdbwTcpMrBSU0tBDYst0Kj"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 5fc058fcca766455-FRA
expires: Sat, 05 Dec 2020 21:23:14 GMT

GET
DATA 200
OK truncated
/ 114 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 069e2abed69e2efcd6930c0615ae8c32c1cb9f76e6e9ffae45495bc6759a3f95

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 101 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c9a612722eed86936463bc8772a9d4509e0c24f22485221beaa583a60079fef2

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET 0b1c9.js
portalmanaus24h.com.br/wp-content/litespeed/cssjs/ 0
0

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 133 KB
46 KB 44ms
22ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

81724ec786e2e903590c3fd527c64d0516b329e64c5ae431e16e9757e9e1d5a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 21:23:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 46827
x-xss-protection: 0
server: cafe
etag: 1572121017696315570
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 03 Dec 2020 21:23:16 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/pt_BR/ 3 KB
2 KB 20ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pt_BR/sdk.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aceed70c84c9e64b4e9b4c5f64b680b36fd9caac300ae7b3218e383b57f305ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://portalmanaus24h.com.br
Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: TM94fyb4tem8SR1bCVhJYg==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1781
etag: "c79c9d9daf151608a0411669cb8c5f4b"
x-fb-debug: JcWxsDdPr5pOXu9cc4QRGCOV8aU+0vHw3X97pFyk9NJXo0kC2GLdOZt4r4ht5CfmjfmikdZMct0kFQfIBd57BQ==
x-fb-trip-id: 664085054
x-fb-content-md5: bf1f21c0b0e86da682c20f5a71635ed5
x-frame-options: DENY
date: Thu, 03 Dec 2020 21:23:16 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 03 Dec 2020 21:34:45 GMT

GET
H2 200 show.js Show response
cdn.simpleads.com.br/v2/s321679/p1144737/ 3 KB
2 KB 55ms
6ms Script
application/x-javascript 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.simpleads.com.br/v2/s321679/p1144737/show.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, DE),

Reverse DNS

Software

keycdn-engine / PHP/5.6.29

Resource Hash

6c41e176a52cd84ddb4efe26b8745ad6e9e0bbb520c9236126747a7ef118ea61

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 21:23:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-edge-location: defr
x-powered-by: PHP/5.6.29
x-cache: HIT
content-length: 1487
x-shield: active
server: keycdn-engine
etag: "16588bd9df4256d00eaf8c21f90747f4-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
link: <http://tag.simpleads.com.br/v2/s321679/p1144737/show.js>; rel="canonical"
expires: Thu, 03 Dec 2020 22:23:16 GMT

GET
H2 200 portalmanaus24h.com.br.1037079.js Show response
jsc.mgid.com/p/o/ 208 KB
55 KB 79ms
39ms Script
text/javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/p/o/portalmanaus24h.com.br.1037079.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e862cd0cae842403ff5218ffefaaa5f16f43918776e8fc476d5e799f83173845

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 21:23:16 GMT
content-encoding: br
cf-cache-status: HIT
age: 2264
cf-polished: origSize=213131
last-modified: Fri, 20 Nov 2020 13:55:40 GMT
x-amz-request-id: 6A94EFC4FAC62DF1
x-amz-id-2: jWvldrtEcP1sl/3DpJ1PTgc978l7Kec+vulmSQBzCG0JF/O0mDFXXVUq0IkeMfJ/QbXdgVG8Hkg=
cf-bgj: minify
server: cloudflare
etag: W/"d4ce96bfbfcd049163f9b45f5000cad1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-request-id: 06cc15faf60000cc3e078ae000000001
cf-ray: 5fc0590b2b7bcc3e-ZRH
expires: Fri, 04 Dec 2020 00:23:16 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 44ms
22ms Script
application/javascript 2a00:1450:4001:817::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-184185299-1

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8ca12b603338491dae016804e4971ee30b1838fedb2c7ee1a54023e8ae6d2756

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 21:23:16 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38695
x-xss-protection: 0
last-modified: Thu, 03 Dec 2020 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 03 Dec 2020 21:23:16 GMT

GET
H2 200 jquery.js Show response
portalmanaus24h.com.br/wp-includes/js/jquery/ 95 KB
32 KB 22ms
21ms Script
application/x-javascript 2606:4700:3031::681c:1cef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portalmanaus24h.com.br/wp-includes/js/jquery/jquery.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:1cef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 21:23:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 389195
cf-polished: origSize=96873
cf-bgj: minify
cf-request-id: 06cc15fac40000c30387bd1000000001
last-modified: Wed, 04 Nov 2020 14:05:22 GMT
server: cloudflare
etag: W/"17a69-5fa2b522-4a0f1b1f2e607d36;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=x8Q4bdKqbf61BSRWL3%2FquXV49XQQWL4K8Vk3QvytrRpjvCbfAqCXQnl4xhkucChXgJk1J4XomOc%2FfbLHVS%2B9q2U4nN3XXlg8d%2FxuayTbv7YUu0fUSmlGq6I%2F933b4mtLBReM"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 5fc0590add92c303-FRA
expires: Mon, 29 Nov 2021 15:16:41 GMT

GET
H2 200 webfontloader.min.js Show response
portalmanaus24h.com.br/wp-content/plugins/litespeed-cache/assets/js/ 12 KB
5 KB 18ms
17ms Script
application/x-javascript 2606:4700:3031::681c:1cef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portalmanaus24h.com.br/wp-content/plugins/litespeed-cache/assets/js/webfontloader.min.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:1cef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f58202a14e2dcb4c672d6e9f0881ddc2b4e88225a97aadd940400a7377ee02d

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 21:23:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 283174
cf-request-id: 06cc15fac40000c303a7247000000001
last-modified: Wed, 04 Nov 2020 14:05:50 GMT
server: cloudflare
etag: W/"2f42-5fa2b53e-5975bb5f335f005e;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=58OALTrS0SmDuzSOjRNBMT8ZaqbPskM0h%2FLo4TU%2FOLa0nDeCvlbsAw3yOlyHT2URJOrT4PcrOFpzigWkFE%2BNiJndgs8NzA%2B6a3zEnUBzTVpbmLX2Igy8Hgwc3TovOK3dfa89"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 5fc0590add95c303-FRA
expires: Tue, 30 Nov 2021 20:43:42 GMT

GET
H2 200 teatro-amazonas-Copia-300x225.jpg
portalmanaus24h.com.br/wp-content/uploads/2020/11/ 9 KB
10 KB 13ms
13ms Image
image/jpeg 2606:4700:3031::681c:1cef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalmanaus24h.com.br/wp-content/uploads/2020/11/teatro-amazonas-Copia-300x225.jpg
Requested by: Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/wp-content/litespeed/cssjs/6faef.css?f49ad
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:1cef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0ff1c8d8961ef788b3f734e18eebe6a543b703871e2872baa34a5e31b9f7c5b

Request headers

Referer: https://portalmanaus24h.com.br/wp-content/litespeed/cssjs/6faef.css?f49ad
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 21:23:16 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 236875
content-length: 9627
cf-request-id: 06cc15facd0000c3033c187000000001
last-modified: Wed, 04 Nov 2020 16:26:57 GMT
server: cloudflare
etag: "259b-5fa2d651-c4603b825ee32933;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QKP72FWES3hjWJmZeLTO43tE1NuGS6r%2FhYGiM3rNf%2BFeOvBjyXS0WH2EJJtEsiYNzgloRsbCVrDvj7X6ZdfTStGrY1x3UAgQCwwD9cG0lm%2FCnPb%2BNAXZjrxAGSCrgqq71Enm"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 5fc0590aedafc303-FRA
expires: Wed, 01 Dec 2021 09:35:21 GMT

GET
H2 200 newspaper.woff
portalmanaus24h.com.br/wp-content/themes/Newspaper/images/icons/ 122 KB
67 KB 29ms
28ms Font
application/font-woff 2606:4700:3031::681c:1cef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portalmanaus24h.com.br/wp-content/themes/Newspaper/images/icons/newspaper.woff?19
Requested by: Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/wp-content/litespeed/cssjs/6faef.css?f49ad
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:1cef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb07a5e06c489409f52896aacd9783ac93c4656fb4863aad19b0600cf0081f07

Request headers

Origin: https://portalmanaus24h.com.br
Referer: https://portalmanaus24h.com.br/wp-content/litespeed/cssjs/6faef.css?f49ad
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 21:23:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 332611
cf-request-id: 06cc15fad10000c30340b84000000001
last-modified: Wed, 04 Nov 2020 14:06:50 GMT
server: cloudflare
etag: W/"1e8ec-5fa2b57a-cc7a1c15277c6427;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=eQrge89%2BkDxNd2QYzcTV4UCnKybF3KCY2MzueXKJYsCdPDzbQ2LaRlj8O1vqtudMJ6zrZuDkgDAN4Afv1HNimu9%2Bm7MLeftWbIGr3D12SKW8I1fDxX0UMqmQmsvcZcqQdd0A"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 5fc0590aedbcc303-FRA
expires: Tue, 30 Nov 2021 06:59:45 GMT

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20201201/r20190131/ 234 KB
88 KB 32ms
30ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201201/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

13f17d7843d7a9ee52fffe1b5fe5b01c6783df19cc3d96ca06fc5e506be2849f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 21:23:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 89525
x-xss-protection: 0
server: cafe
etag: 7078011296875330819
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 03 Dec 2020 21:23:16 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201201/r20190131/ Frame F99D 0
0 6ms
5ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20201201/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20201201/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 03 Dec 2020 00:42:37 GMT
expires: Thu, 17 Dec 2020 00:42:37 GMT
content-type: text/html; charset=UTF-8
etag: 10723747146953794269
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4923
x-xss-protection: 0
age: 74439
cache-control: public, max-age=1209600
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 css
fonts.googleapis.com/ 22 KB
1 KB 15ms
14ms Stylesheet
text/css 2a00:1450:4001:814::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Requested by

Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/webApps_AplicationCpf.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

297b33ba930feb975c6869804a999ec114c2235b151d019e4e844902f3ce41c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 03 Dec 2020 19:37:37 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
date: Thu, 03 Dec 2020 21:23:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Thu, 03 Dec 2020 21:23:16 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
622 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:814::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/webApps_AplicationCpf.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cf7a2b3976c3af63dc2bca70cc5625a26341f19b1ccd484feddf076df895ed58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 03 Dec 2020 19:26:17 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
date: Thu, 03 Dec 2020 21:23:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Thu, 03 Dec 2020 21:23:16 GMT

GET
H2 200 ByMGID.svg
cdn.mgid.com/images/logos/ 2 KB
1 KB 33ms
31ms Image
image/svg+xml 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/ByMGID.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aae80a8125affd8e33409d76e77ae2918d62c2028ee68e0d9fd6093d41ca0aad

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 21:23:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 07 May 2020 09:36:25 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1588844166/ctime:1588844166/gid:0/gname:root/md5:17534e4d893e6f9d5f70f8483530ae6e/mode:33206/mtime:1588844166/uid:0/uname:root
age: 2230
etag: W/"17534e4d893e6f9d5f70f8483530ae6e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-id-2: 5KTvy9umK7Q9q7ayYfRhARbIRy2XVYo4Q/XpLliaGD20EGMrNCeynM9vzhfKBPhTvzrfw18tEFk=
content-type: image/svg+xml
cf-ray: 5fc0590dc865cc3e-ZRH
x-amz-request-id: EDD0957952C83C96
cf-request-id: 06cc15fc9c0000cc3e340e9000000001

GET
DATA 200
OK truncated
/ 138 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d98d7a81b2cc1e6b36d75db78826771fed2ddbe50ab593bea89ba19d6e6f7cb4

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-Q050 200 css
fonts.googleapis.com/ 16 KB
1 KB 43ms
30ms Stylesheet
text/css 2a00:1450:4001:814::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,300%7CRoboto:400,500,700,300

Requested by

Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/wp-content/plugins/litespeed-cache/assets/js/webfontloader.min.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2c13dd9e31b7964d80c340e7f9891b2f35cee30f4f5c673536ac662ed500f591

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 03 Dec 2020 21:23:16 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
date: Thu, 03 Dec 2020 21:23:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Thu, 03 Dec 2020 21:23:16 GMT

OPTIONS
H/1.1 200
OK /
pro.ip-api.com/json/ Frame 0
0 73ms
23ms Other 51.77.64.70
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.ip-api.com/json/?key=BRsrCTcgCy7FxIl
Protocol: HTTP/1.1
Server: 51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS: de-fra-1.pro.ip-api.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://portalmanaus24h.com.br
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, POST, HEAD, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 7200
Date: Thu, 03 Dec 2020 21:23:16 GMT
Content-Length: 0

GET
H/1.1 200
OK / Show response
pro.ip-api.com/json/ 263 B
419 B 24ms
24ms XHR
application/json 51.77.64.70
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.ip-api.com/json/?key=BRsrCTcgCy7FxIl
Requested by: Host: cdn.simpleads.com.br
URL: https://cdn.simpleads.com.br/v2/s321679/p1144737/show.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS: de-fra-1.pro.ip-api.com
Software: /
Resource Hash: a6211418bb7dc1d352bd094483e16c5afc8c23eac7b1655cbb9b593a6392f411

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 03 Dec 2020 21:23:16 GMT
Content-Length: 263
Content-Type: application/json; charset=utf-8

GET
H2 200 0b1c9.js Show response
portalmanaus24h.com.br/wp-content/litespeed/cssjs/ 315 KB
69 KB 3212ms
3212ms Script
application/x-javascript 2606:4700:3031::681c:1cef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portalmanaus24h.com.br/wp-content/litespeed/cssjs/0b1c9.js?8e94c
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:1cef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fee76f6ff393fe14f3aafa98d42398526d12630d71e26876e84794c760730a7

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 21:23:20 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
cf-request-id: 06cc15fcc50000c30336364000000001
last-modified: Wed, 02 Dec 2020 20:38:01 GMT
server: cloudflare
etag: W/"4eaa4-5fc7fb29-3c7ee31c25f93329;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Ppx0bgoFDVUGGJE0VS64JqCsYn1vy2zw75dfoaUml5R62lcpfYivPwtWQj%2FxbH8w6VNlBqbGjtZ4XkApm%2BvYopYFkke3haAMeCvOQhzjZFe0bItUbStsFt44Csi%2BbdhklXwm"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 5fc0590e0c91c303-FRA
expires: Sat, 04 Dec 2021 03:23:18 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 32ms
12ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://portalmanaus24h.com.br
Referer: https://fonts.googleapis.com/css?family=Open+Sans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 19:41:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:28 GMT
server: sffe
age: 92499
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Thu, 02 Dec 2021 19:41:37 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 30ms
11ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://portalmanaus24h.com.br
Referer: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 12:08:16 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 33300
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11056
x-xss-protection: 0
expires: Fri, 03 Dec 2021 12:08:16 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 26ms
7ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://portalmanaus24h.com.br
Referer: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 23:06:17 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 80219
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Thu, 02 Dec 2021 23:06:17 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 24ms
6ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://portalmanaus24h.com.br
Referer: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 17:20:25 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 187371
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Wed, 01 Dec 2021 17:20:25 GMT

GET
H3-Q050 200 KFOkCnqEu92Fr1Mu51xIIzIXKMny.woff2
fonts.gstatic.com/s/roboto/v20/ 12 KB
13 KB 34ms
21ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOkCnqEu92Fr1Mu51xIIzIXKMny.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3be0a916496d7936bb83ce60a4de9f10ef400f16c38e7dd7c65449c795e7739b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://portalmanaus24h.com.br
Referer: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 09:05:50 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:19:00 GMT
server: sffe
age: 44246
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12680
x-xss-protection: 0
expires: Fri, 03 Dec 2021 09:05:50 GMT

GET
H2 200 1 Show response
servicer.mgid.com/1037079/ 3 KB
2 KB 78ms
77ms Script
application/x-javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/1037079/1?w=1600&h=406&cols=2&pv=5&cbuster=1607030596877944154762&niet=4g&nisd=false&ref=&cxurl=https%3A%2F%2Fportalmanaus24h.com.br%2FwebApps_AplicationCpf.php&lu=https%3A%2F%2Fportalmanaus24h.com.br%2FwebApps_AplicationCpf.php&pageView=1&pvid=1762a7ce50e89aec547&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/o/portalmanaus24h.com.br.1037079.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f55ae2ed8904dcd7d4758bb757503ff9bb88170ebb203651d225b051ee0dbf0

Request headers

Referer: https://portalmanaus24h.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Dec 2020 21:23:16 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5fc0590e99adcc3e-ZRH
cf-request-id: 06cc15fd1d0000cc3e2918a000000001

GET
H2 200 sdk.js Show response
connect.facebook.net/pt_BR/ 195 KB
59 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pt_BR/sdk.js?hash=e9b47dd733c3c80e605769a436027955&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

72972880727ed7c0ad089a13a3074502ddb04f697ba4d724d6bf2b4e34dc1dac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://portalmanaus24h.com.br
Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: mGZGJXa42k9FQD2+kikgmw==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 60132
etag: "8f02e0d7aa34452561e323579c86527e"
x-fb-debug: 6gxxNsJuag5IiQXhr/B5hL+Yk6cYZdbS9AIQ66VsVde+7KTqS9rGUTVllFEN9IDHDLtuNUrKufO136VLQkJ+ZQ==
x-fb-trip-id: 664085054
x-fb-content-md5: 0e47e7298b04f4c923640066b32d463c
x-frame-options: DENY
date: Thu, 03 Dec 2020 21:23:16 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
expires: Fri, 03 Dec 2021 18:34:28 GMT

GET
H3-Q050 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,300%7CRoboto:400,500,700,300

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://portalmanaus24h.com.br
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,300%7CRoboto:400,500,700,300
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 16:29:45 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:27 GMT
server: sffe
age: 104011
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9080
x-xss-protection: 0
expires: Thu, 02 Dec 2021 16:29:45 GMT

GET
H3-Q050 200 mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,300%7CRoboto:400,500,700,300

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://portalmanaus24h.com.br
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,300%7CRoboto:400,500,700,300
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 18:45:40 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:49 GMT
server: sffe
age: 95856
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9180
x-xss-protection: 0
expires: Thu, 02 Dec 2021 18:45:40 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 212 B
648 B 88ms
32ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=portalmanaus24h.com.br&callback=_gfp_s_&client=ca-pub-3689238491183238

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201201/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

b2dd19f3efac98dd3ef1539d85e40be27ec4419357ed3cb9e1121caef0957b4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 21:23:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 200
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
803 B 36ms
15ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=portalmanaus24h.com.br

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201201/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 03 Dec 2020 21:23:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
803 B 35ms
14ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=portalmanaus24h.com.br

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201201/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 03 Dec 2020 21:23:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame C297 0
0 163ms
163ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3689238491183238&output=html&h=90&slotname=8009966046&adk=2207777445&adf=1952787757&pi=t.ma~as.8009966046&w=728&lmt=1607030596&psa=0&format=728x90&url=https%3A%2F%2Fportalmanaus24h.com.br%2FwebApps_AplicationCpf.php&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1607030596656&bpp=13&bdt=2627&idt=233&shv=r20201201&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=4939284701104&frm=20&pv=2&ga_vid=799505736.1607030597&ga_sid=1607030597&ga_hid=376536215&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066430%2C21067981&oid=3&pvsid=1076649700012079&pem=366&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=X72ZvhMPcV&p=https%3A//portalmanaus24h.com.br&dtd=258

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201201/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3689238491183238&output=html&h=90&slotname=8009966046&adk=2207777445&adf=1952787757&pi=t.ma~as.8009966046&w=728&lmt=1607030596&psa=0&format=728x90&url=https%3A%2F%2Fportalmanaus24h.com.br%2FwebApps_AplicationCpf.php&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1607030596656&bpp=13&bdt=2627&idt=233&shv=r20201201&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=4939284701104&frm=20&pv=2&ga_vid=799505736.1607030597&ga_sid=1607030597&ga_hid=376536215&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066430%2C21067981&oid=3&pvsid=1076649700012079&pem=366&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=X72ZvhMPcV&p=https%3A//portalmanaus24h.com.br&dtd=258
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 03 Dec 2020 21:23:17 GMT
server: cafe
content-length: 204
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 03-Dec-2020 21:38:16 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Thu, 03 Dec 2020 21:23:17 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201201/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69a5b5635e3f65d07c7acd4786ec59d4140d58540aa981b58e0b4319621bd9e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 21:23:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1606937775260285"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28382
x-xss-protection: 0
expires: Thu, 03 Dec 2020 21:23:16 GMT

GET
H/1.1 200
OK smart.js Show response
ads.simpleads.com.br/tag/2447/ 32 KB
12 KB 464ms
145ms Script
application/javascript 199.187.193.164
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.simpleads.com.br/tag/2447/smart.js
Requested by: Host: cdn.simpleads.com.br
URL: https://cdn.simpleads.com.br/v2/s321679/p1144737/show.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.187.193.164 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: 447d369f201b54a41f92b45b3b319420a5f1078cef687ae23f1831b34bd9a8e6

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 21:23:16 GMT
cache-control: public,max-age=300
transfer-encoding: chunked
content-encoding: br
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8

GET
H3-Q050 200 gtm.js Show response
www.googletagmanager.com/ 70 KB
28 KB 44ms
30ms Script
application/javascript 2a00:1450:4001:817::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5Q83CDM

Requested by

Host: cdn.simpleads.com.br
URL: https://cdn.simpleads.com.br/v2/s321679/p1144737/show.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

37962d820471b928427f6bbc581a044e0daff0d4096bb58bb05227d6c05525c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 21:23:16 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28205
x-xss-protection: 0
last-modified: Thu, 03 Dec 2020 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 03 Dec 2020 21:23:16 GMT

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 2341 0
0 97ms
95ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3689238491183238&output=html&adk=1309800647&adf=4848473&lmt=1607030596&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fportalmanaus24h.com.br%2FwebApps_AplicationCpf.php&ea=0&flash=0&pra=7&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1607030596669&bpp=2&bdt=2640&idt=260&shv=r20201201&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&nras=1&correlator=4939284701104&frm=20&pv=1&ga_vid=799505736.1607030597&ga_sid=1607030597&ga_hid=376536215&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066430%2C21067981&oid=3&pvsid=1076649700012079&pem=366&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=272

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201201/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3689238491183238&output=html&adk=1309800647&adf=4848473&lmt=1607030596&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fportalmanaus24h.com.br%2FwebApps_AplicationCpf.php&ea=0&flash=0&pra=7&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1607030596669&bpp=2&bdt=2640&idt=260&shv=r20201201&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&nras=1&correlator=4939284701104&frm=20&pv=1&ga_vid=799505736.1607030597&ga_sid=1607030597&ga_hid=376536215&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066430%2C21067981&oid=3&pvsid=1076649700012079&pem=366&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=272
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 03 Dec 2020 21:23:17 GMT
server: cafe
content-length: 3263
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 03-Dec-2020 21:38:16 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Thu, 03 Dec 2020 21:23:17 GMT
cache-control: private

GET
H3-Q050 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,300%7CRoboto:400,500,700,300

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://portalmanaus24h.com.br
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,300%7CRoboto:400,500,700,300
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 19:41:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:28 GMT
server: sffe
age: 92499
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Thu, 02 Dec 2021 19:41:37 GMT

GET
H3-Q050 200 mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,300%7CRoboto:400,500,700,300

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://portalmanaus24h.com.br
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,300%7CRoboto:400,500,700,300
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 22:38:12 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:16 GMT
server: sffe
age: 168304
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9016
x-xss-protection: 0
expires: Wed, 01 Dec 2021 22:38:12 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,300%7CRoboto:400,500,700,300

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://portalmanaus24h.com.br
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,300%7CRoboto:400,500,700,300
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 17:20:25 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 187371
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Wed, 01 Dec 2021 17:20:25 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,300%7CRoboto:400,500,700,300

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://portalmanaus24h.com.br
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,300%7CRoboto:400,500,700,300
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 12:08:16 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 33300
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11056
x-xss-protection: 0
expires: Fri, 03 Dec 2021 12:08:16 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,300%7CRoboto:400,500,700,300

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://portalmanaus24h.com.br
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,300%7CRoboto:400,500,700,300
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 23:06:17 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 80219
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Thu, 02 Dec 2021 23:06:17 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,300%7CRoboto:400,500,700,300

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://portalmanaus24h.com.br
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,300%7CRoboto:400,500,700,300
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 10:07:19 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:52 GMT
server: sffe
age: 126957
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11180
x-xss-protection: 0
expires: Thu, 02 Dec 2021 10:07:19 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://portalmanaus24h.com.br
Referer: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 10:07:19 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:52 GMT
server: sffe
age: 126957
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11180
x-xss-protection: 0
expires: Thu, 02 Dec 2021 10:07:19 GMT

GET
H2 200 ByMGID.svg
cdn.mgid.com/images/logos/ 2 KB
969 B 24ms
24ms Image
image/svg+xml 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/ByMGID.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/o/portalmanaus24h.com.br.1037079.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aae80a8125affd8e33409d76e77ae2918d62c2028ee68e0d9fd6093d41ca0aad

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 21:23:17 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 07 May 2020 09:36:25 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1588844166/ctime:1588844166/gid:0/gname:root/md5:17534e4d893e6f9d5f70f8483530ae6e/mode:33206/mtime:1588844166/uid:0/uname:root
age: 2231
etag: W/"17534e4d893e6f9d5f70f8483530ae6e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-id-2: 5KTvy9umK7Q9q7ayYfRhARbIRy2XVYo4Q/XpLliaGD20EGMrNCeynM9vzhfKBPhTvzrfw18tEFk=
content-type: image/svg+xml
cf-ray: 5fc0590ffc0ecc3e-ZRH
x-amz-request-id: EDD0957952C83C96
cf-request-id: 06cc15fdf90000cc3e23afa000000001

GET
H2 200 i.js Show response
cm.mgid.com/ 1 KB
686 B 74ms
73ms Script
application/javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?&cbuster=1607030597104848075743
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/o/portalmanaus24h.com.br.1037079.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3aa243afbc317b2c87f1b1345dc7f846218336de7aa667ce94daf527f09ff23b

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Dec 2020 21:23:17 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: 85742dcb-18fe-42e8-bf59-f2c931b095da
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5fc0590ffc1bcc3e-ZRH
cf-request-id: 06cc15fe000000cc3e3e03f000000001
server: cloudflare

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame 7358 19 B
291 B 83ms
82ms Script
application/javascript 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=160703059710876668725
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/o/portalmanaus24h.com.br.1037079.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Dec 2020 21:23:17 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: dc6743ba-3315-4e68-9184-8464f3195308
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5fc059100c24cc3e-ZRH
cf-request-id: 06cc15fe030000cc3ec8b6e000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzhlOTk5ZTQxOWMzODI5NGI0ODg3MmM1MjQwNWZiNjNiLmpwZWc.webp
s-img.mgid.com/g/3961825/492x277/0x0x806x537/ 12 KB
13 KB 35ms
32ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3961825/492x277/0x0x806x537/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzhlOTk5ZTQxOWMzODI5NGI0ODg3MmM1MjQwNWZiNjNiLmpwZWc.webp?v=1607030596-yJQo7y1vd-HvYLvZ3gmfmSvAjSP-5x2gjtzM4ivyrq8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 705a9f0ca095bdb7fe9def103eda3f1930388f4ebbdf798f1c90f207c4469990

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 21:23:17 GMT
cf-cache-status: HIT
last-modified: Mon, 05 Oct 2020 11:23:16 GMT
x-mg-request-uuid: 674abecc-228f-4aa4-83fb-c8abc8142d30
age: 2478018
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5fc059100c36cc3e-ZRH
content-length: 12682
cf-request-id: 06cc15fe0b0000cc3ef1969000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDYvMTAxOTI0LzgxYjIxNTM4ZDc4NDFmODJmZjAzNGMxYzFhNmMzYTEzLmpwZWc.webp
s-img.mgid.com/g/6288128/492x277/0x155x900x600/ 6 KB
7 KB 26ms
24ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/6288128/492x277/0x155x900x600/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDYvMTAxOTI0LzgxYjIxNTM4ZDc4NDFmODJmZjAzNGMxYzFhNmMzYTEzLmpwZWc.webp?v=1607030596-w6hRgPUvGr7HbWcdxWtKF48253cEy9A_dGa5v6ypH-Y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 951829f961ddc3f982de69c0520536e6c18b00992a95003ea88a26562c83730f

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 21:23:17 GMT
cf-cache-status: HIT
last-modified: Mon, 05 Oct 2020 11:13:50 GMT
x-mg-request-uuid: b6017ebc-c6b8-441c-9f11-4ba6f5d6cf58
age: 2494992
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5fc059100c31cc3e-ZRH
content-length: 6640
cf-request-id: 06cc15fe090000cc3eca063000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2QwNzk3MzE5MWIyZTg4ZmE2Yjk1NDM3MzY1YWQ5ODMxLmpwZWc.webp
s-img.mgid.com/g/4039677/492x277/44x0x754x502/ 16 KB
16 KB 32ms
30ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/4039677/492x277/44x0x754x502/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2QwNzk3MzE5MWIyZTg4ZmE2Yjk1NDM3MzY1YWQ5ODMxLmpwZWc.webp?v=1607030596-T-NFQELIfQNXyJ_QqN8Ysp4srI-CSr0Y0jGoMv9VIKA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c5e7b80ad5c22cb2d5eaf0a13d89ce677e9977efb924f9deb1b53b29d135a53

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 21:23:17 GMT
cf-cache-status: HIT
last-modified: Mon, 05 Oct 2020 11:23:24 GMT
x-mg-request-uuid: de9fbc7d-822c-44a1-aa64-a6e015f4c6a8
age: 2477550
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5fc059100c32cc3e-ZRH
content-length: 16084
cf-request-id: 06cc15fe0a0000cc3eee2ee000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2JiNDc3Mjc2ZjlmZTgxNDQ0ZTVjMjg5ZTRiZWVlMDVhLmpwZWc.webp
s-img.mgid.com/g/3887976/492x277/41x0x829x552/ 23 KB
23 KB 27ms
25ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3887976/492x277/41x0x829x552/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2JiNDc3Mjc2ZjlmZTgxNDQ0ZTVjMjg5ZTRiZWVlMDVhLmpwZWc.webp?v=1607030596-PLsri2KfpwbeEHD8hUTVXjlRyx7XgNlQo3tEuUNRNDw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 227d79b694635ef742a9ec1b7e07ad5ef552ad0f9300623c368f53be17d15e63

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 21:23:17 GMT
cf-cache-status: HIT
last-modified: Mon, 05 Oct 2020 11:23:02 GMT
x-mg-request-uuid: 3991dcd3-055f-4a94-ae60-744d93535862
age: 2498501
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5fc059100c34cc3e-ZRH
content-length: 23086
cf-request-id: 06cc15fe0a0000cc3ecfb0c000000001
server: cloudflare

GET
H/1.1

200
OK

usync.html
eus.rubiconproject.com/ Frame 5067
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

0
0

82ms
27ms

Document
text/html

184.30.212.16
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Requested by: Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1607030597104848075743
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.212.16 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a184-30-212-16.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Mon, 28 Sep 2020 17:02:39 GMT
ETag: "4000c-123-5b062a240e9c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 238
Content-Type: text/html; charset=UTF-8
Date: Thu, 03 Dec 2020 21:23:17 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Date: Thu, 03 Dec 2020 21:23:17 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2

200

google
cm.mgid.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=a2IzZzEyc1ZTcW5k&muidn=kb3g12sVSqnd
https://cm.mgid.com/google?muidn=kb3g12sVSqnd&google_ula={guid},5&google_gid=CAESEH2NRsLyWyNfPDNuKyVisW4&google_cver=1

0
258 B

73ms
72ms

Image
text/plain

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/google?muidn=kb3g12sVSqnd&google_ula={guid},5&google_gid=CAESEH2NRsLyWyNfPDNuKyVisW4&google_cver=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Dec 2020 21:23:17 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: text/plain
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5fc059110e31cc3e-ZRH
cf-request-id: 06cc15fea70000cc3ecfb1b000000001

Redirect headers

pragma: no-cache
date: Thu, 03 Dec 2020 21:23:17 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.mgid.com/google?muidn=kb3g12sVSqnd&google_ula={guid},5&google_gid=CAESEH2NRsLyWyNfPDNuKyVisW4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 327
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
cm.lentainform.com/setmuidn/ 0
558 B 130ms
85ms Image
image/gif 104.19.217.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lentainform.com/setmuidn/?muidf=kb3g12sVSqnd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.217.61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Dec 2020 21:23:17 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 5fc05910b8a32397-ZRH
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
cf-request-id: 06cc15fe7800002397ce95c000000001

GET
H/1.1

204
No Content

bidswitch.gif
sync.admanmedia.com/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=303&user_id=kb3g12sVSqnd
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=kb3g12sVSqnd
https://sync.admanmedia.com/bidswitch.gif?puid=b039302c-2ffc-479e-b7cc-ea8d57e5d4a7&redir=[RED]

0
103 B

335ms
112ms

Image
text/plain

88.214.205.108
NATCOWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.admanmedia.com/bidswitch.gif?puid=b039302c-2ffc-479e-b7cc-ea8d57e5d4a7&redir=[RED]
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.214.205.108 , United Kingdom, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Connection: keep-alive
Date: Thu, 03 Dec 2020 21:23:17 GMT
Server: nginx

Redirect headers

location: //sync.admanmedia.com/bidswitch.gif?puid=b039302c-2ffc-479e-b7cc-ea8d57e5d4a7&redir=[RED]
date: Thu, 03 Dec 2020 21:23:17 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://x.bidswitch.net/sync?ssp=mgid
https://x.bidswitch.net/ul_cb/sync?ssp=mgid
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dmgid%26expires%3D30%26user_group%3D%24%7BU...
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dmgid%26expires%3D30%26user_group%3D%24%7BU...
https://x.bidswitch.net/sync?dsp_id=429&user_id=36910dc5-fea8-5253-b46b-3187eba266c2&ssp=mgid&expires=30&user_group=1
https://cm.mgid.com/m?cdsp=433145&c=b039302c-2ffc-479e-b7cc-ea8d57e5d4a7&gdpr=&gdpr_consent=&us_privacy=

43 B
242 B

78ms
78ms

Image
image/gif

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=433145&c=b039302c-2ffc-479e-b7cc-ea8d57e5d4a7&gdpr=&gdpr_consent=&us_privacy=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Dec 2020 21:23:17 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 381e252b-0b5e-49c2-962b-9e47cc42fb22
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5fc059121fffcc3e-ZRH
cf-request-id: 06cc15ff520000cc3ecd249000000001
server: cloudflare

Redirect headers

location: //cm.mgid.com/m?cdsp=433145&c=b039302c-2ffc-479e-b7cc-ea8d57e5d4a7&gdpr=&gdpr_consent=&us_privacy=
date: Thu, 03 Dec 2020 21:23:17 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://creativecdn.com/cm-notify?pi=mgid
https://ams.creativecdn.com/cm-notify?pi=mgid&tc=1
https://cm.mgid.com/m?cdsp=501037&c=BNjSCRPpkacAVxQO90nT&pi=mgid&tc=1

43 B
359 B

78ms
78ms

Image
image/gif

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=501037&c=BNjSCRPpkacAVxQO90nT&pi=mgid&tc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Dec 2020 21:23:17 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 3b6acc8a-6022-460d-809b-754afc5cefea
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5fc059117ebdcc3e-ZRH
cf-request-id: 06cc15fee80000cc3e46892000000001
server: cloudflare

Redirect headers

location: https://cm.mgid.com/m?cdsp=501037&c=BNjSCRPpkacAVxQO90nT&pi=mgid&tc=1
pragma: no-cache
date: Thu, 03 Dec 2020 21:23:17 GMT, Thu, 03 Dec 2020 21:23:17 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
https://cm.mgid.com/m?cdsp=371158&c=50f60961-8b26-437a-bdf4-3e14d787c5c7&ttl=1609622597

43 B
225 B

86ms
86ms

Image
image/gif

104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=371158&c=50f60961-8b26-437a-bdf4-3e14d787c5c7&ttl=1609622597
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Dec 2020 21:23:17 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 3451169a-8095-40c9-849c-a1424e9054e6
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5fc05911bf32cc3e-ZRH
cf-request-id: 06cc15ff100000cc3e0331d000000001
server: cloudflare

Redirect headers

pragma: no-cache
date: Thu, 03 Dec 2020 21:23:17 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.mgid.com/m?cdsp=371158&c=50f60961-8b26-437a-bdf4-3e14d787c5c7&ttl=1609622597
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 205

GET
H2 200 /
cm.idealmedia.io/setmuidn/ 0
555 B 116ms
73ms Image
image/gif 104.16.221.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.idealmedia.io/setmuidn/?muidf=kb3g12sVSqnd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.221.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Dec 2020 21:23:17 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 5fc05910bee423c7-ZRH
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
cf-request-id: 06cc15fe77000023c7c0859000000001

OPTIONS
H/1.1 200
OK call
ads.simpleads.com.br/2447/ Frame 0
0 442ms
146ms Other 199.187.193.164
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.simpleads.com.br/2447/call
Protocol: HTTP/1.1
Server: 199.187.193.164 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://portalmanaus24h.com.br
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 03 Dec 2020 21:23:17 GMT
content-length: 0
cache-control: no-cache,no-store
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, HEAD, POST
access-control-allow-origin: https://portalmanaus24h.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

POST
H/1.1

200
OK

call Show response
ads.simpleads.com.br/2447/
Redirect Chain

https://ads.simpleads.com.br/2447/call
https://ads.simpleads.com.br/2447/call?cklb=1

5 KB
2 KB

150ms
150ms

XHR
application/json

199.187.193.164
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.simpleads.com.br/2447/call?cklb=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.187.193.164 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: 93146300e655f6e7270fd711c49d957ef723669ee19bfb46f21ff9086cfb8a19

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Dec 2020 21:23:18 GMT
content-encoding: br
vary: Accept-Encoding
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://portalmanaus24h.com.br
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
transfer-encoding: chunked

Redirect headers

pragma: no-cache
date: Thu, 03 Dec 2020 21:23:17 GMT
location: https://ads.simpleads.com.br/2447/call?cklb=1
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://portalmanaus24h.com.br
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

OPTIONS
H/1.1 200
OK call
ads.simpleads.com.br/2447/ Frame 0
0 146ms
146ms Other 199.187.193.164
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.simpleads.com.br/2447/call?cklb=1
Protocol: HTTP/1.1
Server: 199.187.193.164 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://portalmanaus24h.com.br
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 03 Dec 2020 21:23:17 GMT
content-length: 0
cache-control: no-cache,no-store
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, HEAD, POST
access-control-allow-origin: https://portalmanaus24h.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 200 c
c.mgid.com/ 43 B
360 B 124ms
117ms Image
image/gif 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/c?f=1&pv=3&v=784|184|8|1e446W7B70qde7H1EpayYyWRMIyTNNAUKGA9XE6aD5ulIjNbPkmslK0GYFX3yJD4&fw=1&extjs=66044&v=784|185|8|1e446W7B70qde7H1EpayY4eSFrkbImAzewUBJGLvpyjaykeGGNwzAMfUqwH1wynT&v=784|185|8|1e446W7B70qde7H1EpayY1QbXGkwmmwc7f6AaikIe0Oo6J7ZBGxklQ2zUPhJ-z4I&v=784|184|8|1e446W7B70qde7H1EpayY_qsq5gMRs3nUl8uWLYNfE_419RCV6-Nl71zRCqLrZp3&cid=1037079&h2=RzmfZhvBhvrigr5pmFTSMmmQxV2Yf0rUxqfPrlk_5TM*&rid=c23ab151-35ad-11eb-bab9-d094662f8ab5&tt=Direct&pageImp=1&muid=kb3g12sVSqnd&cbuster=160703059826673217891&tpl=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Dec 2020 21:23:18 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 387693d0-341f-4c29-a11e-f61e9662e668
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5fc0591759e6cc3e-ZRH
cf-request-id: 06cc1602930000cc3e28858000000001
server: cloudflare

GET
H/1.1 200
OK nshow Show response
ads.simpleads.com.br/h/ 345 B
1 KB 3193ms
3192ms Script
application/javascript 199.187.193.164
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.simpleads.com.br/h/nshow?siteid=321679&pgid=1144737&fmtid=52896&tag=smp_52896&tmstp=4561101860&visit=S&uii=396985035519360915&acd=1607030598306&ckid=6494949175492125638&async=1&pubid=21&systgt=%24qc%3D1311284246%3B%24ql%3DUnknown%3B%24qpc%3D8152%3B%24qt%3D73_4138_117804t%3B%24dma%3D0%3B%24b%3D16830%3B%24o%3D12100%3B%24sw%3D1600%3B%24sh%3D1200&tgt=%24dt%3D1t&pgDomain=https%3A%2F%2Fportalmanaus24h.com.br%2FwebApps_AplicationCpf.php&noadcbk=sas.noad&insid=9592408%2C&capp=0%2C&mcrdbt=0%2C
Requested by: Host: ads.simpleads.com.br
URL: https://ads.simpleads.com.br/tag/2447/smart.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.187.193.164 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: f5f7d4c5edb8e6c7edc69f46ba7d8054a4d75996694fb428dfc37185fadb964e

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Dec 2020 21:23:20 GMT
content-encoding: br
vary: Accept-Encoding
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
transfer-encoding: chunked
content-type: application/javascript; charset=UTF-8

GET
H/1.1 200
OK nshow Show response
ads.simpleads.com.br/h/ 25 KB
9 KB 416ms
142ms Script
application/javascript 199.187.193.164
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.simpleads.com.br/h/nshow?siteid=321679&pgid=1144737&fmtid=52026&tag=smp_52026&tmstp=4561101860&visit=S&uii=396985035519360916&acd=1607030598306&ckid=6494949175492125638&async=1&pubid=21&systgt=%24qc%3D1311284246%3B%24ql%3DUnknown%3B%24qpc%3D8152%3B%24qt%3D73_4138_117804t%3B%24dma%3D0%3B%24b%3D16830%3B%24o%3D12100%3B%24sw%3D1600%3B%24sh%3D1200&tgt=%24dt%3D1t&pgDomain=https%3A%2F%2Fportalmanaus24h.com.br%2FwebApps_AplicationCpf.php&noadcbk=sas.noad&insid=8055129%2C&capp=0%2C&mcrdbt=0%2C
Requested by: Host: ads.simpleads.com.br
URL: https://ads.simpleads.com.br/tag/2447/smart.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.187.193.164 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: 2a1be071b0b0d0f1f9ae6a4b6906c00d3a0a7705bccef6877b1ddeb8e1a7447f

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Dec 2020 21:23:18 GMT
content-encoding: br
vary: Accept-Encoding
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
x-smrt-i: 8055129
cache-control: no-cache,no-store
transfer-encoding: chunked
content-type: application/javascript; charset=UTF-8

GET
H/1.1 200
OK nshow Show response
ads.simpleads.com.br/h/ 16 KB
5 KB 417ms
142ms Script
application/javascript 199.187.193.164
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.simpleads.com.br/h/nshow?siteid=321679&pgid=1144737&fmtid=52892&tag=smp_52892&tmstp=4561101860&visit=S&uii=396985035519360917&acd=1607030598306&ckid=6494949175492125638&async=1&pubid=21&systgt=%24qc%3D1311284246%3B%24ql%3DUnknown%3B%24qpc%3D8152%3B%24qt%3D73_4138_117804t%3B%24dma%3D0%3B%24b%3D16830%3B%24o%3D12100%3B%24sw%3D1600%3B%24sh%3D1200&tgt=%24dt%3D1t&pgDomain=https%3A%2F%2Fportalmanaus24h.com.br%2FwebApps_AplicationCpf.php&noadcbk=sas.noad&insid=9024423%2C&capp=0%2C&mcrdbt=0%2C
Requested by: Host: ads.simpleads.com.br
URL: https://ads.simpleads.com.br/tag/2447/smart.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.187.193.164 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: e74687592ba81e0f2cd62a8983d9c06999625ea80dd13b7257065358ef5afd1d

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Dec 2020 21:23:18 GMT
content-encoding: br
vary: Accept-Encoding
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
x-smrt-i: 9024423
cache-control: no-cache,no-store
transfer-encoding: chunked
content-type: application/javascript; charset=UTF-8

GET
H/1.1 200
OK nshow Show response
ads.simpleads.com.br/h/ 15 KB
4 KB 421ms
144ms Script
application/javascript 199.187.193.164
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.simpleads.com.br/h/nshow?siteid=321679&pgid=1144737&fmtid=52027&tag=smp_52027&tmstp=4561101860&visit=S&uii=396985035519360918&acd=1607030598306&ckid=6494949175492125638&async=1&pubid=21&systgt=%24qc%3D1311284246%3B%24ql%3DUnknown%3B%24qpc%3D8152%3B%24qt%3D73_4138_117804t%3B%24dma%3D0%3B%24b%3D16830%3B%24o%3D12100%3B%24sw%3D1600%3B%24sh%3D1200&tgt=%24dt%3D1t&pgDomain=https%3A%2F%2Fportalmanaus24h.com.br%2FwebApps_AplicationCpf.php&noadcbk=sas.noad&insid=8055518%2C&capp=0%2C&mcrdbt=0%2C
Requested by: Host: ads.simpleads.com.br
URL: https://ads.simpleads.com.br/tag/2447/smart.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.187.193.164 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: c5cbf7daa641c5c5c1339e0e89333ea8200a4b7a940e669caa522f2089a02e8e

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Dec 2020 21:23:17 GMT
content-encoding: br
vary: Accept-Encoding
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
x-smrt-i: 8055518
cache-control: no-cache,no-store
transfer-encoding: chunked
content-type: application/javascript; charset=UTF-8

GET
H/1.1 200
OK aip
ads.simpleads.com.br/h/ 43 B
435 B 419ms
139ms Image
image/gif 199.187.193.164
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.simpleads.com.br/h/aip?siteid=321679&pgid=1144737&fmtid=52025&tmstp=4561101860&visit=S&uii=396985035519360919&acd=1607030598306&ckid=6494949175492125638&pubid=21&statid=1&systgt=%24qc%3d1311284246%3b%24ql%3dUnknown%3b%24qpc%3d8152%3b%24qt%3d73_4138_117804t%3b%24dma%3d0%3b%24b%3d16830%3b%24o%3d12100%3b%24sw%3d1600%3b%24sh%3d1200&tgt=%24dt%3d1t&rnd=8226534248
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.187.193.164 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Dec 2020 21:23:18 GMT
cache-control: no-cache,no-store
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H/1.1 200
OK aip
ads.simpleads.com.br/h/ 43 B
435 B 422ms
140ms Image
image/gif 199.187.193.164
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.simpleads.com.br/h/aip?siteid=321679&pgid=1144737&fmtid=52893&tmstp=4561101860&visit=S&uii=396985035519360920&acd=1607030598306&ckid=6494949175492125638&pubid=21&statid=1&systgt=%24qc%3d1311284246%3b%24ql%3dUnknown%3b%24qpc%3d8152%3b%24qt%3d73_4138_117804t%3b%24dma%3d0%3b%24b%3d16830%3b%24o%3d12100%3b%24sw%3d1600%3b%24sh%3d1200&tgt=%24dt%3d1t&rnd=1630051141
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.187.193.164 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Dec 2020 21:23:17 GMT
cache-control: no-cache,no-store
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H/1.1 200
OK aip
ads.simpleads.com.br/h/ 43 B
435 B 143ms
141ms Image
image/gif 199.187.193.164
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.simpleads.com.br/h/aip?siteid=321679&pgid=1144737&fmtid=52895&tmstp=4561101860&visit=S&uii=396985035519360921&acd=1607030598306&ckid=6494949175492125638&pubid=21&statid=1&systgt=%24qc%3d1311284246%3b%24ql%3dUnknown%3b%24qpc%3d8152%3b%24qt%3d73_4138_117804t%3b%24dma%3d0%3b%24b%3d16830%3b%24o%3d12100%3b%24sw%3d1600%3b%24sh%3d1200&tgt=%24dt%3d1t&rnd=9983358792
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.187.193.164 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Dec 2020 21:23:18 GMT
cache-control: no-cache,no-store
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H/1.1 200
OK dhtml-ad-simpleads-ads-05-beta4.js Show response
creatives.sascdn.com/diff/2447/6880103/ 14 KB
4 KB 50ms
13ms Script
application/x-javascript 2a02:26f0:6c00::210:ba29
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://creatives.sascdn.com/diff/2447/6880103/dhtml-ad-simpleads-ads-05-beta4.js
Requested by: Host: ads.simpleads.com.br
URL: https://ads.simpleads.com.br/h/nshow?siteid=321679&pgid=1144737&fmtid=52892&tag=smp_52892&tmstp=4561101860&visit=S&uii=396985035519360917&acd=1607030598306&ckid=6494949175492125638&async=1&pubid=21&systgt=%24qc%3D1311284246%3B%24ql%3DUnknown%3B%24qpc%3D8152%3B%24qt%3D73_4138_117804t%3B%24dma%3D0%3B%24b%3D16830%3B%24o%3D12100%3B%24sw%3D1600%3B%24sh%3D1200&tgt=%24dt%3D1t&pgDomain=https%3A%2F%2Fportalmanaus24h.com.br%2FwebApps_AplicationCpf.php&noadcbk=sas.noad&insid=9024423%2C&capp=0%2C&mcrdbt=0%2C
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba29 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: Apache /
Resource Hash: 2c026cf4c6db7213dc7036ab1da4d408a07e48895cca8057670eb32ce5cce543

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 03 Dec 2020 21:23:18 GMT
Content-Encoding: gzip
Last-Modified: Thu, 19 Sep 2019 13:31:13 GMT
Server: Apache
ETag: "64cb55210c8391cc9ffb3a0c84bf565d:1568899873"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4022
Expires: Fri, 03 Dec 2021 21:23:18 GMT

GET
H/1.1

200
OK

setuid
ads.simpleads.com.br/
Redirect Chain

https://sync.smartadserver.com/getuid?url=https%3a%2f%2fads.simpleads.com.br%2fsetuid%3fuid%3d%5bsas_uid%5d
https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fads.simpleads.com.br%2Fsetuid%3Fuid%3D%5Bsas_uid%5D&cklb=1
https://ads.simpleads.com.br/setuid?uid=4592133437634945862

0
315 B

139ms
139ms

Image
text/plain

199.187.193.164
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.simpleads.com.br/setuid?uid=4592133437634945862
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.187.193.164 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Dec 2020 21:23:19 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location: https://ads.simpleads.com.br/setuid?uid=4592133437634945862
date: Thu, 03 Dec 2020 21:23:20 GMT
content-length: 0

GET
H/1.1

200
OK

usync.html
eus.rubiconproject.com/ Frame AFFF
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=us-east

0
0

27ms
27ms

Document
text/html

184.30.212.16
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=us-east
Requested by: Host: ads.simpleads.com.br
URL: https://ads.simpleads.com.br/h/nshow?siteid=321679&pgid=1144737&fmtid=52026&tag=smp_52026&tmstp=4561101860&visit=S&uii=396985035519360916&acd=1607030598306&ckid=6494949175492125638&async=1&pubid=21&systgt=%24qc%3D1311284246%3B%24ql%3DUnknown%3B%24qpc%3D8152%3B%24qt%3D73_4138_117804t%3B%24dma%3D0%3B%24b%3D16830%3B%24o%3D12100%3B%24sw%3D1600%3B%24sh%3D1200&tgt=%24dt%3D1t&pgDomain=https%3A%2F%2Fportalmanaus24h.com.br%2FwebApps_AplicationCpf.php&noadcbk=sas.noad&insid=8055129%2C&capp=0%2C&mcrdbt=0%2C
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.212.16 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a184-30-212-16.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: khaos=KI9CIWZH-12-47QL; pux=1512%3D95758%262249%3D95758%262307%3D95758%263778%3D95758%26goog%3D95758%26idl%3D95758%262249-DV360-Hosted%3D95758%26brx%3D95758%26; audit=1|afTMENOtBshO3boeSh89ujj4tYvmln6UTyKXcATt6ZV6eP0zD2PV8EwbcyswzOiSd0oX0hxtI3bqFTrNE4+z9kqVaHlG5SlgpmvllXEtYN4=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Mon, 28 Sep 2020 17:02:39 GMT
ETag: "4000c-123-5b062a240e9c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 238
Content-Type: text/html; charset=UTF-8
Date: Thu, 03 Dec 2020 21:23:18 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=us-east
Date: Thu, 03 Dec 2020 21:23:18 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2 200 tags Show response
d.liquidadserver.com.br/ Frame 4432 177 KB
55 KB 59ms
32ms Script
application/javascript 2606:4700:3030::6812:3ff4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://d.liquidadserver.com.br/tags
Requested by: Host: ads.simpleads.com.br
URL: https://ads.simpleads.com.br/h/nshow?siteid=321679&pgid=1144737&fmtid=52026&tag=smp_52026&tmstp=4561101860&visit=S&uii=396985035519360916&acd=1607030598306&ckid=6494949175492125638&async=1&pubid=21&systgt=%24qc%3D1311284246%3B%24ql%3DUnknown%3B%24qpc%3D8152%3B%24qt%3D73_4138_117804t%3B%24dma%3D0%3B%24b%3D16830%3B%24o%3D12100%3B%24sw%3D1600%3B%24sh%3D1200&tgt=%24dt%3D1t&pgDomain=https%3A%2F%2Fportalmanaus24h.com.br%2FwebApps_AplicationCpf.php&noadcbk=sas.noad&insid=8055129%2C&capp=0%2C&mcrdbt=0%2C
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6812:3ff4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.4
Resource Hash: bf73ece92d892694c939f494ab9fbe2a58e8a7ce9f2ebabeb721b475876c46fd

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 21:23:18 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-edge-location: defr
x-powered-by: PHP/7.1.4
x-cache: HIT
access-control-allow-methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
cf-request-id: 06cc1604bf0000d6c9121bf000000001
link: <https://delivery.liquidadserver.com.br/tags>; rel="canonical"
referrer-policy: unsafe-url
last-modified: Wed, 18 Nov 2020 19:32:59 GMT
server: cloudflare
etag: W/"2c5e6-175dcd88632"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LsVEAzhI6jSbNQVSwaX02zIatjxt1ffZSCqAAUiyNzAbGw%2FtsvYBFBdfx%2BmvcxmXDhLRTf7IDz90EJ31kFqjz3lw3eVj4FMXgzbvP%2FMSEsC53fC63Zbmm7%2BF7c7ENmeqUzjaDA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
cf-ray: 5fc0591ac9fbd6c9-FRA
access-control-allow-headers: X-Requested-With,content-type
expires: Thu, 10 Dec 2020 21:23:18 GMT

GET
H/1.1 200
OK sas-interstitial-2-18b_4bc0b97f-9e32-4b1a-9caa-38cc1de43fc1.js Show response
creatives.sascdn.com/diff/2447/6880103/ 18 KB
5 KB 52ms
21ms Script
application/x-javascript 2a02:26f0:6c00::210:ba29
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://creatives.sascdn.com/diff/2447/6880103/sas-interstitial-2-18b_4bc0b97f-9e32-4b1a-9caa-38cc1de43fc1.js
Requested by: Host: ads.simpleads.com.br
URL: https://ads.simpleads.com.br/h/nshow?siteid=321679&pgid=1144737&fmtid=52026&tag=smp_52026&tmstp=4561101860&visit=S&uii=396985035519360916&acd=1607030598306&ckid=6494949175492125638&async=1&pubid=21&systgt=%24qc%3D1311284246%3B%24ql%3DUnknown%3B%24qpc%3D8152%3B%24qt%3D73_4138_117804t%3B%24dma%3D0%3B%24b%3D16830%3B%24o%3D12100%3B%24sw%3D1600%3B%24sh%3D1200&tgt=%24dt%3D1t&pgDomain=https%3A%2F%2Fportalmanaus24h.com.br%2FwebApps_AplicationCpf.php&noadcbk=sas.noad&insid=8055129%2C&capp=0%2C&mcrdbt=0%2C
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba29 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: f6517ce6a414dcaca2b78e079a713c70f59ce7ed85b66229c747fb0869d969f4

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 03 Dec 2020 21:23:18 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30 Sep 2020 15:46:25 GMT
Server: AkamaiNetStorage
ETag: "b904ac1715c52a81ea6d60f6d99141c8:1601480785.399798"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5176
Expires: Fri, 03 Dec 2021 21:23:18 GMT

GET
H2 200 fltiu.js Show response
pixel.yabidos.com/ 2 KB
2 KB 75ms
35ms Script
application/javascript 104.16.201.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/fltiu.js?qid=034393f5534393f5734363&cid=647&p=2447&s=https%3a%2f%2fportalmanaus24h.com.br&x=SmartAdserver&nci=8055129&nai=52026&adtg=smp_52026&si=321679&ip=185.156.175.107&ua=Mozilla%2f5.0+(Macintosh%3b+Intel+Mac+OS+X+10_14_5)+AppleWebKit%2f537.36+(KHTML%2c+like+Gecko)+Chrome%2f83.0.4103.61+Safari%2f537.36&flcb=1418337901&di=
Requested by: Host: ads.simpleads.com.br
URL: https://ads.simpleads.com.br/h/nshow?siteid=321679&pgid=1144737&fmtid=52026&tag=smp_52026&tmstp=4561101860&visit=S&uii=396985035519360916&acd=1607030598306&ckid=6494949175492125638&async=1&pubid=21&systgt=%24qc%3D1311284246%3B%24ql%3DUnknown%3B%24qpc%3D8152%3B%24qt%3D73_4138_117804t%3B%24dma%3D0%3B%24b%3D16830%3B%24o%3D12100%3B%24sw%3D1600%3B%24sh%3D1200&tgt=%24dt%3D1t&pgDomain=https%3A%2F%2Fportalmanaus24h.com.br%2FwebApps_AplicationCpf.php&noadcbk=sas.noad&insid=8055129%2C&capp=0%2C&mcrdbt=0%2C
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.201.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87ce4cc30530348882f7ec9e07ca8a24e704140aef3ef8260c3272598081c99b

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 21:23:18 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 23 Nov 2020 20:24:01 GMT
server: cloudflare
age: 3361
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 5fc0591afca1cc5a-ZRH
content-length: 1146
cf-request-id: 06cc1604db0000cc5a430e0000000001
expires: Thu, 03 Dec 2020 23:23:18 GMT

GET
H/1.1 200
OK sas-floor-ad-1-4b_d8c5fe9f-4248-4adf-8032-05f01ddd4f08.js Show response
creatives.sascdn.com/diff/2447/6880103/ 8 KB
3 KB 41ms
13ms Script
application/x-javascript 2a02:26f0:6c00::210:ba29
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://creatives.sascdn.com/diff/2447/6880103/sas-floor-ad-1-4b_d8c5fe9f-4248-4adf-8032-05f01ddd4f08.js
Requested by: Host: ads.simpleads.com.br
URL: https://ads.simpleads.com.br/h/nshow?siteid=321679&pgid=1144737&fmtid=52027&tag=smp_52027&tmstp=4561101860&visit=S&uii=396985035519360918&acd=1607030598306&ckid=6494949175492125638&async=1&pubid=21&systgt=%24qc%3D1311284246%3B%24ql%3DUnknown%3B%24qpc%3D8152%3B%24qt%3D73_4138_117804t%3B%24dma%3D0%3B%24b%3D16830%3B%24o%3D12100%3B%24sw%3D1600%3B%24sh%3D1200&tgt=%24dt%3D1t&pgDomain=https%3A%2F%2Fportalmanaus24h.com.br%2FwebApps_AplicationCpf.php&noadcbk=sas.noad&insid=8055518%2C&capp=0%2C&mcrdbt=0%2C
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba29 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0e29f9a85e5960160477df2b85d9677a3deee504bac7a5abe6d204d741bb8258

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 03 Dec 2020 21:23:18 GMT
Content-Encoding: gzip
Last-Modified: Thu, 23 Apr 2020 19:54:21 GMT
Server: AkamaiNetStorage
ETag: "20736de8ce69da81b561b8d000b50604:1587671661"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2548
Expires: Fri, 03 Dec 2021 21:23:18 GMT

GET
H2 200 tags Show response
d.liquidadserver.com.br/ Frame 49E2 177 KB
55 KB 47ms
29ms Script
application/javascript 2606:4700:3030::6812:3ff4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://d.liquidadserver.com.br/tags
Requested by: Host: ads.simpleads.com.br
URL: https://ads.simpleads.com.br/h/nshow?siteid=321679&pgid=1144737&fmtid=52027&tag=smp_52027&tmstp=4561101860&visit=S&uii=396985035519360918&acd=1607030598306&ckid=6494949175492125638&async=1&pubid=21&systgt=%24qc%3D1311284246%3B%24ql%3DUnknown%3B%24qpc%3D8152%3B%24qt%3D73_4138_117804t%3B%24dma%3D0%3B%24b%3D16830%3B%24o%3D12100%3B%24sw%3D1600%3B%24sh%3D1200&tgt=%24dt%3D1t&pgDomain=https%3A%2F%2Fportalmanaus24h.com.br%2FwebApps_AplicationCpf.php&noadcbk=sas.noad&insid=8055518%2C&capp=0%2C&mcrdbt=0%2C
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6812:3ff4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.4
Resource Hash: bf73ece92d892694c939f494ab9fbe2a58e8a7ce9f2ebabeb721b475876c46fd

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 21:23:18 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-edge-location: defr
x-powered-by: PHP/7.1.4
x-cache: HIT
access-control-allow-methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
cf-request-id: 06cc1604c00000d6c9e69fc000000001
link: <https://delivery.liquidadserver.com.br/tags>; rel="canonical"
referrer-policy: unsafe-url
last-modified: Wed, 18 Nov 2020 19:32:59 GMT
server: cloudflare
etag: W/"2c5e6-175dcd88632"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ytLaMB0yJf%2F7rjzp7og5Dir%2BNHJNciGO%2BHf8kuR2GGkWcvTHQv1ejYcafbaRD9ED%2BGrVLEriZvix806Kl%2B0QoZVfpuH3PYWqVGl%2BIe7ol3cI86EbgGB%2FEPN%2Bl6a9RAwT7JUkYg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
cf-ray: 5fc0591ac9ffd6c9-FRA
access-control-allow-headers: X-Requested-With,content-type
expires: Thu, 10 Dec 2020 21:23:18 GMT

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ 46 KB
13 KB 163ms
72ms Script
application/javascript 54.154.162.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=924444&campId=52027&pubId=2447&chanId=https%3a%2f%2fportalmanaus24h.com.br&dealId=8055518&ias_adpath=%23smp_52027
Requested by: Host: ads.simpleads.com.br
URL: https://ads.simpleads.com.br/h/nshow?siteid=321679&pgid=1144737&fmtid=52027&tag=smp_52027&tmstp=4561101860&visit=S&uii=396985035519360918&acd=1607030598306&ckid=6494949175492125638&async=1&pubid=21&systgt=%24qc%3D1311284246%3B%24ql%3DUnknown%3B%24qpc%3D8152%3B%24qt%3D73_4138_117804t%3B%24dma%3D0%3B%24b%3D16830%3B%24o%3D12100%3B%24sw%3D1600%3B%24sh%3D1200&tgt=%24dt%3D1t&pgDomain=https%3A%2F%2Fportalmanaus24h.com.br%2FwebApps_AplicationCpf.php&noadcbk=sas.noad&insid=8055518%2C&capp=0%2C&mcrdbt=0%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.162.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-162-165.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: f509b7ad83d463e6e18b952f75d6d5e034587e2bb1e9d570875d6fa431a70f72

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Dec 2020 21:23:18 GMT
content-encoding: gzip
x-server-name: app11.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 tags Show response
d.liquidadserver.com.br/ Frame 00F9 177 KB
54 KB 32ms
31ms Script
application/javascript 2606:4700:3030::6812:3ff4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://d.liquidadserver.com.br/tags
Requested by: Host: ads.simpleads.com.br
URL: https://ads.simpleads.com.br/h/nshow?siteid=321679&pgid=1144737&fmtid=52892&tag=smp_52892&tmstp=4561101860&visit=S&uii=396985035519360917&acd=1607030598306&ckid=6494949175492125638&async=1&pubid=21&systgt=%24qc%3D1311284246%3B%24ql%3DUnknown%3B%24qpc%3D8152%3B%24qt%3D73_4138_117804t%3B%24dma%3D0%3B%24b%3D16830%3B%24o%3D12100%3B%24sw%3D1600%3B%24sh%3D1200&tgt=%24dt%3D1t&pgDomain=https%3A%2F%2Fportalmanaus24h.com.br%2FwebApps_AplicationCpf.php&noadcbk=sas.noad&insid=9024423%2C&capp=0%2C&mcrdbt=0%2C
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6812:3ff4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.4
Resource Hash: bf73ece92d892694c939f494ab9fbe2a58e8a7ce9f2ebabeb721b475876c46fd

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 21:23:18 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-edge-location: defr
x-powered-by: PHP/7.1.4
x-cache: HIT
access-control-allow-methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
cf-request-id: 06cc1604dd0000d6c93a20b000000001
link: <https://delivery.liquidadserver.com.br/tags>; rel="canonical"
referrer-policy: unsafe-url
last-modified: Wed, 18 Nov 2020 19:32:59 GMT
server: cloudflare
etag: W/"2c5e6-175dcd88632"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=E6aMpzEdUCmQbRGhGFnpaVLvsjnlZs59cRTR090aVILIH9m7Mn45SmyLQuozpIMReAmoyV69PzPZlHJov0PE7mO5TflgsdxhrYDT3D52RNghgVdxb1PJpuFiUaO3DfMVVvRE2g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
cf-ray: 5fc0591afa48d6c9-FRA
access-control-allow-headers: X-Requested-With,content-type
expires: Thu, 10 Dec 2020 21:23:18 GMT

GET
H2 404 webApps_AplicationCpf.php
portalmanaus24h.com.br/ 56 KB
56 KB 1106ms
1105ms Image
text/html 2606:4700:3031::681c:1cef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
Requested by: Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:1cef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.11
Resource Hash: c5b5276689f3fe36ee4e23627e6192dd1330ba5213436cc078f489ec54b1cf7e

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 21:23:19 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.4.11
x-litespeed-cache: hit
cf-request-id: 06cc1604e40000c30352ba9000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xayZVPdP9TNRCg%2BzjhiDEmC%2BGOxV7pH%2Fbf5pxJwUWLNm6s35k2UFFtt5peF9Brm%2BBcIughV3VR3CSByT9aA51BR7zGVi%2Bd8HNU9lSEKJkn%2B%2BNKLArnjyFF5OHrEjQjmdINMv"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
x-turbo-charged-by: LiteSpeed
cf-ray: 5fc0591b0e77c303-FRA
link: <https://portalmanaus24h.com.br/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
DATA 200
OK truncated
/ 556 B
556 B Image
img/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 84ebb28c30d3d9fbcb792980ff677143ef36faf6a0bead58a56b75c713889c22

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: img/png

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame C81C 54 KB
19 KB 88ms
33ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: creatives.sascdn.com
URL: https://creatives.sascdn.com/diff/2447/6880103/sas-floor-ad-1-4b_d8c5fe9f-4248-4adf-8032-05f01ddd4f08.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

61ff9367a4398f81adf15029d4dde8dd895275de0ab2f88c4d5d548090e29b38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 21:23:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "713 / 313 of 1000 / last-modified: 1607024068"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18626
x-xss-protection: 0
expires: Thu, 03 Dec 2020 21:23:18 GMT

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ Frame C81C 1 KB
1 KB 106ms
36ms Script
application/x-javascript 172.227.80.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 172.227.80.146 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a172-227-80-146.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 03 Dec 2020 21:23:18 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Fri, 04 Dec 2020 21:23:18 GMT

GET
H/1.1

200
OK

p2
sb.scorecardresearch.com/ Frame C81C
Redirect Chain

https://sb.scorecardresearch.com/p?c1=8&c2=23608916&c3=321679&ns_ap_it=b&ns_ap_pn=&rn=4561101860
https://sb.scorecardresearch.com/p2?c1=8&c2=23608916&c3=321679&ns_ap_it=b&ns_ap_pn=&rn=4561101860&cs_ak_ss=1

43 B
589 B

45ms
45ms

Image
image/gif

172.227.80.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p2?c1=8&c2=23608916&c3=321679&ns_ap_it=b&ns_ap_pn=&rn=4561101860&cs_ak_ss=1
Requested by: Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 172.227.80.146 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a172-227-80-146.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 03 Dec 2020 21:23:19 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/p2?c1=8&c2=23608916&c3=321679&ns_ap_it=b&ns_ap_pn=&rn=4561101860&cs_ak_ss=1
Pragma: no-cache
Date: Thu, 03 Dec 2020 21:23:19 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK close_54x54.png
ced-ns.sascdn.com/diff/templates/images/ 1 KB
2 KB 122ms
39ms Image
image/png 2.16.186.107
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ced-ns.sascdn.com/diff/templates/images/close_54x54.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.107 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-16-186-107.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 76db8eaafd56a116fa9f722f596da45b0ef936a6975861fe6b481fe3bccd2398

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 03 Dec 2020 21:23:19 GMT
Last-Modified: Thu, 20 Mar 2014 16:32:28 GMT
Server: Apache
ETag: "70c31bd388f7006acdb8aa3d4bcbe99a:1395333148"
Content-Type: image/png
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1351

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 2C2F 53 KB
18 KB 81ms
33ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: creatives.sascdn.com
URL: https://creatives.sascdn.com/diff/2447/6880103/sas-interstitial-2-18b_4bc0b97f-9e32-4b1a-9caa-38cc1de43fc1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

6498e6cd623c0b02d27dcaa293fe8f06c1caab598e594a4e1865c3b62db68488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 21:23:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "713 / 992 of 1000 / last-modified: 1607024001"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18406
x-xss-protection: 0
expires: Thu, 03 Dec 2020 21:23:18 GMT

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ Frame 2C2F 1 KB
1 KB 140ms
47ms Script
application/x-javascript 172.227.80.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 172.227.80.146 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a172-227-80-146.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 03 Dec 2020 21:23:19 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Fri, 04 Dec 2020 21:23:19 GMT

GET
H/1.1

200
OK

p2
sb.scorecardresearch.com/ Frame 2C2F
Redirect Chain

https://sb.scorecardresearch.com/p?c1=8&c2=23608916&c3=321679&ns_ap_it=b&ns_ap_pn=&rn=4561101860
https://sb.scorecardresearch.com/p2?c1=8&c2=23608916&c3=321679&ns_ap_it=b&ns_ap_pn=&rn=4561101860&cs_ak_ss=1

43 B
589 B

39ms
39ms

Image
image/gif

172.227.80.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p2?c1=8&c2=23608916&c3=321679&ns_ap_it=b&ns_ap_pn=&rn=4561101860&cs_ak_ss=1
Requested by: Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 172.227.80.146 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a172-227-80-146.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 03 Dec 2020 21:23:19 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/p2?c1=8&c2=23608916&c3=321679&ns_ap_it=b&ns_ap_pn=&rn=4561101860&cs_ak_ss=1
Pragma: no-cache
Date: Thu, 03 Dec 2020 21:23:19 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK json Show response
pro.ip-api.com/ Frame 49E2 263 B
419 B 24ms
24ms Fetch
application/json 51.77.64.70
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.ip-api.com/json?key=BRsrCTcgCy7FxIl
Requested by: Host: d.liquidadserver.com.br
URL: https://d.liquidadserver.com.br/tags
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS: de-fra-1.pro.ip-api.com
Software: /
Resource Hash: a6211418bb7dc1d352bd094483e16c5afc8c23eac7b1655cbb9b593a6392f411

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 03 Dec 2020 21:23:18 GMT
Content-Length: 263
Content-Type: application/json; charset=utf-8

GET
H/1.1 200
OK json Show response
pro.ip-api.com/ Frame 4432 263 B
419 B 45ms
24ms Fetch
application/json 51.77.64.70
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.ip-api.com/json?key=BRsrCTcgCy7FxIl
Requested by: Host: d.liquidadserver.com.br
URL: https://d.liquidadserver.com.br/tags
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS: de-fra-1.pro.ip-api.com
Software: /
Resource Hash: a6211418bb7dc1d352bd094483e16c5afc8c23eac7b1655cbb9b593a6392f411

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 03 Dec 2020 21:23:19 GMT
Content-Length: 263
Content-Type: application/json; charset=utf-8

GET
H2 200 flimpobj.js Show response
pixel.yabidos.com/ 30 KB
24 KB 24ms
23ms Script
application/javascript 104.16.201.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/flimpobj.js?cb=1607030598954&ver1=2.2.3&qid=034393f5534393f5734363&rnd=uk5v8u1frwgl&cid=647
Requested by: Host: pixel.yabidos.com
URL: https://pixel.yabidos.com/fltiu.js?qid=034393f5534393f5734363&cid=647&p=2447&s=https%3a%2f%2fportalmanaus24h.com.br&x=SmartAdserver&nci=8055129&nai=52026&adtg=smp_52026&si=321679&ip=185.156.175.107&ua=Mozilla%2f5.0+(Macintosh%3b+Intel+Mac+OS+X+10_14_5)+AppleWebKit%2f537.36+(KHTML%2c+like+Gecko)+Chrome%2f83.0.4103.61+Safari%2f537.36&flcb=1418337901&di=
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.201.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3f5fe43cf3b943aa4ef647e87d8189c61b971c177cb3a6f3e88076fd4b2b9df

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 21:23:18 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 23 Nov 2020 20:24:01 GMT
server: cloudflare
age: 3360
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 5fc0591b9ddfcc5a-ZRH
content-length: 23972
cf-request-id: 06cc1605430000cc5a2ca2e000000001
expires: Thu, 03 Dec 2020 23:23:18 GMT

GET
H/1.1 200
OK json Show response
pro.ip-api.com/ Frame 00F9 263 B
419 B 58ms
23ms Fetch
application/json 51.77.64.70
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.ip-api.com/json?key=BRsrCTcgCy7FxIl
Requested by: Host: d.liquidadserver.com.br
URL: https://d.liquidadserver.com.br/tags
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS: de-fra-1.pro.ip-api.com
Software: /
Resource Hash: a6211418bb7dc1d352bd094483e16c5afc8c23eac7b1655cbb9b593a6392f411

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 03 Dec 2020 21:23:19 GMT
Content-Length: 263
Content-Type: application/json; charset=utf-8

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame F5FE 53 KB
18 KB 40ms
40ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: creatives.sascdn.com
URL: https://creatives.sascdn.com/diff/2447/6880103/dhtml-ad-simpleads-ads-05-beta4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

6498e6cd623c0b02d27dcaa293fe8f06c1caab598e594a4e1865c3b62db68488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 21:23:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "713 / 58 of 1000 / last-modified: 1607024001"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18406
x-xss-protection: 0
expires: Thu, 03 Dec 2020 21:23:19 GMT

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ Frame F5FE 1 KB
1 KB 73ms
39ms Script
application/x-javascript 172.227.80.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 172.227.80.146 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a172-227-80-146.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 03 Dec 2020 21:23:19 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Fri, 04 Dec 2020 21:23:19 GMT

GET
H/1.1

200
OK

p2
sb.scorecardresearch.com/ Frame F5FE
Redirect Chain

https://sb.scorecardresearch.com/p?c1=8&c2=23608916&c3=321679&ns_ap_it=b&ns_ap_pn=&rn=4561101860
https://sb.scorecardresearch.com/p2?c1=8&c2=23608916&c3=321679&ns_ap_it=b&ns_ap_pn=&rn=4561101860&cs_ak_ss=1

43 B
589 B

49ms
49ms

Image
image/gif

172.227.80.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p2?c1=8&c2=23608916&c3=321679&ns_ap_it=b&ns_ap_pn=&rn=4561101860&cs_ak_ss=1
Requested by: Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 172.227.80.146 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a172-227-80-146.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 03 Dec 2020 21:23:19 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/p2?c1=8&c2=23608916&c3=321679&ns_ap_it=b&ns_ap_pn=&rn=4561101860&cs_ak_ss=1
Pragma: no-cache
Date: Thu, 03 Dec 2020 21:23:19 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.gr.19.8.148.js Show response
static.adsafeprotected.com/ 176 KB
56 KB 40ms
13ms Script
application/javascript 2600:9000:2190:d000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.148.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=924444&campId=52027&pubId=2447&chanId=https%3a%2f%2fportalmanaus24h.com.br&dealId=8055518&ias_adpath=%23smp_52027
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:d000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2643ed4afec05499a0512b719a13c28b70ce6385241c8a46a2f718e2b275046e

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 22:36:17 GMT
content-encoding: gzip
age: 82022
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 02 Dec 2020 22:21:10 GMT
server: AmazonS3
etag: W/"759b8caa427845cb0f35061a0cbe8d07"
vary: Accept-Encoding
x-amz-version-id: jFlCPuWZb13F7XOq7x4jZr7K0ZmVQw0z
via: 1.1 d4ab4520827d99650a0d233539c37425.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript
x-amz-cf-id: xMR5H9qa08pl_P3Ces10ypNuSrY4VKqp5mYgAu4ysThM3dvYlEXnvw==

GET
H2 200 vbl.gif
pre.glotgrx.com/ 26 B
445 B 28ms
12ms Image
image/gif 2606:4700::6810:3f36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pre.glotgrx.com/vbl.gif?cb=1607030599216&rnd=uk5v8u1frwgl&ifm=0&uai=2&cid=647&s=https%253A//portalmanaus24h.com.br&p=2447&x=SmartAdserver&adtg=smp_52026&ats=0&atf=smp_52026&nsi=&si=321679&nci=8055129&nai=52026&pft=0&iip=0&adb=0&adc=0&adcd=i0_f0_o0_e0&ai=&icp=undefined&impid=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 21:23:19 GMT
cf-cache-status: HIT
last-modified: Mon, 01 Jun 2020 01:14:19 GMT
server: cloudflare
age: 1269
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 5fc0591d4ea2d6b5-FRA
content-length: 26
cf-request-id: 06cc16064f0000d6b515b4b000000001
expires: Thu, 03 Dec 2020 23:23:19 GMT

GET
H2 200 nflrc.gif
pre.glotgrx.com/ 26 B
114 B 33ms
17ms Image
image/gif 2606:4700::6810:3f36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pre.glotgrx.com/nflrc.gif?cb=1607030599203469&ver=1.2r81&qid=034393f5534393f5734363&p=2447&s=https%253A//portalmanaus24h.com.br&x=SmartAdserver&cid=647&od1=&od2=&adtg=smp_52026&nci=8055129&nai=52026&si=321679&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=uk5v8u1frwgl&impid=&tps=41&ver1=2.2.3&di=&flcb=1418337901&ua=Mozilla%2f5.0+(Macintosh%3b+Intel+Mac+OS+X+10_14_5)+AppleWebKit%2f537.36+(KHTML%2c+like+Gecko)+Chrome%2f83.0.4103.61+Safari%2f537.36&ip=185.156.175.107&1=6f0ee731b7b4ce8ac0f9c16acf24ceb7&2=1.0&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%7D%7D&6=2&7={%22e%22:%223%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=0&atf=smp_52026&dbgcid=647&ifm=0&penv=b&pt=&ptbp=&tw=1&ldp=0&icpl=60&icp=https%253A//portalmanaus24h.com.br/webApps_AplicationCpf.php&irfl=0&irf=&cty=4&fcs=1&flky=ver-fl-6-qid-fl-22-p-fl-4-s-fl-36-x-fl-13-cid-fl-3-od1-fl-0-od2-fl-0-adtg-fl-9-nci-fl-7-nai-fl-5-si-fl-6-ai-fl-0-nsi-fl-0-co-fl-0-cstm1-fl-0-cstm2-fl-0-cstm3-fl-0-rnd-fl-12-impid-fl-0-tps-fl-0-cb-fl-13-ver1-fl-5-di-fl-0-flcb-fl-10-ua-fl-132-ip-fl-15-&spfp=1&spfnp=0&sp1=Chromefl_andLinux&sp2=Chromefl_andMacIntel&adv=0&det=1&adb=0&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=1600x1200&gpu=undefined&ncf=4g_10_undefined_null_0_undefined_false&fli=3429136985&flerr=0&trim=&fio=22
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 21:23:19 GMT
cf-cache-status: HIT
last-modified: Mon, 01 Jun 2020 01:14:19 GMT
server: cloudflare
age: 1263
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 5fc0591d4ea4d6b5-FRA
content-length: 26
cf-request-id: 06cc16064f0000d6b5718f5000000001
expires: Thu, 03 Dec 2020 23:23:19 GMT

GET
H/1.1 200
OK zone Show response
delivery.liquidadserver.com.br/ Frame 49E2 6 KB
2 KB 361ms
120ms Fetch
application/json 157.245.136.40
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.liquidadserver.com.br/zone?key_md5=bcc1a90307f7b6c1e9a0311fc5c8d9fe&country=Switzerland&state=Zurich&city=Zurich&latitude=47.394&longitude=8.445&stid=e37c37c8503bf1322d650c811ccac696
Requested by: Host: d.liquidadserver.com.br
URL: https://d.liquidadserver.com.br/tags
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 157.245.136.40 , United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) / PHP/7.1.4
Resource Hash: 8d78d773e1062a0a555e852d17cc2a4e649b5da88e6ed8c9c6b932da54fc4b51

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 03 Dec 2020 21:23:19 GMT
Content-Encoding: gzip
Referrer-Policy: unsafe-url
Server: nginx/1.14.0 (Ubuntu)
X-Powered-By: PHP/7.1.4
Vary: Origin, Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://portalmanaus24h.com.br
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With,content-type
ETag: W/"16d7-YWL3U0/qOchqXMq5WnVBZMTuKqM"

GET
H3-Q050 200 pubads_impl_2020111901.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 2C2F 277 KB
98 KB 81ms
48ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

2fa866f281364240678617640d2944c8927bb03588410dfec54a4a97641129e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 21:23:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 19 Nov 2020 09:45:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99950
x-xss-protection: 0
expires: Thu, 03 Dec 2020 21:23:19 GMT

GET
H/1.1 204
No Content b
sb.scorecardresearch.com/ Frame C81C 0
528 B 49ms
48ms Image
text/plain 172.227.80.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=8&c2=23608916&c3=&ns__t=1607030599274&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fportalmanaus24h.com.br%2FwebApps_AplicationCpf.php&c9=
Requested by: Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 172.227.80.146 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a172-227-80-146.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 03 Dec 2020 21:23:19 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content b
sb.scorecardresearch.com/ Frame 2C2F 0
528 B 40ms
39ms Image
text/plain 172.227.80.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=8&c2=23608916&c3=&ns__t=1607030599274&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fportalmanaus24h.com.br%2FwebApps_AplicationCpf.php&c9=
Requested by: Host: sb.scorecardresearch.com
URL: https://sb.scorecardresearch.com/beacon.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 172.227.80.146 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a172-227-80-146.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 03 Dec 2020 21:23:19 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content b
sb.scorecardresearch.com/ Frame F5FE 0
528 B 41ms
40ms Image
text/plain 172.227.80.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=8&c2=23608916&c3=&ns__t=1607030599275&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fportalmanaus24h.com.br%2FwebApps_AplicationCpf.php&c9=
Requested by: Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 172.227.80.146 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a172-227-80-146.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 03 Dec 2020 21:23:19 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 pubads_impl_2020111901.js Show response
securepubads.g.doubleclick.net/gpt/ Frame F5FE 277 KB
98 KB 74ms
50ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

2fa866f281364240678617640d2944c8927bb03588410dfec54a4a97641129e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 21:23:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 19 Nov 2020 09:45:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99950
x-xss-protection: 0
expires: Thu, 03 Dec 2020 21:23:19 GMT

GET
H3-Q050 200 pubads_impl_2020120201.js Show response
securepubads.g.doubleclick.net/gpt/ Frame C81C 278 KB
98 KB 68ms
50ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120201.js?21068927

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

05512d815f46a3dd0e9aaa163dad6808ea2c7d43c89fe74b821c879c4b1b5046

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 21:23:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 02 Dec 2020 09:38:05 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100031
x-xss-protection: 0
expires: Thu, 03 Dec 2020 21:23:19 GMT

GET
H2 200 sca.17.4.114.js Show response
static.adsafeprotected.com/ Frame DCC1 81 KB
22 KB 12ms
12ms Script
application/javascript 2600:9000:2190:d000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.4.114.js
Requested by: Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:d000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ad9ae0374e0334d2511e951a2381a164fa87ce86594fc027d25a8624774c3c96

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 28 Aug 2020 08:42:12 GMT
content-encoding: gzip
age: 8426467
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 13 Jan 2020 23:54:54 GMT
server: AmazonS3
etag: W/"e456dd0e5be3c2494dd734db6c5b965c"
vary: Accept-Encoding
x-amz-version-id: gSPddsS9N0PGtUp2YQy7vCAfLQOR874Z
via: 1.1 d4ab4520827d99650a0d233539c37425.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: ZRH50-C1
content-type: application/javascript
x-amz-cf-id: 7PcI3H0UCMdx7Tzi-8u7PWrE6pmSuhw6d6Caw1szokyhcsGKdMDoCA==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
216 B 56ms
55ms Image
image/gif 54.154.162.165
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=924444&campId=52027&pubId=2447&chanId=https%3a%2f%2fportalmanaus24h.com.br&dealId=8055518&ias_adpath=%23smp_52027&adsafe_url=https%3A%2F%2Fportalmanaus24h.com.br%2FwebApps_AplicationCpf.php&adsafe_type=abdfq&adsafe_jsinfo=,id:4df9fa51-c2c8-e09b-b4b5-6478eaa358c3,c:vRXjlS,sl:outOfView,em:false,fr:true,mn:app11ie,pt:1-5-15,wc:0.0.1600.1200,ac:-1000.2290.4.4,am:sp,cc:0.2290.1600.0,piv:0,obst:0,th:0,reas:r,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,fm:si92CuW+1*.924444|11|12|13|14|15|16|17|18|19|1a|1b|1c|1d,idMap:1*,pl:,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,thd:1,et:347,oid:c3715235-35ad-11eb-a5c2-024bf4a6d028,v:19.8.148,sp:1,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.162.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-162-165.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Dec 2020 21:23:19 GMT
x-server-name: app06.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 563ms
191ms Image
image/gif 104.244.38.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=924444&asId=4df9fa51-c2c8-e09b-b4b5-6478eaa358c3&tv={c:vRXjmx,pingTime:-2,time:387,type:a,im:{sf:0,pom:1,prf:{beA:6168,beZ:6169,mfA:6474,cmA:6476,inA:6476,inZ:6484,prA:6484,prZ:6491,si:6515,poA:6515,poZ:6525,cmZ:6525,mfZ:6525,loA:6535,loZ:6536,ltA:6554,ltZ:6554}},env:{gca:false,cca:false,gca2:false},clog:[{piv:0,vs:o,r:r,w:4,h:4,t:346}],es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:387,n:0,pp:0,pm:0},slEvents:[{sl:o,t:345,wc:0.0.1600.1200,ac:-1000.2290.4.4,am:sp,cc:0.2290.1600.0,piv:0,obst:0,th:0,reas:r,bkn:{piv:[75~0],as:[75~4.4]}}],slEventCount:1,em:false,fr:true,e:,tt:jload,dtt:0,fm:si92CuW+1*.924444|11|12|13|14|15|16|17|18|19|1a|1b|1c|1d,idMap:1*,rmeas:1,rend:0,renddet:na,slid:[],sinceFw:39,readyFired:true}&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.38.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: sjedt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 03 Dec 2020 21:23:19 GMT
X-Server-Name: dt17sje.sje.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK zone Show response
delivery.liquidadserver.com.br/ Frame 4432 6 KB
2 KB 310ms
120ms Fetch
application/json 157.245.136.40
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.liquidadserver.com.br/zone?key_md5=bcc1a90307f7b6c1e9a0311fc5c8d9fe&country=Switzerland&state=Zurich&city=Zurich&latitude=47.394&longitude=8.445&stid=e37c37c8503bf1322d650c811ccac696
Requested by: Host: d.liquidadserver.com.br
URL: https://d.liquidadserver.com.br/tags
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 157.245.136.40 , United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) / PHP/7.1.4
Resource Hash: f51c2c5ba5c512a7b46c40c1d37ac9f8c86486f99e8a840404b04c1357bf8619

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 03 Dec 2020 21:23:19 GMT
Content-Encoding: gzip
Referrer-Policy: unsafe-url
Server: nginx/1.14.0 (Ubuntu)
X-Powered-By: PHP/7.1.4
Vary: Origin, Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://portalmanaus24h.com.br
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With,content-type
ETag: W/"16d7-i6tMDn913lyKggBbJp+n1UaTf9s"

GET
H2 200 integrator.js Show response
adservice.google.ch/adsid/ Frame 2C2F 109 B
803 B 125ms
40ms Script
application/javascript 2a00:1450:4010:c0f::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=portalmanaus24h.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4010:c0f::9c Lappeenranta, Finland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 03 Dec 2020 21:23:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 2C2F 109 B
781 B 42ms
29ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=portalmanaus24h.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 03 Dec 2020 21:23:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 2C2F 4 KB
3 KB 152ms
152ms XHR
text/plain 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2196103386598050&correlator=38296586724913&output=ldjh&impl=fifs&eid=21067995&vrg=2020111901&guci=2.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201203&iu_parts=21713884182%2Cad_primeiro_impacto%2Cad_primeiro_impacto_desktop&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=480x320%7C580x400%7C1000x540%7C1024x768%7C640x480%7C1260x400%7C970x250&cookie=ID%3D28709e5ce075ec4e-22ab45bd80a600f4%3AT%3D1607030596%3ART%3D1607030596%3AS%3DALNI_MYZH4Uv_w4nHVXZmEcE915RuLTWbA&cdm=portalmanaus24h.com.br&bc=31&abxe=1&lmt=1607030599&dt=1607030599490&dlt=1607030598914&idt=558&ea=0&frm=23&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=235222445&ucis=aqc5mwufyh76&ifi=1&ifk=3554347976&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fportalmanaus24h.com.br%2FwebApps_AplicationCpf.php&top=https%3A%2F%2Fportalmanaus24h.com.br%2FwebApps_AplicationCpf.php&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=2085078927.1607030599&ga_sid=1607030599&ga_hid=1305474036&fws=256&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e5b87bd63c6397347273f972559d5c635d7dc41e92beb05b67faa4c7a40b58bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 21:23:19 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2313
x-xss-protection: 0
google-lineitem-id: 4752570600
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138240942008
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://portalmanaus24h.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
a03b5dbf87b0687e5871df2969472973.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 2C2F 0
0 70ms
38ms Other
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a03b5dbf87b0687e5871df2969472973.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H/1.1 200
OK zone Show response
delivery.liquidadserver.com.br/ Frame 00F9 6 KB
2 KB 264ms
117ms Fetch
application/json 157.245.136.40
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.liquidadserver.com.br/zone?key_md5=bcc1a90307f7b6c1e9a0311fc5c8d9fe&country=Switzerland&state=Zurich&city=Zurich&latitude=47.394&longitude=8.445&stid=e37c37c8503bf1322d650c811ccac696
Requested by: Host: d.liquidadserver.com.br
URL: https://d.liquidadserver.com.br/tags
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 157.245.136.40 , United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) / PHP/7.1.4
Resource Hash: eb0f32de88a847b518bbc8563c70614c63341fa23232b00303e83c3fdf0a2f90

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 03 Dec 2020 21:23:19 GMT
Content-Encoding: gzip
Referrer-Policy: unsafe-url
Server: nginx/1.14.0 (Ubuntu)
X-Powered-By: PHP/7.1.4
Vary: Origin, Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://portalmanaus24h.com.br
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With,content-type
ETag: W/"16d7-cJaj/tWU8lMmty7MEhstnLLMLXY"

GET
H2 200 integrator.js Show response
adservice.google.ch/adsid/ Frame C81C 109 B
169 B 63ms
41ms Script
application/javascript 2a00:1450:4010:c0f::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=portalmanaus24h.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120201.js?21068927

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4010:c0f::9c Lappeenranta, Finland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 03 Dec 2020 21:23:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame C81C 109 B
127 B 15ms
15ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=portalmanaus24h.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120201.js?21068927

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 03 Dec 2020 21:23:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame C81C 4 KB
2 KB 183ms
183ms XHR
text/plain 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=163504464582508&correlator=4160370949577167&output=ldjh&impl=fifs&eid=21068927%2C21068480&vrg=2020120201&guci=2.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201203&iu_parts=21713884182%2Cad_footer%2Cad_footer_desktop&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x66%7C980x90%7C980x120%7C750x100%7C960x90%7C468x60%7C970x90%7C950x90&cookie=ID%3D28709e5ce075ec4e-22ab45bd80a600f4%3AT%3D1607030596%3ART%3D1607030596%3AS%3DALNI_MYZH4Uv_w4nHVXZmEcE915RuLTWbA&cdm=portalmanaus24h.com.br&bc=31&abxe=1&lmt=1607030599&dt=1607030599553&dlt=1607030598906&idt=628&ea=0&frm=23&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=1291662414&ucis=fbc3b4gn58h8&ifi=1&ifk=3554347976&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fportalmanaus24h.com.br%2FwebApps_AplicationCpf.php&top=https%3A%2F%2Fportalmanaus24h.com.br%2FwebApps_AplicationCpf.php&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=241454820.1607030600&ga_sid=1607030600&ga_hid=1225290933&fws=256&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120201.js?21068927

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

df5d9f52683f6a8d5a7d1137b1376221524310e15f4e03593ab45495ffdd21bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 21:23:19 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2264
x-xss-protection: 0
google-lineitem-id: 4752570600
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138241122886
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://portalmanaus24h.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
1fed252caa561456b7cca9269320fc87.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame C81C 0
0 52ms
38ms Other
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://1fed252caa561456b7cca9269320fc87.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120201.js?21068927
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 integrator.js Show response
adservice.google.ch/adsid/ Frame F5FE 109 B
169 B 41ms
40ms Script
application/javascript 2a00:1450:4010:c0f::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=portalmanaus24h.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4010:c0f::9c Lappeenranta, Finland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 03 Dec 2020 21:23:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame F5FE 109 B
127 B 15ms
15ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=portalmanaus24h.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 03 Dec 2020 21:23:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame F5FE 468 B
289 B 149ms
149ms XHR
text/plain 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3364053218927902&correlator=2757648573814793&output=ldjh&impl=fifs&eid=21068811&vrg=2020111901&guci=2.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201203&iu_parts=21713884182%2Cad_slider%2Cad_slider_desktop&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x100%7C240x133%7C300x250%7C200x200%7C336x280%7C250x250%7C300x300%7C320x100&fluid=height&cookie=ID%3D28709e5ce075ec4e-22ab45bd80a600f4%3AT%3D1607030596%3ART%3D1607030596%3AS%3DALNI_MYZH4Uv_w4nHVXZmEcE915RuLTWbA&cdm=portalmanaus24h.com.br&bc=31&abxe=1&lmt=1607030599&dt=1607030599568&dlt=1607030598878&idt=684&ea=0&frm=23&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=1057568192&ucis=snh8d74vpawp&ifi=1&ifk=3554347976&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fportalmanaus24h.com.br%2FwebApps_AplicationCpf.php&top=https%3A%2F%2Fportalmanaus24h.com.br%2FwebApps_AplicationCpf.php&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=1894079634.1607030600&ga_sid=1607030600&ga_hid=707142362&fws=256&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

8f0b720bd48796496b1a271bb1d90757f904bce7ba4eb32f3a27f106e9a053ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 21:23:19 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 247
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://portalmanaus24h.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
e242190ff3d686a186cd1a7e383f0141.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame F5FE 0
0 27ms
13ms Other
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://e242190ff3d686a186cd1a7e383f0141.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 / Show response
tracker.liquidadserver.com.br/ Frame 49E2 43 B
855 B 351ms
287ms Fetch
image/gif 2606:4700:3033::6812:3ef4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.liquidadserver.com.br/?ev=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJhZF9pZCI6MzgsImFkX25hbWUiOiJURVNURSBDT09LSUVMRVNTIiwiYWRfdHlwZSI6IkRpc3BsYXkiLCJ6b25lX2lkIjoyMCwiem9uZV9uYW1lIjoiVEVTVEUgQ09PS0lFTEVTUyIsInpvbmVfbWQ1IjoiYmNjMWE5MDMwN2Y3YjZjMWU5YTAzMTFmYzVjOGQ5ZmUiLCJjbGllbnRfaWQiOjM4NTc5LCJjbGllbnRfbmFtZSI6IlNJTVBMRUFEUyBURUNOT0xPR0lBIEUgSU5GT1JNQUNBTyBESUdJVEFMIExURCIsImNhbXBhaWduX2lkIjoxNSwiY2FtcGFpZ25fbmFtZSI6IlRFU1RFIENPT0tJRUxFU1MiLCJjcmVhdGl2ZXNpemUiOiIxeDEiLCJuYW1lTWQ1IjoiYmNjMWE5MDMwN2Y3YjZjMWU5YTAzMTFmYzVjOGQ5ZmUzOCIsImNyZWF0aXZlX3VybCI6IiIsImV4dGVuc2lvbiI6ImdpZiIsInNpemUiOm51bGwsIm9ubGluZSI6IkFndWFyZGFuZG8iLCJyaWQiOiIwOTM0NjRkMTdlZmMzOTIzOGE4ZGJlNTAwYWZhZDBiOSIsImRvbWFpbiI6InBvcnRhbG1hbmF1czI0aC5jb20uYnIiLCJyZWZlcmVyIjoiaHR0cHM6Ly9wb3J0YWxtYW5hdXMyNGguY29tLmJyL3dlYkFwcHNfQXBsaWNhdGlvbkNwZi5waHAiLCJjb3VudHJ5IjoiU3dpdHplcmxhbmQiLCJjaXR5IjoiWnVyaWNoIiwic3RhdGUiOiJadXJpY2giLCJsYXRpdHVkZSI6IjQ3LjM5NCIsImxvbmdpdHVkZSI6IjguNDQ1Iiwic3RpZCI6ImUzN2MzN2M4NTAzYmYxMzIyZDY1MGM4MTFjY2FjNjk2IiwiZXZlbnQiOiJyZXF1ZXN0In0.6xGevQCH-5cgFMd-Evs5WopMrNynYPuEVMzRXSoBdxA
Requested by: Host: d.liquidadserver.com.br
URL: https://d.liquidadserver.com.br/tags
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6812:3ef4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.7
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 21:23:19 GMT
access-control-allow-methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.1.7
content-length: 43
cf-request-id: 06cc160810000032c82c2b7000000001
referrer-policy: unsafe-url
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=N8YNn2A9VLQp3ntnt0oW93YyCnMQ5PsCwUvH2SNLypto1gbdZ4zoC%2BA1oLLs%2BRcye4LR5MKm5SaGvMvZKOAU4oxrZC1%2FjI15NmCd3vws2O6ird1Ck22yj6%2B3C8tsTrkouSa3X3n%2BTzhmHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: https://portalmanaus24h.com.br
access-control-allow-credentials: true
cf-ray: 5fc059201c4532c8-CDG
access-control-allow-headers: X-Requested-With,content-type

GET
H2 200 / Show response
tracker.liquidadserver.com.br/ Frame 49E2 43 B
538 B 335ms
327ms Fetch
image/gif 2606:4700:3030::6812:3ff4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.liquidadserver.com.br/?ev=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJhZF9pZCI6MzgsImFkX25hbWUiOiJURVNURSBDT09LSUVMRVNTIiwiYWRfdHlwZSI6IkRpc3BsYXkiLCJ6b25lX2lkIjoyMCwiem9uZV9uYW1lIjoiVEVTVEUgQ09PS0lFTEVTUyIsInpvbmVfbWQ1IjoiYmNjMWE5MDMwN2Y3YjZjMWU5YTAzMTFmYzVjOGQ5ZmUiLCJjbGllbnRfaWQiOjM4NTc5LCJjbGllbnRfbmFtZSI6IlNJTVBMRUFEUyBURUNOT0xPR0lBIEUgSU5GT1JNQUNBTyBESUdJVEFMIExURCIsImNhbXBhaWduX2lkIjoxNSwiY2FtcGFpZ25fbmFtZSI6IlRFU1RFIENPT0tJRUxFU1MiLCJjcmVhdGl2ZXNpemUiOiIxeDEiLCJuYW1lTWQ1IjoiYmNjMWE5MDMwN2Y3YjZjMWU5YTAzMTFmYzVjOGQ5ZmUzOCIsImNyZWF0aXZlX3VybCI6IiIsImV4dGVuc2lvbiI6ImdpZiIsInNpemUiOm51bGwsIm9ubGluZSI6IkFndWFyZGFuZG8iLCJyaWQiOiIwOTM0NjRkMTdlZmMzOTIzOGE4ZGJlNTAwYWZhZDBiOSIsImRvbWFpbiI6InBvcnRhbG1hbmF1czI0aC5jb20uYnIiLCJyZWZlcmVyIjoiaHR0cHM6Ly9wb3J0YWxtYW5hdXMyNGguY29tLmJyL3dlYkFwcHNfQXBsaWNhdGlvbkNwZi5waHAiLCJjb3VudHJ5IjoiU3dpdHplcmxhbmQiLCJjaXR5IjoiWnVyaWNoIiwic3RhdGUiOiJadXJpY2giLCJsYXRpdHVkZSI6IjQ3LjM5NCIsImxvbmdpdHVkZSI6IjguNDQ1Iiwic3RpZCI6ImUzN2MzN2M4NTAzYmYxMzIyZDY1MGM4MTFjY2FjNjk2IiwiZXZlbnQiOiJpbXByZXNzaW9uIn0.KWDTaZIfuDNDCc9-n6KcuLXH4Kt7CtBYdba8Ci5x4XE
Requested by: Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6812:3ff4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.7
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 21:23:19 GMT
access-control-allow-methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.1.7
content-length: 43
cf-request-id: 06cc1607da0000d6c9011d7000000001
referrer-policy: unsafe-url
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hQalht1UduzOf%2BoQZRT8uNyYz%2B01Sc0KKvpyra0XpuTJx44v6DeKTQpQex0YwZFHoBBXLen3oEy7rd%2BuIbPwICE9i1tGmPugijYG2ieWXn0jMTmNRrWrniuVwoug%2FEg2Ak%2FtGCKlto3u1w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: https://portalmanaus24h.com.br
access-control-allow-credentials: true
cf-ray: 5fc0591fcc63d6c9-FRA
access-control-allow-headers: X-Requested-With,content-type

GET
H2 200 bcc1a90307f7b6c1e9a0311fc5c8d9fe38.gif
lqdads-7405.kxcdn.com/media/ Frame 49E2 42 B
738 B 33ms
6ms Image
image/gif 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lqdads-7405.kxcdn.com/media/bcc1a90307f7b6c1e9a0311fc5c8d9fe38.gif
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, DE),
Reverse DNS
Software: keycdn-engine / PHP/7.1.4
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 21:23:19 GMT
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
x-edge-location: defr
x-powered-by: PHP/7.1.4
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 42
cf-request-id: 05a632eee90000049b4a960200000001
last-modified: Wed, 07 Oct 2020 17:25:20 GMT
server: keycdn-engine
etag: W/"2a-17504189277"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=19&lkg-time=1602099993"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 5dea20f7dc43049b-CDG
expires: Thu, 10 Dec 2020 21:23:19 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8CE7 0
0 35ms
35ms Fetch
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvBqC9e6HajtB5H2pY10BF5XVARjNrEc1ednoBh7wmyWC00JyZEIW6hh790DVbz6a6R0z_W9D2uQTF-zWnPlPPwiLor1mylVucFrhcoxj8bNEjhZcZqofMiXOIPu4u7JGEXOa4LICywTSVx1dL03X5AYFVp5vy5huiMXBtn4W_wmngaQQ0Z2S2aUu52rnqa6cH1TuoQt6iWNukKqOMuOMNDjCL6cnF22TZ0M3k40b0v7NNaJvfskxIyKr94EfStSX6zyZPT7v0GqgpnCu8sm6_4T6QirWBAj3kK1-phFgt853XHSc4RGl1cMZSnCD2dLTA4&sig=Cg0ArKJSzE_A4q4Lhu4eEAE&urlfix=1&adurl=

Requested by

Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/webApps_AplicationCpf.php

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 03 Dec 2020 21:23:19 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8CE7 76 KB
29 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7f03d75d46816d94b6c288b49a823790aa4a5a6b003e75399ce7be537cc89a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 21:23:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1606937775260285"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29365
x-xss-protection: 0
expires: Thu, 03 Dec 2020 21:23:19 GMT

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2C2F 74 KB
28 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69a5b5635e3f65d07c7acd4786ec59d4140d58540aa981b58e0b4319621bd9e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 21:23:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1606937775260285"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28382
x-xss-protection: 0
expires: Thu, 03 Dec 2020 21:23:19 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 2C2F 8 KB
7 KB 51ms
37ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020111901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

11149ea98fb093db1630e95a06d70072ba13d455c519050e6280a7efd2c49713

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 03 Dec 2020 21:23:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6391
x-xss-protection: 0

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8CE7 0
22 B 38ms
37ms Image
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss8JeSP7dFPGDly6haLff37H0KUhX1w4-ly6PwbrJItrf6lgCjzpY-wwmYzmHMakSQB-dmCbDeuD_YBtBrgkeafDkhG1U7K50F5ypPyKBEq31R_7ObLx1IqKrFY7M76nHL26nyHQ4aGnu26bp_IT7eMQ7sxjsG6bAyS2Sfq2kokTGOVs2RVxrnle1kw3GjW1r2e5txGeucJQnHdgiBOXQo0QJzIaUN5C4CjWM2XOdEwz2BHt7zsZ6tRJKf6_KN8Fj_C5ZBlym9Wmblp6PtmvFb8_tTFwyaLbMrHvQoO-xf_Ozah8eenb8N3eLsXLp_DD3I8jcU&sig=Cg0ArKJSzPsrX3g9H5ldEAE&urlfix=1&adurl=

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 03 Dec 2020 21:23:19 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame F5FE 8 KB
6 KB 18ms
18ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020111901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

24959e16472fbd56f9f55ae4a384a6f87324cb923a573056a806e366c61114e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 03 Dec 2020 21:23:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6477
x-xss-protection: 0

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 398ms
191ms Image
image/gif 104.244.38.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=924444&asId=4df9fa51-c2c8-e09b-b4b5-6478eaa358c3&tv={c:vRXjsG,pingTime:-10,time:768,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.4.114v220002022000220000022002222000022220200000222220222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222222000220000222202222202222000002002002222222222220022202200222002220222202,sd:MTcuNC4xMTR2MTIwMHx8MTYwMHx8MXx8MXx8MjR8fDEyMDB8fDB8fDB8fDF8fGxhbmRzY2FwZS1wcmltYXJ5fHwyNHx8NC8zfHw0LzN8fDB8fDE2MDA-,no:MTcuNC4xMTR2TW96aWxsYXx8TmV0c2NhcGV8fG58fDE2fHxufHwwfHxufHxMaW51eCB4ODZfNjR8fEdlY2tvfHwyMDAzMDEwN3x8LTYwfHxNb3ppbGxhLzUuMCAoTWFjaW50b3NoOyBJbnRlbCBNYWMgT1MgWCAxMF8xNF81KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvODMuMC40MTAzLjYxIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,asp:1607030599765||41d2ada87ce3b013272560311373c677||71ff54ebddb1e090fbf173d96e2342c8||9eafc02fa635c82ebacf86831ccce87d||5e0cd570039e01ef9e8d488c23360dfe||39729cab00ccc3a2705da39280469c84||23a43c515e47de639d02c1e8f33aae22||dc2f1368a53f3a10f72350fa9e7492fb||1576000828}
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.38.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: sjedt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 03 Dec 2020 21:23:20 GMT
X-Server-Name: dt17sje.sje.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 2C2F 16 KB
6 KB 35ms
14ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 21:23:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Thu, 03 Dec 2020 21:23:19 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9ACA 0
0 35ms
35ms Fetch
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsss3TfATVj-4g0XH_x9ZJ7kww-lIb9J6ixICh-2SR4bpJDVb_B7N5Y_FMfQbJFs5R4nfg_zCvUEpmpykd8PPsLehOe3HCTJxo1kBESxCeoHpImCB4uhrMH_DTbL0wesMBFFAy3EM95o9RmmjOsOHVhT8_JtLbzUofuzNEb3as7lqdI9EgAWBid3-UrZ7-dPAaIps9iqLphxnj4bRdpys4e0K1HbDBx8Ef4eID1PzkSkKpgIA1vL4OrkGvXUXzrFUY4Ud38e1A33935qsNri_hDA8YF30M4UEjKlHrdl&sig=Cg0ArKJSzCllaZy5QQ56EAE&urlfix=1&adurl=

Requested by

Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/webApps_AplicationCpf.php

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 03 Dec 2020 21:23:19 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9ACA 76 KB
29 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120201.js?21068927

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7f03d75d46816d94b6c288b49a823790aa4a5a6b003e75399ce7be537cc89a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 21:23:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1606937775260285"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29365
x-xss-protection: 0
expires: Thu, 03 Dec 2020 21:23:19 GMT

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame C81C 74 KB
28 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120201.js?21068927

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69a5b5635e3f65d07c7acd4786ec59d4140d58540aa981b58e0b4319621bd9e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 21:23:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1606937775260285"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28382
x-xss-protection: 0
expires: Thu, 03 Dec 2020 21:23:19 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame C81C 8 KB
6 KB 24ms
24ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020120201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120201.js?21068927

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57c97b43f3619ff258529e5b2e325091be312f7fc98246d3005b23ac19ed3f55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 03 Dec 2020 21:23:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6519
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame F5FE 16 KB
6 KB 21ms
14ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 21:23:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Thu, 03 Dec 2020 21:23:19 GMT

GET
H2 200 / Show response
tracker.liquidadserver.com.br/ Frame 4432 43 B
376 B 308ms
307ms Fetch
image/gif 2606:4700:3033::6812:3ef4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.liquidadserver.com.br/?ev=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJhZF9pZCI6MzgsImFkX25hbWUiOiJURVNURSBDT09LSUVMRVNTIiwiYWRfdHlwZSI6IkRpc3BsYXkiLCJ6b25lX2lkIjoyMCwiem9uZV9uYW1lIjoiVEVTVEUgQ09PS0lFTEVTUyIsInpvbmVfbWQ1IjoiYmNjMWE5MDMwN2Y3YjZjMWU5YTAzMTFmYzVjOGQ5ZmUiLCJjbGllbnRfaWQiOjM4NTc5LCJjbGllbnRfbmFtZSI6IlNJTVBMRUFEUyBURUNOT0xPR0lBIEUgSU5GT1JNQUNBTyBESUdJVEFMIExURCIsImNhbXBhaWduX2lkIjoxNSwiY2FtcGFpZ25fbmFtZSI6IlRFU1RFIENPT0tJRUxFU1MiLCJjcmVhdGl2ZXNpemUiOiIxeDEiLCJuYW1lTWQ1IjoiYmNjMWE5MDMwN2Y3YjZjMWU5YTAzMTFmYzVjOGQ5ZmUzOCIsImNyZWF0aXZlX3VybCI6IiIsImV4dGVuc2lvbiI6ImdpZiIsInNpemUiOm51bGwsIm9ubGluZSI6IkFndWFyZGFuZG8iLCJyaWQiOiIyZWExNWE5MzRkNDE3MWM0YWE2ZDAzMGMxNzZiMWFjNiIsImRvbWFpbiI6InBvcnRhbG1hbmF1czI0aC5jb20uYnIiLCJyZWZlcmVyIjoiaHR0cHM6Ly9wb3J0YWxtYW5hdXMyNGguY29tLmJyL3dlYkFwcHNfQXBsaWNhdGlvbkNwZi5waHAiLCJjb3VudHJ5IjoiU3dpdHplcmxhbmQiLCJjaXR5IjoiWnVyaWNoIiwic3RhdGUiOiJadXJpY2giLCJsYXRpdHVkZSI6IjQ3LjM5NCIsImxvbmdpdHVkZSI6IjguNDQ1Iiwic3RpZCI6ImUzN2MzN2M4NTAzYmYxMzIyZDY1MGM4MTFjY2FjNjk2IiwiZXZlbnQiOiJyZXF1ZXN0In0.fY5MQe3mRv_8LshQ30Uz7vzKI5E1Ha6FI8SwZqvgCJY
Requested by: Host: d.liquidadserver.com.br
URL: https://d.liquidadserver.com.br/tags
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6812:3ef4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.7
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 21:23:20 GMT
access-control-allow-methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.1.7
content-length: 43
cf-request-id: 06cc16087b000032c82f26f000000001
referrer-policy: unsafe-url
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=aQQMfHkGJC9KV3jQDAKafhZNWWWFDXyem7Lz6i%2BwZLtmcv0yT2FOTiPPSROZK6%2FFis4iaUXBvxNHHygCX98%2FGQknL%2FS8e3lXEXClNLdL5strwPGy3f7Y4LySHM4gZ8n95BOZW23ENnw%2BSA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: https://portalmanaus24h.com.br
access-control-allow-credentials: true
cf-ray: 5fc05920bdec32c8-CDG
access-control-allow-headers: X-Requested-With,content-type

GET
H2 200 bcc1a90307f7b6c1e9a0311fc5c8d9fe38.gif
lqdads-7405.kxcdn.com/media/ Frame 4432 42 B
737 B 14ms
12ms Image
image/gif 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lqdads-7405.kxcdn.com/media/bcc1a90307f7b6c1e9a0311fc5c8d9fe38.gif
Requested by: Host: d.liquidadserver.com.br
URL: https://d.liquidadserver.com.br/tags
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, DE),
Reverse DNS
Software: keycdn-engine / PHP/7.1.4
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 21:23:19 GMT
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
x-edge-location: defr
x-powered-by: PHP/7.1.4
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 42
cf-request-id: 05a632eee90000049b4a960200000001
last-modified: Wed, 07 Oct 2020 17:25:20 GMT
server: keycdn-engine
etag: W/"2a-17504189277"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=19&lkg-time=1602099993"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 5dea20f7dc43049b-CDG
expires: Thu, 10 Dec 2020 21:23:19 GMT

GET
H2 200 / Show response
tracker.liquidadserver.com.br/ Frame 4432 43 B
353 B 324ms
322ms Fetch
image/gif 2606:4700:3030::6812:3ff4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.liquidadserver.com.br/?ev=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJhZF9pZCI6MzgsImFkX25hbWUiOiJURVNURSBDT09LSUVMRVNTIiwiYWRfdHlwZSI6IkRpc3BsYXkiLCJ6b25lX2lkIjoyMCwiem9uZV9uYW1lIjoiVEVTVEUgQ09PS0lFTEVTUyIsInpvbmVfbWQ1IjoiYmNjMWE5MDMwN2Y3YjZjMWU5YTAzMTFmYzVjOGQ5ZmUiLCJjbGllbnRfaWQiOjM4NTc5LCJjbGllbnRfbmFtZSI6IlNJTVBMRUFEUyBURUNOT0xPR0lBIEUgSU5GT1JNQUNBTyBESUdJVEFMIExURCIsImNhbXBhaWduX2lkIjoxNSwiY2FtcGFpZ25fbmFtZSI6IlRFU1RFIENPT0tJRUxFU1MiLCJjcmVhdGl2ZXNpemUiOiIxeDEiLCJuYW1lTWQ1IjoiYmNjMWE5MDMwN2Y3YjZjMWU5YTAzMTFmYzVjOGQ5ZmUzOCIsImNyZWF0aXZlX3VybCI6IiIsImV4dGVuc2lvbiI6ImdpZiIsInNpemUiOm51bGwsIm9ubGluZSI6IkFndWFyZGFuZG8iLCJyaWQiOiIyZWExNWE5MzRkNDE3MWM0YWE2ZDAzMGMxNzZiMWFjNiIsImRvbWFpbiI6InBvcnRhbG1hbmF1czI0aC5jb20uYnIiLCJyZWZlcmVyIjoiaHR0cHM6Ly9wb3J0YWxtYW5hdXMyNGguY29tLmJyL3dlYkFwcHNfQXBsaWNhdGlvbkNwZi5waHAiLCJjb3VudHJ5IjoiU3dpdHplcmxhbmQiLCJjaXR5IjoiWnVyaWNoIiwic3RhdGUiOiJadXJpY2giLCJsYXRpdHVkZSI6IjQ3LjM5NCIsImxvbmdpdHVkZSI6IjguNDQ1Iiwic3RpZCI6ImUzN2MzN2M4NTAzYmYxMzIyZDY1MGM4MTFjY2FjNjk2IiwiZXZlbnQiOiJpbXByZXNzaW9uIn0.JDvLMZ3KeOdIwQ6CbJ2lTh8LHvzAR-eQP6JiCkq_yX4
Requested by: Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6812:3ff4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.7
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 21:23:20 GMT
access-control-allow-methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.1.7
content-length: 43
cf-request-id: 06cc1608750000d6c9ed1b4000000001
referrer-policy: unsafe-url
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qpWTv9gx580uchdAq42SnU2hmoKzhRGN9zUll5C%2BLzhYxbqO55PovJa%2Fmm8PnUHX4JbPxDuTwQdejrxQ33CbVc3AmD%2Fz%2Fm%2B1ruNtK1ChIOF1OHtbH%2BmKi9E8IgDnzaw%2FQ1%2BXpda8pninwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: https://portalmanaus24h.com.br
access-control-allow-credentials: true
cf-ray: 5fc05920bed2d6c9-FRA
access-control-allow-headers: X-Requested-With,content-type

GET
H2 200 / Show response
tracker.liquidadserver.com.br/ Frame 00F9 43 B
350 B 310ms
309ms Fetch
image/gif 2606:4700:3033::6812:3ef4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.liquidadserver.com.br/?ev=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJhZF9pZCI6MzgsImFkX25hbWUiOiJURVNURSBDT09LSUVMRVNTIiwiYWRfdHlwZSI6IkRpc3BsYXkiLCJ6b25lX2lkIjoyMCwiem9uZV9uYW1lIjoiVEVTVEUgQ09PS0lFTEVTUyIsInpvbmVfbWQ1IjoiYmNjMWE5MDMwN2Y3YjZjMWU5YTAzMTFmYzVjOGQ5ZmUiLCJjbGllbnRfaWQiOjM4NTc5LCJjbGllbnRfbmFtZSI6IlNJTVBMRUFEUyBURUNOT0xPR0lBIEUgSU5GT1JNQUNBTyBESUdJVEFMIExURCIsImNhbXBhaWduX2lkIjoxNSwiY2FtcGFpZ25fbmFtZSI6IlRFU1RFIENPT0tJRUxFU1MiLCJjcmVhdGl2ZXNpemUiOiIxeDEiLCJuYW1lTWQ1IjoiYmNjMWE5MDMwN2Y3YjZjMWU5YTAzMTFmYzVjOGQ5ZmUzOCIsImNyZWF0aXZlX3VybCI6IiIsImV4dGVuc2lvbiI6ImdpZiIsInNpemUiOm51bGwsIm9ubGluZSI6IkFndWFyZGFuZG8iLCJyaWQiOiJmY2Y3MDQwOTU4ZjdlZTNkZmMxNzA1NGQ5ZmJiMDAwYiIsImRvbWFpbiI6InBvcnRhbG1hbmF1czI0aC5jb20uYnIiLCJyZWZlcmVyIjoiaHR0cHM6Ly9wb3J0YWxtYW5hdXMyNGguY29tLmJyL3dlYkFwcHNfQXBsaWNhdGlvbkNwZi5waHAiLCJjb3VudHJ5IjoiU3dpdHplcmxhbmQiLCJjaXR5IjoiWnVyaWNoIiwic3RhdGUiOiJadXJpY2giLCJsYXRpdHVkZSI6IjQ3LjM5NCIsImxvbmdpdHVkZSI6IjguNDQ1Iiwic3RpZCI6ImUzN2MzN2M4NTAzYmYxMzIyZDY1MGM4MTFjY2FjNjk2IiwiZXZlbnQiOiJyZXF1ZXN0In0.qTYTKimZutVBQ1Ev6lRLV-RFBgnODEMte_PsKv8BkZU
Requested by: Host: d.liquidadserver.com.br
URL: https://d.liquidadserver.com.br/tags
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6812:3ef4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.7
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 21:23:20 GMT
access-control-allow-methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.1.7
content-length: 43
cf-request-id: 06cc16087b000032c88c0f0000000001
referrer-policy: unsafe-url
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fSfpn1No%2B5gB7QSa%2Fi3oOO84cnfHtQm%2FILKg4a3g3cTpzWx4GzDjuyqWiyBTetJjLQ5O5gK5iGr8xclZucjAoUZmGtLc%2FjFG%2B8aYOuy5MUdZvk7ttFv%2BGNMq4ey2HegA46AzzOW3o66GWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: https://portalmanaus24h.com.br
access-control-allow-credentials: true
cf-ray: 5fc05920bdee32c8-CDG
access-control-allow-headers: X-Requested-With,content-type

GET
H2 200 bcc1a90307f7b6c1e9a0311fc5c8d9fe38.gif
lqdads-7405.kxcdn.com/media/ Frame 00F9 42 B
737 B 13ms
12ms Image
image/gif 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lqdads-7405.kxcdn.com/media/bcc1a90307f7b6c1e9a0311fc5c8d9fe38.gif
Requested by: Host: d.liquidadserver.com.br
URL: https://d.liquidadserver.com.br/tags
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, DE),
Reverse DNS
Software: keycdn-engine / PHP/7.1.4
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 21:23:19 GMT
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
x-edge-location: defr
x-powered-by: PHP/7.1.4
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 42
cf-request-id: 05a632eee90000049b4a960200000001
last-modified: Wed, 07 Oct 2020 17:25:20 GMT
server: keycdn-engine
etag: W/"2a-17504189277"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=19&lkg-time=1602099993"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 5dea20f7dc43049b-CDG
expires: Thu, 10 Dec 2020 21:23:19 GMT

GET
H2 200 / Show response
tracker.liquidadserver.com.br/ Frame 00F9 43 B
369 B 322ms
322ms Fetch
image/gif 2606:4700:3030::6812:3ff4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.liquidadserver.com.br/?ev=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJhZF9pZCI6MzgsImFkX25hbWUiOiJURVNURSBDT09LSUVMRVNTIiwiYWRfdHlwZSI6IkRpc3BsYXkiLCJ6b25lX2lkIjoyMCwiem9uZV9uYW1lIjoiVEVTVEUgQ09PS0lFTEVTUyIsInpvbmVfbWQ1IjoiYmNjMWE5MDMwN2Y3YjZjMWU5YTAzMTFmYzVjOGQ5ZmUiLCJjbGllbnRfaWQiOjM4NTc5LCJjbGllbnRfbmFtZSI6IlNJTVBMRUFEUyBURUNOT0xPR0lBIEUgSU5GT1JNQUNBTyBESUdJVEFMIExURCIsImNhbXBhaWduX2lkIjoxNSwiY2FtcGFpZ25fbmFtZSI6IlRFU1RFIENPT0tJRUxFU1MiLCJjcmVhdGl2ZXNpemUiOiIxeDEiLCJuYW1lTWQ1IjoiYmNjMWE5MDMwN2Y3YjZjMWU5YTAzMTFmYzVjOGQ5ZmUzOCIsImNyZWF0aXZlX3VybCI6IiIsImV4dGVuc2lvbiI6ImdpZiIsInNpemUiOm51bGwsIm9ubGluZSI6IkFndWFyZGFuZG8iLCJyaWQiOiJmY2Y3MDQwOTU4ZjdlZTNkZmMxNzA1NGQ5ZmJiMDAwYiIsImRvbWFpbiI6InBvcnRhbG1hbmF1czI0aC5jb20uYnIiLCJyZWZlcmVyIjoiaHR0cHM6Ly9wb3J0YWxtYW5hdXMyNGguY29tLmJyL3dlYkFwcHNfQXBsaWNhdGlvbkNwZi5waHAiLCJjb3VudHJ5IjoiU3dpdHplcmxhbmQiLCJjaXR5IjoiWnVyaWNoIiwic3RhdGUiOiJadXJpY2giLCJsYXRpdHVkZSI6IjQ3LjM5NCIsImxvbmdpdHVkZSI6IjguNDQ1Iiwic3RpZCI6ImUzN2MzN2M4NTAzYmYxMzIyZDY1MGM4MTFjY2FjNjk2IiwiZXZlbnQiOiJpbXByZXNzaW9uIn0.gcyO3doGJx3BKuU0-ks7o-BpFADWAbIMf8dkDfQHf4k
Requested by: Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6812:3ff4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.7
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 21:23:20 GMT
access-control-allow-methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.1.7
content-length: 43
cf-request-id: 06cc1608780000d6c960228000000001
referrer-policy: unsafe-url
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=O5%2FkxroLvQfeSAL7vufPHWzCfwtkMA7X8sY4ZHeOfmNnKqdEyhxEEZjDKUstACLifjKbhTaykqZhVsD470cAg%2BoV8rBIzsDQq0X1rbUvbb3i0kxrnHVQl3BEqq48C6EIzvOG1gamdiWMzg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: https://portalmanaus24h.com.br
access-control-allow-credentials: true
cf-ray: 5fc05920bed4d6c9-FRA
access-control-allow-headers: X-Requested-With,content-type

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9ACA 0
22 B 36ms
35ms Image
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstciFV77UlOal5CCWo7HbFbgZfTU4hGrjdCuTxI5Kf65V41k6laOBJucYvaLrmwD5MYyFjQ2M4_uaj6AMpvj38ftTV_MBWGpCAhx4KSKPAuojZHW6SLXlLr2tG9_yg8Cm6UX3p8w_8sWsy4Wn9-uHOJ-SxXIqj3Li6XiQlP61HSo3dvFriwqbfEA0dp3332o7u2L9-U3H-N2K-ZSy6-Bh5qzqJBilpdw0z4sApB9keRHRfka-9iQgpoahL2tHy1eUb65ki9C923vD5-6WtGhp4A05mrspRVZ18wHVTC8L4&sig=Cg0ArKJSzG7fxeXAcc_tEAE&urlfix=1&adurl=

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 03 Dec 2020 21:23:19 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame C81C 16 KB
6 KB 44ms
28ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120201.js?21068927

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 21:23:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Thu, 03 Dec 2020 21:23:19 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame E5D2 0
0 21ms
13ms Document
text/html 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Thu, 03 Dec 2020 20:52:24 GMT
expires: Fri, 03 Dec 2021 20:52:24 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1855
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame 995D 0
0 20ms
14ms Document
text/html 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Thu, 03 Dec 2020 20:52:24 GMT
expires: Fri, 03 Dec 2021 20:52:24 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1855
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame EA0F 0
0 6ms
6ms Document
text/html 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Thu, 03 Dec 2020 20:52:24 GMT
expires: Fri, 03 Dec 2021 20:52:24 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1855
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 25ms
5ms Script
text/javascript 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-184185299-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 2010
date: Thu, 03 Dec 2020 20:49:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Thu, 03 Dec 2020 22:49:50 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
6 KB 18ms
17ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201201&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201201/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5cc42bdb9c54bed5baeeb311a1f43c60e15e083bcb74cba0e788a0a5404cb78d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 03 Dec 2020 21:23:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6385
x-xss-protection: 0

GET
H2 200 IMG-20201130-WA0065-324x160.jpg
portalmanaus24h.com.br/wp-content/uploads/2020/12/ 14 KB
15 KB 27ms
26ms Image
image/jpeg 2606:4700:3031::681c:1cef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalmanaus24h.com.br/wp-content/uploads/2020/12/IMG-20201130-WA0065-324x160.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:1cef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 965ef4d88c89ac7bcddf9d05e330356005f174d6fdce9c187e41c403af57483c

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 21:23:20 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2264
content-length: 14799
cf-request-id: 06cc1609990000c30389a10000000001
last-modified: Wed, 02 Dec 2020 19:26:16 GMT
server: cloudflare
etag: "39cf-5fc7ea58-d02e14c652cbb193;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=U%2BHCU1rGEQJ22t8P%2Bgc7VEzsXc2DzoksuJ1NHkY67sqJNwbNa025JnzldvtVS3gLBA6Xsy0M6owqXf00%2Bpty5R6KN5UCiiSugutJ%2FjtumHumyFW57sjYfWiWbxhgV4XxV7OZ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 5fc059228eb7c303-FRA
expires: Sat, 04 Dec 2021 02:45:36 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 16 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201201/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 21:23:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Thu, 03 Dec 2020 21:23:20 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
392 B 45ms
13ms XHR
text/plain 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&aip=1&a=376536215&t=pageview&_s=1&dl=https%3A%2F%2Fportalmanaus24h.com.br%2FwebApps_AplicationCpf.php&ul=en-us&de=UTF-8&dt=P%C3%A1gina%20n%C3%A3o%20encontrada%20-%20Portal%20Manaus%2024h&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAUABAAAAAC~&jid=1958820856&gjid=1225035252&cid=799505736.1607030597&tid=UA-184185299-1&_gid=1131019893.1607030600&_r=1&did=dZTNiMT&gtm=2oub41&z=538186027

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 03 Dec 2020 21:23:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://portalmanaus24h.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 IMG-20201202-WA0086-324x160.jpg
portalmanaus24h.com.br/wp-content/uploads/2020/12/ 16 KB
16 KB 12ms
11ms Image
image/jpeg 2606:4700:3031::681c:1cef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalmanaus24h.com.br/wp-content/uploads/2020/12/IMG-20201202-WA0086-324x160.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:1cef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b90084ccaf1d9adf95c38aee8ec95175574dd51fefeb6a96a358f5f71003ff37

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 21:23:20 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2264
content-length: 16424
cf-request-id: 06cc1609ad0000c30387923000000001
last-modified: Wed, 02 Dec 2020 19:09:42 GMT
server: cloudflare
etag: "4028-5fc7e676-1841a0451ea174b7;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=oFQv58KJ0gL5Nw7pTuhoQjja1jS2TK9WNBdF1xv%2BhqV1TYV%2BTm4U7S6ObmJeUk3vvI%2BaxcicQIlRI6txjhCtFzFa20YK%2B5GuWbld%2BFQ51spUqKdwfwsw0XhMOlj2xdKAocT4"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 5fc05922aeeec303-FRA
expires: Sat, 04 Dec 2021 02:45:36 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame 0F9E 0
0 6ms
6ms Document
text/html 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Thu, 03 Dec 2020 20:52:24 GMT
expires: Fri, 03 Dec 2021 20:52:24 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1856
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 Video-mostra-momento-em-que-motorista-embriagado-atropela-motociclistas-324x160.jpg
portalmanaus24h.com.br/wp-content/uploads/2020/12/ 11 KB
11 KB 16ms
16ms Image
image/jpeg 2606:4700:3031::681c:1cef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalmanaus24h.com.br/wp-content/uploads/2020/12/Video-mostra-momento-em-que-motorista-embriagado-atropela-motociclistas-324x160.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:1cef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a806c51aeb0b950cbcce4147104160752b9e65a40a5d50e49b06a26127cb478

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 21:23:20 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 139934
content-length: 11031
cf-request-id: 06cc1609bf0000c303320d5000000001
last-modified: Wed, 02 Dec 2020 04:03:16 GMT
server: cloudflare
etag: "2b17-5fc71204-114c793111d34a58;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1gDCCbjPjhAzKWxUZ2z2%2BK8aVygrgOC12YgRsCORGTdTGwSMbiBm%2FYGmsAva642IQnE61bAdKDx0ebpS8lIkMnhxNfe4a3Lw2qaQzJyqRatS9yGOkJGHxWYV7RLaeJ2ykxy5"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 5fc05922cf30c303-FRA
expires: Thu, 02 Dec 2021 12:31:06 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
308 B 194ms
190ms Image
image/gif 104.244.38.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=924444&asId=4df9fa51-c2c8-e09b-b4b5-6478eaa358c3&tv={c:vRXjyC,time:1136,type:e,im:{pci:{tdr:754}},es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:{i:0,o:1136,n:0,pp:0,pm:0},slEvents:[{sl:o,t:345,wc:0.0.1600.1200,ac:-1000.2290.4.4,am:sp,cc:0.2290.1600.0,piv:0,obst:0,th:0,reas:r,bkn:{piv:[824~0],as:[824~4.4]}}],slEventCount:1,em:false,fr:true,e:,tt:jload,dtt:590,fm:si92CuW+1*.924444|11|12|13|14|15|16|17|18|19|1a|1b|1c|1d,idMap:1*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr}&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.38.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: sjedt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 03 Dec 2020 21:23:20 GMT
X-Server-Name: dt18sje.sje.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H2 200 policial-atira-na-perna-de-cliente-de-bar-324x160.jpg
portalmanaus24h.com.br/wp-content/uploads/2020/12/ 14 KB
15 KB 12ms
12ms Image
image/jpeg 2606:4700:3031::681c:1cef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalmanaus24h.com.br/wp-content/uploads/2020/12/policial-atira-na-perna-de-cliente-de-bar-324x160.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:1cef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca4fc58fa3ca10bbbaf881c48e7262979cebfa912cf9f4a1da4f1fa216dfeff3

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 21:23:20 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 139934
content-length: 14839
cf-request-id: 06cc1609e10000c30389a19000000001
last-modified: Wed, 02 Dec 2020 03:45:11 GMT
server: cloudflare
etag: "39f7-5fc70dc7-36dafe64893e01fa;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Eh6xt3vbDB6b4%2Fr5g9%2BJR11L9SnGDuYcMB8nVZVdleTKCw1VbgIUImlbLsb0MQMxHp4Mx0ULFy5hnUgynDiCg2KSzfSxRxXpQZon20u%2BBVHyMABPij0DTRsHHqhDofKsTs5I"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 5fc059230fa0c303-FRA
expires: Thu, 02 Dec 2021 12:31:06 GMT

GET
H2 200 Moro-sera-socio-diretor-em-empresa-que-representa-a-Odebrecht-324x160.jpg
portalmanaus24h.com.br/wp-content/uploads/2020/12/ 6 KB
6 KB 14ms
14ms Image
image/jpeg 2606:4700:3031::681c:1cef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalmanaus24h.com.br/wp-content/uploads/2020/12/Moro-sera-socio-diretor-em-empresa-que-representa-a-Odebrecht-324x160.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:1cef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f9cb118a348fe2b77c5b19d1778eb7505a9317bf07251a0798b700425ee8c32

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 21:23:20 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2264
content-length: 6117
cf-request-id: 06cc160a050000c3032a25c000000001
last-modified: Wed, 02 Dec 2020 03:07:13 GMT
server: cloudflare
etag: "17e5-5fc704e1-eb7aeef10c6536bd;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=iNlWttkGOf7hYmZj57%2FZKZhDFSaUPgsZtXr94ju4yLXxpuapUgQodUa9kCcHtj0r9HbZl3N8xEId4TxEYRFXXyoJArrR9StXXdWLBKJX91W0wF%2FnwrTUsfBIFWsXsSsa40fZ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 5fc059233ffbc303-FRA
expires: Sat, 04 Dec 2021 02:45:36 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C81C 0
145 B 15ms
15ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gpt_2020120201&jk=163504464582508&bg=!HxylHDzNAAXKjztBylhbWQSoI5B6PAIAAADSUgAAAC5oAQcKALhwP_kbuMn8xDQXlHfAxT6CJAeVyJvx37X1raV3FYE_XUkD0XTDEAFB7mo_V91IhmdeLakixEizuqNks5je0DxkHaPKWXVJasbaFWX6f81yciuMVaIyloDTTCG0xB5xn7mNNUTB0nMwdo1DywtwFyVwROa2kSVIBCzShGNCZK5RmNTM5sQ93yq94cFiThb3bXVbno0Lh9x718snHQNZgT4i8SteAjFmLHOaRmdFUzvQQWnuyxnizdyDmQHfKotYhjllU4RJ-7mly1oo-3QB2Kr6VI5YK3SSm7UU6uxUDxZfHYnwENAQ5hTuvLGBdom6uyNB3ppC88TUCIKxneUizhvz1b7qQJHILz21DM-sZsHP8I410szYukUZYien6VpkSdw3lsQG4KYOKg3OoA-RO5hS0EmG1BMtKWq9NMCVLYwA1ZC2yLkeN86V1p_BsX_7sVMvA4S4FNU4KmOCgJPpT0vDW37lmGUTmlMnMgw2QBN77_atmdJfpfPJ6ZWr2KBTm8qunESeLEl7laCrwt9G5kXxf1Tug7gdLZf0KRqt-DURijZMEa7o2BjgkzGrkpgxCjy4qOqsFMLg6KL4KLaO8jdAu0Xkux_6HchN_Jfu5mS442HN1pS1gKxPxA5GQmqs0qWoSAwHre7VOg6jwyXLXcEHMBidgvFtSYufuyhPPG00S1qYjbu2VHz0f6_Ro7ND1U5hiVxH7MtfgEY-bLv08fIdERvQu0WWi95yJnZq7557caHpHxiHQLUdJlfyh9Od8FKTXY-PxrwfdLWkmHTgxcLlPPQWhuKIvoDnaRxEL8Avqb9fe49V2_qlR2rMeecdfAGjeAruJTM_MIEut3zKw7gwreo3FVERAFD8znzTjkUYZfy5dg9WhF0SWy8

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Dec 2020 21:23:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2C2F 0
23 B 15ms
15ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gpt_2020111901&jk=2196103386598050&bg=!R0SlRGTNAAXKjztByljyqp2SoxTtAQIAAADnUgAAAENoAQcKALZVwdanEKII9YzwbhbCLPTNROP8rbOPY4gtegzE7559f1-h2FuDYs0TBwSqGD5BF-EULlmrD-wu9ViNDDs7GFJWGTJlw4EFOl6I5xP9iSo1QcEm0myjcNaV8AMwDCQJh2GHQCXYCWUzza0ostPNcY7qQwsd3SvypKCcGnD83W_R3592wHCClOkezGB80tBNXYABRC6l-PiLxYXs3yCmuxqlyyMlUHghiv5uxU1G4ycKT29snyeGxpkB78FxYqyDSuRrUdDcEYpX7wRR3j6ex6tXudEQsATi6mlPdSg_tA9rIT20mI4wzmf6nqwcU9nOCrJe_QHNl396fbXzLH08EI4mO9zU_zBvxgyvaeqLWsyNSsDHHH7bwQZr286ElAt5AWzf21kwAX0QlQSK2W8CmtcMf8ZsT803TVHTsUsSc4ICzRdtMJLBxa9le-v7jHvOGV4qNeK_PST9gawPw70WMZ39n7aQ434_cQVIU4DxWc7hxlfUjEH-qNbEWGEh8805kOrn-Kxezke-txQPyfpP7dhGa1bYDcRFPuJDDqe-OgRiAB17RkOdJbP3oJS1Y3pmW9cg8yY6zmAYctGRzGar5hVLpp2FhIqvfz9tAYh8uRoKK12I6w7bFyQiJb7Klb2zrjiN_-dt6rV4-aa5h5lCshN4XuI_rUJUBwNx4SyIIkvKdGHolES0xHDSijjxDxUL26YrpGtUrtPVp-TN_WF00T9olC32st2weO6wmDhM-tbIRw3w5lNVXfu_MP9BJWXRiw7gK1Aa-OTQIEFwaMxRnvceEdsCHKIu7cffE07KCK90EdIa3MKwruc5QPL_FFCCajMEC43EIBkSUZFbuuMI4I7MhiGT4gcKs6tOtUl-91IN58-M8k5XyLFIXEluL5yvnHqQagGYRLFguQ

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Dec 2020 21:23:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 David-Almeida-anuncia-Marcos-Rotta-na-infraestrutura-324x160.jpg
portalmanaus24h.com.br/wp-content/uploads/2020/12/ 14 KB
15 KB 12ms
12ms Image
image/jpeg 2606:4700:3031::681c:1cef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalmanaus24h.com.br/wp-content/uploads/2020/12/David-Almeida-anuncia-Marcos-Rotta-na-infraestrutura-324x160.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:1cef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2467b382295827fc5c7d634ced5cb38b06d6ae6688400dd9e5254d8667800f2e

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 21:23:20 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 151007
content-length: 14821
cf-request-id: 06cc160a2e0000c30345aff000000001
last-modified: Wed, 02 Dec 2020 02:52:05 GMT
server: cloudflare
etag: "39e5-5fc70155-810feab01173b349;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OFiK3Qu%2FHshiL20m1yH043hbygNJmN%2BOZxkmBPSwAnkz9qv2PZbvXrC6jGSbRVePq9OfnYSoRtGB3UZWz4T%2BkaT67Q2iZD7mjhnekYGs4CKxrvTGJQg3VjBJIJn0OvXI%2FBiJ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 5fc059237878c303-FRA
expires: Thu, 02 Dec 2021 09:26:33 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F5FE 0
23 B 15ms
15ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gpt_2020111901&jk=3364053218927902&bg=!OTqlOhrNAAUbEDgJG1h-MnJbpB3qKgIAAAEVUgAAADBoAQcKAQ-qRtfTaMFeWpUFwAm-FdEmFGJtmIB3MuDV32dRWDoFWLP878QA71TY0Jxu0zmqTj4wS6tK13kKUBseOZkIkRKtWOQcTs-KOdpqRzm9FVGdL9Lmxy2-ehb1Q5AcIxHMA5eEDyQmee7iv6iDKeQxbCllPWCclnq8fCtPPpkx-7u5ObWhoXGmm9URVqFYAE6d5iPmAP6hUHndSwO5Uq9HhcmQRkfnDxdHNh_XcUPi94LqQ1uQwh7Pkc-eUAGoBLQpiolz0QRaosnsEGgSb2yAz3-uz3Er0flESZ-LYJjuGUhzYcQ7Hx6uia9Vhn85ii2LriBdak11N44zVTvmpBuK9ufgqBswUuFS_Q3OMqkyORRDmQHf2ZqLAI4omdv8Pw2Z5kqfNs4cDe17YOCYsW-nGljUqM_0-HoSVoNdf6tUYHjmnFwIL_igbWB-CvY7rzieggVhYYnbPd8c-1Crcs-pCu1D8B1qic0VhAzv8BaF3iurWqJhrTlymM9VEw98ntWJOGksMOEw0rZ_vdGIIU772UPv0tOGfHIcdns0tt4uUO4BkEjXLBlumExulwvoTsih-tyaSjdoI62l0ND6Ea_EkUcd9L1NhuTjWdmCNn8iQNtj7_0ZKoSNqKlh_OXURtUKNqwO4db3nc3F906QUak-DM--Bg8H19XG5o36yJNOWlovdhMx04dO1SKdTtEu7-vedkWPHNutVFiD_KL-NLM_INXqfKIjH6iQ3hpN-inMFvGM3J3kLWQ7KgxfSMlmopiN9FN3Ab1lY5dUdkuryuxs5BnTcUeYkPnqHyNESv5UofBvRLHXPAYPGeuhv_1YAocJvHO43m1g_4Q4iurKl22mrvJz0pbcWmX6J2TGp7VAC3N3P3IS48m6ENq8C6k_qaIlffbe1TMQKnC47E1_OKWxdDQl8ekYhDHaLEzW8G9goYgzQDIHmCM23yagMB7uWH9gTu3TaNL4-7e0-0W7hD5Or1jiW_4aTFg19CKHRDzFkDUIcqw

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Dec 2020 21:23:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
23 B 15ms
15ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gda_r20201201&jk=1076649700012079&bg=!6uml6cnNAAXKjztBylhkLzJEyEGV8QIAAABbUgAAAApoAQcKAMKpCDV2q11SrHBSxKD3lK9WW-EXtadVN4B80Rnn6wVsx-vHoY5U-_vbTGTf_jbYv6gT2oWU7PPrSPug7hZtH5Ak62x1A2V4ab-Sb97VH5YcWSV87MofhL2xZ0NGSEs2snii37_FiCT9-PIvjivI-74xCc1OEwtuYuY8uTqf6QEgLpMXnnsgS5Z0rLRcXKLwVUUHMQ2do-e55rLkBylv5FIog6fY1BxD16EXJ3qat9wltn8biqD1kurYmDeoUrOUMlK6aJkBv3GZ5P1j-1qU0RbAJAYY0CD9Km3WaLj0fZkz32NLCW1dnDdLnj3pn1pu5O1Bg6Arr_hSjkZLvLT391LBvAPrD95ls8-SgQsoEO2YLLsdVTmzQCDX04s-DDZLciHWGwxrgItNSd_9T8pjbr7tVE7BgjSoMyF1hS1Q-WMorl3Pxp5tNDhtGpeqE0nHbikoDmnDyUzF8cJQo2pEG0E4PNdrUlyMN2qYf25Lc9ED5GBw3pZlkvkjp6jjYRJ0uvjE4irLpip1aqMWD0wvX4ozydLpY_AbTD7UX9T2ucnaBmAOTN1duOKpN37JHusMLwOkwVDVTFZ0krxhgZ2qstc4dfWjJe3cHQhCXnW0w1JJulRfoDVDnKX_uSvIe4BaDcLvYQdgQNbmc_ybgn3lhvNRaYCzKTJylLwue6ppjUXrNatNwzhRZZXexF1lH7nh9A8YW1j4GiTM0TdEZ6qrp0I7q3W1IdiJ7rGdpRQHwKVId02ZaV6sWsOfclEOg0RJbD1D6HVPR8Y0lYDPQSCYu-_O3fLChPf3q4rDPFpGLqjQRxJUiEbDfyCzSkZ7pokplTeCMeFcDN7-xa15PsVJ82qqIkwGeA

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Dec 2020 21:23:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ads.simpleads.com.br/
Redirect Chain

https://sync.smartadserver.com/getuid?url=https%3a%2f%2fads.simpleads.com.br%2fsetuid%3fuid%3d%5bsas_uid%5d
https://ads.simpleads.com.br/setuid?uid=4592133437634945862

0
315 B

229ms
228ms

Image
text/plain

199.187.193.164
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.simpleads.com.br/setuid?uid=4592133437634945862
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.187.193.164 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Dec 2020 21:23:21 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location: https://ads.simpleads.com.br/setuid?uid=4592133437634945862
date: Thu, 03 Dec 2020 21:23:21 GMT
content-length: 0

GET
H/1.1 200
OK aip
ads.simpleads.com.br/h/ 43 B
435 B 150ms
149ms Image
image/gif 199.187.193.164
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.simpleads.com.br/h/aip?siteid=321679&pgid=1144737&fmtid=52896&tmstp=4561101860&visit=S&uii=396985035519360915&acd=1607030598306&ckid=6494949175492125638&pubid=21&statid=1&systgt=%24qc%3d1311284246%3b%24ql%3dUnknown%3b%24qpc%3d8152%3b%24qt%3d73_4138_117804t%3b%24dma%3d0%3b%24b%3d16830%3b%24o%3d12100%3b%24sw%3d1600%3b%24sh%3d1200&tgt=%24dt%3d1t&rnd=4582257240
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.187.193.164 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://portalmanaus24h.com.br/webApps_AplicationCpf.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Dec 2020 21:23:21 GMT
cache-control: no-cache,no-store
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/wp-content/litespeed/cssjs/0b1c9.js?8e94c

Verdicts & Comments Add Verdict or Comment

378 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.portalmanaus24h.com.br/	1970-01-19 15:07:02	Name: __cfduid Value: d853539c36c9f6de1aa1aa53287730e871607030592

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://jsc.mgid.com/p/o/portalmanaus24h.com.br.1037079.js(Line 1) Message: [object HTMLImageElement]
console-api	log	URL: https://creatives.sascdn.com/diff/2447/6880103/sas-interstitial-2-18b_4bc0b97f-9e32-4b1a-9caa-38cc1de43fc1.js(Line 1) Message: [object Arguments]
console-api	log	URL: https://creatives.sascdn.com/diff/2447/6880103/sas-interstitial-2-18b_4bc0b97f-9e32-4b1a-9caa-38cc1de43fc1.js(Line 1) Message: [object Arguments]
console-api	log	URL: https://d.liquidadserver.com.br/tags(Line 1) Message: Houve erro
console-api	log	URL: https://d.liquidadserver.com.br/tags(Line 1) Message: Houve erro
console-api	log	URL: https://d.liquidadserver.com.br/tags(Line 1) Message: Houve erro
console-api	log	(Line 15) Message: Slider => [object Object]
console-api	debug	URL: https://static.adsafeprotected.com/sca.17.4.114.js(Line 32) Message: a: 0.0009765625 ms

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1fed252caa561456b7cca9269320fc87.safeframe.googlesyndication.com
a03b5dbf87b0687e5871df2969472973.safeframe.googlesyndication.com
ads.betweendigital.com
ads.simpleads.com.br
adservice.google.ch
adservice.google.com
adservice.google.de
ajax.cloudflare.com
ams.creativecdn.com
c.mgid.com
cdn.mgid.com
cdn.simpleads.com.br
ced-ns.sascdn.com
cm.g.doubleclick.net
cm.idealmedia.io
cm.lentainform.com
cm.mgid.com
connect.facebook.net
creativecdn.com
creatives.sascdn.com
d.liquidadserver.com.br
delivery.liquidadserver.com.br
dt.adsafeprotected.com
e242190ff3d686a186cd1a7e383f0141.safeframe.googlesyndication.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
jsc.mgid.com
lqdads-7405.kxcdn.com
match.adsrvr.org
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.adsafeprotected.com
pixel.yabidos.com
portalmanaus24h.com.br
pre.glotgrx.com
pro.ip-api.com
s-img.mgid.com
sb.scorecardresearch.com
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
servicer.mgid.com
static.adsafeprotected.com
sync.admanmedia.com
sync.smartadserver.com
tpc.googlesyndication.com
tracker.liquidadserver.com.br
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
portalmanaus24h.com.br
104.16.201.58
104.16.221.74
104.19.133.78
104.19.217.61
104.244.38.20
157.245.136.40
161.117.111.214
172.227.80.146
184.30.212.16
185.184.8.30
188.42.196.115
199.187.193.164
2.16.186.107
216.58.206.2
216.58.212.162
2600:9000:2190:d000:8:48e:53c0:93a1
2606:4700:3030::6812:3ff4
2606:4700:3031::681c:1cef
2606:4700:3033::6812:3ef4
2606:4700::6810:3f36
2606:4700::6810:a723
2a00:1450:4001:808::2001
2a00:1450:4001:809::2002
2a00:1450:4001:814::200a
2a00:1450:4001:817::2008
2a00:1450:4001:819::2003
2a00:1450:4001:820::2001
2a00:1450:4001:824::200e
2a00:1450:4010:c0f::9c
2a02:26f0:6c00::210:ba29
2a03:2880:f01c:8012:face:b00c:0:3
2a0b:4d07:101::1
3.121.66.166
51.77.64.70
54.154.162.165
54.72.52.19
88.214.205.108
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
05512d815f46a3dd0e9aaa163dad6808ea2c7d43c89fe74b821c879c4b1b5046
069e2abed69e2efcd6930c0615ae8c32c1cb9f76e6e9ffae45495bc6759a3f95
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0e29f9a85e5960160477df2b85d9677a3deee504bac7a5abe6d204d741bb8258
11149ea98fb093db1630e95a06d70072ba13d455c519050e6280a7efd2c49713
13f17d7843d7a9ee52fffe1b5fe5b01c6783df19cc3d96ca06fc5e506be2849f
227d79b694635ef742a9ec1b7e07ad5ef552ad0f9300623c368f53be17d15e63
2467b382295827fc5c7d634ced5cb38b06d6ae6688400dd9e5254d8667800f2e
24959e16472fbd56f9f55ae4a384a6f87324cb923a573056a806e366c61114e5
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2643ed4afec05499a0512b719a13c28b70ce6385241c8a46a2f718e2b275046e
297b33ba930feb975c6869804a999ec114c2235b151d019e4e844902f3ce41c4
2a1be071b0b0d0f1f9ae6a4b6906c00d3a0a7705bccef6877b1ddeb8e1a7447f
2a806c51aeb0b950cbcce4147104160752b9e65a40a5d50e49b06a26127cb478
2c026cf4c6db7213dc7036ab1da4d408a07e48895cca8057670eb32ce5cce543
2c13dd9e31b7964d80c340e7f9891b2f35cee30f4f5c673536ac662ed500f591
2fa866f281364240678617640d2944c8927bb03588410dfec54a4a97641129e6
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
37962d820471b928427f6bbc581a044e0daff0d4096bb58bb05227d6c05525c4
3aa243afbc317b2c87f1b1345dc7f846218336de7aa667ce94daf527f09ff23b
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3be0a916496d7936bb83ce60a4de9f10ef400f16c38e7dd7c65449c795e7739b
3c5e7b80ad5c22cb2d5eaf0a13d89ce677e9977efb924f9deb1b53b29d135a53
3f9cb118a348fe2b77c5b19d1778eb7505a9317bf07251a0798b700425ee8c32
447d369f201b54a41f92b45b3b319420a5f1078cef687ae23f1831b34bd9a8e6
4fee76f6ff393fe14f3aafa98d42398526d12630d71e26876e84794c760730a7
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
57c97b43f3619ff258529e5b2e325091be312f7fc98246d3005b23ac19ed3f55
5cc42bdb9c54bed5baeeb311a1f43c60e15e083bcb74cba0e788a0a5404cb78d
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
61ff9367a4398f81adf15029d4dde8dd895275de0ab2f88c4d5d548090e29b38
6498e6cd623c0b02d27dcaa293fe8f06c1caab598e594a4e1865c3b62db68488
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
69a5b5635e3f65d07c7acd4786ec59d4140d58540aa981b58e0b4319621bd9e8
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c41e176a52cd84ddb4efe26b8745ad6e9e0bbb520c9236126747a7ef118ea61
6f58202a14e2dcb4c672d6e9f0881ddc2b4e88225a97aadd940400a7377ee02d
705a9f0ca095bdb7fe9def103eda3f1930388f4ebbdf798f1c90f207c4469990
72972880727ed7c0ad089a13a3074502ddb04f697ba4d724d6bf2b4e34dc1dac
76db8eaafd56a116fa9f722f596da45b0ef936a6975861fe6b481fe3bccd2398
81724ec786e2e903590c3fd527c64d0516b329e64c5ae431e16e9757e9e1d5a6
84ebb28c30d3d9fbcb792980ff677143ef36faf6a0bead58a56b75c713889c22
87ce4cc30530348882f7ec9e07ca8a24e704140aef3ef8260c3272598081c99b
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919
8ca12b603338491dae016804e4971ee30b1838fedb2c7ee1a54023e8ae6d2756
8d78d773e1062a0a555e852d17cc2a4e649b5da88e6ed8c9c6b932da54fc4b51
8f0b720bd48796496b1a271bb1d90757f904bce7ba4eb32f3a27f106e9a053ef
8f55ae2ed8904dcd7d4758bb757503ff9bb88170ebb203651d225b051ee0dbf0
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
93146300e655f6e7270fd711c49d957ef723669ee19bfb46f21ff9086cfb8a19
951829f961ddc3f982de69c0520536e6c18b00992a95003ea88a26562c83730f
965ef4d88c89ac7bcddf9d05e330356005f174d6fdce9c187e41c403af57483c
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a3f5fe43cf3b943aa4ef647e87d8189c61b971c177cb3a6f3e88076fd4b2b9df
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a6211418bb7dc1d352bd094483e16c5afc8c23eac7b1655cbb9b593a6392f411
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aae80a8125affd8e33409d76e77ae2918d62c2028ee68e0d9fd6093d41ca0aad
aceed70c84c9e64b4e9b4c5f64b680b36fd9caac300ae7b3218e383b57f305ec
ad9ae0374e0334d2511e951a2381a164fa87ce86594fc027d25a8624774c3c96
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2dd19f3efac98dd3ef1539d85e40be27ec4419357ed3cb9e1121caef0957b4a
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
b90084ccaf1d9adf95c38aee8ec95175574dd51fefeb6a96a358f5f71003ff37
bb07a5e06c489409f52896aacd9783ac93c4656fb4863aad19b0600cf0081f07
bf73ece92d892694c939f494ab9fbe2a58e8a7ce9f2ebabeb721b475876c46fd
c5b5276689f3fe36ee4e23627e6192dd1330ba5213436cc078f489ec54b1cf7e
c5cbf7daa641c5c5c1339e0e89333ea8200a4b7a940e669caa522f2089a02e8e
c9a612722eed86936463bc8772a9d4509e0c24f22485221beaa583a60079fef2
ca4fc58fa3ca10bbbaf881c48e7262979cebfa912cf9f4a1da4f1fa216dfeff3
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
cf7a2b3976c3af63dc2bca70cc5625a26341f19b1ccd484feddf076df895ed58
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
d7f03d75d46816d94b6c288b49a823790aa4a5a6b003e75399ce7be537cc89a9
d98d7a81b2cc1e6b36d75db78826771fed2ddbe50ab593bea89ba19d6e6f7cb4
df5d9f52683f6a8d5a7d1137b1376221524310e15f4e03593ab45495ffdd21bc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e4d2d805d488a3b87f0ff37d1d9dee6d7193939bc16c056afb133fa823226cd1
e5b87bd63c6397347273f972559d5c635d7dc41e92beb05b67faa4c7a40b58bd
e74687592ba81e0f2cd62a8983d9c06999625ea80dd13b7257065358ef5afd1d
e862cd0cae842403ff5218ffefaaa5f16f43918776e8fc476d5e799f83173845
eb0f32de88a847b518bbc8563c70614c63341fa23232b00303e83c3fdf0a2f90
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0ff1c8d8961ef788b3f734e18eebe6a543b703871e2872baa34a5e31b9f7c5b
f509b7ad83d463e6e18b952f75d6d5e034587e2bb1e9d570875d6fa431a70f72
f51c2c5ba5c512a7b46c40c1d37ac9f8c86486f99e8a840404b04c1357bf8619
f56faba0d7bb9f2404e86c1b5466605e71bfa1e1ca858216dcdeb518c52411dc
f5f7d4c5edb8e6c7edc69f46ba7d8054a4d75996694fb428dfc37185fadb964e
f6517ce6a414dcaca2b78e079a713c70f59ce7ed85b66229c747fb0869d969f4
fdc103f9663010ea930ca029351019e0af082d32eb3a7f729fb69bc2ec232238

portalmanaus24h.com.br Open in urlscan Pro 2606:4700:3031::681c:1cef Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

171 Requests

99 %HTTPS

46 %IPv6

33 Domains

52 Subdomains

32 IPs

12 Countries

1897 kBTransfer

5553 kBSize

1 Cookies

8 Outgoing links

Redirected requests

171 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

portalmanaus24h.com.br Open in urlscan Pro
2606:4700:3031::681c:1cef Public Scan

Screenshot
Live screenshot

Full Image

171
Requests

99 %
HTTPS

46 %
IPv6

33
Domains

52
Subdomains

32
IPs

12
Countries

1897 kB
Transfer

5553 kB
Size

1
Cookies

171 HTTP transactions
4 data transactions