portalmanaus24h.com.br Open in urlscan Pro
2606:4700:3031::681c:1cef Public Scan

Go To Rescan
Add Verdict Report

URL:
https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
Submission: On December 02 via api (December 2nd 2020, 6:32:00 am UTC) from BR

Summary HTTP 163 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 30 IPs in 10 countries across 32 domains to perform 163 HTTP transactions. The main IP is 2606:4700:3031::681c:1cef, located in United States and belongs to CLOUDFLARENET, US. The main domain is portalmanaus24h.com.br.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 11th 2020. Valid for: a year.

This is the only time portalmanaus24h.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	2606:4700:303... 2606:4700:3031::681c:1cef	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:a723	13335 (CLOUDFLAR...) (CLOUDFLARENET)
25	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2a0b:4d07:101::1 2a0b:4d07:101::1	44239 (PROINITY ...) (PROINITY PROINITY)
15	104.19.134.78 104.19.134.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:818::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:819::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:814::200a	15169 (GOOGLE) (GOOGLE)
5	51.77.64.70 51.77.64.70	16276 (OVH) (OVH)
14	2a00:1450:400... 2a00:1450:4001:819::2003	15169 (GOOGLE) (GOOGLE)
14	216.58.206.2 216.58.206.2	15169 (GOOGLE) (GOOGLE)
1 14	199.187.193.140 199.187.193.140	47043 (SMARTADSE...) (SMARTADSERVER)
1	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
2 2	184.30.212.16 184.30.212.16	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	184.24.15.122 184.24.15.122	16625 (AKAMAI-AS) (AKAMAI-AS)
5 5	52.57.167.187 52.57.167.187	16509 (AMAZON-02) (AMAZON-02)
1	52.203.172.63 52.203.172.63	14618 (AMAZON-AES) (AMAZON-AES)
2 2	52.31.46.99 52.31.46.99	16509 (AMAZON-02) (AMAZON-02)
2 2	185.184.8.30 185.184.8.30	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	104.16.221.74 104.16.221.74	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.19.217.61 104.19.217.61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	172.217.22.66 172.217.22.66	15169 (GOOGLE) (GOOGLE)
2 2	193.232.148.158 193.232.148.158	48061 (UMA-TECH-AS) (UMA-TECH-AS)
2 2	185.86.138.142 185.86.138.142	201081 (SMARTADSE...) (SMARTADSERVER)
3	68.232.35.16 68.232.35.16	15133 (EDGECAST) (EDGECAST)
9	2606:4700:303... 2606:4700:3033::ac43:9ff3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.16.201.58 104.16.201.58	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 11	95.101.55.60 95.101.55.60	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba0b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2606:4700::68... 2606:4700::6810:3f36	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	157.245.136.40 157.245.136.40	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2a00:1450:400... 2a00:1450:4001:824::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:817::2001	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:816::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
163	30

16 2606:4700:3031::681c:1cef (United States)

ASN13335 (CLOUDFLARENET, US)

portalmanaus24h.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a723 (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.dk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, DE)

cdn.simpleads.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lqdads-7405.kxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 104.19.134.78 (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:818::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:814::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 51.77.64.70 (Germany)

ASN16276 (OVH, FR)
PTR: de-fra-1.pro.ip-api.com

pro.ip-api.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:819::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 216.58.206.2 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s20-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 199.187.193.140 (Canada) 1 redirects

ASN47043 (SMARTADSERVER, CA)

ads.simpleads.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.30.212.16 (Netherlands) 2 redirects

ASN20940 (AKAMAI-ASN1, EU)
PTR: a184-30-212-16.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.24.15.122 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-24-15-122.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.57.167.187 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-167-187.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.203.172.63 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-172-63.compute-1.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.31.46.99 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-46-99.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.30 (Poland) 2 redirects

ASN204995 (RTB-HOUSE-AMS, NL)
PTR: ip-185-184-8-30.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ams.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.221.74 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.217.61 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.lentainform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.22.66 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s17-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.232.148.158 (Russian Federation) 2 redirects

ASN48061 (UMA-TECH-AS, RU)
PTR: hosting.adhigh.net

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.138.142 (France) 2 redirects

ASN201081 (SMARTADSERVER, FR)

sync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 68.232.35.16 (United States)

ASN15133 (EDGECAST, US)

creatives.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:3033::ac43:9ff3 (United States)

ASN13335 (CLOUDFLARENET, US)

d.liquidadserver.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tracker.liquidadserver.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.201.58 (United States)

ASN13335 (CLOUDFLARENET, US)

pixel.yabidos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 95.101.55.60 (Ascension Island) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-55-60.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba0b (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

ced-ns.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:3f36 (United States)

ASN13335 (CLOUDFLARENET, US)

pre.glotgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.245.136.40 (United States)

ASN14061 (DIGITALOCEAN-ASN, US)

delivery.liquidadserver.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:817::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

bc0e9b983944f14f4eace8262fd32ac2.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a16d7c1b334c788733820f7f11e5283f.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
31a59e9d886891526abd70d54242930f.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:816::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	googlesyndication.com pagead2.googlesyndication.com bc0e9b983944f14f4eace8262fd32ac2.safeframe.googlesyndication.com a16d7c1b334c788733820f7f11e5283f.safeframe.googlesyndication.com 31a59e9d886891526abd70d54242930f.safeframe.googlesyndication.com tpc.googlesyndication.com	182 KB
17	doubleclick.net 1 redirects googleads.g.doubleclick.net cm.g.doubleclick.net securepubads.g.doubleclick.net	354 KB
16	portalmanaus24h.com.br portalmanaus24h.com.br	430 KB
15	mgid.com jsc.mgid.com cdn.mgid.com servicer.mgid.com cm.mgid.com s-img.mgid.com c.mgid.com	123 KB
15	simpleads.com.br 1 redirects cdn.simpleads.com.br ads.simpleads.com.br	34 KB
14	gstatic.com fonts.gstatic.com	144 KB
12	liquidadserver.com.br d.liquidadserver.com.br delivery.liquidadserver.com.br tracker.liquidadserver.com.br	173 KB
11	scorecardresearch.com 2 redirects sb.scorecardresearch.com	8 KB
5	bidswitch.net 5 redirects x.bidswitch.net	2 KB
5	googletagservices.com www.googletagservices.com	140 KB
5	ip-api.com pro.ip-api.com	2 KB
4	sascdn.com creatives.sascdn.com ced-ns.sascdn.com	13 KB
4	rubiconproject.com 2 redirects secure-assets.rubiconproject.com eus.rubiconproject.com	572 B
4	google.com adservice.google.com	1 KB
3	google.dk adservice.google.dk	2 KB
3	kxcdn.com lqdads-7405.kxcdn.com	2 KB
3	googleapis.com fonts.googleapis.com	3 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	glotgrx.com pre.glotgrx.com	560 B
2	yabidos.com pixel.yabidos.com	25 KB
2	smartadserver.com 2 redirects sync.smartadserver.com	1 KB
2	adhigh.net 2 redirects px.adhigh.net	936 B
2	creativecdn.com 2 redirects creativecdn.com ams.creativecdn.com	691 B
2	adsrvr.org 2 redirects match.adsrvr.org	905 B
2	googletagmanager.com www.googletagmanager.com	66 KB
2	facebook.net connect.facebook.net	61 KB
1	lentainform.com cm.lentainform.com	559 B
1	idealmedia.io cm.idealmedia.io	555 B
1	postrelease.com jadserve.postrelease.com	427 B
1	google.de adservice.google.de	169 B
1	googleadservices.com partner.googleadservices.com	648 B
1	cloudflare.com ajax.cloudflare.com	5 KB
163	32

	Domain	Requested by
16	portalmanaus24h.com.br	portalmanaus24h.com.br ajax.cloudflare.com
14	ads.simpleads.com.br	1 redirects cdn.simpleads.com.br ads.simpleads.com.br
14	fonts.gstatic.com	fonts.googleapis.com
13	securepubads.g.doubleclick.net	creatives.sascdn.com securepubads.g.doubleclick.net portalmanaus24h.com.br
11	sb.scorecardresearch.com	2 redirects portalmanaus24h.com.br creatives.sascdn.com
10	pagead2.googlesyndication.com	ajax.cloudflare.com pagead2.googlesyndication.com securepubads.g.doubleclick.net
8	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com securepubads.g.doubleclick.net
6	tracker.liquidadserver.com.br	d.liquidadserver.com.br portalmanaus24h.com.br
6	cm.mgid.com	jsc.mgid.com
5	x.bidswitch.net	5 redirects
5	www.googletagservices.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
5	pro.ip-api.com	cdn.simpleads.com.br d.liquidadserver.com.br
4	s-img.mgid.com
4	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
3	adservice.google.dk	securepubads.g.doubleclick.net
3	lqdads-7405.kxcdn.com	d.liquidadserver.com.br
3	delivery.liquidadserver.com.br	d.liquidadserver.com.br
3	d.liquidadserver.com.br	ads.simpleads.com.br
3	creatives.sascdn.com	ads.simpleads.com.br
3	fonts.googleapis.com	portalmanaus24h.com.br
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	pre.glotgrx.com
2	pixel.yabidos.com	ads.simpleads.com.br pixel.yabidos.com
2	sync.smartadserver.com	2 redirects
2	px.adhigh.net	2 redirects
2	match.adsrvr.org	2 redirects
2	eus.rubiconproject.com	cm.mgid.com ads.simpleads.com.br
2	secure-assets.rubiconproject.com	2 redirects
2	cdn.mgid.com	jsc.mgid.com
2	www.googletagmanager.com	ajax.cloudflare.com cdn.simpleads.com.br
2	connect.facebook.net	ajax.cloudflare.com connect.facebook.net
1	31a59e9d886891526abd70d54242930f.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	a16d7c1b334c788733820f7f11e5283f.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	bc0e9b983944f14f4eace8262fd32ac2.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	ced-ns.sascdn.com
1	c.mgid.com
1	cm.g.doubleclick.net	1 redirects
1	cm.lentainform.com
1	cm.idealmedia.io
1	ams.creativecdn.com	1 redirects
1	creativecdn.com	1 redirects
1	jadserve.postrelease.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	servicer.mgid.com	jsc.mgid.com
1	jsc.mgid.com	ajax.cloudflare.com
1	cdn.simpleads.com.br	ajax.cloudflare.com
1	ajax.cloudflare.com	portalmanaus24h.com.br
163	49

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
www.youtube.com
widgets.mgid.com
www.mgid.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-11` - `2021-07-11`	a year	crt.sh
ajax.cloudflare.com DigiCert ECC Secure Server CA	`2020-08-11` - `2022-08-16`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-11-02` - `2021-01-30`	3 months	crt.sh
cdn.simpleads.com.br Sectigo RSA Domain Validation Secure Server CA	`2020-04-27` - `2022-07-26`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.ip-api.com Sectigo RSA Domain Validation Secure Server CA	`2019-11-05` - `2021-11-04`	2 years	crt.sh
*.gstatic.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
ads.simpleads.com.br Sectigo RSA Domain Validation Secure Server CA	`2019-02-08` - `2021-02-07`	2 years	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-02-13` - `2021-02-17`	2 years	crt.sh
*.postrelease.com Amazon	`2020-02-28` - `2021-03-28`	a year	crt.sh
*.sascdn.com DigiCert SHA2 Secure Server CA	`2020-05-08` - `2022-05-25`	2 years	crt.sh
sb.scorecardresearch.com DigiCert Secure Site ECC CA-1	`2020-07-17` - `2021-06-02`	a year	crt.sh
*.glotgrx.com Go Daddy Secure Certificate Authority - G2	`2019-11-13` - `2021-01-12`	a year	crt.sh
delivery.liquidadserver.com.br Let's Encrypt Authority X3	`2020-09-12` - `2020-12-11`	3 months	crt.sh
*.kxcdn.com Thawte RSA CA 2018	`2019-07-04` - `2021-09-01`	2 years	crt.sh
*.google.dk GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh

This page contains 19 frames:

Primary Page: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
Frame ID: DA6E62C09FCA199827510406F8C4D750
Requests: 92 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201112/r20190131/zrt_lookup.html
Frame ID: 3F4335ED4E791B00443CA1861D1E107D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3689238491183238&output=html&h=90&slotname=8009966046&adk=2207777445&adf=1952787757&pi=t.ma~as.8009966046&w=728&lmt=1606890703&psa=0&format=728x90&url=https%3A%2F%2Fportalmanaus24h.com.br%2Fwp-includes%2Fjs%2Fplupload%2F--%2Fpontos%2Fseuspontos%2FAcessoCorrentistaInvalido.php&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1606890703549&bpp=21&bdt=2536&idt=225&shv=r20201112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=694954175708&frm=20&pv=2&ga_vid=515945015.1606890704&ga_sid=1606890704&ga_hid=912943016&ga_fc=0&iag=0&icsg=49324079&dssz=26&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1126&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=4197180408031206&pem=969&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=P6ShGJmBRT&p=https%3A//portalmanaus24h.com.br&dtd=249
Frame ID: 9C2D93CAB6B721B042EBB0168DF1D1D5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3689238491183238&output=html&adk=1309800647&adf=4848473&lmt=1606890703&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fportalmanaus24h.com.br%2Fwp-includes%2Fjs%2Fplupload%2F--%2Fpontos%2Fseuspontos%2FAcessoCorrentistaInvalido.php&ea=0&flash=0&pra=7&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1606890703570&bpp=2&bdt=2557&idt=242&shv=r20201112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&nras=1&correlator=694954175708&frm=20&pv=1&ga_vid=515945015.1606890704&ga_sid=1606890704&ga_hid=912943016&ga_fc=0&iag=0&icsg=2196807727&dssz=27&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=4197180408031206&pem=969&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=278
Frame ID: 3226E55DDF422BB5006144F77E618B27
Requests: 1 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1606890703912250051247
Frame ID: 0C19687CD04049D1B975E38D981C47C8
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Frame ID: 222461764CEECB4CC2B45D954C73345D
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=us-east
Frame ID: E878E508C57A0F83ECAF40818CAAE06B
Requests: 1 HTTP requests in this frame

Frame: https://d.liquidadserver.com.br/tags
Frame ID: 6CE7670EE553D4DD161BED516D3CE2D2
Requests: 6 HTTP requests in this frame

Frame: https://d.liquidadserver.com.br/tags
Frame ID: 7822A4906BAB0BA8F984ABBBE616BB6D
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 4E8B9D66A36B637EEE6C34DCA57CEE99
Requests: 13 HTTP requests in this frame

Frame: https://d.liquidadserver.com.br/tags
Frame ID: CEE9DD374CE9008F1C7210561E86CB25
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 273464A1AED98C909EEC7406AC52B5CA
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: CE7846FA640694A6047F1F08C9CC6D91
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: 3BC87AF16750610B395543ACD0129E27
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuoCvlxnF1aOT0Igi0-Ua4heceZUri6BXREfhk1M2fgwgpQWXejtHfchy3TReZU0ettZB7XbNkIzI2h5zFXMumgEzPrHbwuPT-IJ85KFlpEMGRHZl19qzHAC33bFpsNV5tVlGLEmMWEqtWKET5ebnQ7QR-4MsDdrnDD0beLL4mBUGo5GpxPJZU9PSuTsO14lEqhDPcVK5s8tME0k6imWEedjDhJiLcp5G574QO0fnfg4LVwhc5Dtj05IyI2LoYt7JqLz8JUArbvXAUR4A8Bobc0uEUHWR1nBcgxEeg5E6FURan1Q52p1hMTCb_-rTHXUbRl88w&sig=Cg0ArKJSzE6Uq38bG4AgEAE&urlfix=1&adurl=
Frame ID: E7100042A7415C43ED95E31599F052C8
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstG07xPhWtpTsaLUgyp4RfUrpe7Ht9-bLGaY_nyBmISpWyBRZPvMWCfHamO7r7x3fuASxfHqAfy8MdI2BA38AGJ8xrq6A6hE062fbbFUNzQDFu1Mx-G8kQ73w0T2wtvdxyAheLB38mO7YSS6Wnal5MaW9OLKvi-7ts6OjgHBmYSx0UDWpHTgQj8IVyAcij9rzYZU6gbYxBSBvs3M11JG6ug5VHDz6VMu0pnmrBKTkZxR2C1rEF1j9R0XbJ3h6SCgdqCpMPo7GAFthoxvSFAPDnH4eowdLQA9NqiYl080lQ&sig=Cg0ArKJSzPOaAc2yyc5pEAE&urlfix=1&adurl=
Frame ID: A74F7EA35F4BF60A3D4E42E94ACE4223
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: 76DC415B1CE5540594C5399084BA3A12
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: C5940DD65AF9C7789AE154DD294398D8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: 754E9CB478473EC13DECC3C2BB17D39A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

163
Requests

99 %
HTTPS

47 %
IPv6

32
Domains

49
Subdomains

30
IPs

10
Countries

1788 kB
Transfer

5234 kB
Size

1
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/portalmanaus24h
Title:

Search URL Search Domain Scan URL

URL: https://www.instagram.com/portalmanaus24h/
Title:

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCw6yPx7ZXiDwdb1aVejW93A?view_as=subscriber
Title:

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=portalmanaus24h.com.br&utm_medium=referral&utm_campaign=widgets&utm_content=1037079

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/3944304/i/57371692/0/pp/1/1?h=PqUfXHRJSYpnerDDiw_S_LIMJ5uTVz5C-XRiTfFhLXQymaxpbRs7NPQPLs6W4fqZ&rid=0b7095df-3468-11eb-9fb0-d09466576dad&tt=Direct&cpm=1&gbpp=1&iv=11

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/3805664/i/57371692/0/pp/2/1?h=PqUfXHRJSYpnerDDiw_S_FrQ5HBS4pHoFTALzNGeLwAs2ObyQOU0fcbzk-Jo2aTr&rid=0b7095df-3468-11eb-9fb0-d09466576dad&tt=Direct&cpm=1&gbpp=1&iv=11

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/3839414/i/57371692/0/pp/3/1?h=PqUfXHRJSYpnerDDiw_S_FZhpVOBvEnOWb9BAVcnG1JrN304HT3pZmsixFsUiuQ4&rid=0b7095df-3468-11eb-9fb0-d09466576dad&tt=Direct&cpm=1&gbpp=1&iv=11

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/3805478/i/57371692/0/pp/4/1?h=PqUfXHRJSYpnerDDiw_S_KmkHnhbsHT3H-clDEAoZUSjT6VT69HuhiVpc5nkEwxK&rid=0b7095df-3468-11eb-9fb0-d09466576dad&tt=Direct&cpm=1&iv=11

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 57

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

Request Chain 58

https://x.bidswitch.net/sync?dsp_id=303&user_id=kb1HAWE8l0vm HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=kb1HAWE8l0vm HTTP 302
https://jadserve.postrelease.com/suid/1011?vk=bf8bb5f4-9fe6-4391-8c56-e5bdb5566283

Request Chain 59

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://cm.mgid.com/m?cdsp=371158&c=0368b27b-6666-40cf-9fa2-023519c98991&ttl=1609482704

Request Chain 60

https://creativecdn.com/cm-notify?pi=mgid HTTP 302
https://ams.creativecdn.com/cm-notify?pi=mgid&tc=1 HTTP 302
https://cm.mgid.com/m?cdsp=501037&c=xZkPGf4MCEs8X1aHfeOk&pi=mgid&tc=1

Request Chain 63

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=a2IxSEFXRThsMHZt&muidn=kb1HAWE8l0vm HTTP 302
https://cm.mgid.com/google?muidn=kb1HAWE8l0vm&google_ula={guid},5&google_gid=CAESEACL5sIA91bq2NP5grCPlik&google_cver=1

Request Chain 64

https://x.bidswitch.net/sync?ssp=mgid HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=mgid HTTP 302
https://px.adhigh.net/p/cm/bsw?bidswitch_ssp_id=mgid HTTP 302
https://px.adhigh.net/p/cm/bsw?bidswitch_ssp_id=mgid&bounced=1 HTTP 302
https://x.bidswitch.net/sync?dsp_id=9&user_id=u0UUwemDl5BN.AikABlF2IibeOg&expires=30&ssp=mgid HTTP 302
https://cm.mgid.com/m?cdsp=433145&c=bf8bb5f4-9fe6-4391-8c56-e5bdb5566283&gdpr=&gdpr_consent=&us_privacy=

Request Chain 66

https://ads.simpleads.com.br/2447/call HTTP 307
https://ads.simpleads.com.br/2447/call?cklb=1

Request Chain 76

https://sync.smartadserver.com/getuid?url=https%3a%2f%2fads.simpleads.com.br%2fsetuid%3fuid%3d%5bsas_uid%5d HTTP 302
https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fads.simpleads.com.br%2Fsetuid%3Fuid%3D%5Bsas_uid%5D&cklb=1 HTTP 302
https://ads.simpleads.com.br/setuid?uid=3842365880149444442

Request Chain 78

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=us-east

Request Chain 89

https://sb.scorecardresearch.com/p?c1=8&c2=23608916&c3=321679&ns_ap_it=b&ns_ap_pn=&rn=3732144206 HTTP 302
https://sb.scorecardresearch.com/p2?c1=8&c2=23608916&c3=321679&ns_ap_it=b&ns_ap_pn=&rn=3732144206&cs_ak_ss=1

Request Chain 98

https://sb.scorecardresearch.com/p?c1=8&c2=23608916&c3=321679&ns_ap_it=b&ns_ap_pn=&rn=3732144206 HTTP 302
https://sb.scorecardresearch.com/p2?c1=8&c2=23608916&c3=321679&ns_ap_it=b&ns_ap_pn=&rn=3732144206&cs_ak_ss=1

163 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 404 Primary Request AcessoCorrentistaInvalido.php Show response
portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/ 56 KB
9 KB 1133ms
1113ms Document
text/html 2606:4700:3031::681c:1cef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:1cef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.11
Resource Hash: d819c05d5116350cf48ca364b0f94c97ff3ee05e08547671e3440a8ec5e1d439

Request headers

:method: GET
:authority: portalmanaus24h.com.br
:scheme: https
:path: /wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 06:31:41 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=da1fcfd434618e12b164e81597b666f3f1606890699; expires=Fri, 01-Jan-21 06:31:39 GMT; path=/; domain=.portalmanaus24h.com.br; HttpOnly; SameSite=Lax; Secure
x-powered-by: PHP/7.4.11
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://portalmanaus24h.com.br/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache: hit
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
cf-request-id: 06c3bf547c0000d6d95530d000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RRRZlmdTeFzfS94F5w1yoxls4LWXDsy2dE0u2PbR%2Fd0oQhyuQdx1aE%2FPOmheu0FEouCHOHJLNDbIElNl8ZQ0H0ljwkDEwJfBFNGTcSghiu%2B6DkMrjXoNrURDW9%2FbuEU7DUST"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5fb3019a5e91d6d9-FRA
content-encoding: br

GET
H2 200 cc7fa.css
portalmanaus24h.com.br/wp-content/litespeed/cssjs/ 1 MB
106 KB 1827ms
1826ms Stylesheet
text/css 2606:4700:3031::681c:1cef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portalmanaus24h.com.br/wp-content/litespeed/cssjs/cc7fa.css?81c93
Requested by: Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:1cef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 429df1195edf7e006d1618e2e009db703de581611e3d6dfb05494cc49f4517dd

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 06:31:42 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
cf-request-id: 06c3bf58da0000d6d962844000000001
last-modified: Wed, 02 Dec 2020 06:21:27 GMT
server: cloudflare
etag: W/"108029-5fc73267-b5a0fa97a77c9886;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PEKo%2B4lgFBUHx12Nex68M9vaDx%2BObon38tjtxLdV3uX6vWufgG8w0yxUmDxoAzngRUadh4HGKlSq6cYv8C5%2Fhd8TY%2FuaeW9CZ7Tgo5hrE%2BowM0eLY%2BrMh%2BVnNSLLfkO3Kb1u"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 5fb301a15f47d6d9-FRA
expires: Thu, 02 Dec 2021 12:31:41 GMT

GET
H2 200 logo-portal-200-x-50.jpg
portalmanaus24h.com.br/wp-content/uploads/2020/11/ 7 KB
7 KB 14ms
13ms Image
image/jpeg 2606:4700:3031::681c:1cef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalmanaus24h.com.br/wp-content/uploads/2020/11/logo-portal-200-x-50.jpg
Requested by: Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:1cef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fdc103f9663010ea930ca029351019e0af082d32eb3a7f729fb69bc2ec232238

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 06:31:41 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 96983
content-length: 6865
cf-request-id: 06c3bf58da0000d6d99e932000000001
last-modified: Wed, 04 Nov 2020 16:12:10 GMT
server: cloudflare
etag: "1ad1-5fa2d2da-c463a7f6523411b4;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6eRSqUoZGTomHLuSrdvya9Ypz57PPghH32PaTHAUHHVusTyks042bbmdYiXmZOyJsZwEsdx7uNoTa4muIZGEiUX1kF%2F2xN4j8UVgVZ45ibgH%2FveuRQeoot8Ngh5HU2O6Bu20"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 5fb301a15f49d6d9-FRA
expires: Wed, 01 Dec 2021 09:35:18 GMT

GET
H2 200 email-decode.min.js Show response
portalmanaus24h.com.br/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 10ms
9ms Script
application/javascript 2606:4700:3031::681c:1cef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portalmanaus24h.com.br/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::681c:1cef , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 06:31:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
cf-request-id: 06c3bf58da0000d6d96b0c9000000001
last-modified: Tue, 24 Nov 2020 15:06:25 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"5fbd2171-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YRX93AaSNiyyZ%2BGjqU9gqpEoZdi2Vr9tbyr%2BlCrAC1ziReu86nXyzB6UT5Zvl5cNynz8eSVDLYYygzUYHP516TOPoKZ4ApD4qUVRccVkXd9z9LwbLQqh7i8TB50BE8HYnIXL"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 5fb301a15f4ad6d9-FRA
expires: Fri, 04 Dec 2020 06:31:41 GMT

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ 12 KB
5 KB 32ms
16ms Script
application/javascript 2606:4700::6810:a723
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Requested by

Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a723 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 06:31:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-request-id: 06c3bf58ef00009736ca954000000001
last-modified: Tue, 24 Nov 2020 15:06:25 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"5fbd2171-3016"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TwkQ9fd4894tCvr5Ou%2BcDW%2FuVlKeoISSceUbXrNwCP2Db5XVcB5cJrJX3G%2FH%2B6oDxo8O%2BtwsyVUhRFcjvKfwSp7f03TGTMSyPHXsp46gWY99bxC0P5XKqSXXMRztM1ZD"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 5fb301a17e519736-FRA
expires: Fri, 04 Dec 2020 06:31:41 GMT

GET
DATA 200
OK truncated
/ 114 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 069e2abed69e2efcd6930c0615ae8c32c1cb9f76e6e9ffae45495bc6759a3f95

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 101 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c9a612722eed86936463bc8772a9d4509e0c24f22485221beaa583a60079fef2

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET 0b1c9.js
portalmanaus24h.com.br/wp-content/litespeed/cssjs/ 0
0

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 129 KB
44 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae1d499cdd437a70f57d75e6e70238989d8d4f1a49edbc81b4f60d269a6ea817

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 06:31:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 45264
x-xss-protection: 0
server: cafe
etag: 15420816315301121666
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 02 Dec 2020 06:31:43 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/pt_BR/ 3 KB
2 KB 19ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pt_BR/sdk.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f31649467477e735d27c31e6f6cbae17f8e5eb1009fad6f2367d1e8980e52d09

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://portalmanaus24h.com.br
Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: +lH3I8IWoKZdSad2HBNeyQ==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1780
etag: "7ce7304e29a584a1fa5815e243fe06ca"
x-fb-debug: sPm0G7UT+fVAa6CrgPAvnL/3zXLY9oDC4uCoxDvXtacEDadNjVH2CHN7mTzom8hT8/iXiYI2vgo6ctJyUGXl6A==
x-fb-trip-id: 664085054
x-fb-content-md5: 9f70aee777d3fb228e7c0dd48a9b2f52
x-frame-options: DENY
date: Wed, 02 Dec 2020 06:31:43 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 02 Dec 2020 06:50:04 GMT

GET
H2 200 show.js Show response
cdn.simpleads.com.br/v2/s321679/p1144737/ 3 KB
2 KB 26ms
11ms Script
application/x-javascript 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.simpleads.com.br/v2/s321679/p1144737/show.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, DE),

Reverse DNS

Software

keycdn-engine / PHP/5.6.29

Resource Hash

6c41e176a52cd84ddb4efe26b8745ad6e9e0bbb520c9236126747a7ef118ea61

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 06:31:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-edge-location: defr
x-powered-by: PHP/5.6.29
x-cache: HIT
content-length: 1487
x-shield: active
server: keycdn-engine
etag: "16588bd9df4256d00eaf8c21f90747f4-gzip"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
link: <http://tag.simpleads.com.br/v2/s321679/p1144737/show.js>; rel="canonical"
expires: Wed, 02 Dec 2020 07:31:43 GMT

GET
H2 200 portalmanaus24h.com.br.1037079.js Show response
jsc.mgid.com/p/o/ 208 KB
55 KB 99ms
58ms Script
text/javascript 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/p/o/portalmanaus24h.com.br.1037079.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e862cd0cae842403ff5218ffefaaa5f16f43918776e8fc476d5e799f83173845

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 06:31:43 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 6A94EFC4FAC62DF1
cf-polished: origSize=213131
last-modified: Fri, 20 Nov 2020 13:55:40 GMT
x-amz-id-2: jWvldrtEcP1sl/3DpJ1PTgc978l7Kec+vulmSQBzCG0JF/O0mDFXXVUq0IkeMfJ/QbXdgVG8Hkg=
cf-bgj: minify
server: cloudflare
etag: W/"d4ce96bfbfcd049163f9b45f5000cad1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-request-id: 06c3bf61ae000010f39b1a7000000001
cf-ray: 5fb301af79fe10f3-CPH
expires: Wed, 02 Dec 2020 09:31:43 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 34ms
33ms Script
application/javascript 2a00:1450:4001:818::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-184185299-1

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8ca12b603338491dae016804e4971ee30b1838fedb2c7ee1a54023e8ae6d2756

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 06:31:43 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38695
x-xss-protection: 0
last-modified: Wed, 02 Dec 2020 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 02 Dec 2020 06:31:43 GMT

GET
H2 200 jquery.js Show response
portalmanaus24h.com.br/wp-includes/js/jquery/ 95 KB
32 KB 21ms
20ms Script
application/x-javascript 2606:4700:3031::681c:1cef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portalmanaus24h.com.br/wp-includes/js/jquery/jquery.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:1cef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 06:31:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 249302
cf-polished: origSize=96873
cf-bgj: minify
cf-request-id: 06c3bf617f0000d6d9792c0000000001
last-modified: Wed, 04 Nov 2020 14:05:22 GMT
server: cloudflare
etag: W/"17a69-5fa2b522-4a0f1b1f2e607d36;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=b%2BNjFYgi5SRcWHTycnSwLm03kEQeL%2Bd9Y4kLgbXD0%2B58goc%2BYHCvsMHJZjDmiD09l2SJ%2BjRI3daxMeum4MlSDPIRo50vEmBPNedkolJDaa2KthdXQJCAzoPqY9CL3EPPfJBH"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 5fb301af3b8ed6d9-FRA
expires: Mon, 29 Nov 2021 15:16:41 GMT

GET
H2 200 webfontloader.min.js Show response
portalmanaus24h.com.br/wp-content/plugins/litespeed-cache/assets/js/ 12 KB
5 KB 20ms
19ms Script
application/x-javascript 2606:4700:3031::681c:1cef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portalmanaus24h.com.br/wp-content/plugins/litespeed-cache/assets/js/webfontloader.min.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:1cef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f58202a14e2dcb4c672d6e9f0881ddc2b4e88225a97aadd940400a7377ee02d

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 06:31:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 143281
cf-request-id: 06c3bf617f0000d6d975b66000000001
last-modified: Wed, 04 Nov 2020 14:05:50 GMT
server: cloudflare
etag: W/"2f42-5fa2b53e-5975bb5f335f005e;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4aompBLQMyHwnlbu9ZV06k3A6w0KPiVd0WH4%2Ft0fKv7fQRoorklv3pOwZXaOHKHeL28O7qJSuhGcaPHWybaM8%2By2IDtq0fmPiHs2LMEVbd%2Fo2DvqAYqLARlBbF8m94yhEn5w"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 5fb301af3b90d6d9-FRA
expires: Tue, 30 Nov 2021 20:43:42 GMT

GET
H2 200 teatro-amazonas-Copia-300x225.jpg
portalmanaus24h.com.br/wp-content/uploads/2020/11/ 9 KB
10 KB 12ms
11ms Image
image/jpeg 2606:4700:3031::681c:1cef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalmanaus24h.com.br/wp-content/uploads/2020/11/teatro-amazonas-Copia-300x225.jpg
Requested by: Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/wp-content/litespeed/cssjs/cc7fa.css?81c93
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:1cef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0ff1c8d8961ef788b3f734e18eebe6a543b703871e2872baa34a5e31b9f7c5b

Request headers

Referer: https://portalmanaus24h.com.br/wp-content/litespeed/cssjs/cc7fa.css?81c93
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 06:31:43 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 96982
content-length: 9627
cf-request-id: 06c3bf61880000d6d9ac2aa000000001
last-modified: Wed, 04 Nov 2020 16:26:57 GMT
server: cloudflare
etag: "259b-5fa2d651-c4603b825ee32933;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=i4JQIE0PwksEnpn%2Bl6g%2BfS1TuKxV9eD4%2BVq48%2FC7oP34wU1qSBXcOVBT%2B4Vbad6P7h6ycvyJJWu4V1O0qZu%2BCORkHGTDiSO7W37u8LqWjbphv7lgkzE0qM2oahViEDosDjK4"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 5fb301af3ba7d6d9-FRA
expires: Wed, 01 Dec 2021 09:35:21 GMT

GET
H2 200 newspaper.woff
portalmanaus24h.com.br/wp-content/themes/Newspaper/images/icons/ 122 KB
67 KB 23ms
23ms Font
application/font-woff 2606:4700:3031::681c:1cef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portalmanaus24h.com.br/wp-content/themes/Newspaper/images/icons/newspaper.woff?19
Requested by: Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/wp-content/litespeed/cssjs/cc7fa.css?81c93
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:1cef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb07a5e06c489409f52896aacd9783ac93c4656fb4863aad19b0600cf0081f07

Request headers

Origin: https://portalmanaus24h.com.br
Referer: https://portalmanaus24h.com.br/wp-content/litespeed/cssjs/cc7fa.css?81c93
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 06:31:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 192718
cf-request-id: 06c3bf618c0000d6d9abacb000000001
last-modified: Wed, 04 Nov 2020 14:06:50 GMT
server: cloudflare
etag: W/"1e8ec-5fa2b57a-cc7a1c15277c6427;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hMeJm22wYh0FF%2BP4yiz913ywxlyYj%2Bu3FiWQSP3iWeeRVvvRfahtnA5Ca8IbYpGKTAieTajWOHB7ycElPnU1ZWG0tFqTh4ufWxSg9jowjLYNpKQ7azsvRlvawUtvjm7OjiQj"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 5fb301af4bb8d6d9-FRA
expires: Tue, 30 Nov 2021 06:59:45 GMT

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/ 231 KB
87 KB 49ms
35ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad7386d16a056df5c235702a97a5fa4cee68e302d71041aa35df96151f756f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 06:31:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 88601
x-xss-protection: 0
server: cafe
etag: 4353532171737760018
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 02 Dec 2020 06:31:43 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201112/r20190131/ Frame 3F43 0
0 6ms
5ms Document
text/html 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20201112/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20201112/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 02 Dec 2020 01:05:48 GMT
expires: Wed, 16 Dec 2020 01:05:48 GMT
content-type: text/html; charset=UTF-8
etag: 5228831996244654541
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4745
x-xss-protection: 0
age: 19555
cache-control: public, max-age=1209600
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 css
fonts.googleapis.com/ 22 KB
1 KB 17ms
17ms Stylesheet
text/css 2a00:1450:4001:814::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Requested by

Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

297b33ba930feb975c6869804a999ec114c2235b151d019e4e844902f3ce41c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 02 Dec 2020 05:41:17 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
date: Wed, 02 Dec 2020 06:31:43 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Wed, 02 Dec 2020 06:31:43 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
622 B 22ms
22ms Stylesheet
text/css 2a00:1450:4001:814::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cf7a2b3976c3af63dc2bca70cc5625a26341f19b1ccd484feddf076df895ed58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 02 Dec 2020 05:10:15 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
date: Wed, 02 Dec 2020 06:31:43 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Wed, 02 Dec 2020 06:31:43 GMT

GET
H2 200 ByMGID.svg
cdn.mgid.com/images/logos/ 2 KB
1 KB 25ms
24ms Image
image/svg+xml 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/ByMGID.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aae80a8125affd8e33409d76e77ae2918d62c2028ee68e0d9fd6093d41ca0aad

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 06:31:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 07 May 2020 09:36:25 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1588844166/ctime:1588844166/gid:0/gname:root/md5:17534e4d893e6f9d5f70f8483530ae6e/mode:33206/mtime:1588844166/uid:0/uname:root
age: 3784
etag: W/"17534e4d893e6f9d5f70f8483530ae6e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-id-2: 5KTvy9umK7Q9q7ayYfRhARbIRy2XVYo4Q/XpLliaGD20EGMrNCeynM9vzhfKBPhTvzrfw18tEFk=
content-type: image/svg+xml
cf-ray: 5fb301b1dcb610f3-CPH
x-amz-request-id: EDD0957952C83C96
cf-request-id: 06c3bf6328000010f32db52000000001

GET
DATA 200
OK truncated
/ 138 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d98d7a81b2cc1e6b36d75db78826771fed2ddbe50ab593bea89ba19d6e6f7cb4

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-Q050 200 css
fonts.googleapis.com/ 16 KB
1 KB 17ms
17ms Stylesheet
text/css 2a00:1450:4001:814::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,300%7CRoboto:400,500,700,300

Requested by

Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/wp-content/plugins/litespeed-cache/assets/js/webfontloader.min.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2c13dd9e31b7964d80c340e7f9891b2f35cee30f4f5c673536ac662ed500f591

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 02 Dec 2020 06:31:43 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
date: Wed, 02 Dec 2020 06:31:43 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Wed, 02 Dec 2020 06:31:43 GMT

OPTIONS
H/1.1 200
OK /
pro.ip-api.com/json/ Frame 0
0 113ms
35ms Other 51.77.64.70
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.ip-api.com/json/?key=BRsrCTcgCy7FxIl
Protocol: HTTP/1.1
Server: 51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS: de-fra-1.pro.ip-api.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://portalmanaus24h.com.br
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, POST, HEAD, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 7200
Date: Wed, 02 Dec 2020 06:31:43 GMT
Content-Length: 0

GET
H/1.1 200
OK / Show response
pro.ip-api.com/json/ 276 B
432 B 37ms
35ms XHR
application/json 51.77.64.70
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.ip-api.com/json/?key=BRsrCTcgCy7FxIl
Requested by: Host: cdn.simpleads.com.br
URL: https://cdn.simpleads.com.br/v2/s321679/p1144737/show.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS: de-fra-1.pro.ip-api.com
Software: /
Resource Hash: e067bd961b786be5afcd82cdf7c81a06cae5685325afe96dffde51b1ef48c1a4

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 02 Dec 2020 06:31:43 GMT
Content-Length: 276
Content-Type: application/json; charset=utf-8

GET
H2 200 0b1c9.js Show response
portalmanaus24h.com.br/wp-content/litespeed/cssjs/ 315 KB
69 KB 2959ms
2959ms Script
application/x-javascript 2606:4700:3031::681c:1cef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portalmanaus24h.com.br/wp-content/litespeed/cssjs/0b1c9.js?28cd2
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:1cef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fee76f6ff393fe14f3aafa98d42398526d12630d71e26876e84794c760730a7

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 06:31:46 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
cf-request-id: 06c3bf63530000d6d965a08000000001
last-modified: Wed, 02 Dec 2020 04:39:08 GMT
server: cloudflare
etag: W/"4eaa4-5fc71a6c-57061f13d7c68fad;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BCPRosnaendAAU4JlOydbgn5IwuNiSiBMxT%2BZtfQ6AosxX6eIhV%2FtNYb2Ra8aq%2FwyN8kEewCzAe0nkt%2BwMeT82ea2i17ouRz2ELEh9fUpOqSXnkjBEvcT%2BO%2BFd23rBSy1%2Fc1"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 5fb301b2192bd6d9-FRA
expires: Thu, 02 Dec 2021 12:31:45 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://portalmanaus24h.com.br
Referer: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 30 Nov 2020 23:06:16 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 113127
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Tue, 30 Nov 2021 23:06:16 GMT

GET
H3-Q050 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://portalmanaus24h.com.br
Referer: https://fonts.googleapis.com/css?family=Open+Sans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 30 Nov 2020 19:32:27 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:28 GMT
server: sffe
age: 125956
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Tue, 30 Nov 2021 19:32:27 GMT

GET
H3-Q050 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,300%7CRoboto:400,500,700,300

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://portalmanaus24h.com.br
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,300%7CRoboto:400,500,700,300
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 25 Nov 2020 16:29:45 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:27 GMT
server: sffe
age: 568918
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9080
x-xss-protection: 0
expires: Thu, 25 Nov 2021 16:29:45 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://portalmanaus24h.com.br
Referer: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 26 Nov 2020 12:08:16 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 498207
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11056
x-xss-protection: 0
expires: Fri, 26 Nov 2021 12:08:16 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 5ms
5ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://portalmanaus24h.com.br
Referer: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 17:20:25 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 47478
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Wed, 01 Dec 2021 17:20:25 GMT

GET
H3-Q050 200 mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,300%7CRoboto:400,500,700,300

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://portalmanaus24h.com.br
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,300%7CRoboto:400,500,700,300
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 30 Nov 2020 18:45:39 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:49 GMT
server: sffe
age: 128764
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9180
x-xss-protection: 0
expires: Tue, 30 Nov 2021 18:45:39 GMT

GET
H3-Q050 200 KFOkCnqEu92Fr1Mu51xIIzIXKMny.woff2
fonts.gstatic.com/s/roboto/v20/ 12 KB
12 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOkCnqEu92Fr1Mu51xIIzIXKMny.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3be0a916496d7936bb83ce60a4de9f10ef400f16c38e7dd7c65449c795e7739b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://portalmanaus24h.com.br
Referer: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 26 Nov 2020 09:05:50 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:19:00 GMT
server: sffe
age: 509153
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12680
x-xss-protection: 0
expires: Fri, 26 Nov 2021 09:05:50 GMT

GET
H2 200 1 Show response
servicer.mgid.com/1037079/ 3 KB
2 KB 74ms
73ms Script
application/x-javascript 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/1037079/1?w=1600&h=406&cols=2&pv=5&cbuster=1606890703761624599698&niet=4g&nisd=false&ref=&cxurl=https%3A%2F%2Fportalmanaus24h.com.br%2Fwp-includes%2Fjs%2Fplupload%2F--%2Fpontos%2Fseuspontos%2FAcessoCorrentistaInvalido.php&lu=https%3A%2F%2Fportalmanaus24h.com.br%2Fwp-includes%2Fjs%2Fplupload%2F--%2Fpontos%2Fseuspontos%2FAcessoCorrentistaInvalido.php&pageView=1&pvid=17622264b92a1d92052&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/o/portalmanaus24h.com.br.1037079.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3813d286a4c996596044ec90ca10b011ab9c5f77687b848a0f5f8d670f29edb9

Request headers

Referer: https://portalmanaus24h.com.br/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Dec 2020 06:31:43 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5fb301b29db610f3-CPH
cf-request-id: 06c3bf639e000010f373272000000001

GET
H2 200 sdk.js Show response
connect.facebook.net/pt_BR/ 195 KB
59 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pt_BR/sdk.js?hash=1f7e451a49079765b01b4e1c23c4c636&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

efe1ec925fd2944b93a3dac2b97093015da74a299152e3af4787336c483df0bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://portalmanaus24h.com.br
Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: EQtMTKD5Yw/qVrGLDPZ/9g==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 60133
etag: "dfbfae1bcfae37bb4fd2f50d44e520a5"
x-fb-debug: qK5shI16KjRkZ6QO3ZSrlPVyNhOv+Qc/HfTVEqoB4pZX++5nO98yI9mg4UJ1CQ5qh57qHdCtmlhTs4HWV8d0Kw==
x-fb-trip-id: 664085054
x-fb-content-md5: 3acff13522b4f0633cb5e2296c717a4f
x-frame-options: DENY
date: Wed, 02 Dec 2020 06:31:43 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
expires: Thu, 02 Dec 2021 05:09:48 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 212 B
648 B 153ms
53ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=portalmanaus24h.com.br&callback=_gfp_s_&client=ca-pub-3689238491183238

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

29ded0db775fe268a34c1a1aa18d00b3acd294d1c488ea139c90637598658d2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 06:31:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 200
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
169 B 15ms
15ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=portalmanaus24h.com.br

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Dec 2020 06:31:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
169 B 14ms
14ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=portalmanaus24h.com.br

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Dec 2020 06:31:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 9C2D 0
0 128ms
128ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3689238491183238&output=html&h=90&slotname=8009966046&adk=2207777445&adf=1952787757&pi=t.ma~as.8009966046&w=728&lmt=1606890703&psa=0&format=728x90&url=https%3A%2F%2Fportalmanaus24h.com.br%2Fwp-includes%2Fjs%2Fplupload%2F--%2Fpontos%2Fseuspontos%2FAcessoCorrentistaInvalido.php&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1606890703549&bpp=21&bdt=2536&idt=225&shv=r20201112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=694954175708&frm=20&pv=2&ga_vid=515945015.1606890704&ga_sid=1606890704&ga_hid=912943016&ga_fc=0&iag=0&icsg=49324079&dssz=26&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1126&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=4197180408031206&pem=969&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=P6ShGJmBRT&p=https%3A//portalmanaus24h.com.br&dtd=249

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3689238491183238&output=html&h=90&slotname=8009966046&adk=2207777445&adf=1952787757&pi=t.ma~as.8009966046&w=728&lmt=1606890703&psa=0&format=728x90&url=https%3A%2F%2Fportalmanaus24h.com.br%2Fwp-includes%2Fjs%2Fplupload%2F--%2Fpontos%2Fseuspontos%2FAcessoCorrentistaInvalido.php&flash=0&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1606890703549&bpp=21&bdt=2536&idt=225&shv=r20201112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=694954175708&frm=20&pv=2&ga_vid=515945015.1606890704&ga_sid=1606890704&ga_hid=912943016&ga_fc=0&iag=0&icsg=49324079&dssz=26&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1126&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=4197180408031206&pem=969&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=P6ShGJmBRT&p=https%3A//portalmanaus24h.com.br&dtd=249
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 02 Dec 2020 06:31:43 GMT
server: cafe
content-length: 205
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 02-Dec-2020 06:46:43 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Wed, 02 Dec 2020 06:31:43 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d56ee6a2ba915ad87e2dc9b49d9199563f3b35f9e048938e84d1a033e5c2b1c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 06:31:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1605702985553312"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28207
x-xss-protection: 0
expires: Wed, 02 Dec 2020 06:31:43 GMT

GET
H3-Q050 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,300%7CRoboto:400,500,700,300

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://portalmanaus24h.com.br
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,300%7CRoboto:400,500,700,300
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 30 Nov 2020 19:32:27 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:28 GMT
server: sffe
age: 125956
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Tue, 30 Nov 2021 19:32:27 GMT

GET
H3-Q050 200 mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 8ms
6ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,300%7CRoboto:400,500,700,300

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://portalmanaus24h.com.br
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,300%7CRoboto:400,500,700,300
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 22:38:12 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:16 GMT
server: sffe
age: 28411
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9016
x-xss-protection: 0
expires: Wed, 01 Dec 2021 22:38:12 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,300%7CRoboto:400,500,700,300

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://portalmanaus24h.com.br
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,300%7CRoboto:400,500,700,300
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 17:20:25 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 47478
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Wed, 01 Dec 2021 17:20:25 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,300%7CRoboto:400,500,700,300

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://portalmanaus24h.com.br
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,300%7CRoboto:400,500,700,300
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 26 Nov 2020 12:08:16 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 498207
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11056
x-xss-protection: 0
expires: Fri, 26 Nov 2021 12:08:16 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,300%7CRoboto:400,500,700,300

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://portalmanaus24h.com.br
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,300%7CRoboto:400,500,700,300
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 30 Nov 2020 23:06:16 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 113127
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Tue, 30 Nov 2021 23:06:16 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,300%7CRoboto:400,500,700,300

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://portalmanaus24h.com.br
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700,300%7CRoboto:400,500,700,300
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 30 Nov 2020 10:07:18 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:52 GMT
server: sffe
age: 159865
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11180
x-xss-protection: 0
expires: Tue, 30 Nov 2021 10:07:18 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://portalmanaus24h.com.br
Referer: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 30 Nov 2020 10:07:18 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:52 GMT
server: sffe
age: 159865
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11180
x-xss-protection: 0
expires: Tue, 30 Nov 2021 10:07:18 GMT

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 3226 0
0 61ms
61ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3689238491183238&output=html&adk=1309800647&adf=4848473&lmt=1606890703&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fportalmanaus24h.com.br%2Fwp-includes%2Fjs%2Fplupload%2F--%2Fpontos%2Fseuspontos%2FAcessoCorrentistaInvalido.php&ea=0&flash=0&pra=7&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1606890703570&bpp=2&bdt=2557&idt=242&shv=r20201112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&nras=1&correlator=694954175708&frm=20&pv=1&ga_vid=515945015.1606890704&ga_sid=1606890704&ga_hid=912943016&ga_fc=0&iag=0&icsg=2196807727&dssz=27&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=4197180408031206&pem=969&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=278

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3689238491183238&output=html&adk=1309800647&adf=4848473&lmt=1606890703&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fportalmanaus24h.com.br%2Fwp-includes%2Fjs%2Fplupload%2F--%2Fpontos%2Fseuspontos%2FAcessoCorrentistaInvalido.php&ea=0&flash=0&pra=7&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1606890703570&bpp=2&bdt=2557&idt=242&shv=r20201112&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&nras=1&correlator=694954175708&frm=20&pv=1&ga_vid=515945015.1606890704&ga_sid=1606890704&ga_hid=912943016&ga_fc=0&iag=0&icsg=2196807727&dssz=27&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=4197180408031206&pem=969&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=278
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 02 Dec 2020 06:31:43 GMT
server: cafe
content-length: 3311
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 02-Dec-2020 06:46:43 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Wed, 02 Dec 2020 06:31:43 GMT
cache-control: private

GET
H/1.1 200
OK smart.js Show response
ads.simpleads.com.br/tag/2447/ 32 KB
12 KB 447ms
145ms Script
application/javascript 199.187.193.140
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.simpleads.com.br/tag/2447/smart.js
Requested by: Host: cdn.simpleads.com.br
URL: https://cdn.simpleads.com.br/v2/s321679/p1144737/show.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.187.193.140 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: 447d369f201b54a41f92b45b3b319420a5f1078cef687ae23f1831b34bd9a8e6

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 06:31:43 GMT
cache-control: public,max-age=300
transfer-encoding: chunked
content-encoding: br
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8

GET
H3-Q050 200 gtm.js Show response
www.googletagmanager.com/ 70 KB
28 KB 37ms
23ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5Q83CDM

Requested by

Host: cdn.simpleads.com.br
URL: https://cdn.simpleads.com.br/v2/s321679/p1144737/show.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

37962d820471b928427f6bbc581a044e0daff0d4096bb58bb05227d6c05525c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 06:31:43 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28205
x-xss-protection: 0
last-modified: Wed, 02 Dec 2020 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 02 Dec 2020 06:31:43 GMT

GET
H2 200 ByMGID.svg
cdn.mgid.com/images/logos/ 2 KB
840 B 23ms
23ms Image
image/svg+xml 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/ByMGID.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/o/portalmanaus24h.com.br.1037079.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aae80a8125affd8e33409d76e77ae2918d62c2028ee68e0d9fd6093d41ca0aad

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 06:31:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 07 May 2020 09:36:25 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1588844166/ctime:1588844166/gid:0/gname:root/md5:17534e4d893e6f9d5f70f8483530ae6e/mode:33206/mtime:1588844166/uid:0/uname:root
age: 3784
etag: W/"17534e4d893e6f9d5f70f8483530ae6e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-id-2: 5KTvy9umK7Q9q7ayYfRhARbIRy2XVYo4Q/XpLliaGD20EGMrNCeynM9vzhfKBPhTvzrfw18tEFk=
content-type: image/svg+xml
cf-ray: 5fb301b36f2910f3-CPH
x-amz-request-id: EDD0957952C83C96
cf-request-id: 06c3bf6425000010f379bd1000000001

GET
H2 200 i.js Show response
cm.mgid.com/ 1 KB
696 B 75ms
73ms Script
application/javascript 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?&cbuster=160689070390715233900
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/o/portalmanaus24h.com.br.1037079.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0005ddde2bfac05bb5a9c8a20432969bf3d54182c71d47bf4707db3c13c51ed1

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Dec 2020 06:31:43 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: 8cdf93a4-19f4-444e-aae0-d1612c106495
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5fb301b37f3f10f3-CPH
cf-request-id: 06c3bf642e000010f37c251000000001
server: cloudflare

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame 0C19 19 B
292 B 71ms
70ms Script
application/javascript 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1606890703912250051247
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/p/o/portalmanaus24h.com.br.1037079.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Dec 2020 06:31:43 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: 3c62010c-077d-4666-945d-c3ce9a267139
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5fb301b38f4510f3-CPH
cf-request-id: 06c3bf6432000010f333010000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzE5Mjg1Y2FiMDIyMDQ2ODE5NGIxNzU3ZTZmMzhjZDQ3LmpwZWc.webp
s-img.mgid.com/g/3944304/492x277/0x0x758x505/ 19 KB
19 KB 31ms
29ms Image
image/webp 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3944304/492x277/0x0x758x505/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzE5Mjg1Y2FiMDIyMDQ2ODE5NGIxNzU3ZTZmMzhjZDQ3LmpwZWc.webp?v=1606890703-HUtLg-1E-iBe3Oom1GpZLYpuMTvX8EiBfgxKEDDosU0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b24555211c2b44bfc9d83befefeb792fb7af40988f8a5ac3483177f44bec544

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 06:31:43 GMT
cf-cache-status: HIT
last-modified: Mon, 05 Oct 2020 11:32:40 GMT
x-mg-request-uuid: 18cc288a-b44e-478f-a417-fb21f557366b
age: 2775258
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5fb301b38f4d10f3-CPH
content-length: 18994
cf-request-id: 06c3bf6438000010f33e382000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC8xODRjNzBkZDRmYWVkZGY5MTU1YTdiZGQ3MmFjNTE5My5qcGVn.webp
s-img.mgid.com/g/3805664/492x277/0x0x640x426/ 19 KB
19 KB 26ms
24ms Image
image/webp 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3805664/492x277/0x0x640x426/aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC8xODRjNzBkZDRmYWVkZGY5MTU1YTdiZGQ3MmFjNTE5My5qcGVn.webp?v=1606890703-G60C9UP9qZXOa_ozKKyngi9yshsZU2YBCvUmwYDsl0g
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a67c942ce0ccbdd7667f26771c73dc06d2721493bff7d59ec35fee27a670352

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 06:31:43 GMT
cf-cache-status: HIT
last-modified: Wed, 30 Sep 2020 08:30:40 GMT
x-mg-request-uuid: 66446375-64b8-4df5-91eb-0e754e8c0c4a
age: 2751500
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5fb301b38f4b10f3-CPH
content-length: 19644
cf-request-id: 06c3bf6438000010f3879e8000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzI4MGUwZTIyYTk0NDg4NTA3ZjM0MzA2YWM5M2JlOWM1LmpwZWc.webp
s-img.mgid.com/g/3839414/492x277/84x0x758x505/ 13 KB
13 KB 29ms
27ms Image
image/webp 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3839414/492x277/84x0x758x505/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzI4MGUwZTIyYTk0NDg4NTA3ZjM0MzA2YWM5M2JlOWM1LmpwZWc.webp?v=1606890703-4rq3s7MhljXCEcwwSgwGGBV1dxGSrCkpyJhmIWsEwmU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83a1de4643deb6c70322259d9fc6e7f613cafaf23366306d18675f899ade102a

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 06:31:43 GMT
cf-cache-status: HIT
last-modified: Mon, 05 Oct 2020 11:13:08 GMT
x-mg-request-uuid: fb44bb80-4251-46d9-adb6-9fd0a7ff0b18
age: 2684708
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5fb301b38f5010f3-CPH
content-length: 12950
cf-request-id: 06c3bf6439000010f37327b000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjIvMTAxOTI0LzM5ZGMzY2I3MjBmYzRlYmVkZmUxNGE5MTc0N2UzNzIyLmpwZz90PTE0OTgxMjc5OTQyMTU.webp
s-img.mgid.com/g/3805478/492x277/0x150x1060x706/ 11 KB
11 KB 35ms
33ms Image
image/webp 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3805478/492x277/0x150x1060x706/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDYtMjIvMTAxOTI0LzM5ZGMzY2I3MjBmYzRlYmVkZmUxNGE5MTc0N2UzNzIyLmpwZz90PTE0OTgxMjc5OTQyMTU.webp?v=1606890703--G7aVMhzP7BlZskEzQxOhu_wLwV79-IIPMm4AH85LFU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af6eacbac5110489c9e1dcf5dee7c4ce651ee8a3cb5e95bef12e53f6b916b9e5

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 06:31:43 GMT
cf-cache-status: HIT
last-modified: Mon, 05 Oct 2020 11:23:01 GMT
x-mg-request-uuid: dfcb0e70-1f8e-4f3d-a4ce-27fe2b5b8d0a
age: 2694074
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5fb301b38f4f10f3-CPH
content-length: 10920
cf-request-id: 06c3bf6438000010f33124d000000001
server: cloudflare

GET
H/1.1

200
OK

usync.html
eus.rubiconproject.com/ Frame 2224
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

0
0

102ms
31ms

Document
text/html

184.24.15.122
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Requested by: Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=160689070390715233900
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.24.15.122 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-15-122.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Mon, 28 Sep 2020 17:02:39 GMT
ETag: "40295-123-5b062a240e9c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 238
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Dec 2020 06:31:44 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Date: Wed, 02 Dec 2020 06:31:44 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2

200

1011
jadserve.postrelease.com/suid/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=303&user_id=kb1HAWE8l0vm
https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=kb1HAWE8l0vm
https://jadserve.postrelease.com/suid/1011?vk=bf8bb5f4-9fe6-4391-8c56-e5bdb5566283

43 B
427 B

343ms
112ms

Image
image/gif

52.203.172.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/suid/1011?vk=bf8bb5f4-9fe6-4391-8c56-e5bdb5566283
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.203.172.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-203-172-63.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Dec 2020 06:31:44 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

Redirect headers

location: //jadserve.postrelease.com/suid/1011?vk=bf8bb5f4-9fe6-4391-8c56-e5bdb5566283
date: Wed, 02 Dec 2020 06:31:44 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
https://cm.mgid.com/m?cdsp=371158&c=0368b27b-6666-40cf-9fa2-023519c98991&ttl=1609482704

43 B
226 B

78ms
77ms

Image
image/gif

104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=371158&c=0368b27b-6666-40cf-9fa2-023519c98991&ttl=1609482704
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Dec 2020 06:31:44 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 66276aaf-4615-4752-a885-b1ad361cd9f7
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5fb301b559ea10f3-CPH
cf-request-id: 06c3bf655b000010f350257000000001
server: cloudflare

Redirect headers

pragma: no-cache
date: Wed, 02 Dec 2020 06:31:44 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.mgid.com/m?cdsp=371158&c=0368b27b-6666-40cf-9fa2-023519c98991&ttl=1609482704
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 205

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://creativecdn.com/cm-notify?pi=mgid
https://ams.creativecdn.com/cm-notify?pi=mgid&tc=1
https://cm.mgid.com/m?cdsp=501037&c=xZkPGf4MCEs8X1aHfeOk&pi=mgid&tc=1

43 B
515 B

70ms
69ms

Image
image/gif

104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=501037&c=xZkPGf4MCEs8X1aHfeOk&pi=mgid&tc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Dec 2020 06:31:44 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: a4ef4223-8733-4ecc-9472-934c064e386b
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5fb301b4f95e10f3-CPH
cf-request-id: 06c3bf651e000010f32db6c000000001
server: cloudflare

Redirect headers

location: https://cm.mgid.com/m?cdsp=501037&c=xZkPGf4MCEs8X1aHfeOk&pi=mgid&tc=1
pragma: no-cache
date: Wed, 02 Dec 2020 06:31:44 GMT, Wed, 02 Dec 2020 06:31:44 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 /
cm.idealmedia.io/setmuidn/ 0
555 B 115ms
73ms Image
image/gif 104.16.221.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.idealmedia.io/setmuidn/?muidf=kb1HAWE8l0vm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.221.74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Dec 2020 06:31:44 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 5fb301b44c53735b-CPH
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
cf-request-id: 06c3bf64af0000735b32067000000001

GET
H2 200 /
cm.lentainform.com/setmuidn/ 0
559 B 117ms
74ms Image
image/gif 104.19.217.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lentainform.com/setmuidn/?muidf=kb1HAWE8l0vm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.217.61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Dec 2020 06:31:44 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 5fb301b44a497367-CPH
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
cf-request-id: 06c3bf64b00000736773b1a000000001

GET
H2

200

google
cm.mgid.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=a2IxSEFXRThsMHZt&muidn=kb1HAWE8l0vm
https://cm.mgid.com/google?muidn=kb1HAWE8l0vm&google_ula={guid},5&google_gid=CAESEACL5sIA91bq2NP5grCPlik&google_cver=1

0
95 B

77ms
76ms

Image
text/plain

104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/google?muidn=kb1HAWE8l0vm&google_ula={guid},5&google_gid=CAESEACL5sIA91bq2NP5grCPlik&google_cver=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Dec 2020 06:31:44 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: text/plain
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5fb301b5198310f3-CPH
cf-request-id: 06c3bf652f000010f342928000000001

Redirect headers

pragma: no-cache
date: Wed, 02 Dec 2020 06:31:44 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.mgid.com/google?muidn=kb1HAWE8l0vm&google_ula={guid},5&google_gid=CAESEACL5sIA91bq2NP5grCPlik&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 327
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://x.bidswitch.net/sync?ssp=mgid
https://x.bidswitch.net/ul_cb/sync?ssp=mgid
https://px.adhigh.net/p/cm/bsw?bidswitch_ssp_id=mgid
https://px.adhigh.net/p/cm/bsw?bidswitch_ssp_id=mgid&bounced=1
https://x.bidswitch.net/sync?dsp_id=9&user_id=u0UUwemDl5BN.AikABlF2IibeOg&expires=30&ssp=mgid
https://cm.mgid.com/m?cdsp=433145&c=bf8bb5f4-9fe6-4391-8c56-e5bdb5566283&gdpr=&gdpr_consent=&us_privacy=

43 B
242 B

71ms
70ms

Image
image/gif

104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=433145&c=bf8bb5f4-9fe6-4391-8c56-e5bdb5566283&gdpr=&gdpr_consent=&us_privacy=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Dec 2020 06:31:44 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 0cf2c5aa-96f3-490e-a299-3a78af575925
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5fb301b6fc7b10f3-CPH
cf-request-id: 06c3bf665e000010f36801f000000001
server: cloudflare

Redirect headers

location: //cm.mgid.com/m?cdsp=433145&c=bf8bb5f4-9fe6-4391-8c56-e5bdb5566283&gdpr=&gdpr_consent=&us_privacy=
date: Wed, 02 Dec 2020 06:31:44 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

OPTIONS
H/1.1 200
OK call
ads.simpleads.com.br/2447/ Frame 0
0 432ms
143ms Other 199.187.193.140
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.simpleads.com.br/2447/call
Protocol: HTTP/1.1
Server: 199.187.193.140 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://portalmanaus24h.com.br
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 02 Dec 2020 06:31:44 GMT
content-length: 0
cache-control: no-cache,no-store
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, HEAD, POST
access-control-allow-origin: https://portalmanaus24h.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

POST
H/1.1

200
OK

call Show response
ads.simpleads.com.br/2447/
Redirect Chain

https://ads.simpleads.com.br/2447/call
https://ads.simpleads.com.br/2447/call?cklb=1

5 KB
1 KB

161ms
161ms

XHR
application/json

199.187.193.140
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.simpleads.com.br/2447/call?cklb=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.187.193.140 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: d8b6676ff7e91422603edadceb5aad500669ee5c1f6bf1d8c283dd92dfcee33e

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Dec 2020 06:31:45 GMT
content-encoding: br
vary: Accept-Encoding
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://portalmanaus24h.com.br
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
transfer-encoding: chunked

Redirect headers

pragma: no-cache
date: Wed, 02 Dec 2020 06:31:44 GMT
location: https://ads.simpleads.com.br/2447/call?cklb=1
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://portalmanaus24h.com.br
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

OPTIONS
H/1.1 200
OK call
ads.simpleads.com.br/2447/ Frame 0
0 143ms
142ms Other 199.187.193.140
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.simpleads.com.br/2447/call?cklb=1
Protocol: HTTP/1.1
Server: 199.187.193.140 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://portalmanaus24h.com.br
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 02 Dec 2020 06:31:45 GMT
content-length: 0
cache-control: no-cache,no-store
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, HEAD, POST
access-control-allow-origin: https://portalmanaus24h.com.br
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 200 c
c.mgid.com/ 43 B
280 B 142ms
140ms Image
image/gif 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/c?f=1&pv=3&v=784|184|8|PqUfXHRJSYpnerDDiw_S_FrQ5HBS4pHoFTALzNGeLwAs2ObyQOU0fcbzk-Jo2aTr&fw=1&extjs=66044&v=784|185|8|PqUfXHRJSYpnerDDiw_S_FZhpVOBvEnOWb9BAVcnG1JrN304HT3pZmsixFsUiuQ4&v=784|184|8|PqUfXHRJSYpnerDDiw_S_LIMJ5uTVz5C-XRiTfFhLXQymaxpbRs7NPQPLs6W4fqZ&v=784|185|8|PqUfXHRJSYpnerDDiw_S_KmkHnhbsHT3H-clDEAoZUSjT6VT69HuhiVpc5nkEwxK&cid=1037079&h2=Rc8X-LhO-VoTw7Wdsqs1hJjTTID0YbOXxhOebYXuIZk*&rid=0b7095df-3468-11eb-9fb0-d09466576dad&tt=Direct&pageImp=1&muid=kb1HAWE8l0vm&cbuster=160689070509478760072&tpl=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Dec 2020 06:31:45 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: b8d9c714-35f1-4e6e-8482-8b9efdb50c6c
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5fb301bae90f10f3-CPH
cf-request-id: 06c3bf68d3000010f346ba0000000001
server: cloudflare

GET
H/1.1 200
OK nshow Show response
ads.simpleads.com.br/h/ 345 B
578 B 205ms
204ms Script
application/javascript 199.187.193.140
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.simpleads.com.br/h/nshow?siteid=321679&pgid=1144737&fmtid=52896&tag=smp_52896&tmstp=3732144206&visit=S&uii=389385201980084150&acd=1606890705255&ckid=0&async=1&pubid=9&systgt=%24qc%3D1311284246%3B%24ql%3DMedium%3B%24qpc%3D1050%3B%24qt%3D100_3040_80338t%3B%24dma%3D0%3B%24b%3D16830%3B%24o%3D12100%3B%24sw%3D1600%3B%24sh%3D1200&tgt=%24dt%3D1t&pgDomain=https%3A%2F%2Fportalmanaus24h.com.br%2Fwp-includes%2Fjs%2Fplupload%2F--%2Fpontos%2Fseuspontos%2FAcessoCorrentistaInvalido.php&noadcbk=sas.noad&gdpr=1&insid=9592408%2C&capp=0%2C&mcrdbt=0%2C
Requested by: Host: ads.simpleads.com.br
URL: https://ads.simpleads.com.br/tag/2447/smart.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.187.193.140 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: f5f7d4c5edb8e6c7edc69f46ba7d8054a4d75996694fb428dfc37185fadb964e

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Dec 2020 06:31:44 GMT
content-encoding: br
vary: Accept-Encoding
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
transfer-encoding: chunked
content-type: application/javascript; charset=UTF-8

GET
H/1.1 200
OK nshow Show response
ads.simpleads.com.br/h/ 18 KB
4 KB 349ms
144ms Script
application/javascript 199.187.193.140
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.simpleads.com.br/h/nshow?siteid=321679&pgid=1144737&fmtid=52027&tag=smp_52027&tmstp=3732144206&visit=S&uii=389385201980084151&acd=1606890705255&ckid=0&async=1&pubid=9&systgt=%24qc%3D1311284246%3B%24ql%3DMedium%3B%24qpc%3D1050%3B%24qt%3D100_3040_80338t%3B%24dma%3D0%3B%24b%3D16830%3B%24o%3D12100%3B%24sw%3D1600%3B%24sh%3D1200&tgt=%24dt%3D1t&pgDomain=https%3A%2F%2Fportalmanaus24h.com.br%2Fwp-includes%2Fjs%2Fplupload%2F--%2Fpontos%2Fseuspontos%2FAcessoCorrentistaInvalido.php&noadcbk=sas.noad&gdpr=1&insid=8055518%2C&capp=0%2C&mcrdbt=0%2C
Requested by: Host: ads.simpleads.com.br
URL: https://ads.simpleads.com.br/tag/2447/smart.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.187.193.140 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: 1108d18134711853eee1bfcce948dfa357347bc699ca05a433c8e72e392c27b8

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Dec 2020 06:31:44 GMT
content-encoding: br
vary: Accept-Encoding
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
x-smrt-i: 8055518
cache-control: no-cache,no-store
transfer-encoding: chunked
content-type: application/javascript; charset=UTF-8

GET
H/1.1 200
OK nshow Show response
ads.simpleads.com.br/h/ 17 KB
5 KB 422ms
142ms Script
application/javascript 199.187.193.140
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.simpleads.com.br/h/nshow?siteid=321679&pgid=1144737&fmtid=52892&tag=smp_52892&tmstp=3732144206&visit=S&uii=389385201980084152&acd=1606890705255&ckid=0&async=1&pubid=9&systgt=%24qc%3D1311284246%3B%24ql%3DMedium%3B%24qpc%3D1050%3B%24qt%3D100_3040_80338t%3B%24dma%3D0%3B%24b%3D16830%3B%24o%3D12100%3B%24sw%3D1600%3B%24sh%3D1200&tgt=%24dt%3D1t&pgDomain=https%3A%2F%2Fportalmanaus24h.com.br%2Fwp-includes%2Fjs%2Fplupload%2F--%2Fpontos%2Fseuspontos%2FAcessoCorrentistaInvalido.php&noadcbk=sas.noad&gdpr=1&insid=9024423%2C&capp=0%2C&mcrdbt=0%2C
Requested by: Host: ads.simpleads.com.br
URL: https://ads.simpleads.com.br/tag/2447/smart.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.187.193.140 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: d1218e9abba19c0367d28f3d859a9b0484b823b1ee33c5570022d4c067a4d341

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Dec 2020 06:31:45 GMT
content-encoding: br
vary: Accept-Encoding
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
x-smrt-i: 9024423
cache-control: no-cache,no-store
transfer-encoding: chunked
content-type: application/javascript; charset=UTF-8

GET
H/1.1 200
OK nshow Show response
ads.simpleads.com.br/h/ 23 KB
7 KB 434ms
149ms Script
application/javascript 199.187.193.140
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.simpleads.com.br/h/nshow?siteid=321679&pgid=1144737&fmtid=52026&tag=smp_52026&tmstp=3732144206&visit=S&uii=389385201980084153&acd=1606890705255&ckid=0&async=1&pubid=9&systgt=%24qc%3D1311284246%3B%24ql%3DMedium%3B%24qpc%3D1050%3B%24qt%3D100_3040_80338t%3B%24dma%3D0%3B%24b%3D16830%3B%24o%3D12100%3B%24sw%3D1600%3B%24sh%3D1200&tgt=%24dt%3D1t&pgDomain=https%3A%2F%2Fportalmanaus24h.com.br%2Fwp-includes%2Fjs%2Fplupload%2F--%2Fpontos%2Fseuspontos%2FAcessoCorrentistaInvalido.php&noadcbk=sas.noad&gdpr=1&insid=8055129%2C&capp=0%2C&mcrdbt=0%2C
Requested by: Host: ads.simpleads.com.br
URL: https://ads.simpleads.com.br/tag/2447/smart.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.187.193.140 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: f2d3395d6b5b3bc811bb773b505262bfcb72fe5b65a02486c19dbc97d940a4a4

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Dec 2020 06:31:45 GMT
content-encoding: br
vary: Accept-Encoding
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
x-smrt-i: 8055129
cache-control: no-cache,no-store
transfer-encoding: chunked
content-type: application/javascript; charset=UTF-8

GET
H/1.1 200
OK aip
ads.simpleads.com.br/h/ 43 B
270 B 428ms
144ms Image
image/gif 199.187.193.140
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.simpleads.com.br/h/aip?siteid=321679&pgid=1144737&fmtid=52025&tmstp=3732144206&visit=S&uii=389385201980084154&acd=1606890705255&ckid=0&pubid=9&statid=1&systgt=%24qc%3d1311284246%3b%24ql%3dMedium%3b%24qpc%3d1050%3b%24qt%3d100_3040_80338t%3b%24dma%3d0%3b%24b%3d16830%3b%24o%3d12100%3b%24sw%3d1600%3b%24sh%3d1200&tgt=%24dt%3d1t&rnd=3681314309
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.187.193.140 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Dec 2020 06:31:45 GMT
cache-control: no-cache,no-store
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H/1.1 200
OK aip
ads.simpleads.com.br/h/ 43 B
270 B 429ms
143ms Image
image/gif 199.187.193.140
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.simpleads.com.br/h/aip?siteid=321679&pgid=1144737&fmtid=52893&tmstp=3732144206&visit=S&uii=389385201980084155&acd=1606890705255&ckid=0&pubid=9&statid=1&systgt=%24qc%3d1311284246%3b%24ql%3dMedium%3b%24qpc%3d1050%3b%24qt%3d100_3040_80338t%3b%24dma%3d0%3b%24b%3d16830%3b%24o%3d12100%3b%24sw%3d1600%3b%24sh%3d1200&tgt=%24dt%3d1t&rnd=9726748131
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.187.193.140 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Dec 2020 06:31:44 GMT
cache-control: no-cache,no-store
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H/1.1 200
OK aip
ads.simpleads.com.br/h/ 43 B
270 B 235ms
144ms Image
image/gif 199.187.193.140
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.simpleads.com.br/h/aip?siteid=321679&pgid=1144737&fmtid=52895&tmstp=3732144206&visit=S&uii=389385201980084156&acd=1606890705255&ckid=0&pubid=9&statid=1&systgt=%24qc%3d1311284246%3b%24ql%3dMedium%3b%24qpc%3d1050%3b%24qt%3d100_3040_80338t%3b%24dma%3d0%3b%24b%3d16830%3b%24o%3d12100%3b%24sw%3d1600%3b%24sh%3d1200&tgt=%24dt%3d1t&rnd=2517380040
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.187.193.140 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Dec 2020 06:31:45 GMT
cache-control: no-cache,no-store
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H/1.1

200
OK

setuid
ads.simpleads.com.br/
Redirect Chain

https://sync.smartadserver.com/getuid?url=https%3a%2f%2fads.simpleads.com.br%2fsetuid%3fuid%3d%5bsas_uid%5d
https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fads.simpleads.com.br%2Fsetuid%3Fuid%3D%5Bsas_uid%5D&cklb=1
https://ads.simpleads.com.br/setuid?uid=3842365880149444442

0
315 B

189ms
143ms

Image
text/plain

199.187.193.140
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.simpleads.com.br/setuid?uid=3842365880149444442
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.187.193.140 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Dec 2020 06:31:45 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location: https://ads.simpleads.com.br/setuid?uid=3842365880149444442
pragma: no-cache
date: Wed, 02 Dec 2020 06:31:45 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H/1.1 200
OK aip
ads.simpleads.com.br/h/ 43 B
270 B 143ms
143ms Image
image/gif 199.187.193.140
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.simpleads.com.br/h/aip?siteid=321679&pgid=1144737&fmtid=52896&tmstp=3732144206&visit=S&uii=389385201980084150&acd=1606890705255&ckid=0&pubid=9&statid=1&systgt=%24qc%3d1311284246%3b%24ql%3dMedium%3b%24qpc%3d1050%3b%24qt%3d100_3040_80338t%3b%24dma%3d0%3b%24b%3d16830%3b%24o%3d12100%3b%24sw%3d1600%3b%24sh%3d1200&tgt=%24dt%3d1t&rnd=7435396666
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 199.187.193.140 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Dec 2020 06:31:44 GMT
cache-control: no-cache,no-store
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H/1.1

200
OK

usync.html
eus.rubiconproject.com/ Frame E878
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=us-east

0
0

31ms
30ms

Document
text/html

184.24.15.122
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=us-east
Requested by: Host: ads.simpleads.com.br
URL: https://ads.simpleads.com.br/h/nshow?siteid=321679&pgid=1144737&fmtid=52027&tag=smp_52027&tmstp=3732144206&visit=S&uii=389385201980084151&acd=1606890705255&ckid=0&async=1&pubid=9&systgt=%24qc%3D1311284246%3B%24ql%3DMedium%3B%24qpc%3D1050%3B%24qt%3D100_3040_80338t%3B%24dma%3D0%3B%24b%3D16830%3B%24o%3D12100%3B%24sw%3D1600%3B%24sh%3D1200&tgt=%24dt%3D1t&pgDomain=https%3A%2F%2Fportalmanaus24h.com.br%2Fwp-includes%2Fjs%2Fplupload%2F--%2Fpontos%2Fseuspontos%2FAcessoCorrentistaInvalido.php&noadcbk=sas.noad&gdpr=1&insid=8055518%2C&capp=0%2C&mcrdbt=0%2C
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.24.15.122 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-15-122.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Mon, 28 Sep 2020 17:02:39 GMT
ETag: "40295-123-5b062a240e9c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 238
Content-Type: text/html; charset=UTF-8
Date: Wed, 02 Dec 2020 06:31:45 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=us-east
Date: Wed, 02 Dec 2020 06:31:45 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2 200 sas-floor-ad-1-4b_d8c5fe9f-4248-4adf-8032-05f01ddd4f08.js Show response
creatives.sascdn.com/diff/2447/6880103/ 8 KB
3 KB 110ms
27ms Script
text/javascript 68.232.35.16
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://creatives.sascdn.com/diff/2447/6880103/sas-floor-ad-1-4b_d8c5fe9f-4248-4adf-8032-05f01ddd4f08.js
Requested by: Host: ads.simpleads.com.br
URL: https://ads.simpleads.com.br/h/nshow?siteid=321679&pgid=1144737&fmtid=52027&tag=smp_52027&tmstp=3732144206&visit=S&uii=389385201980084151&acd=1606890705255&ckid=0&async=1&pubid=9&systgt=%24qc%3D1311284246%3B%24ql%3DMedium%3B%24qpc%3D1050%3B%24qt%3D100_3040_80338t%3B%24dma%3D0%3B%24b%3D16830%3B%24o%3D12100%3B%24sw%3D1600%3B%24sh%3D1200&tgt=%24dt%3D1t&pgDomain=https%3A%2F%2Fportalmanaus24h.com.br%2Fwp-includes%2Fjs%2Fplupload%2F--%2Fpontos%2Fseuspontos%2FAcessoCorrentistaInvalido.php&noadcbk=sas.noad&gdpr=1&insid=8055518%2C&capp=0%2C&mcrdbt=0%2C
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.232.35.16 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (ska/F719) /
Resource Hash: 0e29f9a85e5960160477df2b85d9677a3deee504bac7a5abe6d204d741bb8258

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 06:31:45 GMT
content-encoding: gzip
last-modified: Thu, 23 Apr 2020 19:54:29 GMT
server: ECS (ska/F719)
age: 402962
etag: "4292425714"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
cache-control: max-age=604800
accept-ranges: bytes
content-length: 2548
expires: Wed, 09 Dec 2020 06:31:45 GMT

GET
H2 200 tags Show response
d.liquidadserver.com.br/ Frame 6CE7 177 KB
55 KB 37ms
21ms Script
application/javascript 2606:4700:3033::ac43:9ff3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://d.liquidadserver.com.br/tags
Requested by: Host: ads.simpleads.com.br
URL: https://ads.simpleads.com.br/h/nshow?siteid=321679&pgid=1144737&fmtid=52027&tag=smp_52027&tmstp=3732144206&visit=S&uii=389385201980084151&acd=1606890705255&ckid=0&async=1&pubid=9&systgt=%24qc%3D1311284246%3B%24ql%3DMedium%3B%24qpc%3D1050%3B%24qt%3D100_3040_80338t%3B%24dma%3D0%3B%24b%3D16830%3B%24o%3D12100%3B%24sw%3D1600%3B%24sh%3D1200&tgt=%24dt%3D1t&pgDomain=https%3A%2F%2Fportalmanaus24h.com.br%2Fwp-includes%2Fjs%2Fplupload%2F--%2Fpontos%2Fseuspontos%2FAcessoCorrentistaInvalido.php&noadcbk=sas.noad&gdpr=1&insid=8055518%2C&capp=0%2C&mcrdbt=0%2C
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:9ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.4
Resource Hash: bf73ece92d892694c939f494ab9fbe2a58e8a7ce9f2ebabeb721b475876c46fd

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 06:31:45 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-edge-location: defr
x-powered-by: PHP/7.1.4
x-cache: HIT
access-control-allow-methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
cf-request-id: 06c3bf6b340000062999a4d000000001
link: <https://delivery.liquidadserver.com.br/tags>; rel="canonical"
referrer-policy: unsafe-url
last-modified: Wed, 18 Nov 2020 19:32:59 GMT
server: cloudflare
etag: W/"2c5e6-175dcd88632"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OfhEdwRpU%2BVue2Cc41hZsCwzcQxotTxLr%2FE8tb9o13g4%2BW8SHN%2BMu7ClTreEFIzQJfE7oek7CqQtHKW%2FJcrZRkgYccVDRtcugCUzkPRJQcX6Enztqe5zNV3kle48UtyHMYmFvg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
cf-ray: 5fb301bebe8c0629-FRA
access-control-allow-headers: X-Requested-With,content-type
expires: Wed, 09 Dec 2020 06:31:45 GMT

GET
H2 200 fltiu.js Show response
pixel.yabidos.com/ 2 KB
2 KB 65ms
25ms Script
application/javascript 104.16.201.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/fltiu.js?qid=034393f5534393f5734363&cid=647&p=2447&s=https%3a%2f%2fportalmanaus24h.com.br&x=SmartAdserver&nci=8055518&nai=52027&adtg=smp_52027&si=321679&ip=&ua=Mozilla%2f5.0+(Macintosh%3b+Intel+Mac+OS+X+10_14_5)+AppleWebKit%2f537.36+(KHTML%2c+like+Gecko)+Chrome%2f83.0.4103.61+Safari%2f537.36&flcb=1109746458&di=
Requested by: Host: ads.simpleads.com.br
URL: https://ads.simpleads.com.br/h/nshow?siteid=321679&pgid=1144737&fmtid=52027&tag=smp_52027&tmstp=3732144206&visit=S&uii=389385201980084151&acd=1606890705255&ckid=0&async=1&pubid=9&systgt=%24qc%3D1311284246%3B%24ql%3DMedium%3B%24qpc%3D1050%3B%24qt%3D100_3040_80338t%3B%24dma%3D0%3B%24b%3D16830%3B%24o%3D12100%3B%24sw%3D1600%3B%24sh%3D1200&tgt=%24dt%3D1t&pgDomain=https%3A%2F%2Fportalmanaus24h.com.br%2Fwp-includes%2Fjs%2Fplupload%2F--%2Fpontos%2Fseuspontos%2FAcessoCorrentistaInvalido.php&noadcbk=sas.noad&gdpr=1&insid=8055518%2C&capp=0%2C&mcrdbt=0%2C
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.201.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87ce4cc30530348882f7ec9e07ca8a24e704140aef3ef8260c3272598081c99b

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 06:31:45 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 23 Nov 2020 20:24:01 GMT
server: cloudflare
age: 270
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 5fb301beef5f1d02-CPH
content-length: 1146
cf-request-id: 06c3bf6b5600001d02309fe000000001
expires: Wed, 02 Dec 2020 08:31:45 GMT

GET
H/1.1 200
OK json Show response
pro.ip-api.com/ Frame 6CE7 276 B
432 B 35ms
35ms Fetch
application/json 51.77.64.70
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.ip-api.com/json?key=BRsrCTcgCy7FxIl
Requested by: Host: d.liquidadserver.com.br
URL: https://d.liquidadserver.com.br/tags
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS: de-fra-1.pro.ip-api.com
Software: /
Resource Hash: e067bd961b786be5afcd82cdf7c81a06cae5685325afe96dffde51b1ef48c1a4

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 02 Dec 2020 06:31:45 GMT
Content-Length: 276
Content-Type: application/json; charset=utf-8

GET
H2 200 dhtml-ad-simpleads-ads-05-beta4.js Show response
creatives.sascdn.com/diff/2447/6880103/ 14 KB
4 KB 32ms
28ms Script
text/javascript 68.232.35.16
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://creatives.sascdn.com/diff/2447/6880103/dhtml-ad-simpleads-ads-05-beta4.js
Requested by: Host: ads.simpleads.com.br
URL: https://ads.simpleads.com.br/h/nshow?siteid=321679&pgid=1144737&fmtid=52892&tag=smp_52892&tmstp=3732144206&visit=S&uii=389385201980084152&acd=1606890705255&ckid=0&async=1&pubid=9&systgt=%24qc%3D1311284246%3B%24ql%3DMedium%3B%24qpc%3D1050%3B%24qt%3D100_3040_80338t%3B%24dma%3D0%3B%24b%3D16830%3B%24o%3D12100%3B%24sw%3D1600%3B%24sh%3D1200&tgt=%24dt%3D1t&pgDomain=https%3A%2F%2Fportalmanaus24h.com.br%2Fwp-includes%2Fjs%2Fplupload%2F--%2Fpontos%2Fseuspontos%2FAcessoCorrentistaInvalido.php&noadcbk=sas.noad&gdpr=1&insid=9024423%2C&capp=0%2C&mcrdbt=0%2C
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.232.35.16 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (ska/F719) /
Resource Hash: 2c026cf4c6db7213dc7036ab1da4d408a07e48895cca8057670eb32ce5cce543

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 06:31:45 GMT
content-encoding: gzip
last-modified: Thu, 19 Sep 2019 13:31:14 GMT
server: ECS (ska/F719)
age: 352825
etag: "3134278608"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
cache-control: max-age=604800
accept-ranges: bytes
content-length: 4022
expires: Wed, 09 Dec 2020 06:31:45 GMT

GET
H2 200 flimpobj.js Show response
pixel.yabidos.com/ 30 KB
24 KB 26ms
26ms Script
application/javascript 104.16.201.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/flimpobj.js?cb=1606890705773&ver1=2.2.3&qid=034393f5534393f5734363&rnd=bj39qrav3rdt&cid=647
Requested by: Host: pixel.yabidos.com
URL: https://pixel.yabidos.com/fltiu.js?qid=034393f5534393f5734363&cid=647&p=2447&s=https%3a%2f%2fportalmanaus24h.com.br&x=SmartAdserver&nci=8055518&nai=52027&adtg=smp_52027&si=321679&ip=&ua=Mozilla%2f5.0+(Macintosh%3b+Intel+Mac+OS+X+10_14_5)+AppleWebKit%2f537.36+(KHTML%2c+like+Gecko)+Chrome%2f83.0.4103.61+Safari%2f537.36&flcb=1109746458&di=
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.201.58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3f5fe43cf3b943aa4ef647e87d8189c61b971c177cb3a6f3e88076fd4b2b9df

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 06:31:45 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 23 Nov 2020 20:24:01 GMT
server: cloudflare
age: 268
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 5fb301bf2f8d1d02-CPH
content-length: 23972
cf-request-id: 06c3bf6b7900001d02d783d000000001
expires: Wed, 02 Dec 2020 08:31:45 GMT

GET
H2 200 tags Show response
d.liquidadserver.com.br/ Frame 7822 177 KB
55 KB 18ms
18ms Script
application/javascript 2606:4700:3033::ac43:9ff3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://d.liquidadserver.com.br/tags
Requested by: Host: ads.simpleads.com.br
URL: https://ads.simpleads.com.br/h/nshow?siteid=321679&pgid=1144737&fmtid=52026&tag=smp_52026&tmstp=3732144206&visit=S&uii=389385201980084153&acd=1606890705255&ckid=0&async=1&pubid=9&systgt=%24qc%3D1311284246%3B%24ql%3DMedium%3B%24qpc%3D1050%3B%24qt%3D100_3040_80338t%3B%24dma%3D0%3B%24b%3D16830%3B%24o%3D12100%3B%24sw%3D1600%3B%24sh%3D1200&tgt=%24dt%3D1t&pgDomain=https%3A%2F%2Fportalmanaus24h.com.br%2Fwp-includes%2Fjs%2Fplupload%2F--%2Fpontos%2Fseuspontos%2FAcessoCorrentistaInvalido.php&noadcbk=sas.noad&gdpr=1&insid=8055129%2C&capp=0%2C&mcrdbt=0%2C
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:9ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.4
Resource Hash: bf73ece92d892694c939f494ab9fbe2a58e8a7ce9f2ebabeb721b475876c46fd

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 06:31:45 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-edge-location: defr
x-powered-by: PHP/7.1.4
x-cache: HIT
access-control-allow-methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
cf-request-id: 06c3bf6b7c00000629ca9b4000000001
link: <https://delivery.liquidadserver.com.br/tags>; rel="canonical"
referrer-policy: unsafe-url
last-modified: Wed, 18 Nov 2020 19:32:59 GMT
server: cloudflare
etag: W/"2c5e6-175dcd88632"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=K%2FV7QBTEWRsbxlwnSCmwW5lSraDh8YxhgXKkBKq22VpzJvtxrYizXH2b3sBDqE8QqoyxGuuYUXN2ss6zXWDetaUdWvM45TOtSjok87n%2FiuBOkdb1loSPDdsBkT7LsD2cxKSFyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
cf-ray: 5fb301bf2fcb0629-FRA
access-control-allow-headers: X-Requested-With,content-type
expires: Wed, 09 Dec 2020 06:31:45 GMT

GET
H2 200 sas-interstitial-2-18b_4bc0b97f-9e32-4b1a-9caa-38cc1de43fc1.js Show response
creatives.sascdn.com/diff/2447/6880103/ 18 KB
5 KB 31ms
30ms Script
text/javascript 68.232.35.16
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://creatives.sascdn.com/diff/2447/6880103/sas-interstitial-2-18b_4bc0b97f-9e32-4b1a-9caa-38cc1de43fc1.js
Requested by: Host: ads.simpleads.com.br
URL: https://ads.simpleads.com.br/h/nshow?siteid=321679&pgid=1144737&fmtid=52026&tag=smp_52026&tmstp=3732144206&visit=S&uii=389385201980084153&acd=1606890705255&ckid=0&async=1&pubid=9&systgt=%24qc%3D1311284246%3B%24ql%3DMedium%3B%24qpc%3D1050%3B%24qt%3D100_3040_80338t%3B%24dma%3D0%3B%24b%3D16830%3B%24o%3D12100%3B%24sw%3D1600%3B%24sh%3D1200&tgt=%24dt%3D1t&pgDomain=https%3A%2F%2Fportalmanaus24h.com.br%2Fwp-includes%2Fjs%2Fplupload%2F--%2Fpontos%2Fseuspontos%2FAcessoCorrentistaInvalido.php&noadcbk=sas.noad&gdpr=1&insid=8055129%2C&capp=0%2C&mcrdbt=0%2C
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.232.35.16 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (ska/F70A) /
Resource Hash: f6517ce6a414dcaca2b78e079a713c70f59ce7ed85b66229c747fb0869d969f4

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 06:31:45 GMT
content-encoding: gzip
last-modified: Wed, 30 Sep 2020 15:46:27 GMT
server: ECS (ska/F70A)
age: 571476
etag: "2252635312"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
cache-control: max-age=604800
accept-ranges: bytes
content-length: 5176
expires: Wed, 09 Dec 2020 06:31:45 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 4E8B 53 KB
18 KB 154ms
53ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: creatives.sascdn.com
URL: https://creatives.sascdn.com/diff/2447/6880103/sas-floor-ad-1-4b_d8c5fe9f-4248-4adf-8032-05f01ddd4f08.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

1719a900883db724e30e60592f6e9c1cc38d0540ec3de6472b745028f2803860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 06:31:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "711 / 268 of 1000 / last-modified: 1606864177"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18381
x-xss-protection: 0
expires: Wed, 02 Dec 2020 06:31:45 GMT

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ Frame 4E8B 1 KB
1 KB 97ms
32ms Script
application/x-javascript 95.101.55.60
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.55.60 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-55-60.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 02 Dec 2020 06:31:45 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Thu, 03 Dec 2020 06:31:45 GMT

GET
H/1.1

200
OK

p2
sb.scorecardresearch.com/ Frame 4E8B
Redirect Chain

https://sb.scorecardresearch.com/p?c1=8&c2=23608916&c3=321679&ns_ap_it=b&ns_ap_pn=&rn=3732144206
https://sb.scorecardresearch.com/p2?c1=8&c2=23608916&c3=321679&ns_ap_it=b&ns_ap_pn=&rn=3732144206&cs_ak_ss=1

43 B
589 B

57ms
31ms

Image
image/gif

95.101.55.60
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p2?c1=8&c2=23608916&c3=321679&ns_ap_it=b&ns_ap_pn=&rn=3732144206&cs_ak_ss=1
Requested by: Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.55.60 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-55-60.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Dec 2020 06:31:45 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/p2?c1=8&c2=23608916&c3=321679&ns_ap_it=b&ns_ap_pn=&rn=3732144206&cs_ak_ss=1
Pragma: no-cache
Date: Wed, 02 Dec 2020 06:31:45 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK close_54x54.png
ced-ns.sascdn.com/diff/templates/images/ 1 KB
2 KB 33ms
5ms Image
image/png 2a02:26f0:6c00::210:ba0b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ced-ns.sascdn.com/diff/templates/images/close_54x54.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0b , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: Apache /
Resource Hash: 76db8eaafd56a116fa9f722f596da45b0ef936a6975861fe6b481fe3bccd2398

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 02 Dec 2020 06:31:45 GMT
Last-Modified: Thu, 20 Mar 2014 16:32:28 GMT
Server: Apache
ETag: "70c31bd388f7006acdb8aa3d4bcbe99a:1395333148"
Content-Type: image/png
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1351

GET
H2 200 tags Show response
d.liquidadserver.com.br/ Frame CEE9 177 KB
55 KB 27ms
27ms Script
application/javascript 2606:4700:3033::ac43:9ff3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://d.liquidadserver.com.br/tags
Requested by: Host: ads.simpleads.com.br
URL: https://ads.simpleads.com.br/h/nshow?siteid=321679&pgid=1144737&fmtid=52892&tag=smp_52892&tmstp=3732144206&visit=S&uii=389385201980084152&acd=1606890705255&ckid=0&async=1&pubid=9&systgt=%24qc%3D1311284246%3B%24ql%3DMedium%3B%24qpc%3D1050%3B%24qt%3D100_3040_80338t%3B%24dma%3D0%3B%24b%3D16830%3B%24o%3D12100%3B%24sw%3D1600%3B%24sh%3D1200&tgt=%24dt%3D1t&pgDomain=https%3A%2F%2Fportalmanaus24h.com.br%2Fwp-includes%2Fjs%2Fplupload%2F--%2Fpontos%2Fseuspontos%2FAcessoCorrentistaInvalido.php&noadcbk=sas.noad&gdpr=1&insid=9024423%2C&capp=0%2C&mcrdbt=0%2C
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:9ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.4
Resource Hash: bf73ece92d892694c939f494ab9fbe2a58e8a7ce9f2ebabeb721b475876c46fd

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 06:31:45 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-edge-location: defr
x-powered-by: PHP/7.1.4
x-cache: HIT
access-control-allow-methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
cf-request-id: 06c3bf6b9e00000629c9ac5000000001
link: <https://delivery.liquidadserver.com.br/tags>; rel="canonical"
referrer-policy: unsafe-url
last-modified: Wed, 18 Nov 2020 19:32:59 GMT
server: cloudflare
etag: W/"2c5e6-175dcd88632"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3bCEMKbkdO0as4tLKIQYiROUEU7b3Yl0uKHgZaWK%2BaDArBQv9VhQel%2Bq16AM0RZTumyC6rTCH1GSYRTO6CreIQB7GWn3%2FlVqacydSAJ5O2lYzQqJalZ3u3BuvnFcVhGd4d3nSw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
cf-ray: 5fb301bf68380629-FRA
access-control-allow-headers: X-Requested-With,content-type
expires: Wed, 09 Dec 2020 06:31:45 GMT

GET
H2 404 AcessoCorrentistaInvalido.php
portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/ 56 KB
56 KB 1303ms
1302ms Image
text/html 2606:4700:3031::681c:1cef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
Requested by: Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:1cef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.11
Resource Hash: becb67e6a053aa8642ce05307394e84aa6285c63c4de1ef1b7a0bf757eabfa40

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 06:31:47 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.4.11
x-litespeed-cache: hit
cf-request-id: 06c3bf6ba60000d6d997bd6000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=m%2F%2BtI2LqJtI%2F8EcWv45xB%2BqbtInJvuCjte5fa41PM%2F3VNQ1OdzLIxcMVhxbr0d1AWDJLGeNAYjZbBq2G3NOjUGFvgPr%2Fg9xvF%2BvwhjGTFz%2B2VeAyJbrtgfSawJMWxCk7YmmN"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
x-turbo-charged-by: LiteSpeed
cf-ray: 5fb301bf6db1d6d9-FRA
link: <https://portalmanaus24h.com.br/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
DATA 200
OK truncated
/ 556 B
556 B Image
img/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 84ebb28c30d3d9fbcb792980ff677143ef36faf6a0bead58a56b75c713889c22

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: img/png

GET
H2 200 vbl.gif
pre.glotgrx.com/ 26 B
446 B 55ms
15ms Image
image/gif 2606:4700::6810:3f36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pre.glotgrx.com/vbl.gif?cb=1606890705862&rnd=bj39qrav3rdt&ifm=0&uai=2&cid=647&s=https%253A//portalmanaus24h.com.br&p=2447&x=SmartAdserver&adtg=smp_52027&ats=0&atf=smp_52027&nsi=&si=321679&nci=8055518&nai=52027&pft=0&iip=0&adb=0&adc=0&adcd=i0_f0_o0_e0&ai=&icp=undefined&impid=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 06:31:45 GMT
cf-cache-status: HIT
last-modified: Mon, 01 Jun 2020 01:14:19 GMT
server: cloudflare
age: 5395
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 5fb301bff8d46341-FRA
content-length: 26
cf-request-id: 06c3bf6bfc00006341aa397000000001
expires: Wed, 02 Dec 2020 08:31:45 GMT

GET
H2 200 nflrc.gif
pre.glotgrx.com/ 26 B
114 B 55ms
16ms Image
image/gif 2606:4700::6810:3f36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pre.glotgrx.com/nflrc.gif?cb=1606890705849801&ver=1.2r81&qid=034393f5534393f5734363&p=2447&s=https%253A//portalmanaus24h.com.br&x=SmartAdserver&cid=647&od1=&od2=&adtg=smp_52027&nci=8055518&nai=52027&si=321679&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=bj39qrav3rdt&impid=&tps=39&ver1=2.2.3&di=&flcb=1109746458&ua=Mozilla%2f5.0+(Macintosh%3b+Intel+Mac+OS+X+10_14_5)+AppleWebKit%2f537.36+(KHTML%2c+like+Gecko)+Chrome%2f83.0.4103.61+Safari%2f537.36&ip=&1=6f0ee731b7b4ce8ac0f9c16acf24ceb7&2=1.0&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%7D%7D&6=2&7={%22e%22:%223%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=0&atf=smp_52027&dbgcid=647&ifm=0&penv=b&pt=&ptbp=&tw=1&ldp=0&icpl=109&icp=https%253A//portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php&irfl=0&irf=&cty=4&fcs=1&flky=ver-fl-6-qid-fl-22-p-fl-4-s-fl-36-x-fl-13-cid-fl-3-od1-fl-0-od2-fl-0-adtg-fl-9-nci-fl-7-nai-fl-5-si-fl-6-ai-fl-0-nsi-fl-0-co-fl-0-cstm1-fl-0-cstm2-fl-0-cstm3-fl-0-rnd-fl-12-impid-fl-0-tps-fl-0-cb-fl-13-ver1-fl-5-di-fl-0-flcb-fl-10-ua-fl-132-ip-fl-0-&spfp=1&spfnp=0&sp1=Chromefl_andLinux&sp2=Chromefl_andMacIntel&adv=0&det=1&adb=0&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=1600x1200&gpu=undefined&ncf=4g_10_undefined_null_0_undefined_false&fli=3429136985&flerr=0&trim=&fio=23
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6810:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 06:31:45 GMT
cf-cache-status: HIT
last-modified: Mon, 01 Jun 2020 01:14:19 GMT
server: cloudflare
age: 5389
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 5fb301bff8d66341-FRA
content-length: 26
cf-request-id: 06c3bf6bfd00006341aa398000000001
expires: Wed, 02 Dec 2020 08:31:45 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 2734 53 KB
18 KB 112ms
80ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: creatives.sascdn.com
URL: https://creatives.sascdn.com/diff/2447/6880103/sas-interstitial-2-18b_4bc0b97f-9e32-4b1a-9caa-38cc1de43fc1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

1719a900883db724e30e60592f6e9c1cc38d0540ec3de6472b745028f2803860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 06:31:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "711 / 294 of 1000 / last-modified: 1606864177"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18381
x-xss-protection: 0
expires: Wed, 02 Dec 2020 06:31:45 GMT

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ Frame 2734 1 KB
1 KB 67ms
36ms Script
application/x-javascript 95.101.55.60
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.55.60 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-55-60.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 02 Dec 2020 06:31:45 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Thu, 03 Dec 2020 06:31:45 GMT

GET
H/1.1

200
OK

p2
sb.scorecardresearch.com/ Frame 2734
Redirect Chain

https://sb.scorecardresearch.com/p?c1=8&c2=23608916&c3=321679&ns_ap_it=b&ns_ap_pn=&rn=3732144206
https://sb.scorecardresearch.com/p2?c1=8&c2=23608916&c3=321679&ns_ap_it=b&ns_ap_pn=&rn=3732144206&cs_ak_ss=1

43 B
589 B

31ms
31ms

Image
image/gif

95.101.55.60
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p2?c1=8&c2=23608916&c3=321679&ns_ap_it=b&ns_ap_pn=&rn=3732144206&cs_ak_ss=1
Requested by: Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.55.60 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-55-60.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Dec 2020 06:31:46 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/p2?c1=8&c2=23608916&c3=321679&ns_ap_it=b&ns_ap_pn=&rn=3732144206&cs_ak_ss=1
Pragma: no-cache
Date: Wed, 02 Dec 2020 06:31:45 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK json Show response
pro.ip-api.com/ Frame 7822 276 B
432 B 39ms
35ms Fetch
application/json 51.77.64.70
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.ip-api.com/json?key=BRsrCTcgCy7FxIl
Requested by: Host: d.liquidadserver.com.br
URL: https://d.liquidadserver.com.br/tags
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS: de-fra-1.pro.ip-api.com
Software: /
Resource Hash: e067bd961b786be5afcd82cdf7c81a06cae5685325afe96dffde51b1ef48c1a4

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 02 Dec 2020 06:31:45 GMT
Content-Length: 276
Content-Type: application/json; charset=utf-8

GET
H/1.1 200
OK json Show response
pro.ip-api.com/ Frame CEE9 276 B
432 B 64ms
35ms Fetch
application/json 51.77.64.70
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.ip-api.com/json?key=BRsrCTcgCy7FxIl
Requested by: Host: d.liquidadserver.com.br
URL: https://d.liquidadserver.com.br/tags
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS: de-fra-1.pro.ip-api.com
Software: /
Resource Hash: e067bd961b786be5afcd82cdf7c81a06cae5685325afe96dffde51b1ef48c1a4

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 02 Dec 2020 06:31:45 GMT
Content-Length: 276
Content-Type: application/json; charset=utf-8

GET
H/1.1 204
No Content b
sb.scorecardresearch.com/ Frame 4E8B 0
528 B 60ms
31ms Image
text/plain 95.101.55.60
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=8&c2=23608916&c3=&ns__t=1606890705921&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fportalmanaus24h.com.br%2Fwp-includes%2Fjs%2Fplupload%2F--%2Fpontos%2Fseuspontos%2FAcessoCorrentistaInvalido.php&c9=
Requested by: Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.55.60 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-55-60.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Dec 2020 06:31:45 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame CE78 53 KB
18 KB 76ms
75ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: creatives.sascdn.com
URL: https://creatives.sascdn.com/diff/2447/6880103/dhtml-ad-simpleads-ads-05-beta4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

1719a900883db724e30e60592f6e9c1cc38d0540ec3de6472b745028f2803860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 06:31:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "711 / 452 of 1000 / last-modified: 1606864177"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18381
x-xss-protection: 0
expires: Wed, 02 Dec 2020 06:31:45 GMT

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ Frame CE78 1 KB
1 KB 71ms
31ms Script
application/x-javascript 95.101.55.60
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.55.60 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-55-60.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 02 Dec 2020 06:31:45 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Thu, 03 Dec 2020 06:31:45 GMT

GET
H/1.1 200
OK p
sb.scorecardresearch.com/ Frame CE78 43 B
589 B 76ms
31ms Image
image/gif 95.101.55.60
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=8&c2=23608916&c3=321679&ns_ap_it=b&ns_ap_pn=&rn=3732144206
Requested by: Host: creatives.sascdn.com
URL: https://creatives.sascdn.com/diff/2447/6880103/dhtml-ad-simpleads-ads-05-beta4.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.55.60 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-55-60.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Dec 2020 06:31:45 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK zone Show response
delivery.liquidadserver.com.br/ Frame 6CE7 6 KB
2 KB 358ms
121ms Fetch
application/json 157.245.136.40
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.liquidadserver.com.br/zone?key_md5=bcc1a90307f7b6c1e9a0311fc5c8d9fe&country=Denmark&state=Capital%20Region&city=Copenhagen&latitude=55.7327&longitude=12.3656&stid=7b2b81222ac2fc0d1d97ac280409656f
Requested by: Host: d.liquidadserver.com.br
URL: https://d.liquidadserver.com.br/tags
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 157.245.136.40 , United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) / PHP/7.1.4
Resource Hash: 14870f7b6da980f64650ced86412ca1b276d43a810795d4a772ce164a81ba5f3

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 02 Dec 2020 06:31:46 GMT
Content-Encoding: gzip
Referrer-Policy: unsafe-url
Server: nginx/1.14.0 (Ubuntu)
X-Powered-By: PHP/7.1.4
Vary: Origin, Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://portalmanaus24h.com.br
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With,content-type
ETag: W/"1867-qoScmGs8nLlDMTJudO5CAIwaobk"

GET
H/1.1 204
No Content b
sb.scorecardresearch.com/ Frame 2734 0
528 B 31ms
31ms Image
text/plain 95.101.55.60
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=8&c2=23608916&c3=&ns__t=1606890706395&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fportalmanaus24h.com.br%2Fwp-includes%2Fjs%2Fplupload%2F--%2Fpontos%2Fseuspontos%2FAcessoCorrentistaInvalido.php&c9=
Requested by: Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.55.60 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-55-60.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Dec 2020 06:31:46 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content b
sb.scorecardresearch.com/ Frame CE78 0
528 B 31ms
31ms Image
text/plain 95.101.55.60
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=8&c2=23608916&c3=&ns__t=1606890706401&ns_c=UTF-8&ns_if=1&cv=3.5&c8=&c7=https%3A%2F%2Fportalmanaus24h.com.br%2Fwp-includes%2Fjs%2Fplupload%2F--%2Fpontos%2Fseuspontos%2FAcessoCorrentistaInvalido.php&c9=
Requested by: Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.55.60 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-55-60.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Dec 2020 06:31:46 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 pubads_impl_2020111901.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 4E8B 277 KB
98 KB 120ms
68ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

2fa866f281364240678617640d2944c8927bb03588410dfec54a4a97641129e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 06:31:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 19 Nov 2020 09:45:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99950
x-xss-protection: 0
expires: Wed, 02 Dec 2020 06:31:46 GMT

GET
H3-Q050 200 pubads_impl_2020111901.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 2734 277 KB
98 KB 116ms
67ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

2fa866f281364240678617640d2944c8927bb03588410dfec54a4a97641129e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 06:31:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 19 Nov 2020 09:45:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99950
x-xss-protection: 0
expires: Wed, 02 Dec 2020 06:31:46 GMT

GET
H3-Q050 200 pubads_impl_2020111901.js Show response
securepubads.g.doubleclick.net/gpt/ Frame CE78 277 KB
98 KB 115ms
68ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

2fa866f281364240678617640d2944c8927bb03588410dfec54a4a97641129e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 06:31:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 19 Nov 2020 09:45:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99950
x-xss-protection: 0
expires: Wed, 02 Dec 2020 06:31:46 GMT

GET
H/1.1 200
OK zone Show response
delivery.liquidadserver.com.br/ Frame 7822 6 KB
2 KB 167ms
120ms Fetch
application/json 157.245.136.40
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.liquidadserver.com.br/zone?key_md5=bcc1a90307f7b6c1e9a0311fc5c8d9fe&country=Denmark&state=Capital%20Region&city=Copenhagen&latitude=55.7327&longitude=12.3656&stid=7b2b81222ac2fc0d1d97ac280409656f
Requested by: Host: d.liquidadserver.com.br
URL: https://d.liquidadserver.com.br/tags
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 157.245.136.40 , United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) / PHP/7.1.4
Resource Hash: e73f0b67bdb22fab021644528447f7dca8868feaab08bd4ce10d16cc4286b467

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 02 Dec 2020 06:31:46 GMT
Content-Encoding: gzip
Referrer-Policy: unsafe-url
Server: nginx/1.14.0 (Ubuntu)
X-Powered-By: PHP/7.1.4
Vary: Origin, Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://portalmanaus24h.com.br
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With,content-type
ETag: W/"1867-505RG/+87BcFz2xAHXM5x2AV6rk"

GET
H2 200 / Show response
tracker.liquidadserver.com.br/ Frame 6CE7 43 B
855 B 305ms
288ms Fetch
image/gif 2606:4700:3033::ac43:9ff3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.liquidadserver.com.br/?ev=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJhZF9pZCI6MzgsImFkX25hbWUiOiJURVNURSBDT09LSUVMRVNTIiwiYWRfdHlwZSI6IkRpc3BsYXkiLCJ6b25lX2lkIjoyMCwiem9uZV9uYW1lIjoiVEVTVEUgQ09PS0lFTEVTUyIsInpvbmVfbWQ1IjoiYmNjMWE5MDMwN2Y3YjZjMWU5YTAzMTFmYzVjOGQ5ZmUiLCJjbGllbnRfaWQiOjM4NTc5LCJjbGllbnRfbmFtZSI6IlNJTVBMRUFEUyBURUNOT0xPR0lBIEUgSU5GT1JNQUNBTyBESUdJVEFMIExURCIsImNhbXBhaWduX2lkIjoxNSwiY2FtcGFpZ25fbmFtZSI6IlRFU1RFIENPT0tJRUxFU1MiLCJjcmVhdGl2ZXNpemUiOiIxeDEiLCJuYW1lTWQ1IjoiYmNjMWE5MDMwN2Y3YjZjMWU5YTAzMTFmYzVjOGQ5ZmUzOCIsImNyZWF0aXZlX3VybCI6IiIsImV4dGVuc2lvbiI6ImdpZiIsInNpemUiOm51bGwsIm9ubGluZSI6IkFndWFyZGFuZG8iLCJyaWQiOiJiODI1NjUyMDNjYmZlNWM4NTc3NWFlYzU1NDc4MjlhMiIsImRvbWFpbiI6InBvcnRhbG1hbmF1czI0aC5jb20uYnIiLCJyZWZlcmVyIjoiaHR0cHM6Ly9wb3J0YWxtYW5hdXMyNGguY29tLmJyL3dwLWluY2x1ZGVzL2pzL3BsdXBsb2FkLy0tL3BvbnRvcy9zZXVzcG9udG9zL0FjZXNzb0NvcnJlbnRpc3RhSW52YWxpZG8ucGhwIiwiY291bnRyeSI6IkRlbm1hcmsiLCJjaXR5IjoiQ29wZW5oYWdlbiIsInN0YXRlIjoiQ2FwaXRhbCBSZWdpb24iLCJsYXRpdHVkZSI6IjU1LjczMjciLCJsb25naXR1ZGUiOiIxMi4zNjU2Iiwic3RpZCI6IjdiMmI4MTIyMmFjMmZjMGQxZDk3YWMyODA0MDk2NTZmIiwiZXZlbnQiOiJyZXF1ZXN0In0.LPOXALQdAPlk2a8RXVty4aSXIBSBrllSwiVMfMQ7Cls
Requested by: Host: d.liquidadserver.com.br
URL: https://d.liquidadserver.com.br/tags
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:9ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.7
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 06:31:46 GMT
access-control-allow-methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.1.7
content-length: 43
cf-request-id: 06c3bf6e6c0000d6b9e1ba7000000001
referrer-policy: unsafe-url
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wtQNv0Y0MbiyfQVEh%2BBCKhxMSWkAydcW4aDHxhpVtvwbQWx8kSExntnquymqxdl4IAcAuxcNIVBkn8gjUKn3lUmG0HdJCtYtM%2FKSCldJ6REBc4FHW2lOGaBr9lSiProq96GSrnlQrXKhpw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: https://portalmanaus24h.com.br
access-control-allow-credentials: true
cf-ray: 5fb301c3efedd6b9-FRA
access-control-allow-headers: X-Requested-With,content-type

GET
H2 200 / Show response
tracker.liquidadserver.com.br/ Frame 6CE7 43 B
539 B 301ms
300ms Fetch
image/gif 2606:4700:3033::ac43:9ff3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.liquidadserver.com.br/?ev=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJhZF9pZCI6MzgsImFkX25hbWUiOiJURVNURSBDT09LSUVMRVNTIiwiYWRfdHlwZSI6IkRpc3BsYXkiLCJ6b25lX2lkIjoyMCwiem9uZV9uYW1lIjoiVEVTVEUgQ09PS0lFTEVTUyIsInpvbmVfbWQ1IjoiYmNjMWE5MDMwN2Y3YjZjMWU5YTAzMTFmYzVjOGQ5ZmUiLCJjbGllbnRfaWQiOjM4NTc5LCJjbGllbnRfbmFtZSI6IlNJTVBMRUFEUyBURUNOT0xPR0lBIEUgSU5GT1JNQUNBTyBESUdJVEFMIExURCIsImNhbXBhaWduX2lkIjoxNSwiY2FtcGFpZ25fbmFtZSI6IlRFU1RFIENPT0tJRUxFU1MiLCJjcmVhdGl2ZXNpemUiOiIxeDEiLCJuYW1lTWQ1IjoiYmNjMWE5MDMwN2Y3YjZjMWU5YTAzMTFmYzVjOGQ5ZmUzOCIsImNyZWF0aXZlX3VybCI6IiIsImV4dGVuc2lvbiI6ImdpZiIsInNpemUiOm51bGwsIm9ubGluZSI6IkFndWFyZGFuZG8iLCJyaWQiOiJiODI1NjUyMDNjYmZlNWM4NTc3NWFlYzU1NDc4MjlhMiIsImRvbWFpbiI6InBvcnRhbG1hbmF1czI0aC5jb20uYnIiLCJyZWZlcmVyIjoiaHR0cHM6Ly9wb3J0YWxtYW5hdXMyNGguY29tLmJyL3dwLWluY2x1ZGVzL2pzL3BsdXBsb2FkLy0tL3BvbnRvcy9zZXVzcG9udG9zL0FjZXNzb0NvcnJlbnRpc3RhSW52YWxpZG8ucGhwIiwiY291bnRyeSI6IkRlbm1hcmsiLCJjaXR5IjoiQ29wZW5oYWdlbiIsInN0YXRlIjoiQ2FwaXRhbCBSZWdpb24iLCJsYXRpdHVkZSI6IjU1LjczMjciLCJsb25naXR1ZGUiOiIxMi4zNjU2Iiwic3RpZCI6IjdiMmI4MTIyMmFjMmZjMGQxZDk3YWMyODA0MDk2NTZmIiwiZXZlbnQiOiJpbXByZXNzaW9uIn0.5bE0m9t72m9KPmBliR8yOVW-Iv2FPqU7iKV6XU-71M0
Requested by: Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:9ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.7
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 06:31:46 GMT
access-control-allow-methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.1.7
content-length: 43
cf-request-id: 06c3bf6e6100000629c2b5d000000001
referrer-policy: unsafe-url
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bynbF8yP7O9sF1%2Bzh77KdmqKD5WSM9OxBH6ONtvvTXZtFDLUNL4aUKKnChLpeE5eWxMfVD8a67bbsr8kulVcDCONcpu3dSFa%2FoBnO4zgdbsb3sDPl9BRL8WL1%2FHUHp0N%2FfS4ZBxqFcFe5A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: https://portalmanaus24h.com.br
access-control-allow-credentials: true
cf-ray: 5fb301c3cb1b0629-FRA
access-control-allow-headers: X-Requested-With,content-type

GET
H2 200 bcc1a90307f7b6c1e9a0311fc5c8d9fe38.gif
lqdads-7405.kxcdn.com/media/ Frame 6CE7 42 B
738 B 20ms
6ms Image
image/gif 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lqdads-7405.kxcdn.com/media/bcc1a90307f7b6c1e9a0311fc5c8d9fe38.gif
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, DE),
Reverse DNS
Software: keycdn-engine / PHP/7.1.4
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 06:31:46 GMT
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
x-edge-location: defr
x-powered-by: PHP/7.1.4
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 42
cf-request-id: 05a632eee90000049b4a960200000001
last-modified: Wed, 07 Oct 2020 17:25:20 GMT
server: keycdn-engine
etag: W/"2a-17504189277"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=19&lkg-time=1602099993"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 5dea20f7dc43049b-CDG
expires: Wed, 09 Dec 2020 06:31:46 GMT

GET
H/1.1 200
OK zone Show response
delivery.liquidadserver.com.br/ Frame CEE9 6 KB
2 KB 213ms
121ms Fetch
application/json 157.245.136.40
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.liquidadserver.com.br/zone?key_md5=bcc1a90307f7b6c1e9a0311fc5c8d9fe&country=Denmark&state=Capital%20Region&city=Copenhagen&latitude=55.7327&longitude=12.3656&stid=7b2b81222ac2fc0d1d97ac280409656f
Requested by: Host: d.liquidadserver.com.br
URL: https://d.liquidadserver.com.br/tags
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 157.245.136.40 , United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) / PHP/7.1.4
Resource Hash: 599ab245ae87786117ccd0f54cfbbda7064dc2edcc94ddd17eac0b5bed7fbe23

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 02 Dec 2020 06:31:46 GMT
Content-Encoding: gzip
Referrer-Policy: unsafe-url
Server: nginx/1.14.0 (Ubuntu)
X-Powered-By: PHP/7.1.4
Vary: Origin, Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://portalmanaus24h.com.br
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With,content-type
ETag: W/"1867-D9FgUv2xIf2tW1Qpy3WJcSO3cjE"

GET
H2 200 / Show response
tracker.liquidadserver.com.br/ Frame 7822 43 B
350 B 305ms
305ms Fetch
image/gif 2606:4700:3033::ac43:9ff3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.liquidadserver.com.br/?ev=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJhZF9pZCI6MzgsImFkX25hbWUiOiJURVNURSBDT09LSUVMRVNTIiwiYWRfdHlwZSI6IkRpc3BsYXkiLCJ6b25lX2lkIjoyMCwiem9uZV9uYW1lIjoiVEVTVEUgQ09PS0lFTEVTUyIsInpvbmVfbWQ1IjoiYmNjMWE5MDMwN2Y3YjZjMWU5YTAzMTFmYzVjOGQ5ZmUiLCJjbGllbnRfaWQiOjM4NTc5LCJjbGllbnRfbmFtZSI6IlNJTVBMRUFEUyBURUNOT0xPR0lBIEUgSU5GT1JNQUNBTyBESUdJVEFMIExURCIsImNhbXBhaWduX2lkIjoxNSwiY2FtcGFpZ25fbmFtZSI6IlRFU1RFIENPT0tJRUxFU1MiLCJjcmVhdGl2ZXNpemUiOiIxeDEiLCJuYW1lTWQ1IjoiYmNjMWE5MDMwN2Y3YjZjMWU5YTAzMTFmYzVjOGQ5ZmUzOCIsImNyZWF0aXZlX3VybCI6IiIsImV4dGVuc2lvbiI6ImdpZiIsInNpemUiOm51bGwsIm9ubGluZSI6IkFndWFyZGFuZG8iLCJyaWQiOiIxOWM2MWQzZTJjM2ViOGI3MDE4MzZjNzUzMTVlODQ3MyIsImRvbWFpbiI6InBvcnRhbG1hbmF1czI0aC5jb20uYnIiLCJyZWZlcmVyIjoiaHR0cHM6Ly9wb3J0YWxtYW5hdXMyNGguY29tLmJyL3dwLWluY2x1ZGVzL2pzL3BsdXBsb2FkLy0tL3BvbnRvcy9zZXVzcG9udG9zL0FjZXNzb0NvcnJlbnRpc3RhSW52YWxpZG8ucGhwIiwiY291bnRyeSI6IkRlbm1hcmsiLCJjaXR5IjoiQ29wZW5oYWdlbiIsInN0YXRlIjoiQ2FwaXRhbCBSZWdpb24iLCJsYXRpdHVkZSI6IjU1LjczMjciLCJsb25naXR1ZGUiOiIxMi4zNjU2Iiwic3RpZCI6IjdiMmI4MTIyMmFjMmZjMGQxZDk3YWMyODA0MDk2NTZmIiwiZXZlbnQiOiJyZXF1ZXN0In0.rbGd0gBPKSTCm5gs9tMxpC2kqHPUrmUifSoTIjs1HMo
Requested by: Host: d.liquidadserver.com.br
URL: https://d.liquidadserver.com.br/tags
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:9ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.7
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 06:31:46 GMT
access-control-allow-methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.1.7
content-length: 43
cf-request-id: 06c3bf6ed80000d6b9f61df000000001
referrer-policy: unsafe-url
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DkXerPemL7k09%2FkMBfpCWR0%2BhDtp0kCfPG58yWzVduAnLAMz7LRXCPakyS09mnwH8qnzv9m8J%2FM03wnH8NQtFXQ72WAPobD78payKPaLDIOJX6vNz6qWepKXjzFg%2FLAMGpfXSwG7e8DkoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: https://portalmanaus24h.com.br
access-control-allow-credentials: true
cf-ray: 5fb301c488f2d6b9-FRA
access-control-allow-headers: X-Requested-With,content-type

GET
H2 200 bcc1a90307f7b6c1e9a0311fc5c8d9fe38.gif
lqdads-7405.kxcdn.com/media/ Frame 7822 42 B
737 B 7ms
6ms Image
image/gif 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lqdads-7405.kxcdn.com/media/bcc1a90307f7b6c1e9a0311fc5c8d9fe38.gif
Requested by: Host: d.liquidadserver.com.br
URL: https://d.liquidadserver.com.br/tags
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, DE),
Reverse DNS
Software: keycdn-engine / PHP/7.1.4
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 06:31:46 GMT
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
x-edge-location: defr
x-powered-by: PHP/7.1.4
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 42
cf-request-id: 05a632eee90000049b4a960200000001
last-modified: Wed, 07 Oct 2020 17:25:20 GMT
server: keycdn-engine
etag: W/"2a-17504189277"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=19&lkg-time=1602099993"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 5dea20f7dc43049b-CDG
expires: Wed, 09 Dec 2020 06:31:46 GMT

GET
H2 200 / Show response
tracker.liquidadserver.com.br/ Frame 7822 43 B
347 B 280ms
280ms Fetch
image/gif 2606:4700:3033::ac43:9ff3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.liquidadserver.com.br/?ev=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJhZF9pZCI6MzgsImFkX25hbWUiOiJURVNURSBDT09LSUVMRVNTIiwiYWRfdHlwZSI6IkRpc3BsYXkiLCJ6b25lX2lkIjoyMCwiem9uZV9uYW1lIjoiVEVTVEUgQ09PS0lFTEVTUyIsInpvbmVfbWQ1IjoiYmNjMWE5MDMwN2Y3YjZjMWU5YTAzMTFmYzVjOGQ5ZmUiLCJjbGllbnRfaWQiOjM4NTc5LCJjbGllbnRfbmFtZSI6IlNJTVBMRUFEUyBURUNOT0xPR0lBIEUgSU5GT1JNQUNBTyBESUdJVEFMIExURCIsImNhbXBhaWduX2lkIjoxNSwiY2FtcGFpZ25fbmFtZSI6IlRFU1RFIENPT0tJRUxFU1MiLCJjcmVhdGl2ZXNpemUiOiIxeDEiLCJuYW1lTWQ1IjoiYmNjMWE5MDMwN2Y3YjZjMWU5YTAzMTFmYzVjOGQ5ZmUzOCIsImNyZWF0aXZlX3VybCI6IiIsImV4dGVuc2lvbiI6ImdpZiIsInNpemUiOm51bGwsIm9ubGluZSI6IkFndWFyZGFuZG8iLCJyaWQiOiIxOWM2MWQzZTJjM2ViOGI3MDE4MzZjNzUzMTVlODQ3MyIsImRvbWFpbiI6InBvcnRhbG1hbmF1czI0aC5jb20uYnIiLCJyZWZlcmVyIjoiaHR0cHM6Ly9wb3J0YWxtYW5hdXMyNGguY29tLmJyL3dwLWluY2x1ZGVzL2pzL3BsdXBsb2FkLy0tL3BvbnRvcy9zZXVzcG9udG9zL0FjZXNzb0NvcnJlbnRpc3RhSW52YWxpZG8ucGhwIiwiY291bnRyeSI6IkRlbm1hcmsiLCJjaXR5IjoiQ29wZW5oYWdlbiIsInN0YXRlIjoiQ2FwaXRhbCBSZWdpb24iLCJsYXRpdHVkZSI6IjU1LjczMjciLCJsb25naXR1ZGUiOiIxMi4zNjU2Iiwic3RpZCI6IjdiMmI4MTIyMmFjMmZjMGQxZDk3YWMyODA0MDk2NTZmIiwiZXZlbnQiOiJpbXByZXNzaW9uIn0.Z54aZxa4U37Wf3ojmCdCmHNSSasbDE-4MAScPYp9N6Q
Requested by: Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:9ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.7
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 06:31:46 GMT
access-control-allow-methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.1.7
content-length: 43
cf-request-id: 06c3bf6ed600000629feb3d000000001
referrer-policy: unsafe-url
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SvLvwnfAY6gPPF8HnTdhEkOgn6Cl%2B6vWwP7hn%2FgbD59JnLEHcEN7HuUwpYpnFmyS8XXKtcy2CSsJuR7vgZslz4Kady4PZ7poRcYPnPeC%2BrzDEWtheaFMnmUn6AINg51mHcyNYolr0PMslg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: https://portalmanaus24h.com.br
access-control-allow-credentials: true
cf-ray: 5fb301c48d420629-FRA
access-control-allow-headers: X-Requested-With,content-type

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-184185299-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 2515
date: Wed, 02 Dec 2020 05:49:51 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Wed, 02 Dec 2020 07:49:51 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 9 KB
7 KB 37ms
24ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201112&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

153d09115501613f32bc58ea2f46c37254735503052e3ef338f3016914b60d19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Dec 2020 06:31:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6765
x-xss-protection: 0

GET
H2 200 Video-mostra-momento-em-que-motorista-embriagado-atropela-motociclistas-324x160.jpg
portalmanaus24h.com.br/wp-content/uploads/2020/12/ 11 KB
11 KB 16ms
16ms Image
image/jpeg 2606:4700:3031::681c:1cef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalmanaus24h.com.br/wp-content/uploads/2020/12/Video-mostra-momento-em-que-motorista-embriagado-atropela-motociclistas-324x160.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:1cef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a806c51aeb0b950cbcce4147104160752b9e65a40a5d50e49b06a26127cb478

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 06:31:46 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 40
content-length: 11031
cf-request-id: 06c3bf6f2b0000d6d965b02000000001
last-modified: Wed, 02 Dec 2020 04:03:16 GMT
server: cloudflare
etag: "2b17-5fc71204-114c793111d34a58;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jxpar0rhsqGEXJ9zJuhJOSKrLwqWP0y0t%2B1ePsAmaRc1V9VKskpX8hmRl%2BxA8JaAyhD1OsYQdbaKAp6jhQi%2FVLlepST4yCxoRqCUFKLDC7aBA5UPiWW7LEZ3ipP8ClNg3nsj"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 5fb301c51961d6d9-FRA
expires: Thu, 02 Dec 2021 12:31:06 GMT

GET
H2 200 integrator.js Show response
adservice.google.dk/adsid/ Frame 2734 109 B
803 B 35ms
15ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.dk/adsid/integrator.js?domain=portalmanaus24h.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Dec 2020 06:31:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 2734 109 B
781 B 42ms
29ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=portalmanaus24h.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Dec 2020 06:31:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 2734 4 KB
3 KB 168ms
168ms XHR
text/plain 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2123615924610237&correlator=44063186400754&output=ldjh&impl=fifs&eid=21068794%2C21068813%2C21068030%2C21068480&vrg=2020111901&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201202&iu_parts=21713884182%2Cad_primeiro_impacto%2Cad_primeiro_impacto_desktop&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=480x320%7C580x400%7C1000x540%7C1024x768%7C640x480%7C1260x400%7C970x250&cookie=ID%3De8bdbb47e647cccb-22c779934fb900b7%3AT%3D1606890703%3ART%3D1606890703%3AS%3DALNI_MbInHwNViFyk546-fhB5EQ5aMjQcA&cdm=portalmanaus24h.com.br&bc=31&abxe=1&lmt=1606890706&dt=1606890706764&dlt=1606890705878&idt=868&ea=0&frm=23&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=235222445&ucis=1eiib7y17yhh&ifi=1&ifk=306661395&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fportalmanaus24h.com.br%2Fwp-includes%2Fjs%2Fplupload%2F--%2Fpontos%2Fseuspontos%2FAcessoCorrentistaInvalido.php&top=https%3A%2F%2Fportalmanaus24h.com.br%2Fwp-includes%2Fjs%2Fplupload%2F--%2Fpontos%2Fseuspontos%2FAcessoCorrentistaInvalido.php&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=372172685.1606890707&ga_sid=1606890707&ga_hid=836208367&fws=256&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

d20709923ac07a688bb2ab5fa3f048923995f3ee89ffa86d96cb2b14fc8af868

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 06:31:46 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2392
x-xss-protection: 0
google-lineitem-id: 4752570600
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138241121365
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://portalmanaus24h.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
bc0e9b983944f14f4eace8262fd32ac2.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 2734 0
0 28ms
14ms Other
text/html 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://bc0e9b983944f14f4eace8262fd32ac2.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 integrator.js Show response
adservice.google.dk/adsid/ Frame 4E8B 109 B
169 B 16ms
15ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.dk/adsid/integrator.js?domain=portalmanaus24h.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Dec 2020 06:31:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 4E8B 109 B
127 B 21ms
20ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=portalmanaus24h.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Dec 2020 06:31:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 4E8B 4 KB
2 KB 178ms
178ms XHR
text/plain 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3945325484420756&correlator=486160441974234&output=ldjh&impl=fifs&eid=21064372&vrg=2020111901&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201202&iu_parts=21713884182%2Cad_footer%2Cad_footer_desktop&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x66%7C980x90%7C980x120%7C750x100%7C960x90%7C468x60%7C970x90%7C950x90&cookie=ID%3De8bdbb47e647cccb-22c779934fb900b7%3AT%3D1606890703%3ART%3D1606890703%3AS%3DALNI_MbInHwNViFyk546-fhB5EQ5aMjQcA&cdm=portalmanaus24h.com.br&bc=31&abxe=1&lmt=1606890706&dt=1606890706783&dlt=1606890705810&idt=964&ea=0&frm=23&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=1291662414&ucis=9prxig8st28t&ifi=1&ifk=306661395&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&nhd=1&url=https%3A%2F%2Fportalmanaus24h.com.br%2Fwp-includes%2Fjs%2Fplupload%2F--%2Fpontos%2Fseuspontos%2FAcessoCorrentistaInvalido.php&top=https%3A%2F%2Fportalmanaus24h.com.br%2Fwp-includes%2Fjs%2Fplupload%2F--%2Fpontos%2Fseuspontos%2FAcessoCorrentistaInvalido.php&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=1134799520.1606890707&ga_sid=1606890707&ga_hid=1792642104&fws=256&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

23bed04b7bcbf79eca54e521f7d23ff3ef5c45ad3bb0121abf5a954289c76129

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 06:31:46 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2306
x-xss-protection: 0
google-lineitem-id: 4752570600
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138240969138
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://portalmanaus24h.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
a16d7c1b334c788733820f7f11e5283f.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 4E8B 0
0 28ms
13ms Other
text/html 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a16d7c1b334c788733820f7f11e5283f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 integrator.js Show response
adservice.google.dk/adsid/ Frame CE78 109 B
781 B 35ms
22ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.dk/adsid/integrator.js?domain=portalmanaus24h.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Dec 2020 06:31:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame CE78 109 B
127 B 15ms
15ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=portalmanaus24h.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Dec 2020 06:31:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame CE78 468 B
290 B 181ms
180ms XHR
text/plain 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2915360283496853&correlator=109485158373878&output=ldjh&impl=fifs&eid=21068813&vrg=2020111901&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201202&iu_parts=21713884182%2Cad_slider%2Cad_slider_desktop&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x100%7C240x133%7C300x250%7C200x200%7C336x280%7C250x250%7C300x300%7C320x100&fluid=height&cookie=ID%3De8bdbb47e647cccb-22c779934fb900b7%3AT%3D1606890703%3ART%3D1606890703%3AS%3DALNI_MbInHwNViFyk546-fhB5EQ5aMjQcA&cdm=portalmanaus24h.com.br&bc=31&abxe=1&lmt=1606890706&dt=1606890706795&dlt=1606890705824&idt=965&ea=0&frm=23&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=1057568192&ucis=8dbcx4fuci2g&ifi=1&ifk=306661395&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fportalmanaus24h.com.br%2Fwp-includes%2Fjs%2Fplupload%2F--%2Fpontos%2Fseuspontos%2FAcessoCorrentistaInvalido.php&top=https%3A%2F%2Fportalmanaus24h.com.br%2Fwp-includes%2Fjs%2Fplupload%2F--%2Fpontos%2Fseuspontos%2FAcessoCorrentistaInvalido.php&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=1035263851.1606890707&ga_sid=1606890707&ga_hid=229561671&fws=256&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

de902c3de9ae2cf9b2ed91d56a079761dc86b558a5efa6f4e6ddd75800dc353e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 06:31:46 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 248
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://portalmanaus24h.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
31a59e9d886891526abd70d54242930f.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame CE78 0
0 28ms
13ms Other
text/html 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://31a59e9d886891526abd70d54242930f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 16 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201112/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 06:31:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Wed, 02 Dec 2020 06:31:46 GMT

GET
H2 200 policial-atira-na-perna-de-cliente-de-bar-324x160.jpg
portalmanaus24h.com.br/wp-content/uploads/2020/12/ 14 KB
15 KB 11ms
10ms Image
image/jpeg 2606:4700:3031::681c:1cef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalmanaus24h.com.br/wp-content/uploads/2020/12/policial-atira-na-perna-de-cliente-de-bar-324x160.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:1cef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca4fc58fa3ca10bbbaf881c48e7262979cebfa912cf9f4a1da4f1fa216dfeff3

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 06:31:46 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 40
content-length: 14839
cf-request-id: 06c3bf6f770000d6d98f8bb000000001
last-modified: Wed, 02 Dec 2020 03:45:11 GMT
server: cloudflare
etag: "39f7-5fc70dc7-36dafe64893e01fa;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9nWwFq5sWic6x36Im2F3zUDLAA%2Bm46djhDfFKqYV90Ni0Ali8olJH8nP40itf%2BZ9lY6lGl0uFmF1BE88KZO8fKj87hmqp5Xmyw2nVJV81uwsZMuwWu6CubAv8uhNxE%2BEqD9q"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 5fb301c58a32d6d9-FRA
expires: Thu, 02 Dec 2021 12:31:06 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
392 B 41ms
14ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&aip=1&a=912943016&t=pageview&_s=1&dl=https%3A%2F%2Fportalmanaus24h.com.br%2Fwp-includes%2Fjs%2Fplupload%2F--%2Fpontos%2Fseuspontos%2FAcessoCorrentistaInvalido.php&ul=en-us&de=UTF-8&dt=P%C3%A1gina%20n%C3%A3o%20encontrada%20-%20Portal%20Manaus%2024h&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAUABAAAAAC~&jid=1436944336&gjid=1681935865&cid=515945015.1606890704&tid=UA-184185299-1&_gid=1130280998.1606890707&_r=1&did=dZTNiMT&gtm=2oub41&z=2008888736

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 02 Dec 2020 06:31:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://portalmanaus24h.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
tracker.liquidadserver.com.br/ Frame CEE9 43 B
373 B 278ms
278ms Fetch
image/gif 2606:4700:3033::ac43:9ff3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.liquidadserver.com.br/?ev=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJhZF9pZCI6MzgsImFkX25hbWUiOiJURVNURSBDT09LSUVMRVNTIiwiYWRfdHlwZSI6IkRpc3BsYXkiLCJ6b25lX2lkIjoyMCwiem9uZV9uYW1lIjoiVEVTVEUgQ09PS0lFTEVTUyIsInpvbmVfbWQ1IjoiYmNjMWE5MDMwN2Y3YjZjMWU5YTAzMTFmYzVjOGQ5ZmUiLCJjbGllbnRfaWQiOjM4NTc5LCJjbGllbnRfbmFtZSI6IlNJTVBMRUFEUyBURUNOT0xPR0lBIEUgSU5GT1JNQUNBTyBESUdJVEFMIExURCIsImNhbXBhaWduX2lkIjoxNSwiY2FtcGFpZ25fbmFtZSI6IlRFU1RFIENPT0tJRUxFU1MiLCJjcmVhdGl2ZXNpemUiOiIxeDEiLCJuYW1lTWQ1IjoiYmNjMWE5MDMwN2Y3YjZjMWU5YTAzMTFmYzVjOGQ5ZmUzOCIsImNyZWF0aXZlX3VybCI6IiIsImV4dGVuc2lvbiI6ImdpZiIsInNpemUiOm51bGwsIm9ubGluZSI6IkFndWFyZGFuZG8iLCJyaWQiOiI0Njk3YzczNDhmZGQyZDlkMzBlMTY1NDNkOTY5ZDI2ZCIsImRvbWFpbiI6InBvcnRhbG1hbmF1czI0aC5jb20uYnIiLCJyZWZlcmVyIjoiaHR0cHM6Ly9wb3J0YWxtYW5hdXMyNGguY29tLmJyL3dwLWluY2x1ZGVzL2pzL3BsdXBsb2FkLy0tL3BvbnRvcy9zZXVzcG9udG9zL0FjZXNzb0NvcnJlbnRpc3RhSW52YWxpZG8ucGhwIiwiY291bnRyeSI6IkRlbm1hcmsiLCJjaXR5IjoiQ29wZW5oYWdlbiIsInN0YXRlIjoiQ2FwaXRhbCBSZWdpb24iLCJsYXRpdHVkZSI6IjU1LjczMjciLCJsb25naXR1ZGUiOiIxMi4zNjU2Iiwic3RpZCI6IjdiMmI4MTIyMmFjMmZjMGQxZDk3YWMyODA0MDk2NTZmIiwiZXZlbnQiOiJyZXF1ZXN0In0.izkd2PHTiBnDYEeDDDM10QHzRZ-L5tKMjTna3JQJwVA
Requested by: Host: d.liquidadserver.com.br
URL: https://d.liquidadserver.com.br/tags
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:9ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.7
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 06:31:47 GMT
access-control-allow-methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.1.7
content-length: 43
cf-request-id: 06c3bf6f880000d6b9c1b19000000001
referrer-policy: unsafe-url
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nCtd%2BSqtzfdfbVmfvtYXbLDGTUr%2BnV4unvxFZ0C8XNBKtcLrz4Txg%2FAkOZWgav4RyDcJ2Ca6tB8RKVqgjYyoprHBPEo8%2BaYlCFNJ3detd0ycFUJ3%2FXeCcnfH4fBkNV4FsmtKBy4burHjUA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: https://portalmanaus24h.com.br
access-control-allow-credentials: true
cf-ray: 5fb301c5aaecd6b9-FRA
access-control-allow-headers: X-Requested-With,content-type

GET
H2 200 bcc1a90307f7b6c1e9a0311fc5c8d9fe38.gif
lqdads-7405.kxcdn.com/media/ Frame CEE9 42 B
737 B 6ms
5ms Image
image/gif 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lqdads-7405.kxcdn.com/media/bcc1a90307f7b6c1e9a0311fc5c8d9fe38.gif
Requested by: Host: d.liquidadserver.com.br
URL: https://d.liquidadserver.com.br/tags
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, DE),
Reverse DNS
Software: keycdn-engine / PHP/7.1.4
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 06:31:46 GMT
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
x-edge-location: defr
x-powered-by: PHP/7.1.4
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 42
cf-request-id: 05a632eee90000049b4a960200000001
last-modified: Wed, 07 Oct 2020 17:25:20 GMT
server: keycdn-engine
etag: W/"2a-17504189277"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=19&lkg-time=1602099993"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 5dea20f7dc43049b-CDG
expires: Wed, 09 Dec 2020 06:31:46 GMT

GET
H2 200 / Show response
tracker.liquidadserver.com.br/ Frame CEE9 43 B
376 B 276ms
276ms Fetch
image/gif 2606:4700:3033::ac43:9ff3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.liquidadserver.com.br/?ev=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJhZF9pZCI6MzgsImFkX25hbWUiOiJURVNURSBDT09LSUVMRVNTIiwiYWRfdHlwZSI6IkRpc3BsYXkiLCJ6b25lX2lkIjoyMCwiem9uZV9uYW1lIjoiVEVTVEUgQ09PS0lFTEVTUyIsInpvbmVfbWQ1IjoiYmNjMWE5MDMwN2Y3YjZjMWU5YTAzMTFmYzVjOGQ5ZmUiLCJjbGllbnRfaWQiOjM4NTc5LCJjbGllbnRfbmFtZSI6IlNJTVBMRUFEUyBURUNOT0xPR0lBIEUgSU5GT1JNQUNBTyBESUdJVEFMIExURCIsImNhbXBhaWduX2lkIjoxNSwiY2FtcGFpZ25fbmFtZSI6IlRFU1RFIENPT0tJRUxFU1MiLCJjcmVhdGl2ZXNpemUiOiIxeDEiLCJuYW1lTWQ1IjoiYmNjMWE5MDMwN2Y3YjZjMWU5YTAzMTFmYzVjOGQ5ZmUzOCIsImNyZWF0aXZlX3VybCI6IiIsImV4dGVuc2lvbiI6ImdpZiIsInNpemUiOm51bGwsIm9ubGluZSI6IkFndWFyZGFuZG8iLCJyaWQiOiI0Njk3YzczNDhmZGQyZDlkMzBlMTY1NDNkOTY5ZDI2ZCIsImRvbWFpbiI6InBvcnRhbG1hbmF1czI0aC5jb20uYnIiLCJyZWZlcmVyIjoiaHR0cHM6Ly9wb3J0YWxtYW5hdXMyNGguY29tLmJyL3dwLWluY2x1ZGVzL2pzL3BsdXBsb2FkLy0tL3BvbnRvcy9zZXVzcG9udG9zL0FjZXNzb0NvcnJlbnRpc3RhSW52YWxpZG8ucGhwIiwiY291bnRyeSI6IkRlbm1hcmsiLCJjaXR5IjoiQ29wZW5oYWdlbiIsInN0YXRlIjoiQ2FwaXRhbCBSZWdpb24iLCJsYXRpdHVkZSI6IjU1LjczMjciLCJsb25naXR1ZGUiOiIxMi4zNjU2Iiwic3RpZCI6IjdiMmI4MTIyMmFjMmZjMGQxZDk3YWMyODA0MDk2NTZmIiwiZXZlbnQiOiJpbXByZXNzaW9uIn0.qgGwcmMvXsGT1-O-sGlPJ_BTeBKp-6KBnVAFJGIvBU8
Requested by: Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:9ff3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.1.7
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 06:31:47 GMT
access-control-allow-methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.1.7
content-length: 43
cf-request-id: 06c3bf6f8a000006299e8d3000000001
referrer-policy: unsafe-url
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=day5%2FoLJPRWbWMGv74A5w%2Bkm%2FH3D4GjUiouPXectd6b3X8bZ7YUyTonbPLwjbmuJINGoPJrQG%2FOAxMWNJ01FX4jPuCt3B5OdZN8IMESMozb5Pp2Pe%2BEkJMJ74uhkRDdnq8Hdc%2FyTRCLxrg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: https://portalmanaus24h.com.br
access-control-allow-credentials: true
cf-ray: 5fb301c5a9200629-FRA
access-control-allow-headers: X-Requested-With,content-type

GET
H2 200 Moro-sera-socio-diretor-em-empresa-que-representa-a-Odebrecht-324x160.jpg
portalmanaus24h.com.br/wp-content/uploads/2020/12/ 6 KB
6 KB 16ms
15ms Image
image/jpeg 2606:4700:3031::681c:1cef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalmanaus24h.com.br/wp-content/uploads/2020/12/Moro-sera-socio-diretor-em-empresa-que-representa-a-Odebrecht-324x160.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:1cef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f9cb118a348fe2b77c5b19d1778eb7505a9317bf07251a0798b700425ee8c32

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 06:31:46 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 9442
content-length: 6117
cf-request-id: 06c3bf6f8c0000d6d9c10ab000000001
last-modified: Wed, 02 Dec 2020 03:07:13 GMT
server: cloudflare
etag: "17e5-5fc704e1-eb7aeef10c6536bd;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=izlrUeQIuBSA1QGHUYZbIiURUX%2BxFVPZGVFPe99EBMuvvsudzuUkdStZTR5ahbom6irxsNtFYQdrh9dqErYc5RT9eOoEQSwllzPkIIwk1aNjFkiMr0QHovzL%2FyEIKCu5Mef3"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 5fb301c5aa6cd6d9-FRA
expires: Thu, 02 Dec 2021 09:54:24 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame 3BC8 0
0 33ms
19ms Document
text/html 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Tue, 01 Dec 2020 23:31:54 GMT
expires: Wed, 01 Dec 2021 23:31:54 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 25192
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 David-Almeida-anuncia-Marcos-Rotta-na-infraestrutura-324x160.jpg
portalmanaus24h.com.br/wp-content/uploads/2020/12/ 14 KB
15 KB 10ms
10ms Image
image/jpeg 2606:4700:3031::681c:1cef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalmanaus24h.com.br/wp-content/uploads/2020/12/David-Almeida-anuncia-Marcos-Rotta-na-infraestrutura-324x160.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:1cef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2467b382295827fc5c7d634ced5cb38b06d6ae6688400dd9e5254d8667800f2e

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 06:31:46 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 11113
content-length: 14821
cf-request-id: 06c3bf6fa20000d6d99c289000000001
last-modified: Wed, 02 Dec 2020 02:52:05 GMT
server: cloudflare
etag: "39e5-5fc70155-810feab01173b349;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qbwVrKZnTYXfXMPs7diC0xMQRfTKqwferHFZ8F0o0z5UoqRHSHyA1%2BeGAaPstHVa%2FC3N40liYPvgIQGc5b6liIHaFMjuHgIF4%2B21Pb8Bt3oiXGY%2FErWWXVasw6scCoVQgHkV"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 5fb301c5da9fd6d9-FRA
expires: Thu, 02 Dec 2021 09:26:33 GMT

GET
H2 200 Video-mostra-mulher-dando-surra-no-namorado-veja-o-video-324x160.jpg
portalmanaus24h.com.br/wp-content/uploads/2020/12/ 6 KB
6 KB 13ms
13ms Image
image/jpeg 2606:4700:3031::681c:1cef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalmanaus24h.com.br/wp-content/uploads/2020/12/Video-mostra-mulher-dando-surra-no-namorado-veja-o-video-324x160.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:1cef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92b33196a232ed91cb8132457039c35a87201dfa05c14ff22d82f3494135444d

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 06:31:46 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 11111
content-length: 6089
cf-request-id: 06c3bf6fc50000d6d96f26f000000001
last-modified: Wed, 02 Dec 2020 02:08:58 GMT
server: cloudflare
etag: "17c9-5fc6f73a-84969f60d8d63b5a;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9WIPVAIxoLnFXnUzyDGPQDrKmIJbFUwqZx4hGqjTqlAGRWHJgBMO1f1RvZvL2zNF2BJjdRHB6%2BoPP%2F2FP1tTBPKY%2Bl7DoEar3TFLNvkZ1cAo2ZRF2kkRJqgGTLCRr8lq%2Flme"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 5fb301c60afdd6d9-FRA
expires: Thu, 02 Dec 2021 09:26:35 GMT

GET
H2 200 Sindicato-anuncia-paralisacao-dos-onibus-a-partir-da-proxima-quinta-feira-3.-324x160.jpg
portalmanaus24h.com.br/wp-content/uploads/2020/12/ 14 KB
14 KB 13ms
11ms Image
image/jpeg 2606:4700:3031::681c:1cef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portalmanaus24h.com.br/wp-content/uploads/2020/12/Sindicato-anuncia-paralisacao-dos-onibus-a-partir-da-proxima-quinta-feira-3.-324x160.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::681c:1cef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 139293969a3af52128cec6885aae531bd55ddf25f4e43ff1e9b1ff624b78ee69

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 06:31:46 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 15095
content-length: 13847
cf-request-id: 06c3bf6fef0000d6d96c2ab000000001
last-modified: Wed, 02 Dec 2020 01:10:58 GMT
server: cloudflare
etag: "3617-5fc6e9a2-c5d7b394a249bfb7;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=A49%2FyrtRLsGm9f%2BRbRi9rlOs1u09a3m8uV4UPyh8i9%2BCQTYA24eRCo4bb6biNrQEIXnpqDnC9ELWR0YrDrZOH8unq3ddxrj8%2BrXESph%2FqeeSeV1eXTeOdNJEedG0M1x8daVX"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 5fb301c64b85d6d9-FRA
expires: Thu, 02 Dec 2021 08:20:11 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame E710 0
0 55ms
54ms Fetch
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuoCvlxnF1aOT0Igi0-Ua4heceZUri6BXREfhk1M2fgwgpQWXejtHfchy3TReZU0ettZB7XbNkIzI2h5zFXMumgEzPrHbwuPT-IJ85KFlpEMGRHZl19qzHAC33bFpsNV5tVlGLEmMWEqtWKET5ebnQ7QR-4MsDdrnDD0beLL4mBUGo5GpxPJZU9PSuTsO14lEqhDPcVK5s8tME0k6imWEedjDhJiLcp5G574QO0fnfg4LVwhc5Dtj05IyI2LoYt7JqLz8JUArbvXAUR4A8Bobc0uEUHWR1nBcgxEeg5E6FURan1Q52p1hMTCb_-rTHXUbRl88w&sig=Cg0ArKJSzE6Uq38bG4AgEAE&urlfix=1&adurl=

Requested by

Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Dec 2020 06:31:46 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame E710 75 KB
29 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e72a6053c72fd8b75a2723a35b054605a26ed93fe36fa40c5cb1ace71322129

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 06:31:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1605702985553312"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29194
x-xss-protection: 0
expires: Wed, 02 Dec 2020 06:31:46 GMT

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2734 73 KB
28 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d56ee6a2ba915ad87e2dc9b49d9199563f3b35f9e048938e84d1a033e5c2b1c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 06:31:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1605702985553312"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28207
x-xss-protection: 0
expires: Wed, 02 Dec 2020 06:31:46 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 2734 8 KB
6 KB 18ms
17ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020111901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d61594bf2dccfda272bc63b5b89f70352a611e1da6d9442f17dd5600b8d22db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Dec 2020 06:31:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6531
x-xss-protection: 0

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame A74F 0
0 56ms
54ms Fetch
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstG07xPhWtpTsaLUgyp4RfUrpe7Ht9-bLGaY_nyBmISpWyBRZPvMWCfHamO7r7x3fuASxfHqAfy8MdI2BA38AGJ8xrq6A6hE062fbbFUNzQDFu1Mx-G8kQ73w0T2wtvdxyAheLB38mO7YSS6Wnal5MaW9OLKvi-7ts6OjgHBmYSx0UDWpHTgQj8IVyAcij9rzYZU6gbYxBSBvs3M11JG6ug5VHDz6VMu0pnmrBKTkZxR2C1rEF1j9R0XbJ3h6SCgdqCpMPo7GAFthoxvSFAPDnH4eowdLQA9NqiYl080lQ&sig=Cg0ArKJSzPOaAc2yyc5pEAE&urlfix=1&adurl=

Requested by

Host: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Dec 2020 06:31:47 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame A74F 75 KB
29 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e72a6053c72fd8b75a2723a35b054605a26ed93fe36fa40c5cb1ace71322129

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 06:31:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1605702985553312"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 29194
x-xss-protection: 0
expires: Wed, 02 Dec 2020 06:31:46 GMT

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4E8B 73 KB
28 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d56ee6a2ba915ad87e2dc9b49d9199563f3b35f9e048938e84d1a033e5c2b1c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 06:31:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1605702985553312"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28207
x-xss-protection: 0
expires: Wed, 02 Dec 2020 06:31:46 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 4E8B 8 KB
6 KB 19ms
18ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020111901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a76177f82fc689d129587c7d591ffc07071f6f5967ce8bafc3b2c228b7e3d88f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Dec 2020 06:31:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6454
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 2734 16 KB
6 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 06:31:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Wed, 02 Dec 2020 06:31:46 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame CE78 8 KB
6 KB 17ms
17ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020111901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ab4bc3da181e607167083af9746a63ee0f0dfae8f451a72248389792d665e1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Dec 2020 06:31:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6554
x-xss-protection: 0

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
88 B 15ms
15ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gda_r20201112&jk=4197180408031206&bg=!i4iliKjNAAVGySeIRlhh4bvLorgByAIAAABVUgAAAAxoAQcKAXTtZFTKaTUMCiUAgF7OWvGPO1nvG6q4YyUG6Ni6V_q4FkR-KsmQsDMi-gM_x7VJsN3GUl7mCkScn9KFIFkIJ6Xrm3YmJsFdtKtf2KucA4qTW31zWdWsYbIvzKZeoTvqZiPuhEhA3FwdhG0kxtzKEzCvo0RiwZCG9pEMs3zZ6ST0vzhvIsqKgPmuMsNfrwid-cvIauXoyE5NWHEHXrskCgYd61UQGKO4QXvvNWhdPRu12qSobIpu-0hGVBhDEUD2kZ_QvwlzZVcMEt7MP-cegJS52Kdonaro0WQxRgvq089PBlTzLU20W29iODmbE8Mz4gUK-INEpF4eB3KYJxbCtCwilWD2LjVDOdlVIunPgRcQnktCfUw--QgdWNdj7IeYDiPGnOA6ilino_NvYoE6bxZMuDx4hjs1TyYT23mapqLFK2QDmsLwvSkyzz78-44av5u1FyW8ISQG7yjjEVVhQFVFjpF6YQ82h_i6yFePZgRTxOw495aZAehegr3pCORVb4rHqcCHYpf4YYuCLEtfTsCOp0Nw1XCvBm8kDQXXRSHR18tecIjyPLHUhJEvDoJyMkG0dSp_iQYbdCdsT6BfBmck1mxd4HD97ZqT17FfprMMWiqfL1ZQcidppG5MoP4MF41nBLdLliLH9jW_JbNoj2RPPWHnoQJQ7c8clnDkIEGAnrTI-2cZgMOP6LPEhativJP9WekLlFXphULW1rvuerNjfj1SfewRgMK7lBt55i2zduYcROOGbr-xUzz-kt-nBOjyNyJepPGVzUv0j-cxzw5_WYTx7oxAgmqJ_L3TQkOzX2mGD0WJq7VSanFLxXo29aa6_P9mnw8uixyaPRX__a7Q6XcfNH2q09OHVq5GAHRp1La6GlDu_kdXC63AdL_nTCN7Qv8T8KOquKe5So2EGzjzzfwDL2sCrM7AlkJXZO-W8is4hRVgs9xoa_O01U2BrMkOYw_f_cWsgRoMr0mC37VrYbVUZE0LsPhY08dNVo-GR-P37WhPLjioUe7XMSvCPOJvGBezT5Lf9uzYEn2CTWIWMFHN7Tw9ZjS6QtVZOeWAzbRlrCGgkm0mtElOeT2xvFzdxZw20e5_CeCUQY7Vl-1Ab_PedEZcjbROu_tgLCYjPLR2V4K3MEnfc2OzLgwWfQ

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Dec 2020 06:31:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame 76DC 0
0 7ms
6ms Document
text/html 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Tue, 01 Dec 2020 23:31:54 GMT
expires: Wed, 01 Dec 2021 23:31:54 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 25192
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 4E8B 16 KB
6 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 06:31:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Wed, 02 Dec 2020 06:31:47 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame E710 0
22 B 56ms
55ms Image
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssTRMOBtkPv1II5PT2xZzcNoKzIAKPQONt5pjMF_fbuxoQYukEsOwZEpIhhHwX-wf7XzVXa6G7mkrNGuyepcvhQAVUT1BZVWa3XBXu3x_npJW_Uc9wI1I4WJymC2nr0b57YWwuTVX07CqB-2niQAYaemlZeQI_WuIdkYQZvraBJpsyjMI2ugBmK8al_2kjuxH6HUFVjCeAN6b-n8MIbwYBQNaqaFrWhhPBH9I6DlTFnmhTU8Qe2TEJJmBIOcYm2xd1no39YnFfT8jxS9P9tTmOEZG3MmGyPoyDg4mjnzQMJGB2YzZFbeKPyM7DGod6TGucYs8zJGw&sig=Cg0ArKJSzOlSbnGQEN6IEAE&urlfix=1&adurl=

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Dec 2020 06:31:47 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame CE78 16 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 06:31:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Wed, 02 Dec 2020 06:31:47 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame C594 0
0 6ms
5ms Document
text/html 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Tue, 01 Dec 2020 23:31:54 GMT
expires: Wed, 01 Dec 2021 23:31:54 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 25193
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame A74F 0
22 B 55ms
55ms Image
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvK15f1RWMLMXgJJNrDlEKf4gY8QeWEWHB7M3Mkr-lU-L29Tqz-KWB-l0OoCxaimAQc1LyeBVUsxENzotAyjFt_vB1Cx3VNyYUBrBdfE4-bucGDoJbEXWZB9-GxFZumgGwKQVlwHHjWjhnqUQwKlQ0UKF-QGuQC-tkN_fQ2A_uDRr81WmIB57m4DaHc8hIUUemSBgu0kzrp-I7PRbx_k_qP8TylOMpMAoNfCeRizCFfcrfXygemZ8KX6dUdb-c-9zVuPxGw6QbQ3OV3NvEbmuaGMKr1PKcNOdJ48LozXkCVTg&sig=Cg0ArKJSzOMfMSHCXHvUEAE&urlfix=1&adurl=

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 02 Dec 2020 06:31:47 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame 754E 0
0 6ms
6ms Document
text/html 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Tue, 01 Dec 2020 23:31:54 GMT
expires: Wed, 01 Dec 2021 23:31:54 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 25193
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2734 0
46 B 15ms
15ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gpt_2020111901&jk=2123615924610237&bg=!PzylPBzNAAVGySeIRljU9EwHaHrCSwIAAAC6UgAAAChoAQcKAbm5oaYBOqrCLjJBMgZ5OyWDyDotzH4quX1fF-eH_XeYlytL5onOuR-DTvGGLyUnnV_9S55h1nSTqlK9Itp5VMFNHWUnEPe5pM_wCy4O3nlOqq1wi6wmNn6E6ql-4ygs92qfATn1Bb4jxeExGzWWN5cwoIrnVuNmJ_vVMvt2hylHByR5D61PoKSwcJFVgFp4tzdR_rAUifRAsC_RPUmpSCIk9sQ4jhrGeVsXx1yQtNGJ3TJPTA_ULudBImxzPo80-r29TdH91dsUXOHn5CZ6cAJlJk9nO8Rf3jozEPxaT2RTmwYp43VdopHsKb138pdvIO0MkuMxhn4fFbKdDMeFzW6mvJ4RqCCt9vrJD91WH06U07jcv5qsPSwiJUFm9ZpiGEU5aQd1dgAm-Oia8z49n4K82_HHn8LgITc67uL67RMFTXoodf01XPWQ8fyS7A4M-GPlmCqiE3UVeIhPD9dYkkLsN7TNtngLCe0lqTl_4iSJD7TwEbzB_AeQwOujfCB0V5zgzeXCGCltD5FOScd-jwojDaLm99eKvH3p21Q0KUHkEeb3leEPDhPRiyDnmzRWMLRsmk1Lg6X7nI2ZAd8ym8A2rWKkX18IYCpeBIATtiyF71xkl_UTq27VVzuXoRnC_83XRn0dYpAYNd4f3No795Lx4A5ynvz152_oK1-mTJH0MBaEAaJMsx_3RLFRPb_TBU6-Ot-3ywV8j7EsETpokU-2aZAXo1jGyCFVLxHNzJbsCdwDaAwCJ8JRHqMRPra6FNHwl2tYrOOwrsoQLHaLoI-HXj182Y-kpDQOYRfI0oiRVva43n6tNJ0Gpcag7H7gs1bWHhucSlNGum-WHAPfpVECrCm2rstnzO-Oxxzv6vdk4nz71dQWVUF4erLy-Haony8WuKurUlVbYzx-FafSFL_Ip4-YWPcVV4vnSP_wEf6ZygqyB0PLiqLy3MOHsA7MtUWdvvTByGjDUCJ6UoSXqyymcuaiKNyYxDIJwM0kbDuO9oOo4jdioj-fXrjckFG98os9JixST0RN5rWKlKyIF5PXWMTDpvaSmUegUYGG1Czk2QDrHkrED2wJTDOxY0hIUcbK98XkrrY9e7EBG80eGkg8n9BTLNTTJqacxlxSg6xmebpn-mrxe_4FBg2ko4IGWVQJhiS20r2A1To5VSiijGSCwDUAklz1PGysj8wsFWlp7fqKBVIBlb2Qbqf86ft77gfAcgg3QuTuIU7FmA

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Dec 2020 06:31:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CE78 0
23 B 15ms
15ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gpt_2020111901&jk=2915360283496853&bg=!Z2SlZETNAAVGySeIRliLl-zZcuOIngIAAADJUgAAACxoAQcKAOocyDwVZPrTsSR75r6URk0ePJxpdYppGHNO-OXfPEv41amaTtSBWXZCOnTB15ARlG-W2cjA3SMxnmjA1AofW4-YcsFMArgdx0vHxABQ8QLcMI6bpMT2CbiY7WyN9ey8Dt7G5tJtiAiMua_QEtvHkcu57WhwKyFT0dJ18eo2cp_IXnLvgBabf_59L-V8znr8ZMb4Aq5E-6NCBR6s1tQAJyyxAiOKRtYW25vagti2UPChZia8BqtMgIUfOiu8UjuCiK1MdKSNRA7zoa04RkWQVGR2ictpeR739fnsAk_VtXaeaWUUOLQFWYFmoCKZAd8Yf5UfZrgY-Y7iEZVuce4IW57qgmBu2xs85WUQEnJXIP_ihFYK8ncTESZtnpKznNifBBfKBSHDvtIwZNFU9blZQDig-AhkG1Gs69jl83y_eAWVAcJ_OlCDnWzyu2SFxSOi0vPnQmbZD0K1M8iJnb4FqK_OvLEKTT91PHzZl2v4DLCuhDyUPuW1PqhRc53Spo_bYHKQBalpLiQtkT-dEwud44hsC5BiGXPyU9fXQQ8xVYrp-mrqx0YgA3-NjGo1GKo6palpQQ55iWymJ96osBnr8LfJKV3NAlMQQfVAuQaqY0zw2wJJoVUGk3WrJVvbW26J3lFbHwT1L5bJXjAWlDerIFUFNokdA3BAejr09Ddnez1cJKe9EWkR29bPP1tLfPAl2xvG0VAp7A7Pzc8QESCIHWj6S-NzzAwR7rSSGfybXN5ZUL_IZqA1VOnM_e_pmtuJ-5zjpkS04ibkOeugm4Xg9oUOWHwIxRxp6E38zdtUBEv3nTJoogT18Zkikow2JTZrZANzbZpoxxCIgFzeTIyShGEyZ_vW9e-ZUbjOvT1rEc4qgTTQPXZSXQ0KQWSqS8Xx2QAggBpo0CYvbGa0TwaSdBbChM2dE4R4oYCcfswrkeQ1X5HO2Gl-_qcpeS3m4Q

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Dec 2020 06:31:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4E8B 0
23 B 15ms
15ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gpt_2020111901&jk=3945325484420756&bg=!3N-l3__NAAUoamvQKFiCFLYwa-3uNwIAAADzUgAAABNoAQcKAIzA_DZ0tqbvVVVOgWNinOYvHc7dD-vqdZ3Zi-IVfoVfQIg7E9agA-4X5UroPGPVDlLFE7SyFulw0HAhM6mijE7kIJoio2zLzJR7Mhj4g2xfSDvzCZNkadq_3XxlhGgGuFr3Hu1uyQt2eMl58Y9Mw35IbvR7GvmQNykhd13wqB-ZNhVPwJxqUHc6pQl8z5kB31Qz3-iTmbKtLGYhKlH-oO0z1zR435dZ9OK3PVV_mqkKi01uPtZfoGvGVErdaeB3osqbIpM1TWzSCkqwcwQ9IyKcJSl3PtSWAbB_tDUQ8G6mfB0Y_siZR7mrhW6VHIIREVajZ_md3AcoOr-ysYHNHX12_QGyi83fSgLPRpXsncQ3b5QNEXwfyesJj6ueadVSxsL078efmV5IY7QaMKmlDNU1kcAlmqklkCby3PRfEc6MW0OAzoPgxX-xIZNyzUGFy5_yaot2jOsCQ10KybeUoFJsrVvGp-AimjUSjFqCj9uB_VAiqBOhRB2bK3KLvq_2RaHmHRgVpkYkA_Po6ohBnQ9QO3g6mQzeZCdLZx-6Vs597BgSPcc1CZ2n59fkEGh4gk8sfP1qC4cDzYQkVBoZeTNvHULSNsHkCmDPNobKonNTm1dlQAkEx_Gn4NKiVoGWyh4VOFvCYiB9lXfO3e0spn_zq7ui14a9-WP6wtsEpkUJ136NL6PwJzK4JXFqrGvRTk4VAUauNq2mU9AzrZKSqxT91N3uJjyQpfCtvHf4Kfce71HwafTnfnb8CkzLFEpCBuWmowil6NbZkQnmL-Nv3gtkFG4t0rSbmFP4UP7d6pB4RySLX2rc990hPwPOL1RI

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portalmanaus24h.com.br/wp-includes/js/plupload/--/pontos/seuspontos/AcessoCorrentistaInvalido.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Dec 2020 06:31:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: portalmanaus24h.com.br
URL: https://portalmanaus24h.com.br/wp-content/litespeed/cssjs/0b1c9.js?28cd2

Verdicts & Comments Add Verdict or Comment

370 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.portalmanaus24h.com.br/	1970-01-19 15:04:42	Name: __cfduid Value: da1fcfd434618e12b164e81597b666f3f1606890699

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://jsc.mgid.com/p/o/portalmanaus24h.com.br.1037079.js(Line 1) Message: [object HTMLImageElement]
console-api	log	URL: https://creatives.sascdn.com/diff/2447/6880103/sas-interstitial-2-18b_4bc0b97f-9e32-4b1a-9caa-38cc1de43fc1.js(Line 1) Message: [object Arguments]
console-api	log	URL: https://creatives.sascdn.com/diff/2447/6880103/sas-interstitial-2-18b_4bc0b97f-9e32-4b1a-9caa-38cc1de43fc1.js(Line 1) Message: [object Arguments]
console-api	log	URL: https://d.liquidadserver.com.br/tags(Line 1) Message: Houve erro
console-api	log	URL: https://d.liquidadserver.com.br/tags(Line 1) Message: Houve erro
console-api	log	URL: https://d.liquidadserver.com.br/tags(Line 1) Message: Houve erro
console-api	log	(Line 15) Message: Slider => [object Object]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

31a59e9d886891526abd70d54242930f.safeframe.googlesyndication.com
a16d7c1b334c788733820f7f11e5283f.safeframe.googlesyndication.com
ads.simpleads.com.br
adservice.google.com
adservice.google.de
adservice.google.dk
ajax.cloudflare.com
ams.creativecdn.com
bc0e9b983944f14f4eace8262fd32ac2.safeframe.googlesyndication.com
c.mgid.com
cdn.mgid.com
cdn.simpleads.com.br
ced-ns.sascdn.com
cm.g.doubleclick.net
cm.idealmedia.io
cm.lentainform.com
cm.mgid.com
connect.facebook.net
creativecdn.com
creatives.sascdn.com
d.liquidadserver.com.br
delivery.liquidadserver.com.br
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
jadserve.postrelease.com
jsc.mgid.com
lqdads-7405.kxcdn.com
match.adsrvr.org
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.yabidos.com
portalmanaus24h.com.br
pre.glotgrx.com
pro.ip-api.com
px.adhigh.net
s-img.mgid.com
sb.scorecardresearch.com
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
servicer.mgid.com
sync.smartadserver.com
tpc.googlesyndication.com
tracker.liquidadserver.com.br
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
portalmanaus24h.com.br
104.16.201.58
104.16.221.74
104.19.134.78
104.19.217.61
157.245.136.40
172.217.22.66
184.24.15.122
184.30.212.16
185.184.8.30
185.86.138.142
193.232.148.158
199.187.193.140
216.58.206.2
2606:4700:3031::681c:1cef
2606:4700:3033::ac43:9ff3
2606:4700::6810:3f36
2606:4700::6810:a723
2a00:1450:4001:802::2002
2a00:1450:4001:806::2008
2a00:1450:4001:80b::200e
2a00:1450:4001:814::200a
2a00:1450:4001:816::2001
2a00:1450:4001:817::2001
2a00:1450:4001:818::2008
2a00:1450:4001:819::2002
2a00:1450:4001:819::2003
2a00:1450:4001:824::200e
2a02:26f0:6c00::210:ba0b
2a03:2880:f01c:8012:face:b00c:0:3
2a0b:4d07:101::1
51.77.64.70
52.203.172.63
52.31.46.99
52.57.167.187
68.232.35.16
95.101.55.60
0005ddde2bfac05bb5a9c8a20432969bf3d54182c71d47bf4707db3c13c51ed1
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
069e2abed69e2efcd6930c0615ae8c32c1cb9f76e6e9ffae45495bc6759a3f95
0a67c942ce0ccbdd7667f26771c73dc06d2721493bff7d59ec35fee27a670352
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0e29f9a85e5960160477df2b85d9677a3deee504bac7a5abe6d204d741bb8258
1108d18134711853eee1bfcce948dfa357347bc699ca05a433c8e72e392c27b8
139293969a3af52128cec6885aae531bd55ddf25f4e43ff1e9b1ff624b78ee69
14870f7b6da980f64650ced86412ca1b276d43a810795d4a772ce164a81ba5f3
153d09115501613f32bc58ea2f46c37254735503052e3ef338f3016914b60d19
1719a900883db724e30e60592f6e9c1cc38d0540ec3de6472b745028f2803860
1d61594bf2dccfda272bc63b5b89f70352a611e1da6d9442f17dd5600b8d22db
23bed04b7bcbf79eca54e521f7d23ff3ef5c45ad3bb0121abf5a954289c76129
2467b382295827fc5c7d634ced5cb38b06d6ae6688400dd9e5254d8667800f2e
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
297b33ba930feb975c6869804a999ec114c2235b151d019e4e844902f3ce41c4
29ded0db775fe268a34c1a1aa18d00b3acd294d1c488ea139c90637598658d2a
2a806c51aeb0b950cbcce4147104160752b9e65a40a5d50e49b06a26127cb478
2c026cf4c6db7213dc7036ab1da4d408a07e48895cca8057670eb32ce5cce543
2c13dd9e31b7964d80c340e7f9891b2f35cee30f4f5c673536ac662ed500f591
2fa866f281364240678617640d2944c8927bb03588410dfec54a4a97641129e6
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
37962d820471b928427f6bbc581a044e0daff0d4096bb58bb05227d6c05525c4
3813d286a4c996596044ec90ca10b011ab9c5f77687b848a0f5f8d670f29edb9
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3be0a916496d7936bb83ce60a4de9f10ef400f16c38e7dd7c65449c795e7739b
3f9cb118a348fe2b77c5b19d1778eb7505a9317bf07251a0798b700425ee8c32
429df1195edf7e006d1618e2e009db703de581611e3d6dfb05494cc49f4517dd
447d369f201b54a41f92b45b3b319420a5f1078cef687ae23f1831b34bd9a8e6
4b24555211c2b44bfc9d83befefeb792fb7af40988f8a5ac3483177f44bec544
4fee76f6ff393fe14f3aafa98d42398526d12630d71e26876e84794c760730a7
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
599ab245ae87786117ccd0f54cfbbda7064dc2edcc94ddd17eac0b5bed7fbe23
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
5e72a6053c72fd8b75a2723a35b054605a26ed93fe36fa40c5cb1ace71322129
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c41e176a52cd84ddb4efe26b8745ad6e9e0bbb520c9236126747a7ef118ea61
6f58202a14e2dcb4c672d6e9f0881ddc2b4e88225a97aadd940400a7377ee02d
76db8eaafd56a116fa9f722f596da45b0ef936a6975861fe6b481fe3bccd2398
83a1de4643deb6c70322259d9fc6e7f613cafaf23366306d18675f899ade102a
84ebb28c30d3d9fbcb792980ff677143ef36faf6a0bead58a56b75c713889c22
87ce4cc30530348882f7ec9e07ca8a24e704140aef3ef8260c3272598081c99b
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919
8ca12b603338491dae016804e4971ee30b1838fedb2c7ee1a54023e8ae6d2756
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
92b33196a232ed91cb8132457039c35a87201dfa05c14ff22d82f3494135444d
9ab4bc3da181e607167083af9746a63ee0f0dfae8f451a72248389792d665e1e
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a3f5fe43cf3b943aa4ef647e87d8189c61b971c177cb3a6f3e88076fd4b2b9df
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a76177f82fc689d129587c7d591ffc07071f6f5967ce8bafc3b2c228b7e3d88f
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aae80a8125affd8e33409d76e77ae2918d62c2028ee68e0d9fd6093d41ca0aad
ad7386d16a056df5c235702a97a5fa4cee68e302d71041aa35df96151f756f48
ae1d499cdd437a70f57d75e6e70238989d8d4f1a49edbc81b4f60d269a6ea817
af6eacbac5110489c9e1dcf5dee7c4ce651ee8a3cb5e95bef12e53f6b916b9e5
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
bb07a5e06c489409f52896aacd9783ac93c4656fb4863aad19b0600cf0081f07
becb67e6a053aa8642ce05307394e84aa6285c63c4de1ef1b7a0bf757eabfa40
bf73ece92d892694c939f494ab9fbe2a58e8a7ce9f2ebabeb721b475876c46fd
c9a612722eed86936463bc8772a9d4509e0c24f22485221beaa583a60079fef2
ca4fc58fa3ca10bbbaf881c48e7262979cebfa912cf9f4a1da4f1fa216dfeff3
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
cf7a2b3976c3af63dc2bca70cc5625a26341f19b1ccd484feddf076df895ed58
d1218e9abba19c0367d28f3d859a9b0484b823b1ee33c5570022d4c067a4d341
d20709923ac07a688bb2ab5fa3f048923995f3ee89ffa86d96cb2b14fc8af868
d56ee6a2ba915ad87e2dc9b49d9199563f3b35f9e048938e84d1a033e5c2b1c5
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
d819c05d5116350cf48ca364b0f94c97ff3ee05e08547671e3440a8ec5e1d439
d8b6676ff7e91422603edadceb5aad500669ee5c1f6bf1d8c283dd92dfcee33e
d98d7a81b2cc1e6b36d75db78826771fed2ddbe50ab593bea89ba19d6e6f7cb4
de902c3de9ae2cf9b2ed91d56a079761dc86b558a5efa6f4e6ddd75800dc353e
e067bd961b786be5afcd82cdf7c81a06cae5685325afe96dffde51b1ef48c1a4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e73f0b67bdb22fab021644528447f7dca8868feaab08bd4ce10d16cc4286b467
e862cd0cae842403ff5218ffefaaa5f16f43918776e8fc476d5e799f83173845
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efe1ec925fd2944b93a3dac2b97093015da74a299152e3af4787336c483df0bc
f0ff1c8d8961ef788b3f734e18eebe6a543b703871e2872baa34a5e31b9f7c5b
f2d3395d6b5b3bc811bb773b505262bfcb72fe5b65a02486c19dbc97d940a4a4
f31649467477e735d27c31e6f6cbae17f8e5eb1009fad6f2367d1e8980e52d09
f5f7d4c5edb8e6c7edc69f46ba7d8054a4d75996694fb428dfc37185fadb964e
f6517ce6a414dcaca2b78e079a713c70f59ce7ed85b66229c747fb0869d969f4
fdc103f9663010ea930ca029351019e0af082d32eb3a7f729fb69bc2ec232238

portalmanaus24h.com.br Open in urlscan Pro 2606:4700:3031::681c:1cef Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

163 Requests

99 %HTTPS

47 %IPv6

32 Domains

49 Subdomains

30 IPs

10 Countries

1788 kBTransfer

5234 kBSize

1 Cookies

8 Outgoing links

Redirected requests

163 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

portalmanaus24h.com.br Open in urlscan Pro
2606:4700:3031::681c:1cef Public Scan

Screenshot
Live screenshot

Full Image

163
Requests

99 %
HTTPS

47 %
IPv6

32
Domains

49
Subdomains

30
IPs

10
Countries

1788 kB
Transfer

5234 kB
Size

1
Cookies

163 HTTP transactions
4 data transactions